Add SetKey to connection to support SQLCipher

praeclarum · praeclarum · commit dbe79d66e7e0 · 2017-08-12T20:19:22.000-07:00
The key quoting is not perfect - need to improve it in the future. Working on #597
diff --git a/src/SQLite.cs b/src/SQLite.cs
@@ -287,6 +287,48 @@ public SQLiteConnection (string databasePath, SQLiteOpenFlags openFlags, bool st
 			Tracer = line => Debug.WriteLine (line);
 		}
 
+		/// <summary>
+		/// Convert an input string to a quoted SQL string that can be safely used in queries.
+		/// </summary>
+		/// <returns>The quoted string.</returns>
+		/// <param name="unsafeString">The unsafe string to quote.</param>
+		static string Quote (string unsafeString)
+		{
+			// TODO: Doesn't call sqlite3_mprintf("%Q", u) because we're waiting on https://github.com/ericsink/SQLitePCL.raw/issues/153
+			if (unsafeString == null) return "NULL";
+			var safe = unsafeString.Replace ("'", "''");
+			return "'" + safe + "'";
+		}
+
+		/// <summary>
+		/// Sets the key used to encrypt/decrypt the database.
+		/// This must be the first thing you call before doing anything else with this connection
+		/// if your database is encrypted.
+		/// This only has an effect if you are using the SQLCipher nuget package.
+		/// </summary>
+		/// <param name="key">Ecryption key plain text that is converted to the real encryption key using PBKDF2 key derivation</param>
+		public void SetKey (string key)
+		{
+			if (key == null) throw new ArgumentNullException (nameof (key));
+			var q = Quote (key);
+			Execute ("pragma key = " + q);
+		}
+
+		/// <summary>
+		/// Sets the key used to encrypt/decrypt the database.
+		/// This must be the first thing you call before doing anything else with this connection
+		/// if your database is encrypted.
+		/// This only has an effect if you are using the SQLCipher nuget package.
+		/// </summary>
+		/// <param name="key">256-bit (32 byte) ecryption key data</param>
+		public void SetKey (byte[] key)
+		{
+			if (key == null) throw new ArgumentNullException (nameof (key));
+			if (key.Length != 32) throw new ArgumentException ("Key must be 32 bytes (256-bit)", nameof(key));
+			var s = String.Join ("", key.Select (x => x.ToString ("X2")));
+			Execute ("pragma key = \"x'" + s + "'\"");
+		}
+
 		/// <summary>
 		/// Enable or disable extension loading.
 		/// </summary>
diff --git a/src/SQLiteAsync.cs b/src/SQLiteAsync.cs
@@ -198,6 +198,39 @@ Task<T> WriteAsync<T> (Func<SQLiteConnectionWithLock, T> write)
 			});
 		}
 
