1 /*
2 ** SQLCipher
3 ** http://sqlcipher.net
4 **
5 ** Copyright (c) 2008 - 2013, ZETETIC LLC
6 ** All rights reserved.
7 **
8 ** Redistribution and use in source and binary forms, with or without
9 ** modification, are permitted provided that the following conditions are met:
10 ** * Redistributions of source code must retain the above copyright
11 ** notice, this list of conditions and the following disclaimer.
12 ** * Redistributions in binary form must reproduce the above copyright
13 ** notice, this list of conditions and the following disclaimer in the
14 ** documentation and/or other materials provided with the distribution.
15 ** * Neither the name of the ZETETIC LLC nor the
16 ** names of its contributors may be used to endorse or promote products
17 ** derived from this software without specific prior written permission.
18 **
19 ** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY
20 ** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
21 ** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
22 ** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY
23 ** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
24 ** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
25 ** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
26 ** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 ** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28 ** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 **
30 */
31 /* BEGIN SQLCIPHER */
32 #ifdef SQLITE_HAS_CODEC
33 #ifdef SQLCIPHER_CRYPTO_LIBTOMCRYPT
34 #include "sqliteInt.h"
35 #include "sqlcipher.h"
36 #include <tomcrypt.h>
37
38 #define FORTUNA_MAX_SZ 32
39 static prng_state prng;
40 static unsigned int ltc_init = 0;
41 static unsigned int ltc_ref_count = 0;
42 static sqlite3_mutex* ltc_rand_mutex = NULL;
43
sqlcipher_ltc_add_random(void * ctx,void * buffer,int length)44 static int sqlcipher_ltc_add_random(void *ctx, void *buffer, int length) {
45 int rc = 0;
46 int data_to_read = length;
47 int block_sz = data_to_read < FORTUNA_MAX_SZ ? data_to_read : FORTUNA_MAX_SZ;
48 const unsigned char * data = (const unsigned char *)buffer;
49 #ifndef SQLCIPHER_LTC_NO_MUTEX_RAND
50 sqlite3_mutex_enter(ltc_rand_mutex);
51 #endif
52 while(data_to_read > 0){
53 rc = fortuna_add_entropy(data, block_sz, &prng);
54 rc = rc != CRYPT_OK ? SQLITE_ERROR : SQLITE_OK;
55 if(rc != SQLITE_OK){
56 break;
57 }
58 data_to_read -= block_sz;
59 data += block_sz;
60 block_sz = data_to_read < FORTUNA_MAX_SZ ? data_to_read : FORTUNA_MAX_SZ;
61 }
62 fortuna_ready(&prng);
63 #ifndef SQLCIPHER_LTC_NO_MUTEX_RAND
64 sqlite3_mutex_leave(ltc_rand_mutex);
65 #endif
66 return rc;
67 }
68
sqlcipher_ltc_activate(void * ctx)69 static int sqlcipher_ltc_activate(void *ctx) {
70 unsigned char random_buffer[FORTUNA_MAX_SZ];
71 #ifndef SQLCIPHER_LTC_NO_MUTEX_RAND
72 if(ltc_rand_mutex == NULL){
73 ltc_rand_mutex = sqlite3_mutex_alloc(SQLITE_MUTEX_FAST);
74 }
75 sqlite3_mutex_enter(ltc_rand_mutex);
76 #endif
77 sqlcipher_memset(random_buffer, 0, FORTUNA_MAX_SZ);
78 if(ltc_init == 0) {
79 if(register_prng(&fortuna_desc) != CRYPT_OK) return SQLITE_ERROR;
80 if(register_cipher(&rijndael_desc) != CRYPT_OK) return SQLITE_ERROR;
81 if(register_hash(&sha1_desc) != CRYPT_OK) return SQLITE_ERROR;
82 if(fortuna_start(&prng) != CRYPT_OK) {
83 return SQLITE_ERROR;
84 }
85 ltc_init = 1;
86 }
87 ltc_ref_count++;
88 #ifndef SQLCIPHER_TEST
89 sqlite3_randomness(FORTUNA_MAX_SZ, random_buffer);
90 #endif
