From: dan Date: Tue, 27 Feb 2018 14:26:33 +0000 (+0000) Subject: Have the zonefile extension use binary instead of text keys. X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4ec163f7aecb19dc8bbe99ed7a1260e0a5074f43;p=thirdparty%2Fsqlite.git Have the zonefile extension use binary instead of text keys. FossilOrigin-Name: 39a4267fc9cec77fd8d9be25c73b848e77a68906253cc75d61fe90e549bafa27 --- diff --git a/ext/zonefile/README.md b/ext/zonefile/README.md index d404eb2855..b91a4553f9 100644 --- a/ext/zonefile/README.md +++ b/ext/zonefile/README.md @@ -58,16 +58,23 @@ except for "zstd_global_dict", are also valid for this option. useful for testing only). encryptionKey"" -The encryption key (a string) to use. The value of this option is -ignored if encryptionType is set to "none". +The encryption key to use. The encryption key must be specified as an +even number of hexadecimal that will be converted to a binary key before +use. It is the responsibility of the caller to specify a key of the optimal +length for each encryption algorithm (e.g. 16 bytes (32 hex digits) for +a 128-bit encryption, or 32 bytes (64 digits) for a 256-bit method). +This option is ignored if encryptionType is set to "none". For example, to create a zonefile named "test.zonefile" based on the -contents of database table "test_input" and with a maximum automatic -frame size of 4096 bytes: +contents of database table "test_input", with a maximum automatic +frame size of 4096 bytes and using "xor" encryption with a 128-bit key: > SELECT zonefile_write('test.zonefile', 'test_input', -> '{"maxAutoFrameSize":4096}' +> '{"maxAutoFrameSize":4096, +> "encryptionType":"xor", +> "encryptionKey":"e6e600bc063aad12f6387beab650c48a" +> }' > ); ### Using (Reading) Zonefile Files @@ -100,9 +107,21 @@ row into the "z1_files" table: > INSERT INTO z1_files(filename) VALUES(); -Currently, any value provided for any column other than "filename" is -ignored. Files are removed from the index by deleting rows from the -z1_files table: +If the file is an encrypted file, then the encryption key (a blob) must +be inserted into the "ekey" column. Encryption keys are not stored in the +database, they are held in main-memory only. This means that each new +connection must configure encryption key using UPDATE statements before +accessing any encrypted files. For example: + +> -- Add new encrypted file to database: +> INSERT INTO z1_files(filename, ekey) VALUES(, ); +> +> -- Configure encryption key for existing file after opening database: +> UPDATE z1_files SET ekey = WHERE filename = ; + +Currently, values provided for any columns other than "filename" and +"ekey" are ignored. Files are removed from the index by deleting rows +from the z1_files table: > DELETE FROM z1_files WHERE filename = ; diff --git a/ext/zonefile/zonefile.c b/ext/zonefile/zonefile.c index a8da4ba201..656aa2324f 100644 --- a/ext/zonefile/zonefile.c +++ b/ext/zonefile/zonefile.c @@ -175,7 +175,7 @@ static