Fix encoding of key material from modified UTF-8 to UTF-8

Author: developernotes

jni/net_sqlcipher_database_SQLiteDatabase.cpp

@@ -31,27 +31,13 @@
 #include "sqlite3_exception.h"
 #include "sqlcipher_loading.h"
 
-// #include <utils/Log.h>
-// #include <JNIHelp.h>
-// #include <android_runtime/AndroidRuntime.h>
-// #include <sqlite3_android.h>
-// #include <utils/Log.h>
-// #include <utils/threads.h>
-// #include <utils/List.h>
-// #include <utils/Errors.h>
-// #include <unicode/utypes.h>
-// #include <unicode/ucnv.h>
-// #include <unicode/ucnv_err.h>
-
 #define UTF16_STORAGE 0
 #define INVALID_VERSION -1
 #define SQLITE_SOFT_HEAP_LIMIT (4 * 1024 * 1024)
 #define ANDROID_TABLE "android_metadata"
 /* uncomment the next line to force-enable logging of all statements */
 // #define DB_LOG_STATEMENTS
 
-
-
 namespace sqlcipher {
 
 
@@ -107,7 +93,42 @@ namespace sqlcipher {
     return value;
   }
 
-  void native_key_char(JNIEnv* env, jobject object, jcharArray jKey) {
+  void native_key(JNIEnv* env, jobject object, jbyteArray jKey) {
+    int rc = 0;
+    int index = 0;
+    jsize size = 0;
+    jbyte *key = 0;
+    sqlite3 *handle = NULL;
+    handle = (sqlite3 *)env->GetIntField(object, offset_db_handle);
+    key = env->GetByteArrayElements(jKey, NULL);
+    size = env->GetArrayLength(jKey);
+    if(key == NULL || size == 0) goto done;
+    rc = sqlite3_key(handle, key, size);
+    if(rc != SQLITE_OK) {
+      throw_sqlite3_exception(env, handle);
+    }
+  done:
+    if(key) env->ReleaseByteArrayElements(jKey, key, JNI_ABORT);
+  }
+
+  void native_rekey(JNIEnv* env, jobject object, jbyteArray jKey) {
+    int rc = 0;
+    jsize size = 0;
+    jbyte *key = 0;
+    sqlite3 *handle = NULL;
+    handle = (sqlite3 *)env->GetIntField(object, offset_db_handle);
+    key = env->GetByteArrayElements(jKey, NULL);
+    size = env->GetArrayLength(jKey);
+    if(key == NULL || size == 0) goto done;
+    rc = sqlite3_rekey(handle, key, size);
+    if(rc != SQLITE_OK) {
+      throw_sqlite3_exception(env, handle);
+    }
+  done:
+    if(key) env->ReleaseByteArrayElements(jKey, key, JNI_ABORT);
+  }
+
+  void native_key_mutf8(JNIEnv* env, jobject object, jcharArray jKey) {
     int rc;
     int idx;
     jint releaseElements = 0;
@@ -126,21 +147,7 @@ namespace sqlcipher {
     }
     env->ReleaseStringUTFChars(key, password);
   }
-
-  void native_rekey_str(JNIEnv* env, jobject object, jstring jKey) {
-    sqlite3 * handle = (sqlite3 *)env->GetIntField(object, offset_db_handle);
-    char const * key = env->GetStringUTFChars(jKey, NULL);
-    jsize keyLen = env->GetStringUTFLength(jKey);
-
-    if ( keyLen > 0 ) {
-      int status = sqlite3_rekey(handle, key, keyLen);
-      if ( status != SQLITE_OK ) {
-        throw_sqlite3_exception(env, handle);
-      }
-    }
-    env->ReleaseStringUTFChars(jKey, key);
-  }
-
+    
   void native_rawExecSQL(JNIEnv* env, jobject object, jstring sql)
   {
     sqlite3 * handle = (sqlite3 *)env->GetIntField(object, offset_db_handle);
@@ -523,15 +530,13 @@ namespace sqlcipher {
       {"native_execSQL", "(Ljava/lang/String;)V", (void *)native_execSQL},
       {"lastInsertRow", "()J", (void *)lastInsertRow},
       {"lastChangeCount", "()I", (void *)lastChangeCount},
-      // {"native_setLocale", "(Ljava/lang/String;I)V", (void *)native_setLocale},
       {"native_getDbLookaside", "()I", (void *)native_getDbLookaside},
       {"releaseMemory", "()I", (void *)native_releaseMemory},
-      // {"setICURoot", "(Ljava/lang/String;)V", (void *)setICURoot},
       {"native_rawExecSQL", "(Ljava/lang/String;)V", (void *)native_rawExecSQL},
       {"native_status", "(IZ)I", (void *)native_status},
-      {"native_key", "([C)V", (void *)native_key_char},
-      // {"native_rekey", "([C)V", (void *)native_rekey_char},
-      {"native_rekey", "(Ljava/lang/String;)V", (void *)native_rekey_str},
+      {"key_mutf8", "([C)V", (void *)native_key_mutf8},
+      {"key", "([B)V", (void *)native_key},
+      {"rekey", "([B)V", (void *)native_rekey},
     };
 
