With SQLCipher4 the encryption was not working as expected because the
KDF and HMAC algorithms were not set properly. This is fixed in this
commit so it should work now with SQLCipher4 as well as SQLCipher3.
See issues #1690 and #1732.
This adds three new settings to the cipher dialog: KDF iterations, HMAC
algorithm, and KDF algorithm. To simplify things we also add two presets
for all the encryption settings: SQLCipher3 defaults and SQLCipher4
defaults. The preselected default is chosen depending on the SQLCipher
version which we use.
This should work with any combination of SQLCipher3 and SQLCipher4 and
any database created by either. It should also work with DotEnv files as
expected. Again, the defaults which are used for missing values in the
DotEnv files are chosen depending on the SQLCipher version we use.
* Rename confusing variables
* Fix some project warnings
* Fix code style
* Add constant for the default page size
* Move KeyFormats enum to CipherSettings
* Fix code style
* Fix memory leak
* Stop relying on CipherDialog for encryption settings management
* Fix code style
* Add .env format for QSettings
* Add automatic crypted databases open via dotenvs
This adds support for `.env` files next to the crypted databases that
are to be opened that contains the needed cipher settings.
The only required one is the plain-text password as a value for the key
with the name of the database like this:
myCryptedDatabase.sqlite = MyPassword
This way, databases with a different extension are supported too:
myCryptedDatabase.db = MyPassword
You can also specify a custom page size adding a different line
(anywhere in the file) like this:
myCryptedDatabase.db_pageSize = 2048
If not specified, `1024` is used.
You can also specify the format of the specified key using the
associated integer id:
anotherCryptedDatabase.sqlite = 0xCAFEBABE
anotherCryptedDatabase.sqlite_keyFormat = 1
where `1` means a Raw key. If not specified, `0` is used, which means a
simple text Passphrase.
Dotenv files (`.env`) are already used on other platforms and by
different tools to manage environment variables, and it's recommended
to be ignored from version control systems, so they won't leak.
* Add new files to CMakeLists
* Move DotenvFormat include to the implementation
* Fix build error
* Remove superfluous method
(related to ac51c23)
* Remove superfluous checks
* Fix memory leaks
(introduced by 94bbb46)
* Fix code style
* Make dotenv related variable and comment clearer
* Remove duplicated code
* Remove unused forward declaration
(introduced by e5a0293)
* Make sure only powers of two are entered for the page size
* Replace QSpinBox with QComboBox
Having a QSpinBox didn't make too much sense when we only have 8 valid
values. Forcing the user to type a valid value would have required a
warning message too, along with translations.
Having a QComboBox makes it clear (obviously) what values we are
expecting, without any risk of invalid values or confusion.
* Add thousands separator for page size values
This fixes a regression introduced in d1e3e98006 which makes it
impossible to open encrypted databases with single quote characters in
their passphrase.
See issue #1105.
Add a new menu option to the main window (only visible when built with
the sqlcipher option enabled) which opens a dialog asking for new
encryption settings. These are then applied to a new database to which
all contents of the current one are exported. The old database is then
replaced by the new one.
This adds support for encrypting plaintext databases, decrypting
encrypted databases and changing the password or other settings of
encrypted databases.
If this turns out to work well enough we have functional SQLCipher
encryption support with only details missing.
Fix the sqlcipher build option in the qmake project to actually enable
the SQLCipher support.
Add a new dialog called CipherDialog which is used to ask the user for
the password and other encryption details instead of using standard Qt
input dialogs.