int zonefileCodecNonceSize(ZonefileCodec *pCodec){ ** sure to include the extra bytes. */ static void zonefileCodecEncode( - ZonefileCodec *pCodec, + ZonefileCodec *pCodec, unsigned char *pIn, int nIn ){ int i; @@ -229,7 +229,7 @@ struct ZonefileKey { const char *zName; /* Zonefile table name */ const char *zDb; /* Database name ("main", "temp" etc.) */ i64 iFileid; /* File id */ - const char *zKey; /* Key buffer */ + const u8 *aKey; /* Key buffer */ int nKey; /* Size of zKey in bytes */ u32 iHash; /* zonefileKeyHash() value */ ZonefileKey *pHashNext; /* Next colliding key in hash table */ @@ -251,7 +251,7 @@ static u32 zonefileKeyHash( } /* -** Store encryption key zKey in the key-store passed as the first argument. +** Store encryption key aKey in the key-store passed as the first argument. ** Return SQLITE_OK if successful, or an SQLite error code (SQLITE_NOMEM) ** otherwise. */ @@ -260,7 +260,8 @@ static int zonefileKeyStore( const char *zDb, /* Database containing zonefile table */ const char *zTab, /* Name of zonefile table */ i64 iFileid, /* File-id to configure key for */ - const char *zKey /* Key to store */ + const u8 *aKey, /* Key to store */ + int nKey /* Size of aKey[] in bytes */ ){ ZonefileKey **pp; u32 iHash = zonefileKeyHash(zDb, zTab, iFileid); @@ -281,8 +282,7 @@ static int zonefileKeyStore( } } - if( zKey ){ - int nKey = strlen(zKey); + if( aKey ){ int nDb = strlen(zDb); int nTab = strlen(zTab); ZonefileKey *pNew; @@ -315,11 +315,11 @@ static int zonefileKeyStore( memset(pNew, 0, sizeof(ZonefileKey)); pNew->iFileid = iFileid; pNew->iHash = iHash; - pNew->zKey = (const char*)&pNew[1]; + pNew->aKey = (const u8*)&pNew[1]; pNew->nKey = nKey; - pNew->zDb = &pNew->zKey[nKey+1]; + pNew->zDb = (const char*)&pNew->aKey[nKey+1]; pNew->zName = &pNew->zDb[nDb+1]; - memcpy((char*)pNew->zKey, zKey, nKey+1); + memcpy((u8*)pNew->aKey, aKey, nKey+1); memcpy((char*)pNew->zDb, zDb, nDb+1); memcpy((char*)pNew->zName, zTab, nTab+1); @@ -345,7 +345,7 @@ static int zonefileKeyFind( const char *zDb, /* Database containing zonefile table */ const char *zTab, /* Name of zonefile table */ i64 iFileid, /* File-id to configure key for */ - const char **pzKey /* OUT: Pointer to key buffer */ + const u8 **paKey /* OUT: Pointer to key buffer */ ){ if( pGlobal->nHash ){ ZonefileKey *pKey; @@ -355,7 +355,7 @@ static int zonefileKeyFind( && 0==sqlite3_stricmp(zTab, pKey->zName) && 0==sqlite3_stricmp(zDb, pKey->zDb) ){ - *pzKey = pKey->zKey; + *paKey = pKey->aKey; return pKey->nKey; } } @@ -737,6 +737,7 @@ struct ZonefileParam { int encryptionType; int maxAutoFrameSize; int debugExtendedHeaderSize; /* Size of extended header */ + int debugEncryptionKeyText; /* True to allow text keys */ char *encryptionKey; /* Encryption key */ }; @@ -849,16 +850,21 @@ int zonefileIsAutoFrame(sqlite3_value *pFrame){ ); } +#define SQLITE_ZONEFILE_AES_128_CTR 1 +#define SQLITE_ZONEFILE_AES_128_CBC 2 +#define SQLITE_ZONEFILE_AES_256_CTR 3 +#define