+		/// <summary>
+		/// Sets the key used to encrypt/decrypt the database.
+		/// This must be the first thing you call before doing anything else with this connection
+		/// if your database is encrypted.
+		/// This only has an effect if you are using the SQLCipher nuget package.
+		/// </summary>
+		/// <param name="key">Ecryption key plain text that is converted to the real encryption key using PBKDF2 key derivation</param>
+		public Task SetKeyAsync (string key)
+		{
+			if (key == null) throw new ArgumentNullException (nameof (key));
+			return WriteAsync<object> (conn => {
+				conn.SetKey (key);
+				return null;
+			});
+		}
+
+		/// <summary>
+		/// Sets the key used to encrypt/decrypt the database.
+		/// This must be the first thing you call before doing anything else with this connection
+		/// if your database is encrypted.
+		/// This only has an effect if you are using the SQLCipher nuget package.
+		/// </summary>
+		/// <param name="key">256-bit (32 byte) ecryption key data</param>
+		public Task SetKeyAsync (byte[] key)
+		{
+			if (key == null) throw new ArgumentNullException (nameof (key));
+			if (key.Length != 32) throw new ArgumentException ("Key must be 32 bytes (256-bit)", nameof (key));
+			return WriteAsync<object> (conn => {
+				conn.SetKey (key);
+				return null;
+			});
+		}
+
 		/// <summary>
 		/// Enable or disable extension loading.
 		/// </summary>
diff --git a/tests/SQLCipherTest.cs b/tests/SQLCipherTest.cs
@@ -0,0 +1,96 @@
+﻿using System;
+using System.Collections.Generic;
+using System.Linq;
+
+#if NETFX_CORE
+using Microsoft.VisualStudio.TestPlatform.UnitTestFramework;
+using SetUp = Microsoft.VisualStudio.TestPlatform.UnitTestFramework.TestInitializeAttribute;
+using TestFixture = Microsoft.VisualStudio.TestPlatform.UnitTestFramework.TestClassAttribute;
+using Test = Microsoft.VisualStudio.TestPlatform.UnitTestFramework.TestMethodAttribute;
+#else
+using NUnit.Framework;
+#endif
+
+namespace SQLite.Tests
+{
+	[TestFixture]
+	public class SQLCipherTest
+	{
+		class TestTable
+		{
+			[PrimaryKey, AutoIncrement]
+			public int Id { get; set; }
+
+			public string Value { get; set; }
+		}
+
+		[Test]
+		public void SetStringKey ()
+		{
+			string path;
+
+			var key = "SecretPassword";
+
+			using (var db = new TestDb ()) {
+				path = db.DatabasePath;
+
+				db.SetKey (key);
+
+				db.CreateTable<TestTable> ();
+				db.Insert (new TestTable { Value = "Hello" });
+			}
+
+			using (var db = new TestDb (path)) {
+				path = db.DatabasePath;
+
+				db.SetKey (key);
+
+				var r = db.Table<TestTable> ().First ();
+
+				Assert.AreEqual ("Hello", r.Value);
+			}
+		}
+
+		[Test]
+		public void SetBytesKey ()
+		{
+			string path;
+
+			var rand = new Random ();
+			var key = new byte[32];
+			rand.NextBytes (key);
+
+			using (var db = new TestDb ()) {
+				path = db.DatabasePath;
+
+				db.SetKey (key);
+
+				db.CreateTable<TestTable> ();
+				db.Insert (new TestTable { Value = "Hello" });
+			}
+
+			using (var db = new TestDb (path)) {
+				path = db.DatabasePath;
+
+				db.SetKey (key);
+
+				var r = db.Table<TestTable> ().First ();
+
+				Assert.AreEqual ("Hello", r.Value);
+			}
+		}
+
+		[Test]
+		public void SetBadBytesKey ()
+		{
+			try {
+				using (var db = new TestDb ()) {
+					db.SetKey (new byte[] { 1, 2, 3, 4 });
+				}
+				Assert.Fail ("Should have thrown");
+			}
+			catch (ArgumentException) {
+			}
+		}
+	}
+}
diff --git a/tests/SQLite.Tests.csproj b/tests/SQLite.Tests.csproj
@@ -80,6 +80,7 @@
     <Compile Include="DateTimeOffsetTest.cs" />
     <Compile Include="TableChangedTest.cs" />
     <Compile Include="IgnoreTest.cs" />
+    <Compile Include="SQLCipherTest.cs" />
   </ItemGroup>
   <ItemGroup>
     <None Include="packages.config" />
diff --git a/tests/TestDb.cs b/tests/TestDb.cs
@@ -57,6 +57,11 @@ public TestDb (bool storeDateTimeAsTicks = true) : base (TestPath.GetTempFileNam
 		{
 			Trace = true;
 		}
+
+		public TestDb (string path, bool storeDateTimeAsTicks = true) : base (path, storeDateTimeAsTicks)
+		{
+			Trace = true;
+		}
 	}
 
 	public class TestPath

Original file line number	Diff line number	Diff line change
`@@ -57,6 +57,11 @@ public TestDb (bool storeDateTimeAsTicks = true) : base (TestPath.GetTempFileNam`
`57`	`57`	`{`
`58`	`58`	`Trace = true;`
`59`	`59`	`}`
	`60`	`+`
	`61`	`+ public TestDb (string path, bool storeDateTimeAsTicks = true) : base (path, storeDateTimeAsTicks)`
	`62`	`+ {`
	`63`	`+ Trace = true;`
	`64`	`+ }`
`60`	`65`	`}`
`61`	`66`
`62`	`67`	`public class TestPath`