Jens Alfke <j...@mooseyard.com> writes: >> On Jun 17, 2017, at 7:02 AM, Yuriy M. Kaminskiy <yum...@gmail.com> wrote: >> >> *) don't appear to be able to keep key in system-provided secure >> device/enclave; > > In their defense, I think this is out-of-scope for a cross-platform db > encryption library, as there are so many different APIs for this on > different platforms, and different valid choices even on one > platform.
Sure, this feature is very unlikely to be present for /any/ user-level file/db encryption. But totally within scope for system-wide full-disk encryption. > So I see this more as an application responsibility. I'm not sure application can do a lot here: if you are going to perform encryption on user-level, key will be in application memory, not in security enclave. [...] >> *) error handling looks problematic in a lot of places (no error >> checks, there are memory/resource leaks on error paths). > > If you have notes on those, could you share them? It would be good to Take any openssl function that can return error (e.g. if you specify PRAGMA cipher=aes-128-gcm, EVP_CipherFinal is expected to always return error on decryption, as sqlcipher does not provide correct tag [or, more precisely, *any* tag]). There are no check for this error. Take sqlcipher_codec_ctx_init: if((rc = sqlcipher_cipher_ctx_init(&ctx->read_ctx)) != SQLITE_OK) return rc; if((rc = sqlcipher_cipher_ctx_init(&ctx->write_ctx)) != SQLITE_OK) return rc; Suppose, first sqlcipher_cipher_ctx_init succeed, but second failed. Who is going to release ctx->read_ctx (and ctx itself)? And a lot more similar things. Sure, nothing *terrible serious* (it is leak on error path, likely only possible on OOM, so program state is rather fragile and most likely will crash or terminate anyway), but still shows that hardly anyone seriously reviewed code. > get those cleaned up. (I don’t work on SQLCipher, but I do work on a > library that uses it in some configurations.) _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
