tdlib sqlite / sqlcipher implementation/parameters deviation

tdlib / td

Cross-platform library for building Telegram clients

https://core.telegram.org/tdlib

Boost Software License 1.0

7.11k stars 1.44k forks source link

tdlib sqlite / sqlcipher implementation/parameters deviation #2374

Closed drzraf closed 1 year ago

drzraf commented 1 year ago

Dears,

Things like kdf_iter, cipher_page_size, cipher_use_hmac, compatibility, cipher_plaintext_header_size, cipher_hmac_algorithm, cipher_kdf_algorithm (cipher_default_settings) all impact the ability to open a sqlicipher database.

Do you mind explaining how TDLib's Sqlite implementation deviates from official the historical sqlcipher one(s) and formalize the values used for these parameters?

Thank you!

levlam commented 1 year ago

TDLib uses default SQLCipher 4.4.0 amalgamation with bug fixes, which doesn't affect file format. TDLib database is not supposed to be opened by anything besides TDLib, so all mentioned parameters are irrelevant.

drzraf commented 1 year ago

I completely understand the notion of "not supposed to be opened by anything" (especially r/w). But, still,... it sounds appealing for both curiosity and the feeling of safety procured by the ability to open the DB with standard sqlcipher tool.

Using a compiled version of sqlcipher 4.4 PRAGMA key = "x'<64 hexbytes>'"; was enough (default cipher settings are fine).

For reference, these are:

PRAGMA cipher_page_size = 4096;
PRAGMA kdf_iter = 256000;
PRAGMA cipher_plaintext_header_size = 0;
PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA512;

PRAGMA cipher_default_use_hmac = ON;
PRAGMA cipher_hmac_algorithm = HMAC_SHA512;
PRAGMA cipher_hmac_pgno = le;
PRAGMA cipher_hmac_salt_mask = "x'3a'";