diff --git a/src/CipherDialog.cpp b/src/CipherDialog.cpp
index 2799f629..6b009619 100644
--- a/src/CipherDialog.cpp
+++ b/src/CipherDialog.cpp
@@ -72,6 +72,7 @@ CipherSettings CipherDialog::getCipherSettings() const
cipherSettings.setKdfIterations(ui->spinKdfIterations->value());
cipherSettings.setHmacAlgorithm("HMAC_" + ui->comboHmacAlgorithm->currentText().toStdString());
cipherSettings.setKdfAlgorithm("PBKDF2_HMAC_" + ui->comboKdfAlgorithm->currentText().toStdString());
+ cipherSettings.setPlaintextHeaderSize(ui->plaintextHeaderSize->value());
return cipherSettings;
}
@@ -113,22 +114,26 @@ void CipherDialog::toggleEncryptionSettings()
ui->spinKdfIterations->setValue(64000);
ui->comboHmacAlgorithm->setCurrentText("SHA1");
ui->comboKdfAlgorithm->setCurrentText("SHA1");
+ ui->plaintextHeaderSize->setValue(0);
ui->comboPageSize->setEnabled(false);
ui->spinKdfIterations->setEnabled(false);
ui->comboHmacAlgorithm->setEnabled(false);
ui->comboKdfAlgorithm->setEnabled(false);
+ ui->plaintextHeaderSize->setEnabled(false);
} else if(ui->radioEncryptionSqlCipher4->isChecked()) {
// SQLCipher4
ui->comboPageSize->setCurrentText(QLocale().toString(4096));
ui->spinKdfIterations->setValue(256000);
ui->comboHmacAlgorithm->setCurrentText("SHA512");
ui->comboKdfAlgorithm->setCurrentText("SHA512");
+ ui->plaintextHeaderSize->setValue(0);
ui->comboPageSize->setEnabled(false);
ui->spinKdfIterations->setEnabled(false);
ui->comboHmacAlgorithm->setEnabled(false);
ui->comboKdfAlgorithm->setEnabled(false);
+ ui->plaintextHeaderSize->setEnabled(false);
} else if(ui->radioEncryptionCustom->isChecked()) {
// Custom
@@ -136,5 +141,6 @@ void CipherDialog::toggleEncryptionSettings()
ui->spinKdfIterations->setEnabled(true);
ui->comboHmacAlgorithm->setEnabled(true);
ui->comboKdfAlgorithm->setEnabled(true);
+ ui->plaintextHeaderSize->setEnabled(true);
}
}
diff --git a/src/CipherDialog.ui b/src/CipherDialog.ui
index 4a4d18ad..00c1d289 100644
--- a/src/CipherDialog.ui
+++ b/src/CipherDialog.ui
@@ -218,6 +218,26 @@
+ -
+
+
+ Plaintext Header Size
+
+
+ plaintextHeaderSize
+
+
+
+ -
+
+
+ 0
+
+
+ 1000000
+
+
+
-
@@ -243,6 +263,7 @@
spinKdfIterations
comboHmacAlgorithm
comboKdfAlgorithm
+ plaintextHeaderSize
diff --git a/src/CipherSettings.cpp b/src/CipherSettings.cpp
index d96d3d89..f7e32155 100644
--- a/src/CipherSettings.cpp
+++ b/src/CipherSettings.cpp
@@ -4,7 +4,8 @@
CipherSettings::CipherSettings()
: keyFormat(Passphrase),
pageSize(0),
- kdfIterations(0)
+ kdfIterations(0),
+ plaintextHeaderSize(0)
{
}
diff --git a/src/CipherSettings.h b/src/CipherSettings.h
index 671ccbd8..54b8ecd4 100644
--- a/src/CipherSettings.h
+++ b/src/CipherSettings.h
@@ -26,6 +26,9 @@ public:
int getKdfIterations() const { return kdfIterations; }
void setKdfIterations(int value) { kdfIterations = value; }
+ int getPlaintextHeaderSize() const { return plaintextHeaderSize; }
+ void setPlaintextHeaderSize(int value) { plaintextHeaderSize = value; }
+
std::string getHmacAlgorithm() const { return hmacAlgorithm; }
void setHmacAlgorithm(const std::string& value) { hmacAlgorithm = value; }
@@ -39,6 +42,7 @@ private:
std::string password;
int pageSize;
int kdfIterations;
+ int plaintextHeaderSize;
std::string hmacAlgorithm;
std::string kdfAlgorithm;
};
diff --git a/src/MainWindow.cpp b/src/MainWindow.cpp
index 52c0b154..65f1cfdd 100644
--- a/src/MainWindow.cpp
+++ b/src/MainWindow.cpp
@@ -2902,6 +2902,8 @@ void MainWindow::editEncryption()
ok = db.executeSQL("PRAGMA sqlitebrowser_edit_encryption.cipher_kdf_algorithm = " + cipherSettings.getKdfAlgorithm(), false, false);
if(ok)
ok = db.executeSQL("PRAGMA sqlitebrowser_edit_encryption.kdf_iter = " + std::to_string(cipherSettings.getKdfIterations()), false, false);