91 #ifndef SQLCIPHER_LTC_NO_MUTEX_RAND
92 sqlite3_mutex_leave(ltc_rand_mutex);
93 #endif
94 if(sqlcipher_ltc_add_random(ctx, random_buffer, FORTUNA_MAX_SZ) != SQLITE_OK) {
95 return SQLITE_ERROR;
96 }
97 sqlcipher_memset(random_buffer, 0, FORTUNA_MAX_SZ);
98 return SQLITE_OK;
99 }
100
sqlcipher_ltc_deactivate(void * ctx)101 static int sqlcipher_ltc_deactivate(void *ctx) {
102 #ifndef SQLCIPHER_LTC_NO_MUTEX_RAND
103 sqlite3_mutex_enter(ltc_rand_mutex);
104 #endif
105 ltc_ref_count--;
106 if(ltc_ref_count == 0){
107 fortuna_done(&prng);
108 sqlcipher_memset((void *)&prng, 0, sizeof(prng));
109 #ifndef SQLCIPHER_LTC_NO_MUTEX_RAND
110 sqlite3_mutex_leave(ltc_rand_mutex);
111 sqlite3_mutex_free(ltc_rand_mutex);
112 ltc_rand_mutex = NULL;
113 #endif
114 }
115 #ifndef SQLCIPHER_LTC_NO_MUTEX_RAND
116 else {
117 sqlite3_mutex_leave(ltc_rand_mutex);
118 }
119 #endif
120 return SQLITE_OK;
121 }
122
sqlcipher_ltc_get_provider_name(void * ctx)123 static const char* sqlcipher_ltc_get_provider_name(void *ctx) {
124 return "libtomcrypt";
125 }
126
sqlcipher_ltc_get_provider_version(void * ctx)127 static const char* sqlcipher_ltc_get_provider_version(void *ctx) {
128 return SCRYPT;
129 }
130
sqlcipher_ltc_random(void * ctx,void * buffer,int length)131 static int sqlcipher_ltc_random(void *ctx, void *buffer, int length) {
132 #ifndef SQLCIPHER_LTC_NO_MUTEX_RAND
133 sqlite3_mutex_enter(ltc_rand_mutex);
134 #endif
135 fortuna_read(buffer, length, &prng);
136 #ifndef SQLCIPHER_LTC_NO_MUTEX_RAND
137 sqlite3_mutex_leave(ltc_rand_mutex);
138 #endif
139 return SQLITE_OK;
140 }
141
sqlcipher_ltc_hmac(void * ctx,unsigned char * hmac_key,int key_sz,unsigned char * in,int in_sz,unsigned char * in2,int in2_sz,unsigned char * out)142 static int sqlcipher_ltc_hmac(void *ctx, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) {
143 int rc, hash_idx;
144 hmac_state hmac;
145 unsigned long outlen = key_sz;
146
147 hash_idx = find_hash("sha1");
148 if(in == NULL) return SQLITE_ERROR;
149 if((rc = hmac_init(&hmac, hash_idx, hmac_key, key_sz)) != CRYPT_OK) return SQLITE_ERROR;
150 if((rc = hmac_process(&hmac, in, in_sz)) != CRYPT_OK) return SQLITE_ERROR;
151 if(in2 != NULL && (rc = hmac_process(&hmac, in2, in2_sz)) != CRYPT_OK) return SQLITE_ERROR;
152 if((rc = hmac_done(&hmac, out, &outlen)) != CRYPT_OK) return SQLITE_ERROR;
153 return SQLITE_OK;
154 }
155
sqlcipher_ltc_kdf(void * ctx,const unsigned char * pass,int pass_sz,unsigned char * salt,int salt_sz,int workfactor,int key_sz,unsigned char * key)156 static int sqlcipher_ltc_kdf(void *ctx, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) {
157 int rc, hash_idx;
158 unsigned long outlen = key_sz;
159 unsigned long random_buffer_sz = sizeof(char) * 256;
160 unsigned char *random_buffer = sqlcipher_malloc(random_buffer_sz);
161 sqlcipher_memset(random_buffer, 0, random_buffer_sz);
162
163 hash_idx = find_hash("sha1");
164 if((rc = pkcs_5_alg2(pass, pass_sz, salt, salt_sz,
165 workfactor, hash_idx, key, &outlen)) != CRYPT_OK) {
166 return SQLITE_ERROR;
167 }
168 if((rc = pkcs_5_alg2(key, key_sz, salt, salt_sz,
169 1, hash_idx, random_buffer, &random_buffer_sz)) != CRYPT_OK) {
170 return SQLITE_ERROR;
171 }
172 sqlcipher_ltc_add_random(ctx, random_buffer, random_buffer_sz);
173 sqlcipher_free(random_buffer, random_buffer_sz);
174 return SQLITE_OK;
175 }
176
sqlcipher_ltc_get_cipher(void * ctx)177 static const char* sqlcipher_ltc_get_cipher(void *ctx) {
178 return "rijndael";
179 }
