On Wed, Apr 6, 2011 at 8:21 AM, Ulric Auger <[email protected]> wrote:
> Hi,
>
> I think I found a bug creating an encrypted backup.
>
>
>
> The source database is encrypted using key:
>
> aes256:A94A8FE5CCB19BA61C4C0873D391E987982FBBD3
>
>
>
> The source database is readable, I can run select queries and insert data
> with no problem.
>
>
>
> When I use the following function to create a backup of the database, the
> backup database becomes unreadable.
>
> I used the same encryption key as the source database for the backup one,
> but when I try to read something from the backed up database I get an error
> that the database is encrypted.
>
>
>
> Thanks
>
>
>
> int backupDb(sqlite3 *pDb, const char *zFilename, const char *zKey)
>
> {
>
> int rc;
>
> sqlite3 *pBackupDb;
>
> sqlite3_backup *pBackup;
>
>
>
> rc = sqlite3_open(zFilename, &pBackupDb);
>
> if( rc==SQLITE_OK )
>
> {
>
> if (zKey != NULL)
>
> sqlite3_key(pBackupDb, zKey, strlen(zKey));
>
Please try doing something with pBackupDb here, after setting the key but
before overwriting with the backup. Something like (for example):
sqlite3_exec(pBackupDb, "PRAGMA secure_delete=OFF", 0, 0, 0);
We have lots and lots of test cases running backups into encrypted
databases, all of which work. But after further investigation, I see that
we also run a series of pragmas (such as the one above) against the
destination database after the encryption key is set but before the backup
starts.
In the case I just now looked into, the following pragmas run:
PRAGMA recursive_triggers=ON;
PRAGMA foreign_keys=ON;
PRAGMA secure_delete=OFF;
But probably any PRAGMA or any other statement (perhaps: "SELECT * FROM
sqlite_master") will serve.
Please try this in your code and let me know if it clears the problem.
>
>
>
> pBackup = sqlite3_backup_init(pBackupDb, "main", pDb, "main");
>
> if( pBackup )
>
> {
>
> do
>
> {
>
> rc = sqlite3_backup_step(pBackup, 100);
>
> if( rc==SQLITE_OK || rc==SQLITE_BUSY || rc==SQLITE_LOCKED ){
>
> sqlite3_sleep(10);
>
> }
>
> }
>
> while( rc==SQLITE_OK || rc==SQLITE_BUSY || rc==SQLITE_LOCKED );
>
>
>
> sqlite3_backup_finish(pBackup);
>
> }
>
> rc = sqlite3_errcode(pBackupDb);
>
> }
>
>
>
> sqlite3_close(pBackupDb);
>
> return rc;
>
> }
>
>
>
> Ulric Auger
> --
> Groupe Techna Inc.
> <mailto:[email protected]> [email protected]
>
>
>
> _______________________________________________
> sqlite-users mailing list
> [email protected]
> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
>
--
D. Richard Hipp
[email protected]
_______________________________________________
sqlite-users mailing list
[email protected]
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