+ if (ok)
+ ok = db.executeSQL("PRAGMA sqlitebrowser_edit_encryption.cipher_plaintext_header_size = " + std::to_string(cipherSettings.getPlaintextHeaderSize()), false, false);
// Export the current database to the new one
qApp->processEvents();
diff --git a/src/sqlitedb.cpp b/src/sqlitedb.cpp
index 13cd38d3..1c9959f2 100644
--- a/src/sqlitedb.cpp
+++ b/src/sqlitedb.cpp
@@ -177,6 +177,7 @@ bool DBBrowserDB::open(const QString& db, bool readOnly)
executeSQL("PRAGMA kdf_iter = " + std::to_string(cipherSettings->getKdfIterations()), false, false);
executeSQL("PRAGMA cipher_hmac_algorithm = " + cipherSettings->getHmacAlgorithm(), false, false);
executeSQL("PRAGMA cipher_kdf_algorithm = " + cipherSettings->getKdfAlgorithm(), false, false);
+ executeSQL("PRAGMA cipher_plaintext_header_size = " + std::to_string(cipherSettings->getPlaintextHeaderSize()), false, false);
}
#endif
delete cipherSettings;
@@ -317,6 +318,11 @@ bool DBBrowserDB::attach(const QString& filePath, QString attach_as)
QMessageBox::warning(nullptr, qApp->applicationName(), lastErrorMessage);
return false;
}
+ if(!executeSQL("PRAGMA cipher_plaintext_header_size = " + std::to_string(cipherSettings->getPlaintextHeaderSize()), false))
+ {
+ QMessageBox::warning(nullptr, qApp->applicationName(), lastErrorMessage);
+ return false;
+ }
}
if(!executeSQL("ATTACH " + sqlb::escapeString(filePath.toStdString()) + " AS " + sqlb::escapeIdentifier(attach_as.toStdString()) + " " + key, false))
@@ -360,6 +366,7 @@ bool DBBrowserDB::tryEncryptionSettings(const QString& filePath, bool* encrypted
QString sqlite_version, sqlcipher_version;
getSqliteVersion(sqlite_version, sqlcipher_version);
int enc_default_page_size, enc_default_kdf_iter;
+ int enc_default_plaintext_header_size = 0;
std::string enc_default_hmac_algorithm, enc_default_kdf_algorithm;
if(sqlcipher_version.startsWith('4'))
{
@@ -423,6 +430,7 @@ bool DBBrowserDB::tryEncryptionSettings(const QString& filePath, bool* encrypted
int pageSize = dotenv.value(databaseFileName + "_pageSize", enc_default_page_size).toInt();
int kdfIterations = dotenv.value(databaseFileName + "_kdfIter", enc_default_kdf_iter).toInt();
+ int plaintextHeaderSize = dotenv.value(databaseFileName + "_plaintextHeaderSize", enc_default_kdf_iter).toInt();
std::string hmacAlgorithm = dotenv.value(databaseFileName + "_hmacAlgorithm", QString::fromStdString(enc_default_hmac_algorithm)).toString().toStdString();
std::string kdfAlgorithm = dotenv.value(databaseFileName + "_kdfAlgorithm", QString::fromStdString(enc_default_kdf_algorithm)).toString().toStdString();
@@ -435,6 +443,7 @@ bool DBBrowserDB::tryEncryptionSettings(const QString& filePath, bool* encrypted
cipherSettings->setKdfIterations(kdfIterations);
cipherSettings->setHmacAlgorithm(hmacAlgorithm);
cipherSettings->setKdfAlgorithm(kdfAlgorithm);
+ cipherSettings->setPlaintextHeaderSize(plaintextHeaderSize);
}
}
@@ -477,6 +486,8 @@ bool DBBrowserDB::tryEncryptionSettings(const QString& filePath, bool* encrypted
sqlite3_exec(dbHandle, ("PRAGMA cipher_hmac_algorithm = " + cipherSettings->getHmacAlgorithm()).c_str(), nullptr, nullptr, nullptr);
if(cipherSettings->getKdfAlgorithm() != enc_default_kdf_algorithm)
sqlite3_exec(dbHandle, ("PRAGMA cipher_kdf_algorithm = " + cipherSettings->getKdfAlgorithm()).c_str(), nullptr, nullptr, nullptr);
+ if(cipherSettings->getPlaintextHeaderSize() != enc_default_plaintext_header_size)
+ sqlite3_exec(dbHandle, ("PRAGMA cipher_plaintext_header_size = " + std::to_string(cipherSettings->getPlaintextHeaderSize())).c_str(), nullptr, nullptr, nullptr);
*encrypted = true;
#else