int sqliterkCryptoDecode(sqliterk_codec *codec, int pgno, void *data)
{
int rc;
int offset = 0;
unsigned char *pdata = (unsigned char *) data;
int page_sz = sqlcipher_codec_ctx_get_pagesize(codec);
unsigned char *buffer =
(unsigned char *) sqlcipher_codec_ctx_get_data(codec);
rc = sqlcipher_codec_key_derive(codec);
if (rc != SQLITE_OK)
return rc;
if (pgno == 1) {
offset = 16; // FILE_HEADER_SZ
memcpy(buffer, "SQLite format 3", 16);
}
rc = sqlcipher_page_cipher(codec, CIPHER_READ_CTX, pgno, CIPHER_DECRYPT,
page_sz - offset, pdata + offset,
buffer + offset);
if (rc != SQLITE_OK)
goto bail;
memcpy(pdata, buffer, page_sz);
return SQLITERK_OK;
bail:
sqliterkOSError(SQLITERK_DAMAGED, "Failed to decode page %d: %s", pgno,
sqlite3_errstr(rc));
return rc;
}
/*
* sqlite3Codec can be called in multiple modes.
* encrypt mode - expected to return a pointer to the
* encrypted data without altering pData.
* decrypt mode - expected to return a pointer to pData, with
* the data decrypted in the input buffer
*/
void* sqlite3Codec(void *iCtx, void *data, Pgno pgno, int mode) {
codec_ctx *ctx = (codec_ctx *) iCtx;
int offset = 0, rc = 0;
int page_sz = sqlcipher_codec_ctx_get_pagesize(ctx);
unsigned char *pData = (unsigned char *) data;
void *buffer = sqlcipher_codec_ctx_get_data(ctx);
void *kdf_salt = sqlcipher_codec_ctx_get_kdf_salt(ctx);
CODEC_TRACE(("sqlite3Codec: entered pgno=%d, mode=%d, page_sz=%d\n", pgno, mode, page_sz));
/* call to derive keys if not present yet */
if((rc = sqlcipher_codec_key_derive(ctx)) != SQLITE_OK) {
sqlcipher_codec_ctx_set_error(ctx, rc);
return NULL;
}
if(pgno == 1) offset = FILE_HEADER_SZ; /* adjust starting pointers in data page for header offset on first page*/
CODEC_TRACE(("sqlite3Codec: switch mode=%d offset=%d\n", mode, offset));
switch(mode) {
case 0: /* decrypt */
case 2:
case 3:
if(pgno == 1) memcpy(buffer, SQLITE_FILE_HEADER, FILE_HEADER_SZ); /* copy file header to the first 16 bytes of the page */
rc = sqlcipher_page_cipher(ctx, CIPHER_READ_CTX, pgno, CIPHER_DECRYPT, page_sz - offset, pData + offset, (unsigned char*)buffer + offset);
if(rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, rc);
memcpy(pData, buffer, page_sz); /* copy buffer data back to pData and return */
return pData;
break;
case 6: /* encrypt */
if(pgno == 1) memcpy(buffer, kdf_salt, FILE_HEADER_SZ); /* copy salt to output buffer */
rc = sqlcipher_page_cipher(ctx, CIPHER_WRITE_CTX, pgno, CIPHER_ENCRYPT, page_sz - offset, pData + offset, (unsigned char*)buffer + offset);
if(rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, rc);
return buffer; /* return persistent buffer data, pData remains intact */
break;
case 7:
if(pgno == 1) memcpy(buffer, kdf_salt, FILE_HEADER_SZ); /* copy salt to output buffer */
rc = sqlcipher_page_cipher(ctx, CIPHER_READ_CTX, pgno, CIPHER_ENCRYPT, page_sz - offset, pData + offset, (unsigned char*)buffer + offset);
if(rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, rc);
return buffer; /* return persistent buffer data, pData remains intact */
break;
default:
return pData;
break;
}
}