180
sqlcipher_ltc_cipher(void * ctx,int mode,unsigned char * key,int key_sz,unsigned char * iv,unsigned char * in,int in_sz,unsigned char * out)181 static int sqlcipher_ltc_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) {
182 int rc, cipher_idx;
183 symmetric_CBC cbc;
184
185 if((cipher_idx = find_cipher(sqlcipher_ltc_get_cipher(ctx))) == -1) return SQLITE_ERROR;
186 if((rc = cbc_start(cipher_idx, iv, key, key_sz, 0, &cbc)) != CRYPT_OK) return SQLITE_ERROR;
187 rc = mode == 1 ? cbc_encrypt(in, out, in_sz, &cbc) : cbc_decrypt(in, out, in_sz, &cbc);
188 if(rc != CRYPT_OK) return SQLITE_ERROR;
189 cbc_done(&cbc);
190 return SQLITE_OK;
191 }
192
sqlcipher_ltc_set_cipher(void * ctx,const char * cipher_name)193 static int sqlcipher_ltc_set_cipher(void *ctx, const char *cipher_name) {
194 return SQLITE_OK;
195 }
196
sqlcipher_ltc_get_key_sz(void * ctx)197 static int sqlcipher_ltc_get_key_sz(void *ctx) {
198 int cipher_idx = find_cipher(sqlcipher_ltc_get_cipher(ctx));
199 return cipher_descriptor[cipher_idx].max_key_length;
200 }
201
sqlcipher_ltc_get_iv_sz(void * ctx)202 static int sqlcipher_ltc_get_iv_sz(void *ctx) {
203 int cipher_idx = find_cipher(sqlcipher_ltc_get_cipher(ctx));
204 return cipher_descriptor[cipher_idx].block_length;
205 }
206
sqlcipher_ltc_get_block_sz(void * ctx)207 static int sqlcipher_ltc_get_block_sz(void *ctx) {
208 int cipher_idx = find_cipher(sqlcipher_ltc_get_cipher(ctx));
209 return cipher_descriptor[cipher_idx].block_length;
210 }
211
sqlcipher_ltc_get_hmac_sz(void * ctx)212 static int sqlcipher_ltc_get_hmac_sz(void *ctx) {
213 int hash_idx = find_hash("sha1");
214 return hash_descriptor[hash_idx].hashsize;
215 }
216
sqlcipher_ltc_ctx_copy(void * target_ctx,void * source_ctx)217 static int sqlcipher_ltc_ctx_copy(void *target_ctx, void *source_ctx) {
218 return SQLITE_OK;
219 }
220
sqlcipher_ltc_ctx_cmp(void * c1,void * c2)221 static int sqlcipher_ltc_ctx_cmp(void *c1, void *c2) {
222 return 1;
223 }
224
sqlcipher_ltc_ctx_init(void ** ctx)225 static int sqlcipher_ltc_ctx_init(void **ctx) {
226 sqlcipher_ltc_activate(NULL);
227 return SQLITE_OK;
228 }
229
sqlcipher_ltc_ctx_free(void ** ctx)230 static int sqlcipher_ltc_ctx_free(void **ctx) {
231 sqlcipher_ltc_deactivate(&ctx);
232 return SQLITE_OK;
233 }
234
sqlcipher_ltc_fips_status(void * ctx)235 static int sqlcipher_ltc_fips_status(void *ctx) {
236 return 0;
237 }
238
sqlcipher_ltc_setup(sqlcipher_provider * p)239 int sqlcipher_ltc_setup(sqlcipher_provider *p) {
240 p->activate = sqlcipher_ltc_activate;
241 p->deactivate = sqlcipher_ltc_deactivate;
242 p->get_provider_name = sqlcipher_ltc_get_provider_name;
243 p->random = sqlcipher_ltc_random;
244 p->hmac = sqlcipher_ltc_hmac;
245 p->kdf = sqlcipher_ltc_kdf;
246 p->cipher = sqlcipher_ltc_cipher;
247 p->set_cipher = sqlcipher_ltc_set_cipher;
248 p->get_cipher = sqlcipher_ltc_get_cipher;
249 p->get_key_sz = sqlcipher_ltc_get_key_sz;
250 p->get_iv_sz = sqlcipher_ltc_get_iv_sz;
251 p->get_block_sz = sqlcipher_ltc_get_block_sz;
252 p->get_hmac_sz = sqlcipher_ltc_get_hmac_sz;
253 p->ctx_copy = sqlcipher_ltc_ctx_copy;
254 p->ctx_cmp = sqlcipher_ltc_ctx_cmp;
255 p->ctx_init = sqlcipher_ltc_ctx_init;
256 p->ctx_free = sqlcipher_ltc_ctx_free;
257 p->add_random = sqlcipher_ltc_add_random;
258 p->fips_status = sqlcipher_ltc_fips_status;
259 p->get_provider_version = sqlcipher_ltc_get_provider_version;
260 return SQLITE_OK;
261 }
262
263 #endif
264 #endif
265 /* END SQLCIPHER */
266