Fix issue #226: raw key+salt not handled properly

utelle · utelle · commit ea29ea4ec0aa · 2026-02-15T15:05:08.000+01:00
In case a database is encrypted with the _SQLCipher_ scheme using _raw key and salt material_ and the _plaintext header_ feature, opening an existing database failed. The reason was that the salt part was erroneously ignored on reading the raw key and salt material. This has been fixed.

The same fix has been applied to other cipher schemes, namely AEGIS, Ascon, and ChaCha20. Actually, this fix is currently not absolutely required for these schemes, because the salt is only used for key derivation, which is not performed when raw key and salt material is used. However, behaviour of the schemes may change in the future.
diff --git a/src/cipher_aegis.c b/src/cipher_aegis.c
@@ -262,6 +262,8 @@ GenerateKeyAegisCipher(void* cipher, char* userPassword, int passwordLength, int
   else
   {
     memcpy(aegisCipher->m_salt, cipherSalt, SALTLENGTH_AEGIS);
+    if (aegisCipher->m_plaintextHeaderSize > 0)
+      keyOnly = 0;
   }
 
   /* Bypass key derivation, if raw key (and optionally salt) are given */
diff --git a/src/cipher_ascon.c b/src/cipher_ascon.c
@@ -131,6 +131,8 @@ GenerateKeyAscon128Cipher(void* cipher, char* userPassword, int passwordLength,
   else
   {
     memcpy(ascon128Cipher->m_salt, cipherSalt, SALTLENGTH_ASCON128);
+    if (ascon128Cipher->m_plaintextHeaderSize > 0)
+      keyOnly = 0;
   }
 
   /* Bypass key derivation, if raw key (and optionally salt) are given */
diff --git a/src/cipher_chacha20.c b/src/cipher_chacha20.c
@@ -157,6 +157,8 @@ GenerateKeyChaCha20Cipher(void* cipher, char* userPassword, int passwordLength,
   else
   {
     memcpy(chacha20Cipher->m_salt, cipherSalt, SALTLENGTH_CHACHA20);
+    if (chacha20Cipher->m_plaintextHeaderSize > 0)
+      keyOnly = 0;
   }
 
   /* Bypass key derivation, if raw key (and optionally salt) are given */
diff --git a/src/cipher_sqlcipher.c b/src/cipher_sqlcipher.c
@@ -252,6 +252,8 @@ GenerateKeySQLCipherCipher(void* cipher, char* userPassword, int passwordLength,
   else
   {
     memcpy(sqlCipherCipher->m_salt, cipherSalt, SALTLENGTH_SQLCIPHER);
+    if (sqlCipherCipher->m_plaintextHeaderSize > 0)
+      keyOnly = 0;
   }
 
   /* Bypass key derivation, if raw key (and optionally salt) are given */

Original file line number	Diff line number	Diff line change
`@@ -262,6 +262,8 @@ GenerateKeyAegisCipher(void* cipher, char* userPassword, int passwordLength, int`
`262`	`262`	`else`
`263`	`263`	`{`
`264`	`264`	`memcpy(aegisCipher->m_salt, cipherSalt, SALTLENGTH_AEGIS);`
	`265`	`+ if (aegisCipher->m_plaintextHeaderSize > 0)`
	`266`	`+ keyOnly = 0;`
`265`	`267`	`}`
`266`	`268`
`267`	`269`	`/* Bypass key derivation, if raw key (and optionally salt) are given */`
Original file line number	Diff line number	Diff line change
`@@ -131,6 +131,8 @@ GenerateKeyAscon128Cipher(void* cipher, char* userPassword, int passwordLength,`
`131`	`131`	`else`
`132`	`132`	`{`
`133`	`133`	`memcpy(ascon128Cipher->m_salt, cipherSalt, SALTLENGTH_ASCON128);`
	`134`	`+ if (ascon128Cipher->m_plaintextHeaderSize > 0)`
	`135`	`+ keyOnly = 0;`
`134`	`136`	`}`
`135`	`137`
`136`	`138`	`/* Bypass key derivation, if raw key (and optionally salt) are given */`
Original file line number	Diff line number	Diff line change
`@@ -157,6 +157,8 @@ GenerateKeyChaCha20Cipher(void* cipher, char* userPassword, int passwordLength,`
`157`	`157`	`else`
`158`	`158`	`{`
`159`	`159`	`memcpy(chacha20Cipher->m_salt, cipherSalt, SALTLENGTH_CHACHA20);`
	`160`	`+ if (chacha20Cipher->m_plaintextHeaderSize > 0)`
	`161`	`+ keyOnly = 0;`
`160`	`162`	`}`
`161`	`163`
`162`	`164`	`/* Bypass key derivation, if raw key (and optionally salt) are given */`
Original file line number	Diff line number	Diff line change
`@@ -252,6 +252,8 @@ GenerateKeySQLCipherCipher(void* cipher, char* userPassword, int passwordLength,`
`252`	`252`	`else`
`253`	`253`	`{`
`254`	`254`	`memcpy(sqlCipherCipher->m_salt, cipherSalt, SALTLENGTH_SQLCIPHER);`
	`255`	`+ if (sqlCipherCipher->m_plaintextHeaderSize > 0)`
	`256`	`+ keyOnly = 0;`
`255`	`257`	`}`
`256`	`258`
`257`	`259`	`/* Bypass key derivation, if raw key (and optionally salt) are given */`