search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
add facility for testing random codec failures
[sqlcipher.git] / src / crypto.h
blobe4626a4145cb9ba7fc9e1796be27cdae24044eea
1 /*
2 ** SQLCipher
3 ** crypto.h developed by Stephen Lombardo (Zetetic LLC)
4 ** sjlombardo at zetetic dot net
5 ** http://zetetic.net
6 **
7 ** Copyright (c) 2008, ZETETIC LLC
8 ** All rights reserved.
9 **
10 ** Redistribution and use in source and binary forms, with or without
11 ** modification, are permitted provided that the following conditions are met:
12 ** * Redistributions of source code must retain the above copyright
13 ** notice, this list of conditions and the following disclaimer.
14 ** * Redistributions in binary form must reproduce the above copyright
15 ** notice, this list of conditions and the following disclaimer in the
16 ** documentation and/or other materials provided with the distribution.
17 ** * Neither the name of the ZETETIC LLC nor the
18 ** names of its contributors may be used to endorse or promote products
19 ** derived from this software without specific prior written permission.
20 **
21 ** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY
22 ** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
23 ** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 ** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY
25 ** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 ** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 ** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
28 ** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29 ** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
30 ** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 **
32 */
33 /* BEGIN SQLCIPHER */
34 #ifdef SQLITE_HAS_CODEC
35 #ifndef CRYPTO_H
36 #define CRYPTO_H
37
38 #include "sqliteInt.h"
39 #include "btreeInt.h"
40 #include "pager.h"
41
42 /* extensions defined in pager.c */
43 void *sqlite3PagerGetCodec(Pager*);
44 void sqlite3PagerSetCodec(Pager*, void *(*)(void*,void*,Pgno,int), void (*)(void*,int,int), void (*)(void*), void *);
45 int sqlite3pager_is_mj_pgno(Pager*, Pgno);
46 void sqlite3pager_error(Pager*, int);
47 void sqlite3pager_reset(Pager *pPager);
48
49 #if !defined (SQLCIPHER_CRYPTO_CC) \
50 && !defined (SQLCIPHER_CRYPTO_LIBTOMCRYPT) \
51 && !defined (SQLCIPHER_CRYPTO_NSS) \
52 && !defined (SQLCIPHER_CRYPTO_OPENSSL)
53 #define SQLCIPHER_CRYPTO_OPENSSL
54 #endif
55
56 #define FILE_HEADER_SZ 16
57
58 #define CIPHER_XSTR(s) CIPHER_STR(s)
59 #define CIPHER_STR(s) #s
60
61 #ifndef CIPHER_VERSION_NUMBER
62 #define CIPHER_VERSION_NUMBER 4.5.0
63 #endif
64
65 #ifndef CIPHER_VERSION_BUILD
66 #define CIPHER_VERSION_BUILD community
67 #endif
68
69 #define CIPHER_DECRYPT 0
70 #define CIPHER_ENCRYPT 1
71
72 #define CIPHER_READ_CTX 0
73 #define CIPHER_WRITE_CTX 1
74 #define CIPHER_READWRITE_CTX 2
75
76 #ifndef PBKDF2_ITER
77 #define PBKDF2_ITER 256000
78 #endif
79
80 /* possible flags for cipher_ctx->flags */
81 #define CIPHER_FLAG_HMAC 0x01
