rindeal
diff --git a/‎VERSIONS
Lines changed: 2 additions & 2 deletions b/‎VERSIONS
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/codec.c
Lines changed: 22 additions & 0 deletions b/‎src/codec.c
Lines changed: 22 additions & 0 deletions
diff --git a/‎src/codecext.c
Lines changed: 5 additions & 1 deletion b/‎src/codecext.c
Lines changed: 5 additions & 1 deletion
@@ -1,3 +1,3 @@
-wxsqlite=3.1.1
-sqlite=3.8.5
+wxsqlite=3.2.0
+sqlite=3.8.7.4
 premake=4.4-beta5
@@ -39,10 +39,12 @@
 
 #include "codec.h"
 
+#ifndef SQLITE_USER_AUTHENTICATION
 #if CODEC_TYPE == CODEC_TYPE_AES256
 #include "sha2.h"
 #include "sha2.c"
 #endif
+#endif
 
 /*
 // ----------------
@@ -702,47 +704,67 @@ CodecGenerateEncryptionKey(Codec* codec, char* userPassword, int passwordLength,
 void
 CodecEncrypt(Codec* codec, int page, unsigned char* data, int len, int useWriteKey)
 {
+#ifdef WXSQLITE3_USE_OLD_ENCRYPTION_SCHEME
+  /* Use the previous encryption scheme */
+  unsigned char* key = (useWriteKey) ? codec->m_writeKey : codec->m_readKey;
+  CodecAES(codec, page, 1, key, data, len, data);
+#else
   unsigned char dbHeader[8];
   int offset = 0;
   unsigned char* key = (useWriteKey) ? codec->m_writeKey : codec->m_readKey;
   if (page == 1)
   {
+    /* Save the header bytes remaining unencrypted */
     memcpy(dbHeader, data+16, 8);
     offset = 16;
     CodecAES(codec, page, 1, key, data, 16, data);
   }
   CodecAES(codec, page, 1, key, data+offset, len-offset, data+offset);
   if (page == 1)
   {
+    /* Move the encrypted header bytes 16..23 to a safe position */
     memcpy(data+8,  data+16,  8);
+	/* Restore the unencrypted header bytes 16..23 */
     memcpy(data+16, dbHeader, 8);
   }
+#endif
 }
 
 void
 CodecDecrypt(Codec* codec, int page, unsigned char* data, int len)
 {
+#ifdef WXSQLITE3_USE_OLD_ENCRYPTION_SCHEME
+  /* Use the previous encryption scheme */
+  CodecAES(codec, page, 0, codec->m_readKey, data, len, data);
+#else
   unsigned char dbHeader[8];
   int dbPageSize;
   int offset = 0;
   if (page == 1)
   {
+    /* Save (unencrypted) header bytes 16..23 */
     memcpy(dbHeader, data+16, 8);
+	/* Determine page size */
     dbPageSize = (dbHeader[0] << 8) | (dbHeader[1] << 16);
+	/* Check whether the database header is valid */
+	/* If yes, the database follows the new encryption scheme, otherwise use the previous encryption scheme */
     if ((dbPageSize >= 512)   && (dbPageSize <= SQLITE_MAX_PAGE_SIZE) && (((dbPageSize-1) & dbPageSize) == 0) &&
         (dbHeader[5] == 0x40) && (dbHeader[6] == 0x20) && (dbHeader[7] == 0x20))
     {
+	  /* Restore encrypted bytes 16..23 for new encryption scheme */
       memcpy(data+16, data+8, 8);
       offset = 16;
     }
   }
   CodecAES(codec, page, 0, codec->m_readKey, data+offset, len-offset, data+offset);
   if (page == 1 && offset != 0)
   {
+    /* Verify the database header */
     if (memcmp(dbHeader, data+16, 8) == 0)
     {
       memcpy(data, SQLITE_FILE_HEADER, 16);
     }
   }
+#endif
 }
 