SQLITE_ZONEFILE_AES_256_CBC 4 + static int zonefileEncryption(const char *zName, int *peType, char **pzErr){ struct Encryption { const char *zName; int eType; } a[] = { {"NONE", 0}, - {"AES_128_CTR", 1}, - {"AES_128_CBC", 2}, - {"AES_256_CTR", 3}, - {"AES_256_CBC", 4}, + {"AES_128_CTR", SQLITE_ZONEFILE_AES_128_CTR}, + {"AES_128_CBC", SQLITE_ZONEFILE_AES_128_CBC}, + {"AES_256_CTR", SQLITE_ZONEFILE_AES_256_CTR}, + {"AES_256_CBC", SQLITE_ZONEFILE_AES_256_CBC}, {"XOR", 5}, }; int i; @@ -906,6 +912,9 @@ static int zonefileGetParams( } p->debugExtendedHeaderSize = iVal; }else + if( sqlite3_stricmp("debugEncryptionKeyText", zKey)==0 ){ + p->debugEncryptionKeyText = iVal; + }else if( sqlite3_stricmp("maxAutoFrameSize", zKey)==0 ){ p->maxAutoFrameSize = iVal; }else @@ -1086,6 +1095,34 @@ static int zonefilePad(FILE *pFd, int nByte){ return SQLITE_OK; } +static int zonefileHexChar(char c){ + if( c>='0' && c<='9' ) return c-'0'; + c = c & ~0x20; + if( c>='A' && c<='F' ) return c-('A'-10); + return -1; +} + +static int zonefileDecodeEncryptionKey(ZonefileParam *p, int *pn, char **pzErr){ + if( p->debugEncryptionKeyText==0 ){ + u8 *z = (u8*)p->encryptionKey; + int n = *pn; + int i; + if( n&0x01 ) goto bad_format; + for(i=0; i1 && sqlite3_value_nochange(apVal[2]) ){ - const char *zKey = (const char*)sqlite3_value_text(apVal[3]); - i64 iFileid = sqlite3_value_int64(apVal[0]); - return zonefileKeyStore( - pTab->pGlobal, pTab->zDb, pTab->zBase, iFileid, zKey - ); + bUpdateKey = 1; }else{ if( pTab->pDelete==0 ){ rc = zonefilePrepare(pTab->db, &pTab->pDelete, &pVtab->zErrMsg, @@ -1890,32 +1927,39 @@ static int zffUpdate( } if( nVal>1 ){ i64 iFileid = 0; - const char *zFile = (const char*)sqlite3_value_text(apVal[2]); + if( bUpdateKey ){ + iFileid = sqlite3_value_int64(apVal[0]); + }else{ + const char *zFile = (const char*)sqlite3_value_text(apVal[2]); - if( pTab->pInsert==0 ){ - rc = zonefilePrepare(pTab->db, &pTab->pInsert, &pVtab->zErrMsg, - "INSERT INTO %Q.'%q_shadow_file'(filename) VALUES(?)", - pTab->zDb, pTab->zBase - ); - } + if( pTab->pInsert==0 ){ + rc = zonefilePrepare(pTab->db, &pTab->pInsert, &pVtab->zErrMsg, + "INSERT INTO %Q.'%q_shadow_file'(filename) VALUES(?)", + pTab->zDb, pTab->zBase + ); + } - /* Add the new entry to the %_shadow_file table. */ - if( rc==SQLITE_OK ){ - sqlite3_bind_text(pTab->pInsert, 1, zFile, -1, SQLITE_TRANSIENT); - sqlite3_step(pTab->pInsert); - rc = sqlite3_reset(pTab->pInsert); - } + /* Add the new entry to the %_shadow_file table. */ + if( rc==SQLITE_OK ){ + sqlite3_bind_text(pTab->pInsert, 1, zFile, -1, SQLITE_TRANSIENT); + sqlite3_step(pTab->pInsert); + rc = sqlite3_reset(pTab->pInsert); + } - /* Populate the %_shadow_idx table with entries for all keys in - ** the zonefile just added to %_shadow_file. */ - if( rc==SQLITE_OK ){ - iFileid = sqlite3_last_insert_rowid(pTab->db); - rc = zonefilePopulateIndex(pTab, zFile, iFileid); + /* Populate the %_shadow_idx table with entries for all keys in + ** the zonefile just added to %_shadow_file. */ + if( rc==SQLITE_OK ){ + iFileid = sqlite3_last_insert_rowid(pTab->db); + rc = zonefilePopulateIndex(pTab, zFile, iFileid); + } } if( rc==SQLITE_OK ){ - const char *zKey = (const char*)sqlite3_value_text(apVal[3]); - rc = zonefileKeyStore(pTab->pGlobal, pTab->zDb, pTab->zBase,iFileid,zKey); + int nKey = sqlite3_value_bytes(apVal[3]); + const u8 *aKey = (const u8*)sqlite3_value_blob(apVal[3]); + rc = zonefileKeyStore( + pTab->pGlobal, pTab->zDb, pTab->zBase, iFileid, aKey, nKey + ); } } @@ -2585,13 +2629,13 @@ static int zonefileValueReadCache(sqlite3_context *pCtx, ZonefileCsr *pCsr){ /* Find the encryption method and key. */ if( rc==SQLITE_OK && hdr.encryptionType ){ - const char *z = 0; - int n = zonefileKeyFind(pTab->pGlobal, pTab->zDb, pTab->zName, iFile, &z); + const u8 *a = 0; + int n = zonefileKeyFind(pTab->pGlobal, pTab->zDb, pTab->zName, iFile, &a); if( n==0 ){ zErr = sqlite3_mprintf("missing encryption key for file \"%s\"", zFile); rc = SQLITE_ERROR; }else{ - rc = zonefileCodecCreate(hdr.encryptionType, 0, (u8*)z,n,&pCodec,&zErr); + rc = zonefileCodecCreate(hdr.encryptionType, 0, (u8*)a,n,&pCodec,&zErr); } } diff --git a/ext/zonefile/zonefile1.test b/ext/zonefile/zonefile1.test index 3c9a1c0583..269b88d8b9 100644 --- a/ext/zonefile/zonefile1.test +++ b/ext/zonefile/zonefile1.test @@ -220,6 +220,7 @@ do_execsql_test 3.0 { WITH p(n,v) AS ( VALUES('maxAutoFrameSize', 2000) UNION ALL VALUES('encryptionType', 'xor') UNION ALL + VALUES('debugEncryptionKeyText', 1) UNION ALL VALUES('encryptionKey', '0123456789') ) SELECT zonefile_write('test.zonefile', 'dd', json_group_object(n, v)) FROM p; @@ -612,7 +613,7 @@ do_execsql_test 11.0 { INSERT INTO data VALUES(2, 2, -1, randomblob(200)); INSERT INTO data VALUES(3, 3, -1, randomblob(200)); SELECT zonefile_write('test.zonefile', 'data', - '{"encryptionType":"xor","encryptionKey":"pass"}' + '{"encryptionType":"xor","encryptionKey":"pass","debugEncryptionKeyText":1}' ); CREATE VIRTUAL TABLE nm USING zonefile(cachesize=2); diff --git a/ext/zonefile/zonefileenc.test b/ext/zonefile/zonefileenc.test index 7128c46e82..1f912cad1f 100644 --- a/ext/zonefile/zonefileenc.test +++ b/ext/zonefile/zonefileenc.test @@ -17,97 +17,137 @@ if {![info exists testdir]} { } source [file join $testdir tester.tcl] set testprefix zonefileenc -load_static_extension db zonefile - -set K { - braking bramble brambles brambly - bran branch branched branches - branching branchings brand branded -} -set nFile 100 -do_execsql_test 1.0 { - CREATE TABLE zz(k INTEGER PRIMARY KEY, frame INTEGER, idx INTEGER, v BLOB); - CREATE TABLE rr(k INTEGER PRIMARY KEY, v); -} -do_test 1.1 { - for {set i 0} {$i < $nFile} {incr i} { - set k [lindex $K [expr $i % [llength $K]]] - execsql { - DELETE FROM zz; - INSERT INTO zz VALUES($i*10+1, 1, -1, randomblob(100)); - INSERT INTO zz VALUES($i*10+2, 2, -1, randomblob(100)); - INSERT INTO zz VALUES($i*10+3, 1, -1, randomblob(100)); - INSERT