82 #define CIPHER_FLAG_LE_PGNO 0x02
83 #define CIPHER_FLAG_BE_PGNO 0x04
84
85 #ifndef DEFAULT_CIPHER_FLAGS
86 #define DEFAULT_CIPHER_FLAGS CIPHER_FLAG_HMAC | CIPHER_FLAG_LE_PGNO
87 #endif
88
89
90 /* by default, sqlcipher will use a reduced number of iterations to generate
91 the HMAC key / or transform a raw cipher key
92 */
93 #ifndef FAST_PBKDF2_ITER
94 #define FAST_PBKDF2_ITER 2
95 #endif
96
97 /* this if a fixed random array that will be xor'd with the database salt to ensure that the
98 salt passed to the HMAC key derivation function is not the same as that used to derive
99 the encryption key. This can be overridden at compile time but it will make the resulting
100 binary incompatible with the default builds when using HMAC. A future version of SQLcipher
101 will likely allow this to be defined at runtime via pragma */
102 #ifndef HMAC_SALT_MASK
103 #define HMAC_SALT_MASK 0x3a
104 #endif
105
106 #ifndef CIPHER_MAX_IV_SZ
107 #define CIPHER_MAX_IV_SZ 16
108 #endif
109
110 #ifndef CIPHER_MAX_KEY_SZ
111 #define CIPHER_MAX_KEY_SZ 64
112 #endif
113
114 #ifdef __ANDROID__
115 #include <android/log.h>
116 #endif
117
118 #ifdef CODEC_DEBUG
119 #ifdef __ANDROID__
120 #define CODEC_TRACE(...) {__android_log_print(ANDROID_LOG_DEBUG, "sqlcipher", __VA_ARGS__);}
121 #else
122 #define CODEC_TRACE(...) {fprintf(stderr, __VA_ARGS__);fflush(stderr);}
123 #endif
124 #else
125 #define CODEC_TRACE(...)
126 #endif
127
128 #ifdef CODEC_DEBUG_MUTEX
129 #define CODEC_TRACE_MUTEX(...) CODEC_TRACE(__VA_ARGS__)
130 #else
131 #define CODEC_TRACE_MUTEX(...)
132 #endif
133
134 #ifdef CODEC_DEBUG_MEMORY
135 #define CODEC_TRACE_MEMORY(...) CODEC_TRACE(__VA_ARGS__)
136 #else
137 #define CODEC_TRACE_MEMORY(...)
138 #endif
139
140 #ifdef CODEC_DEBUG_PAGEDATA
141 #define CODEC_HEXDUMP(DESC,BUFFER,LEN) \
142 { \
143 int __pctr; \
144 printf(DESC); \
145 for(__pctr=0; __pctr < LEN; __pctr++) { \
146 if(__pctr % 16 == 0) printf("\n%05x: ",__pctr); \
147 printf("%02x ",((unsigned char*) BUFFER)[__pctr]); \
148 } \
149 printf("\n"); \
150 fflush(stdout); \
151 }
152 #else
153 #define CODEC_HEXDUMP(DESC,BUFFER,LEN)
154 #endif
155
156 /* end extensions defined in pager.c */
157
158 /*
159 ** Simple shared routines for converting hex char strings to binary data
160 */
161 static int cipher_hex2int(char c) {
162 return (c>='0' && c<='9') ? (c)-'0' :
163 (c>='A' && c<='F') ? (c)-'A'+10 :
164 (c>='a' && c<='f') ? (c)-'a'+10 : 0;
165 }
166
167 static void cipher_hex2bin(const unsigned char *hex, int sz, unsigned char *out){
168 int i;
169 for(i = 0; i < sz; i += 2){
170 out[i/2] = (cipher_hex2int(hex[i])<<4) | cipher_hex2int(hex[i+1]);
171 }
172 }
173
174 static void cipher_bin2hex(const unsigned char* in, int sz, char *out) {
175 int i;
176 for(i=0; i < sz; i++) {
177 sqlite3_snprintf(3, out + (i*2), "%02x ", in[i]);
178 }
179 }
180
181 static int cipher_isHex(const unsigned char *hex, int sz){
182 int i;
183 for(i = 0; i < sz; i++) {
184 unsigned char c = hex[i];
185 if ((c < '0' || c > '9') &&
