From 5708754d30ac17d203685a37c25972cbea576eb4 Mon Sep 17 00:00:00 2001 From: Michael Kirk Date: Thu, 10 Jan 2019 09:57:54 -0700 Subject: [PATCH] update to sqlcipher4 --- Podfile | 6 ++--- Podfile.lock | 27 +++++++++-------------- Pods | 2 +- SignalServiceKit/src/Storage/OWSStorage.m | 7 +++++- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/Podfile b/Podfile index c1da5a370..da41b68d3 100644 --- a/Podfile +++ b/Podfile @@ -31,8 +31,7 @@ def shared_pods ### # Includes some soon to be released "unencrypted header" changes required for the Share Extension - pod 'SQLCipher', :git => 'https://github.com/sqlcipher/sqlcipher.git', :commit => 'd5c2bec' - # pod 'SQLCipher', path: '../sqlcipher' + pod 'SQLCipher', ">= 4.0.1" # Forked for performance optimizations that are not likely to be upstreamed as they are specific # to our limited use of Mantle @@ -46,7 +45,8 @@ def shared_pods pod 'SocketRocket', :git => 'https://github.com/signalapp/SocketRocket.git', branch: 'mkirk/handle-sec-err', inhibit_warnings: true # Forked for compatibily with the ShareExtension, changes have an open PR, but have not been merged. - pod 'YapDatabase/SQLCipher', :git => 'https://github.com/signalapp/YapDatabase.git', branch: 'signal-release' + # pod 'YapDatabase/SQLCipher', :git => 'https://github.com/signalapp/YapDatabase.git', branch: 'signal-release' + pod 'YapDatabase/SQLCipher', :git => 'https://github.com/signalapp/YapDatabase.git', branch: 'mkirk/sqlcipher4' # pod 'YapDatabase/SQLCipher', path: '../YapDatabase' # Forked to incorporate our self-built binary artifact. diff --git a/Podfile.lock b/Podfile.lock index 5762fd326..89ece44d9 100644 --- a/Podfile.lock +++ b/Podfile.lock @@ -114,10 +114,10 @@ PODS: - SwiftProtobuf - YapDatabase/SQLCipher - SocketRocket (0.5.1) - - SQLCipher (3.4.2): - - SQLCipher/standard (= 3.4.2) - - SQLCipher/common (3.4.2) - - SQLCipher/standard (3.4.2): + - SQLCipher (4.0.1): + - SQLCipher/standard (= 4.0.1) + - SQLCipher/common (4.0.1) + - SQLCipher/standard (4.0.1): - SQLCipher/common - SSZipArchive (2.1.4) - SwiftProtobuf (1.2.0) @@ -206,9 +206,9 @@ DEPENDENCIES: - SignalServiceKit (from `.`) - SignalServiceKit/Tests (from `.`) - SocketRocket (from `https://github.com/signalapp/SocketRocket.git`, branch `mkirk/handle-sec-err`) - - SQLCipher (from `https://github.com/sqlcipher/sqlcipher.git`, commit `d5c2bec`) + - SQLCipher (>= 4.0.1) - SSZipArchive - - YapDatabase/SQLCipher (from `https://github.com/signalapp/YapDatabase.git`, branch `signal-release`) + - YapDatabase/SQLCipher (from `https://github.com/signalapp/YapDatabase.git`, branch `mkirk/sqlcipher4`) - YYImage SPEC REPOS: @@ -220,6 +220,7 @@ SPEC REPOS: - PureLayout - Reachability - SAMKeychain + - SQLCipher - SSZipArchive - SwiftProtobuf - YYImage @@ -246,11 +247,8 @@ EXTERNAL SOURCES: SocketRocket: :branch: mkirk/handle-sec-err :git: https://github.com/signalapp/SocketRocket.git - SQLCipher: - :commit: d5c2bec - :git: https://github.com/sqlcipher/sqlcipher.git YapDatabase: - :branch: signal-release + :branch: mkirk/sqlcipher4 :git: https://github.com/signalapp/YapDatabase.git CHECKOUT OPTIONS: @@ -278,11 +276,8 @@ CHECKOUT OPTIONS: SocketRocket: :commit: 9f9563a83cd8960503074aa8de72206f83fb7a69 :git: https://github.com/signalapp/SocketRocket.git - SQLCipher: - :commit: d5c2bec - :git: https://github.com/sqlcipher/sqlcipher.git YapDatabase: - :commit: f1fa4545e1e1594fb80065ffca52a682f5a2e71c + :commit: 7ee35e1a42c2c075db005dc0278e57913a00b31a :git: https://github.com/signalapp/YapDatabase.git SPEC CHECKSUMS: @@ -302,12 +297,12 @@ SPEC CHECKSUMS: SignalMetadataKit: 6fa5e9a53c7f104568662521a2f3874672ff7a02 SignalServiceKit: 80d774c32b22567682f63c36bf9da265d82083bb SocketRocket: dbb1554b8fc288ef8ef370d6285aeca7361be31e - SQLCipher: f9fcf29b2e59ced7defc2a2bdd0ebe79b40d4990 + SQLCipher: 4636a257060f6f1b4e143a143028b61a2b462d0d SSZipArchive: 41455d4b8d2b6ab93990820b50dc697c2554a322 SwiftProtobuf: 91a9856079044ef4ec762b2344c763cd9e5a73c1 YapDatabase: b418a4baa6906e8028748938f9159807fd039af4 YYImage: 1e1b62a9997399593e4b9c4ecfbbabbf1d3f3b54 -PODFILE CHECKSUM: 1d3c7b17e2ff7bab54e3551c74559c26d95d9b06 +PODFILE CHECKSUM: 627f656b9187deaf83ab4cfb12fe2a4a0326aee3 COCOAPODS: 1.5.3 diff --git a/Pods b/Pods index c72da465c..94b55b6ec 160000 --- a/Pods +++ b/Pods @@ -1 +1 @@ -Subproject commit c72da465c46c2cfacc4793615690b5bc9486f57f +Subproject commit 94b55b6ec723b03927626c2cc0dfbafb33f3ef13 diff --git a/SignalServiceKit/src/Storage/OWSStorage.m b/SignalServiceKit/src/Storage/OWSStorage.m index 6408ca2f8..10ef32f2f 100644 --- a/SignalServiceKit/src/Storage/OWSStorage.m +++ b/SignalServiceKit/src/Storage/OWSStorage.m @@ -1,5 +1,5 @@ // -// Copyright (c) 2018 Open Whisper Systems. All rights reserved. +// Copyright (c) 2019 Open Whisper Systems. All rights reserved. // #import "OWSStorage.h" @@ -438,6 +438,11 @@ NSString *const kNSUserDefaults_DatabaseExtensionVersionMap = @"kNSUserDefaults_ // would kill the app/share extension as soon as it is backgrounded. options.cipherUnencryptedHeaderLength = kSqliteHeaderLength; + // If we want to migrate to the new cipher defaults in SQLCipher4+ we'll need to do a one time + // migration. See the `PRAGMA cipher_migrate` documentation for details. + // https://www.zetetic.net/sqlcipher/sqlcipher-api/#cipher_migrate + options.legacyCipherCompatibilityVersion = 3; + // If any of these asserts fails, we need to verify and update // OWSDatabaseConverter which assumes the values of these options. OWSAssertDebug(options.cipherDefaultkdfIterNumber == 0);