plaintext_header_size doesn't applied with sqlcipher

[h8leet]

I'm using SQLite3MultipleCiphers compiled (from amalgamation) for sqlite-jdbc on Android.

When I apply plaintext_header_size in uri jdbc:sqlite:file:<file_path>?plaintext_header_size=32 it's doesn't effect to real new database file:

hexdump -C -n 32 file.db
00000000  cb 2a 85 13 80 8a d0 c7  26 24 8f c9 00 cf d9 38  |.*......&$.....8|
00000010  10 00 02 02 50 40 20 20  2e 0f 4f 0a 83 05 66 01  |....P@  ..O...f.|

The sql query SELECT sqlite3mc_config('sqlcipher', 'plaintext_header_size') returns value is 32 as set in URI.

Also I'm try set value of plaintext_header_size in source file and it's doesn't effect to the database file too.

SQLITE_PRIVATE CipherParams mcSQLCipherParams[] =
{
  { "legacy",                SQLCIPHER_LEGACY_DEFAULT,   SQLCIPHER_LEGACY_DEFAULT,   0, SQLCIPHER_VERSION_MAX },
...
  { "plaintext_header_size", 32,                          32                          0, 100 /* restrict to db header size */ },
  CIPHER_PARAMS_SENTINEL
};

Compile options:

	    -DSQLITE_ENABLE_LOAD_EXTENSION=1 \
	    -DSQLITE_HAVE_ISNAN \
	    -DHAVE_USLEEP=1 \
	    -DSQLITE_ENABLE_COLUMN_METADATA \
	    -DSQLITE_CORE \
	    -DSQLITE_ENABLE_FTS3 \
	    -DSQLITE_ENABLE_FTS3_PARENTHESIS \
	    -DSQLITE_ENABLE_FTS5 \
	    -DSQLITE_ENABLE_RTREE \
	    -DSQLITE_ENABLE_PERCENTILE \
	    -DSQLITE_ENABLE_STAT4 \
	    -DSQLITE_ENABLE_DBSTAT_VTAB \
	    -DSQLITE_ENABLE_MATH_FUNCTIONS \
	    -DSQLITE_THREADSAFE=1 \
	    -DSQLITE_DEFAULT_MEMSTATUS=0 \
	    -DSQLITE_DEFAULT_FILE_PERMISSIONS=0666 \
	    -DSQLITE_MAX_VARIABLE_NUMBER=250000 \
	    -DSQLITE_MAX_MMAP_SIZE=1099511627776 \
	    -DSQLITE_MAX_LENGTH=2147483647 \
	    -DSQLITE_MAX_COLUMN=32767 \
	    -DSQLITE_MAX_SQL_LENGTH=1073741824 \
	    -DSQLITE_MAX_FUNCTION_ARG=127 \
	    -DSQLITE_MAX_ATTACHED=125 \
	    -DSQLITE_MAX_PAGE_COUNT=4294967294 \
	    -DSQLITE_DISABLE_PAGECACHE_OVERFLOW_STATS \
	    -DHAVE_CIPHER_AES_128_CBC=0 \
	    -DHAVE_CIPHER_AES_256_CBC=0 \
	    -DHAVE_CIPHER_SQLCIPHER=1 \
	    -DHAVE_CIPHER_CHACHA20=0 \
	    -DHAVE_CIPHER_RC4=0 \
	    -DHAVE_CIPHER_ASCON128=0 \
	    -DHAVE_CIPHER_AEGIS=0 \
	    -DCODEC_TYPE=CODEC_TYPE_SQLCIPHER \
	    -DSQLITE_TEMP_STORE=2 \

UPD:
The oldest version (2.0.0) that which I was able to compile has the same behavior

UPD2:
When I change key set up from pragma key = <key> to URI syntax jdbc:sqlite:file:<file_path>?plaintext_header_size=32&cipher_salt=61e5f19e244fedfc8cb6e531536d37f4&key=1 the database file header still contains the salt I passed:

hexdump -C -n 16 saferep.db
00000000  61 e5 f1 9e 24 4f ed fc  8c b6 e5 31 53 6d 37 f4   |a...$O.....1Sm7.|

[utelle]

Which version of SQLite3 Multiple Ciphers are you actually using? For example, all versions below version 2.2.1 required to specify the URI parameter cipher=sqlcipher explicitly when configuring the cipher scheme via URI parameters, otherwise cipher related URI parameters were silently ignored. This behaviour changed in version 2.2.1 - starting with that version the default cipher was used, if the cipher parameter was not specified.

[h8leet]

My actual version is 2.3.3.

Version 2.0.0 with URI ?cipher=sqlcipher&plaintext_header_size=32&cipher_salt=61e5f19e244fedfc8cb6e531536d37f4&key=1 also create database with salt in header.

Builds without my additional compile cipher options (exclude all except sqlcipher) doesn't help too on both versions (2.0.0, 2.3.3).

UPD:
I'm check the chacha20 encryption on version 2.3.3 and bug doesn't reproduce.
When I set URI ?plaintext_header_size=32 the database header is plain regardless of how I transfer the key, through URI or PRAGMA key=.

hexdump -C -n 32 saferep.db
00000000  53 51 4c 69 74 65 20 66  6f 72 6d 61 74 20 33 00  |SQLite format 3.|
00000010  10 00 02 02 20 40 20 20  00 00 00 03 00 00 00 16  |.... @  ........|

UPD2:
ascon128 and aegis also have a plain header as chacha20. Bug reproduces only with sqlcipher encryption.

UPD3:
I found problem in src/cipher_sqlcipher.c.
When I change three if statements if (sqlCipherCipher->m_legacy >= SQLCIPHER_VERSION_4) to if (sqlCipherCipher->m_legacy == 0 || sqlCipherCipher->m_legacy >= SQLCIPHER_VERSION_4) I got a plain header.

hexdump -C -n 32 saferep.db
00000000  53 51 4c 69 74 65 20 66  6f 72 6d 61 74 20 33 00  |SQLite format 3.|
00000010  10 00 02 02 50 40 20 20  40 e4 8d 83 2f dd 9f bb  |....P@  @.../...|

[utelle]

I can confirm that the plaintext_header_size parameter is ignored for the cipher sqlcipher, unfortunately. And in your UPD3 you already found the reason for this behaviour.

Most people using the cipher sqlcipher want to stay compatible with the original SQLCipher library, and are therefore using the legacy parameter with a value between 1 and 4. The plaintext_header_size parameter was introduced with SQLCipher version 4, therefore the parameter is ignored for versions below 4.

Until now the non-legacy mode of cipher sqlcipher did not support the parameter plaintext_header_size either, but indeed there is no reason to prohibit using this parameter in non-legacy mode. So, I will add support for it in non-legacy mode.

For the time being I'd recommend you use the config parameter legacy=4.