186 (c < 'A' || c > 'F') &&
187 (c < 'a' || c > 'f')) {
188 return 0;
189 }
190 }
191 return 1;
192 }
193
194 /* possible flags for simulating specific test conditions */
195 #ifdef SQLCIPHER_TEST
196 #define TEST_FAIL_ENCRYPT 0x01
197 #define TEST_FAIL_DECRYPT 0x02
198 #define TEST_FAIL_MIGRATE 0x04
199 unsigned int sqlcipher_get_test_flags(void);
200 void sqlcipher_set_test_flags(unsigned int);
201 int sqlcipher_get_test_rand(void);
202 void sqlcipher_set_test_rand(int);
203 int sqlcipher_get_test_fail(void);
204 #endif
205
206 /* extensions defined in crypto_impl.c */
207 /* the default implementation of SQLCipher uses a cipher_ctx
208 to keep track of read / write state separately. The following
209 struct and associated functions are defined here */
210 typedef struct {
211 int derive_key;
212 int pass_sz;
213 unsigned char *key;
214 unsigned char *hmac_key;
215 unsigned char *pass;
216 char *keyspec;
217 } cipher_ctx;
218
219
220 typedef struct {
221 int store_pass;
222 int kdf_iter;
223 int fast_kdf_iter;
224 int kdf_salt_sz;
225 int key_sz;
226 int iv_sz;
227 int block_sz;
228 int page_sz;
229 int keyspec_sz;
230 int reserve_sz;
231 int hmac_sz;
232 int plaintext_header_sz;
233 int hmac_algorithm;
234 int kdf_algorithm;
235 unsigned int skip_read_hmac;
236 unsigned int need_kdf_salt;
237 unsigned int flags;
238 unsigned char *kdf_salt;
239 unsigned char *hmac_kdf_salt;
240 unsigned char *buffer;
241 Btree *pBt;
242 cipher_ctx *read_ctx;
243 cipher_ctx *write_ctx;
244 sqlcipher_provider *provider;
245 void *provider_ctx;
246 } codec_ctx ;
247
248 /* crypto.c functions */
249 int sqlcipher_codec_pragma(sqlite3*, int, Parse*, const char *, const char*);
250 int sqlite3CodecAttach(sqlite3*, int, const void *, int);
251 void sqlite3CodecGetKey(sqlite3*, int, void**, int*);
252 void sqlcipher_exportFunc(sqlite3_context *, int, sqlite3_value **);
253
254 /* crypto_impl.c functions */
255
256 void sqlcipher_init_memmethods(void);
257
258 /* activation and initialization */
259 void sqlcipher_activate(void);
260 void sqlcipher_deactivate(void);
261
262 int sqlcipher_codec_ctx_init(codec_ctx **, Db *, Pager *, const void *, int);
263 void sqlcipher_codec_ctx_free(codec_ctx **);
264 int sqlcipher_codec_key_derive(codec_ctx *);
265 int sqlcipher_codec_key_copy(codec_ctx *, int);
266
267 /* page cipher implementation */
268 int sqlcipher_page_cipher(codec_ctx *, int, Pgno, int, int, unsigned char *, unsigned char *);
269
270 /* context setters & getters */
271 void sqlcipher_codec_ctx_set_error(codec_ctx *, int);
272
273 void sqlcipher_codec_get_pass(codec_ctx *, void **, int *);
274 int sqlcipher_codec_ctx_set_pass(codec_ctx *, const void *, int, int);
275 void sqlcipher_codec_get_keyspec(codec_ctx *, void **zKey, int *nKey);
276
277 int sqlcipher_codec_ctx_set_pagesize(codec_ctx *, int);
278 int sqlcipher_codec_ctx_get_pagesize(codec_ctx *);
279 int sqlcipher_codec_ctx_get_reservesize(codec_ctx *);
280
281 void sqlcipher_set_default_pagesize(int page_size);
