convert page number to little endian before MAC

This commit is contained in:
Stephen Lombardo 2012-07-10 17:11:01 -04:00
parent cc0e8be7a3
commit dbbbb7cca7

View File

@ -473,7 +473,23 @@ void sqlcipher_codec_ctx_free(codec_ctx **iCtx) {
sqlcipher_free(ctx, sizeof(codec_ctx));
}
static inline void sqlcipher_put4byte_le(unsigned char *p, u32 v) {
p[0] = (u8)v;
p[1] = (u8)(v>>8);
p[2] = (u8)(v>>16);
p[3] = (u8)(v>>24);
}
int sqlcipher_page_hmac(cipher_ctx *ctx, Pgno pgno, unsigned char *in, int in_sz, unsigned char *out) {
unsigned char pgno_le[4];
/* convert page number to consistent representation before calculating MAC for
compatibility across big-endian and little-endian platforms.
Note: The public release of sqlcipher 2.0.0 to 2.0.6 had a bug where the bytes of pgno
were used directly in the MAC. So, we convert to little endian instead of big endian, to
preserve backwards compatibility on the most popular platform */
sqlcipher_put4byte_le(pgno_le, pgno);
HMAC_CTX_init(&ctx->hctx);
HMAC_Init_ex(&ctx->hctx, ctx->hmac_key, ctx->key_sz, EVP_sha1(), NULL);
@ -482,7 +498,8 @@ int sqlcipher_page_hmac(cipher_ctx *ctx, Pgno pgno, unsigned char *in, int in_sz
prevent both tampering with the ciphertext, manipulation of the IV, or resequencing otherwise
valid pages out of order in a database */
HMAC_Update(&ctx->hctx, in, in_sz);
HMAC_Update(&ctx->hctx, (const unsigned char*) &pgno, sizeof(Pgno));
HMAC_Update(&ctx->hctx, (const unsigned char*) pgno_le, sizeof(pgno_le));
HMAC_Final(&ctx->hctx, out, NULL);
HMAC_CTX_cleanup(&ctx->hctx);
return SQLITE_OK;