INTO rr SELECT k,v FROM zz; - - WITH p(n,v) AS ( - VALUES('encryptionType', 'xor') UNION ALL - VALUES('encryptionKey', $k) - ) - SELECT zonefile_write('test' || $i || '.zonefile', 'zz', - json_group_object(n, v) - ) FROM p; +foreach {tn code} { + 1 { + set K { + braking bramble brambles brambly + bran branch branched branches + branching branchings brand branded } + set textkey 1 } -} {} - -proc k {i} { lindex $::K [expr $i % [llength $::K]] } -db func k k + 2 { + set K { + 5e008542742ce0442e37cbf2512e9492 c91c26e0573ca3464e037568c51126da + e90e17489c1aef80ac620c9059271a5a 163338707cbe4c72b18d1058a42c5c78 + 5c6b1e7c7c9e8e4a8d8fdc30dfc11bea ff1012687828ecaac6c9ca86ea0f895e + a203f25eb11d4c6afa841dfcf7cd0be0 b6c71e38ca914c460926ef90db39dba0 + b38255d031d026c258a0a41a9a75d46a adccca5e5ffa3a7625144a345713aef0 + cd423b38b73e42ce5894405e6d0e08c0 b460ad2e370a0386726d6ea46e7b0bac + 503b81de72cb3ef87d9346a850040000 369c290a464a6b88bfd9d1c4755afd42 + a8a9343efca528f2bf23a972be49dd66 e366b5226bfe3fd0010fa814aae3b996 + 4cad7e80124c2cd447131bae377e60f6 4a0fd2f054e1b08cad0de2dc6aa93246 + 8a23c85e3337da2c97d498f806870fa8 8d14e1f055fd9bec7d07cf0e8baae042 + 7f6954b0dc373028ab3b030aaf44dd58 d220164c3898435a946de6bcbb478cc4 + 566af7ea88ba4ff87fd868e858cf98ea a5405832235e8f601516f9c49767bdac + 1bd5b4dc6b54e5ca92ba67d20bf65740 59da30e203bf73840e38e108b83ddb82 + e516924c2cdf3114f10f2f0e1bdabbc6 b55dd27222a39764222838007e749984 + 190ae9f81b86a5a024e3b97ee2a7121c 469660843a9a9e507d0fb43e92029296 + e6e600bc063aad12f6387beef650c48a 3097be5c3a52a2f00747587add01b550 + } + set textkey 0 + } +} { + reset_db + load_static_extension db zonefile + set nFile 100 + eval $code -do_execsql_test 1.2 { - CREATE VIRTUAL TABLE gg USING zonefile; -} -for {set i 0} {$i < $nFile} {incr i} { - do_execsql_test 1.2.$i { - INSERT INTO gg_files(filename, ekey) - VALUES('test' || $i || '.zonefile', k($i)); + do_execsql_test 1.$tn.0 { + CREATE TABLE zz(k INTEGER PRIMARY KEY, frame INTEGER, idx INTEGER, v BLOB); + CREATE TABLE rr(k INTEGER PRIMARY KEY, v); + } + do_test 1.$tn.1 { + for {set i 0} {$i < $nFile} {incr i} { + set k [lindex $K [expr $i % [llength $K]]] + execsql { + DELETE FROM zz; + INSERT INTO zz VALUES($i*10+1, 1, -1, randomblob(100)); + INSERT INTO zz VALUES($i*10+2, 2, -1, randomblob(100)); + INSERT INTO zz VALUES($i*10+3, 1, -1, randomblob(100)); + INSERT INTO rr SELECT k,v FROM zz; + + WITH p(n,v) AS ( + VALUES('encryptionType', 'xor') UNION ALL + VALUES('debugEncryptionKeyText', $textkey) UNION ALL + VALUES('encryptionKey', $k) + ) + SELECT zonefile_write('test' || $i || '.zonefile', 'zz', + json_group_object(n, v) + ) FROM p; + } + } + } {} + + proc k {i} { + set val [lindex $::K [expr $i % [llength $::K]]] + if {$::textkey==0} { + return [binary decode hex $val] + } + return $val + } + db func k k + + do_execsql_test 1.$tn.2 { + CREATE VIRTUAL TABLE gg USING zonefile; + } + for {set i 0} {$i < $nFile} {incr i} { + do_execsql_test 1.