282 int sqlcipher_get_default_pagesize(void);
283
284 void sqlcipher_set_default_kdf_iter(int iter);
285 int sqlcipher_get_default_kdf_iter(void);
286 int sqlcipher_codec_ctx_set_kdf_iter(codec_ctx *, int);
287 int sqlcipher_codec_ctx_get_kdf_iter(codec_ctx *ctx);
288
289 int sqlcipher_codec_ctx_set_kdf_salt(codec_ctx *ctx, unsigned char *salt, int sz);
290 int sqlcipher_codec_ctx_get_kdf_salt(codec_ctx *ctx, void **salt);
291
292 int sqlcipher_codec_ctx_set_fast_kdf_iter(codec_ctx *, int);
293 int sqlcipher_codec_ctx_get_fast_kdf_iter(codec_ctx *);
294
295 const char* sqlcipher_codec_ctx_get_cipher(codec_ctx *ctx);
296
297 void* sqlcipher_codec_ctx_get_data(codec_ctx *);
298
299 void sqlcipher_set_default_use_hmac(int use);
300 int sqlcipher_get_default_use_hmac(void);
301
302 void sqlcipher_set_hmac_salt_mask(unsigned char mask);
303 unsigned char sqlcipher_get_hmac_salt_mask(void);
304
305 int sqlcipher_codec_ctx_set_use_hmac(codec_ctx *ctx, int use);
306 int sqlcipher_codec_ctx_get_use_hmac(codec_ctx *ctx);
307
308 int sqlcipher_codec_ctx_set_flag(codec_ctx *ctx, unsigned int flag);
309 int sqlcipher_codec_ctx_unset_flag(codec_ctx *ctx, unsigned int flag);
310 int sqlcipher_codec_ctx_get_flag(codec_ctx *ctx, unsigned int flag);
311
312 const char* sqlcipher_codec_get_cipher_provider(codec_ctx *ctx);
313 int sqlcipher_codec_ctx_migrate(codec_ctx *ctx);
314 int sqlcipher_codec_add_random(codec_ctx *ctx, const char *data, int random_sz);
315 int sqlcipher_cipher_profile(sqlite3 *db, const char *destination);
316 int sqlcipher_codec_get_store_pass(codec_ctx *ctx);
317 void sqlcipher_codec_get_pass(codec_ctx *ctx, void **zKey, int *nKey);
318 void sqlcipher_codec_set_store_pass(codec_ctx *ctx, int value);
319 int sqlcipher_codec_fips_status(codec_ctx *ctx);
320 const char* sqlcipher_codec_get_provider_version(codec_ctx *ctx);
321
322 int sqlcipher_set_default_plaintext_header_size(int size);
323 int sqlcipher_get_default_plaintext_header_size(void);
324 int sqlcipher_codec_ctx_set_plaintext_header_size(codec_ctx *ctx, int size);
325 int sqlcipher_codec_ctx_get_plaintext_header_size(codec_ctx *ctx);
326
327 int sqlcipher_set_default_hmac_algorithm(int algorithm);
328 int sqlcipher_get_default_hmac_algorithm(void);
329 int sqlcipher_codec_ctx_set_hmac_algorithm(codec_ctx *ctx, int algorithm);
330 int sqlcipher_codec_ctx_get_hmac_algorithm(codec_ctx *ctx);
331
332 int sqlcipher_set_default_kdf_algorithm(int algorithm);
333 int sqlcipher_get_default_kdf_algorithm(void);
334 int sqlcipher_codec_ctx_set_kdf_algorithm(codec_ctx *ctx, int algorithm);
335 int sqlcipher_codec_ctx_get_kdf_algorithm(codec_ctx *ctx);
336
337 void sqlcipher_set_mem_security(int);
338 int sqlcipher_get_mem_security(void);
339
340 int sqlcipher_find_db_index(sqlite3 *db, const char *zDb);
341
342 int sqlcipher_codec_ctx_integrity_check(codec_ctx *, Parse *, char *);
343
344 #endif
345 #endif
346 /* END SQLCIPHER */
SQLCipher is an SQLite extension that provides 256 bit AES encryption of database files.