[DBD-SQLite] Adding support for SQLCipher.
Dmitri Tikhonov
dtikhonov at yahoo.com
Tue Aug 18 14:30:33 GMT 2009
Hello,
I have been working with SQLCipher [1] and I have noticed that DBD::SQLite does not work out of the box with it. In order to use an encrypted database, the first thing that should happen is to issue a pragma that specifies the key to decrypt pages. I modified the login function (the patch is attached) to use the password, if set, as the key.
I was hoping this (or a modified, but equivalent) change could be made to the main line: it should not break existing code and will make DBD::SQLite work with SQLCipher.
- Dmitri.
1. "SQLCipher is an open source extension that provides transparent encryption of SQLite databases. Data pages are encrypted before being written to storage and decrypted on read." http://www.zetetic.net/software/sqlcipher/
-------------- next part --------------
Index: dbdimp.c
===================================================================
--- dbdimp.c (revision 31)
+++ dbdimp.c (revision 32)
@@ -106,6 +106,28 @@
sqlite3_busy_timeout(imp_dbh->db, SQL_TIMEOUT);
+ if (pass) {
+ /* If password is set, issue pragma to decrypt the database. Works
+ * with SQLCipher.
+ */
+ char pragma[0x100];
+ if (snprintf(pragma, sizeof(pragma), "PRAGMA key='%s'", pass) >=
+ sizeof(pragma))
+ {
+ sqlite_error(dbh, (imp_xxh_t*)imp_dbh, 1,
+ strdup("password too long"));
+ return FALSE;
+ }
+
+ if ((retval = sqlite3_exec(imp_dbh->db, pragma, NULL, NULL, &errmsg))
+ != SQLITE_OK)
+ {
+ /* warn("failed to set pragma: %s\n", errmsg); */
+ sqlite_error(dbh, (imp_xxh_t*)imp_dbh, retval, errmsg);
+ return FALSE;
+ }
+ }
+
if ((retval = sqlite3_exec(imp_dbh->db, "PRAGMA empty_result_callbacks = ON",
NULL, NULL, &errmsg))
!= SQLITE_OK)
More information about the DBD-SQLite
mailing list