   int register_android_database_SQLiteDatabase(JNIEnv *env)

src/net/sqlcipher/database/SQLiteDatabase.java

@@ -29,6 +29,10 @@
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
+import java.nio.ByteBuffer;
+import java.nio.CharBuffer;
+import java.nio.charset.Charset;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -54,6 +58,8 @@
 import android.util.Log;
 import android.util.Pair;
 
+import java.io.UnsupportedEncodingException;
+
 /**
  * Exposes methods to manage a SQLCipher database.
  * <p>SQLiteDatabase has methods to create, delete, execute SQL commands, and
@@ -68,6 +74,7 @@ public class SQLiteDatabase extends SQLiteClosable {
     private static final String TAG = "Database";
     private static final int EVENT_DB_OPERATION = 52000;
     private static final int EVENT_DB_CORRUPT = 75004;
+    private static final String KEY_ENCODING = "UTF-8";
 
   /**
    * The version number of the SQLCipher for Android Java client library.
@@ -101,7 +108,11 @@ public void changePassword(String password) throws SQLiteException {
             throw new SQLiteException("database not open");
         }
         if (password != null) {
-            native_rekey(password);
+          byte[] keyMaterial = getBytes(password.toCharArray());
+          rekey(keyMaterial);
+          for(byte data : keyMaterial) {
+            data = 0;
+          }
         }
     }
 
@@ -122,8 +133,12 @@ public void changePassword(char[] password) throws SQLiteException {
             throw new SQLiteException("database not open");
         }
         if (password != null) {
-            native_rekey(String.valueOf(password));
-        }
+          byte[] keyMaterial = getBytes(password);
+          rekey(keyMaterial);
+          for(byte data : keyMaterial) {
+            data = 0;
+          }
+        }     
     }
 
     private static void loadICUData(Context context, File workingDir) {
@@ -2332,41 +2347,94 @@ private SQLiteDatabase(String path, CursorFactory factory, int flags, DatabaseEr
         mErrorHandler = errorHandler;
     }
 
-    private void openDatabaseInternal(char[] password, SQLiteDatabaseHook databaseHook) {
-        dbopen(mPath, mFlags);
-
-        if(databaseHook != null) {
-            databaseHook.preKey(this);
+  private void openDatabaseInternal(final char[] password, SQLiteDatabaseHook hook) {
+    boolean shouldCloseConnection = true;
+    final byte[] keyMaterial = getBytes(password);
+    dbopen(mPath, mFlags);
+    try {
+      
+      keyDatabase(hook, new Runnable() {
+          public void run() {
+            if(keyMaterial != null && keyMaterial.length > 0) {
+              key(keyMaterial);
+            }
+          }
+        });
+      shouldCloseConnection = false;
+      
+    } catch(RuntimeException ex) {
+
+      if(containsNull(password)) {
+        keyDatabase(hook, new Runnable() {
+            public void run() {
+              if(password != null) {
+                key_mutf8(password);
+              }
+            }
+          });
+        if(keyMaterial != null && keyMaterial.length > 0) {
+          rekey(keyMaterial);
         }
+        shouldCloseConnection = false;
+      } else {
+        throw ex;
+      }
 