$tn.2.$i { + INSERT INTO gg_files(filename, ekey) + VALUES('test' || $i || '.zonefile', k($i)); + SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v!=gg.v; + } 0 + } + + db close + sqlite3 db test.db + load_static_extension db zonefile + db func k k + + do_catchsql_test 1.$tn.3 { SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v!=gg.v; - } 0 -} - -db close -sqlite3 db test.db -load_static_extension db zonefile -db func k k - -do_catchsql_test 1.3 { - SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v!=gg.v; -} {1 {missing encryption key for file "test0.zonefile"}} -do_execsql_test 1.4 { - UPDATE gg_files SET ekey = 'braking' WHERE filename='test0.zonefile'; -} -do_catchsql_test 1.5 { - SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v!=gg.v; -} {1 {missing encryption key for file "test1.zonefile"}} - -do_execsql_test 1.6 { - UPDATE gg_files SET ekey = k(rowid-1); -} -do_execsql_test 1.7 { - SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v!=gg.v; -} {0} -do_execsql_test 1.8 { - SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v==gg.v; -} {300} - -forcedelete test.db2 -do_execsql_test 1.9.1 { - ATTACH 'test.db2' AS maing; - CREATE VIRTUAL TABLE maing.g USING zonefile; - INSERT INTO g_files(filename) SELECT filename FROM gg_files; + } {1 {missing encryption key for file "test0.zonefile"}} + do_execsql_test 1.$tn.4 { + UPDATE gg_files SET ekey = k(0) WHERE filename='test0.zonefile'; + } + do_execsql_test 1.$tn.4.2 { + SELECT count(*) FROM rr JOIN gg USING(k) + WHERE rr.v==gg.v AND k IN (1,2,3); + } {3} + do_catchsql_test 1.5 { + SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v!=gg.v; + } {1 {missing encryption key for file "test1.zonefile"}} + + do_execsql_test 1.$tn.6 { + UPDATE gg_files SET ekey = k(rowid-1); + } + do_execsql_test 1.$tn.7 { + SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v!=gg.v; + } {0} + do_execsql_test 1.$tn.8 { + SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v==gg.v; + } {300} + + forcedelete test.db2 + do_execsql_test 1.$tn.9.1 { + ATTACH 'test.db2' AS maing; + CREATE VIRTUAL TABLE maing.g USING zonefile; + INSERT INTO g_files(filename) SELECT filename FROM gg_files; + } + do_catchsql_test 1.$tn.9.2 { + SELECT count(*) FROM rr JOIN g USING(k) WHERE rr.v!=g.v; + } {1 {missing encryption key for file "test0.zonefile"}} + do_execsql_test 1.$tn.9.3 { + UPDATE g_files SET ekey = k(rowid-1); + SELECT count(*) FROM rr JOIN g USING(k) WHERE rr.v==g.v; + } {300} + + do_execsql_test 1.$tn.10 { + SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v==gg.v; + } {300} } -do_catchsql_test 1.9.2 { - SELECT count(*) FROM rr JOIN g USING(k) WHERE rr.v!=g.v; -} {1 {missing encryption key for file "test0.zonefile"}} -do_execsql_test 1.9.3 { - UPDATE g_files SET ekey = k(rowid-1); - SELECT count(*) FROM rr JOIN g USING(k) WHERE rr.v==g.v; -} {300} - -do_execsql_test 1.10 { - SELECT count(*) FROM rr JOIN gg USING(k) WHERE rr.v==gg.v; -} {300} #------------------------------------------------------------------------- reset_db @@ -125,10 +165,11 @@ foreach {tn alg id} { do_catchsql_test 2.1.