Feature request: Support for selecting different encryption schemes at runtime

[utelle]

Currently work is in progress to overhaul the SQLite encryption extension coming with wxSQLite3.

At the moment it is necessary to decide at compile time which encryption scheme - AES 128-bit or AES 256-bit - should be used. It is planned to allow the selection of the encryption scheme at runtime in the future. And this will be the technical basis to be able to support additional encryption schemes (like sqleet or even SQLCipher (see issue #6)) ) later on.

The problem I'm currently struggling with is how to allow changing the encryption scheme and setting configuration parameters for the schemes.

For example, SQLCipher adds a bunch of PRAGMA statements to accomplish this. However, this requires to modify the SQLite3 source code. As a consequence upgrading to a new SQLite3 version demands a much bigger effort than just dropping in a new SQLite amalgamation (as is the case for wxSQLite3). Therefore I definitely want to avoid modifications to the SQLite3 source code.

Unfortunately, SQLite has no means to intercept the handling of PRAGMA statements. An alternative could be to define a SQLite user-defined function (UDF) for configuring the default encryption scheme and scheme parameters. The syntax would be something like

SELECT wxsqlite3_config('parameter-name', 'parameter-value'); -- Setting a parameter
SELECT wxsqlite3_config('parameter-name');                    -- Querying a parameter

The syntax is not as intuitive as a PRAGMA statement, but this method can be implemented without touching the SQLite3 source code.

In the official SQLite Encryption Extension (SEE) a different encryption scheme can be selected using a prefix to the encryption key. However, IMHO this becomes cumbersome, if one wants to pass not only the scheme name, but scheme parameters as well.

For a while, I considered to use extra parameters to a database file URI, but this would solve the issue only for opening a database (by intercepting the call to sqlite3_open - what the wxSQLite3 encryption extension does anyway). However, this trick would not work for attached databases.

Finally, it would be possible to add one or more functions for this purpose to the SQLite C Interface.

Feedback from the community would be very welcome.

[utelle]

A first implementation of the multi-cipher support is now available in branch multi-cipher. The following ciphers are currently supported:

• AES 126 Bit CBC - No HMAC (wxSQLite3 - Default cipher until wxSQLite3 version 3.5.9)
• AES 256 Bit CBC - No HMAC (wxSQLite3)
• ChaCha20 - Poly1305 HMAC (sqleet - intended default cipher for wxSQLite3 version 4 and above)
• AES 256 Bit CBC - SHA1 HMAC (SQLCipher - database versions 1, 2, and 3 supported)

Preliminary documentation can be found here.

Please give it a try.

Feedback, bug reports, and feature requests are welcome.

[utelle]

After successfully testing to compile and run the new multi-cipher version under Windows and Linux, I decided to transfer the new version to the master branch. That is, further development of the multi-cipher support will now occur in the master branch.