-        if(password != null){
-          native_key(password);
+    } finally {
+      if(shouldCloseConnection) {
+        dbclose();
+        if (SQLiteDebug.DEBUG_SQL_CACHE) {
+          mTimeClosed = getTime();
         }
-
-        if(databaseHook != null){
-            databaseHook.postKey(this);
+      }
+      if(keyMaterial != null && keyMaterial.length > 0) {
+        for(byte data : keyMaterial) {
+          data = 0;
         }
+      }
+    }
+    
+  }
 
-        if (SQLiteDebug.DEBUG_SQL_CACHE) {
-            mTimeOpened = getTime();
-        }
-        try {
-          Cursor cursor = rawQuery("select count(*) from sqlite_master;", new String[]{});
-          if(cursor != null){
-            cursor.moveToFirst();
-            int count = cursor.getInt(0);
-            cursor.close();
-          }
-          //setLocale(Locale.getDefault());
-        } catch (RuntimeException e) {
-            Log.e(TAG, "Failed to setLocale() when constructing, closing the database", e);
-            dbclose();
-            if (SQLiteDebug.DEBUG_SQL_CACHE) {
-                mTimeClosed = getTime();
-            }
-            throw e;
+  private boolean containsNull(char[] data) {
+    char defaultValue = '\u0000';
+    boolean status = false;
+    if(data != null && data.length > 0) {
+      for(char datum : data) {
+        if(datum == defaultValue) {
+          status = true;
+          break;
         }
+      }
+    }
+    return status;
+  }
+  
+  private void keyDatabase(SQLiteDatabaseHook databaseHook, Runnable keyOperation) {
+    if(databaseHook != null) {
+      databaseHook.preKey(this);
+    }
+    if(keyOperation != null){
+      keyOperation.run();
+    }
+    if(databaseHook != null){
+      databaseHook.postKey(this);
     }
+    if (SQLiteDebug.DEBUG_SQL_CACHE) {
+      mTimeOpened = getTime();
+    }
+    try {
+      Cursor cursor = rawQuery("select count(*) from sqlite_master;", new String[]{});
+      if(cursor != null){
+        cursor.moveToFirst();
+        int count = cursor.getInt(0);
+        cursor.close();
+      }
+    } catch (RuntimeException e) {
+      Log.e(TAG, e.getMessage(), e);
+      throw e;
+    }
+  }
 
     private String getTime() {
         return new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS ").format(System.currentTimeMillis());
@@ -2761,6 +2829,15 @@ private static ArrayList<Pair<String, String>> getAttachedDbs(SQLiteDatabase dbO
         return attachedDbs;
     }
 
+    private byte[] getBytes(char[] data) {
+      if(data == null || data.length == 0) return null;
+      CharBuffer charBuffer = CharBuffer.wrap(data);
+      ByteBuffer byteBuffer = Charset.forName(KEY_ENCODING).encode(charBuffer);
+      byte[] result =  new byte[byteBuffer.limit()];
+      byteBuffer.get(result);
+      return result;
+    }
+
     /**
      * Sets the root directory to search for the ICU data file
      */
@@ -2836,4 +2913,8 @@ private static ArrayList<Pair<String, String>> getAttachedDbs(SQLiteDatabase dbO
     private native void native_key(char[] key) throws SQLException;
 
     private native void native_rekey(String key) throws SQLException;
+
+  private native void key(byte[] key) throws SQLException;
+  private native void key_mutf8(char[] key) throws SQLException;
+  private native void rekey(byte[] key) throws SQLException;
 }