$tn { WITH p(n,v) AS ( VALUES('encryptionType', $alg) UNION ALL + VALUES('debugEncryptionKeyText', 1) UNION ALL VALUES('encryptionKey', 'secret') ) SELECT zonefile_write('test' || $i || '.zonefile', 'zz', - json_group_object(n, v) + json_group_object(n, v) ) FROM p; } "1 {unsupported encryption method: $id}" } @@ -139,10 +180,11 @@ foreach {tn alg} { do_catchsql_test 2.1.$tn { WITH p(n,v) AS ( VALUES('encryptionType', $alg) UNION ALL + VALUES('debugEncryptionKeyText', 1) UNION ALL VALUES('encryptionKey', 'secret') ) SELECT zonefile_write('test' || $i || '.zonefile', 'zz', - json_group_object(n, v) + json_group_object(n, v) ) FROM p; } "1 {unknown encryption method: $alg}" } @@ -155,19 +197,19 @@ foreach {tn alg} { # proc hash {zDb zTab iFile} { binary scan $zDb c* A - binary scan $zTab c* B - set h 0 - foreach i $A { set h [expr ($h + ($h << 3) + $i) & 0xFFFFFFFF] } + binary scan $zTab c* B + set h 0 + foreach i $A { set h [expr ($h + ($h << 3) + $i) & 0xFFFFFFFF] } foreach i $B { set h [expr ($h + ($h << 3) + $i) & 0xFFFFFFFF] } return [expr $h ^ $iFile] } do_test 3.0 { set h1 [expr [hash main zone 1] % 512] - for {set i 0} {1} {incr i} { - set h2 [expr [hash "aux$i" zone 1] % 512] - if {$h1==$h2} break - } + for {set i 0} {1} {incr i} { + set h2 [expr [hash "aux$i" zone 1] % 512] + if {$h1==$h2} break + } set i } 52 @@ -180,6 +222,7 @@ do_execsql_test 3.1 { INSERT INTO zz VALUES(222, -1, -1, randomblob(60)); WITH p(n,v) AS ( VALUES('encryptionType', 'xor') UNION ALL + VALUES('debugEncryptionKeyText', 1) UNION ALL VALUES('encryptionKey', 'pass') ) SELECT zonefile_write('test1.zonefile', 'zz', @@ -190,6 +233,7 @@ do_execsql_test 3.1 { INSERT INTO zz VALUES(333, -1, -1, randomblob(80)); WITH p(n,v) AS ( VALUES('encryptionType', 'xor') UNION ALL + VALUES('debugEncryptionKeyText', 1) UNION ALL VALUES('encryptionKey', 'pass') ) SELECT zonefile_write('test2.zonefile', 'zz', diff --git a/ext/zonefile/zonefilefault.test b/ext/zonefile/zonefilefault.test index acd6373561..fafdf73e2f 100644 --- a/ext/zonefile/zonefilefault.test +++ b/ext/zonefile/zonefilefault.test @@ -34,7 +34,9 @@ do_faultsim_test 1.1 -faults oom* -prep { } -body { execsql { SELECT zonefile_write('test.zonefile', 'tt', - '{"encryptionType":"xor", "encryptionKey":"secret"}' + '{"encryptionType":"xor", "encryptionKey":"secret", + "debugEncryptionKeyText":1 + }' ); } } -test { @@ -118,7 +120,9 @@ if {$HAVE_ZSTD} { # do_execsql_test 2.0 { SELECT zonefile_write('test.zonefile', 'tt', - '{"encryptionType":"xor", "encryptionKey":"secret"}' + '{"encryptionType":"xor", "encryptionKey":"secret", + "debugEncryptionKeyText":1 + }' ); CREATE VIRTUAL TABLE zz USING zonefile; } {{}} @@ -205,11 +209,16 @@ do_faultsim_test 4.1 -faults oom* -prep { if {$HAVE_ZSTD} { set params { {"encryptionType":"xor","encryptionKey":"pass", - "compressionTypeContent":"zstd_global_dict" + "compressionTypeContent":"zstd_global_dict", + "debugEncryptionKeyText":1 } } } else { - set params { {"encryptionType":"xor","encryptionKey":"pass" } } + set params { + {"encryptionType":"xor","encryptionKey":"pass", + "debugEncryptionKeyText":1 + } + } } do_execsql_test 4.2 { SELECT zonefile_write('test.zonefile', 'zz', $params); diff --git a/manifest b/manifest index 561b6d506d..cdeaf7f224 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Add\sextra\sparameter\sto\szonefileCodecCreate()\sto\sindicate\swhether\sthe\snew\nobject\swill\sbe\sused\sfor\smock-encryption\sor\smock-decryption. -D 2018-02-26T07:58:39.046 +C Have\sthe\szonefile\sextension\suse\sbinary\sinstead\sof\stext\skeys. +D 2018-02-27T14:26:33.798 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F Makefile.in a2d2fb8d17c39ab5ec52beb27850b903949080848236923f436156b72a958737 @@ -408,11 +408,11 @@ F ext/session/test_session.c eb0bd6c1ea791c1d66ee4ef94c16500dad936386 F ext/userauth/sqlite3userauth.h 7f3ea8c4686db8e40b0a0e7a8e0b00fac13aa7a3 F ext/userauth/user-auth.txt e6641021a9210364665fe625d067617d03f27b04 F ext/userauth/userauth.c 3410be31283abba70255d71fd24734e017a4497f -F ext/zonefile/README.md df86ef5b4f9aa8b07e1c8124b3f2dcea616927385aad59d525b784f0a06d446c -F ext/zonefile/zonefile.c 4af6b26c047f6510816536e7423cc5fa61b28c9ad77d83bf0648637de9d67441 -F ext/zonefile/zonefile1.test 79ac1a99674b986dab6ce5e8bf342e9585cd7fd02406ea223c969624b93dd46f -F ext/zonefile/zonefileenc.test 10e770105edeff6a05df6be8db5481eaa8fcda2422ec5446ad21b34ed70d02d7 -F ext/zonefile/zonefilefault.test 6f0b10364972981380de65e8665b7a8f882a70ec7ee188695fe199f2851e180e +F ext/zonefile/README.md 5beb84b8f8326d23319003d57d88be88759fdc3296071a2c5f13c0209703738a +F ext/zonefile/zonefile.c b83136e629c6768e9ff06bb37ae7d102b5b267f8ff5d9481bd65dc87d7f2d483 +F ext/zonefile/zonefile1.test 57170e948447868c19786afe9e55e0c65a2c9c69b7e3b27dc508f17ab6fc9202 +F ext/zonefile/zonefileenc.test 7bc183b3ebbb6fca761cdc93df5a9686e67fda0632d3e9cf1372188ad418108a +F ext/zonefile/zonefilefault.test 1574e70ad816982f27d6f51da32a133f62064d56a668c0d00189d17defb4f0ad F install-sh 9d4de14ab9fb0facae2f48780b874848cbf2f895 x F ltmain.sh 3ff0879076df340d2e23ae905484d8c15d5fdea8 F magic.txt 8273bf49ba3b0c8559cb2774495390c31fd61c60 @@ -1712,7 +1712,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 1764ade22b52eba0226ae2e6e837a1b0967023eabd7d50e9f87c5e7042ea2f12 -R c1770a6f91e4d8e969767de9b3f750ba +P 231832c4cb15862e61dfcc00fba9ab78ca7e2442a0d4aa1a98a191f5f8b4cff3 +R cf22e181dbe1916f9e1eef490351edef U dan -Z 4642b01a17023ca2ce0927319db5bcf7 +Z 5f06773d3ebf0b974cf6c0e07502aa1f diff --git a/manifest.uuid b/manifest.uuid index 4aac7ba5f7..a92c920400 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -231832c4cb15862e61dfcc00fba9ab78ca7e2442a0d4aa1a98a191f5f8b4cff3 \ No newline at end of file +39a4267fc9cec77fd8d9be25c73b848e77a68906253cc75d61fe90e549bafa27 \ No newline at end of file