Hi, Dmitri, sorry but I don't think it's a good idea to apply your patch right now. I haven't tested it yet, but SQLCipher's README says 1) building via 'amalgamation' isn't supported, 2) we must define SQLITE_HAS_CODEC, 3) we need to link against a OpenSSL's libcrypt iwth sha256 support. That means, if we want to enable it, we also need those libraries (i.e. we also need to patch Makefile.PL etc). And the SQLCipher's license looks like a bit obscure, private one, which might not fit for a CPAN module.
Besides, you can freely issue PRAGMA (re)key="something" without this patch. DBD::SQLite certainly ignores a password, but it's derived from the DBI's API. I don't think it's a good idea to use it in other way. Thanks, Kenichi On Tue, 18 Aug 2009 07:30:33 -0700 (PDT), Dmitri Tikhonov <dtikho...@yahoo.com> wrote: >Hello, > >I have been working with SQLCipher [1] and I have noticed that DBD::SQLite >does not work out of the box with it. In order to use an encrypted database, >the first thing that should happen is to issue a pragma that specifies the key >to decrypt pages. I modified the login function (the patch is attached) to >use the password, if set, as the key. > >I was hoping this (or a modified, but equivalent) change could be made to the >main line: it should not break existing code and will make DBD::SQLite work >with SQLCipher. > > - Dmitri. > >1. "SQLCipher is an open source extension that provides transparent encryption >of SQLite databases. Data pages are encrypted before being written to storage >and decrypted on read." http://www.zetetic.net/software/sqlcipher/ > > > > >Index: dbdimp.c >=================================================================== >--- dbdimp.c (revision 31) >+++ dbdimp.c (revision 32) >@@ -106,6 +106,28 @@ > > sqlite3_busy_timeout(imp_dbh->db, SQL_TIMEOUT); > >+ if (pass) { >+ /* If password is set, issue pragma to decrypt the database. Works >+ * with SQLCipher. >+ */ >+ char pragma[0x100]; >+ if (snprintf(pragma, sizeof(pragma), "PRAGMA key='%s'", pass) >= >+ sizeof(pragma)) >+ { >+ sqlite_error(dbh, (imp_xxh_t*)imp_dbh, 1, >+ strdup("password too long")); >+ return FALSE; >+ } >+ >+ if ((retval = sqlite3_exec(imp_dbh->db, pragma, NULL, NULL, &errmsg)) >+ != SQLITE_OK) >+ { >+ /* warn("failed to set pragma: %s\n", errmsg); */ >+ sqlite_error(dbh, (imp_xxh_t*)imp_dbh, retval, errmsg); >+ return FALSE; >+ } >+ } >+ > if ((retval = sqlite3_exec(imp_dbh->db, "PRAGMA empty_result_callbacks = > ON", > NULL, NULL, &errmsg)) > != SQLITE_OK) >_______________________________________________ >DBD-SQLite mailing list >DBD-SQLite@lists.scsys.co.uk >http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/dbd-sqlite _______________________________________________ DBD-SQLite mailing list DBD-SQLite@lists.scsys.co.uk http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/dbd-sqlite