@@ -338,7 +338,11 @@ int sqlite3_rekey_v2(sqlite3 *db, const char *zDbName, const void *zKey, int nKe
   if (rc != SQLITE_OK)
   {
     /* Rollback in case of error */
-#if (SQLITE_VERSION_NUMBER >= 3007011)
+#if (SQLITE_VERSION_NUMBER >= 3008007)
+    /* Unfortunately this change was introduced in version 3.8.7.2 which cannot be detected using the SQLITE_VERSION_NUMBER */
+    /* That is, compilation will fail for version 3.8.7 or 3.8.7.1  ==> Please change manually ... or upgrade to 3.8.7.2 or higher */
+    sqlite3BtreeRollback(pbt, SQLITE_OK, 0);
+#elif (SQLITE_VERSION_NUMBER >= 3007011)
     sqlite3BtreeRollback(pbt, SQLITE_OK);
 #else
     sqlite3BtreeRollback(pbt);
Original file line number	Diff line number	Diff line change
`@@ -39,10 +39,12 @@`
`39`	`39`
`40`	`40`	`#include "codec.h"`
`41`	`41`
	`42`	`+#ifndef SQLITE_USER_AUTHENTICATION`
`42`	`43`	`#if CODEC_TYPE == CODEC_TYPE_AES256`
`43`	`44`	`#include "sha2.h"`
`44`	`45`	`#include "sha2.c"`
`45`	`46`	`#endif`
	`47`	`+#endif`
`46`	`48`
`47`	`49`	`/*`
`48`	`50`	`// ----------------`
`@@ -702,47 +704,67 @@ CodecGenerateEncryptionKey(Codec* codec, char* userPassword, int passwordLength,`
`702`	`704`	`void`
`703`	`705`	`CodecEncrypt(Codec* codec, int page, unsigned char* data, int len, int useWriteKey)`
`704`	`706`	`{`
	`707`	`+#ifdef WXSQLITE3_USE_OLD_ENCRYPTION_SCHEME`
	`708`	`+ /* Use the previous encryption scheme */`
	`709`	`+ unsigned char* key = (useWriteKey) ? codec->m_writeKey : codec->m_readKey;`
	`710`	`+ CodecAES(codec, page, 1, key, data, len, data);`
	`711`	`+#else`
`705`	`712`	`unsigned char dbHeader[8];`
`706`	`713`	`int offset = 0;`
`707`	`714`	`unsigned char* key = (useWriteKey) ? codec->m_writeKey : codec->m_readKey;`
`708`	`715`	`if (page == 1)`
`709`	`716`	`{`
	`717`	`+ /* Save the header bytes remaining unencrypted */`
`710`	`718`	`memcpy(dbHeader, data+16, 8);`
`711`	`719`	`offset = 16;`
`712`	`720`	`CodecAES(codec, page, 1, key, data, 16, data);`
`713`	`721`	`}`
`714`	`722`	`CodecAES(codec, page, 1, key, data+offset, len-offset, data+offset);`
`715`	`723`	`if (page == 1)`
`716`	`724`	`{`
	`725`	`+ /* Move the encrypted header bytes 16..23 to a safe position */`
`717`	`726`	`memcpy(data+8, data+16, 8);`
	`727`	`+ /* Restore the unencrypted header bytes 16..23 */`
`718`	`728`	`memcpy(data+16, dbHeader, 8);`
`719`	`729`	`}`
	`730`	`+#endif`
`720`	`731`	`}`
`721`	`732`
`722`	`733`	`void`
`723`	`734`	`CodecDecrypt(Codec* codec, int page, unsigned char* data, int len)`
`724`	`735`	`{`
	`736`	`+#ifdef WXSQLITE3_USE_OLD_ENCRYPTION_SCHEME`
	`737`	`+ /* Use the previous encryption scheme */`
	`738`	`+ CodecAES(codec, page, 0, codec->m_readKey, data, len, data);`
	`739`	`+#else`
`725`	`740`	`unsigned char dbHeader[8];`
`726`	`741`	`int dbPageSize;`
`727`	`742`	`int offset = 0;`
`728`	`743`	`if (page == 1)`
`729`	`744`	`{`
	`745`	`+ /* Save (unencrypted) header bytes 16..23 */`
`730`	`746`	`memcpy(dbHeader, data+16, 8);`
	`747`	`+ /* Determine page size */`
`731`	`748`	`dbPageSize = (dbHeader[0] << 8) \| (dbHeader[1] << 16);`
	`749`	`+ /* Check whether the database header is valid */`
	`750`	`+ /* If yes, the database follows the new encryption scheme, otherwise use the previous encryption scheme */`
`732`	`751`	`if ((dbPageSize >= 512) && (dbPageSize <= SQLITE_MAX_PAGE_SIZE) && (((dbPageSize-1) & dbPageSize) == 0) &&`
`733`	`752`	`(dbHeader[5] == 0x40) && (dbHeader[6] == 0x20) && (dbHeader[7] == 0x20))`
`734`	`753`	`{`
	`754`	`+ /* Restore encrypted bytes 16..23 for new encryption scheme */`
`735`	`755`	`memcpy(data+16, data+8, 8);`
`736`	`756`	`offset = 16;`
`737`	`757`	`}`
`738`	`758`	`}`
`739`	`759`	`CodecAES(codec, page, 0, codec->m_readKey, data+offset, len-offset, data+offset);`
`740`	`760`	`if (page == 1 && offset != 0)`
`741`	`761`	`{`
	`762`	`+ /* Verify the database header */`
`742`	`763`	`if (memcmp(dbHeader, data+16, 8) == 0)`
`743`	`764`	`{`
`744`	`765`	`memcpy(data, SQLITE_FILE_HEADER, 16);`
`745`	`766`	`}`
`746`	`767`	`}`
	`768`	`+#endif`
`747`	`769`	`}`
`748`	`770`