Hello,
I have been working with SQLCipher [1] and I have noticed that DBD::SQLite does
not work out of the box with it. In order to use an encrypted database, the
first thing that should happen is to issue a pragma that specifies the key to
decrypt pages. I modified the login function (the patch is attached) to use
the password, if set, as the key.
I was hoping this (or a modified, but equivalent) change could be made to the
main line: it should not break existing code and will make DBD::SQLite work
with SQLCipher.
- Dmitri.
1. "SQLCipher is an open source extension that provides transparent encryption
of SQLite databases. Data pages are encrypted before being written to storage
and decrypted on read." http://www.zetetic.net/software/sqlcipher/
Index: dbdimp.c
===================================================================
--- dbdimp.c (revision 31)
+++ dbdimp.c (revision 32)
@@ -106,6 +106,28 @@
sqlite3_busy_timeout(imp_dbh->db, SQL_TIMEOUT);
+ if (pass) {
+ /* If password is set, issue pragma to decrypt the database. Works
+ * with SQLCipher.
+ */
+ char pragma[0x100];
+ if (snprintf(pragma, sizeof(pragma), "PRAGMA key='%s'", pass) >=
+ sizeof(pragma))
+ {
+ sqlite_error(dbh, (imp_xxh_t*)imp_dbh, 1,
+ strdup("password too long"));
+ return FALSE;
+ }
+
+ if ((retval = sqlite3_exec(imp_dbh->db, pragma, NULL, NULL, &errmsg))
+ != SQLITE_OK)
+ {
+ /* warn("failed to set pragma: %s\n", errmsg); */
+ sqlite_error(dbh, (imp_xxh_t*)imp_dbh, retval, errmsg);
+ return FALSE;
+ }
+ }
+
if ((retval = sqlite3_exec(imp_dbh->db, "PRAGMA empty_result_callbacks =
ON",
NULL, NULL, &errmsg))
!= SQLITE_OK)
_______________________________________________
DBD-SQLite mailing list
[email protected]
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/dbd-sqlite
