Require encryption keys to be passed to constructors

This is to prevent the error of turning on WAL (new default)
before the key has been set.

This also prevents the user from not calling the old SetKey functions
at the wrong time.

Working on #597

Author: praeclarum

src/SQLite.cs

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2009-2017 Krueger Systems, Inc.
+// Copyright (c) 2009-2018 Krueger Systems, Inc.
 //
 // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to deal
@@ -228,8 +228,11 @@ static SQLiteConnection ()
 		/// If you use DateTimeOffset properties, it will be always stored as ticks regardingless
 		/// the storeDateTimeAsTicks parameter.
 		/// </param>
-		public SQLiteConnection (string databasePath, bool storeDateTimeAsTicks = true)
-			: this (databasePath, SQLiteOpenFlags.ReadWrite | SQLiteOpenFlags.Create, storeDateTimeAsTicks)
+		/// <param name="key">
+		/// Specifies the encryption key to use on the database. Should be a string or a byte[].
+		/// </param>
+		public SQLiteConnection (string databasePath, bool storeDateTimeAsTicks = true, object key = null)
+			: this (databasePath, SQLiteOpenFlags.ReadWrite | SQLiteOpenFlags.Create, storeDateTimeAsTicks, key: key)
 		{
 		}
 
@@ -250,7 +253,10 @@ public SQLiteConnection (string databasePath, bool storeDateTimeAsTicks = true)
 		/// If you use DateTimeOffset properties, it will be always stored as ticks regardingless
 		/// the storeDateTimeAsTicks parameter.
 		/// </param>
-		public SQLiteConnection (string databasePath, SQLiteOpenFlags openFlags, bool storeDateTimeAsTicks = true)
+		/// <param name="key">
+		/// Specifies the encryption key to use on the database. Should be a string or a byte[].
+		/// </param>
+		public SQLiteConnection (string databasePath, SQLiteOpenFlags openFlags, bool storeDateTimeAsTicks = true, object key = null)
 		{
 			if (databasePath==null)
 				throw new ArgumentException ("Must be specified", nameof(databasePath));
@@ -284,10 +290,20 @@ public SQLiteConnection (string databasePath, SQLiteOpenFlags openFlags, bool st
 			StoreDateTimeAsTicks = storeDateTimeAsTicks;
 
 			BusyTimeout = TimeSpan.FromSeconds (0.1);
+			Tracer = line => Debug.WriteLine (line);
+
+			if (key is string stringKey) {
+				SetKey (stringKey);
+			}
+			else if (key is byte[] bytesKey) {
+				SetKey (bytesKey);
+			}
+			else if (key != null) {
+				throw new ArgumentException ("Encryption keys must be strings or byte arrays", nameof (key));
+			}
 			if (openFlags.HasFlag (SQLiteOpenFlags.ReadWrite)) {
 				ExecuteScalar<string> ("PRAGMA journal_mode=WAL");
 			}
-			Tracer = line => Debug.WriteLine (line);
 		}
 
 		/// <summary>
@@ -304,13 +320,13 @@ static string Quote (string unsafeString)
 		}
 
 		/// <summary>
-		/// Sets the key used to encrypt/decrypt the database.
+		/// Sets the key used to encrypt/decrypt the database with "pragma key = ...".
 		/// This must be the first thing you call before doing anything else with this connection
 		/// if your database is encrypted.
 		/// This only has an effect if you are using the SQLCipher nuget package.
 		/// </summary>
 		/// <param name="key">Ecryption key plain text that is converted to the real encryption key using PBKDF2 key derivation</param>
-		public void SetKey (string key)
+		void SetKey (string key)
 		{
 			if (key == null) throw new ArgumentNullException (nameof (key));
 			var q = Quote (key);
@@ -324,7 +340,7 @@ public void SetKey (string key)
 		/// This only has an effect if you are using the SQLCipher nuget package.
 		/// </summary>
 		/// <param name="key">256-bit (32 byte) ecryption key data</param>
-		public void SetKey (byte[] key)
+		void SetKey (byte[] key)
 		{
 			if (key == null) throw new ArgumentNullException (nameof (key));
 			if (key.Length != 32) throw new ArgumentException ("Key must be 32 bytes (256-bit)", nameof(key));
@@ -2021,6 +2037,7 @@ public class SQLiteConnectionString
 		public string ConnectionString { get; private set; }
 		public string DatabasePath { get; private set; }
 		public bool StoreDateTimeAsTicks { get; private set; }
+		public object Key { get; private set; }
 
 #if NETFX_CORE
 		static readonly string MetroStyleDataPath = Windows.Storage.ApplicationData.Current.LocalFolder.Path;
@@ -2038,10 +2055,11 @@ public static bool IsInMemoryPath(string databasePath)
 
 #endif
 
-		public SQLiteConnectionString (string databasePath, bool storeDateTimeAsTicks)
+		public SQLiteConnectionString (string databasePath, bool storeDateTimeAsTicks, object key)
 		{
 			ConnectionString = databasePath;
 			StoreDateTimeAsTicks = storeDateTimeAsTicks;
+			Key = key;
 
 #if NETFX_CORE
 			DatabasePath = IsInMemoryPath(databasePath)

src/SQLiteAsync.cs

@@ -37,7 +37,7 @@ public partial class SQLiteAsyncConnection
 	{
 		SQLiteConnectionString _connectionString;
 		SQLiteConnectionWithLock _fullMutexReadConnection;
-		bool isFullMutex;
+		readonly bool isFullMutex;
 		SQLiteOpenFlags _openFlags;
 
 		/// <summary>
@@ -54,8 +54,11 @@ public partial class SQLiteAsyncConnection
 		/// If you use DateTimeOffset properties, it will be always stored as ticks regardingless
 		/// the storeDateTimeAsTicks parameter.
 		/// </param>
-		public SQLiteAsyncConnection (string databasePath, bool storeDateTimeAsTicks = true)
-			: this (databasePath, SQLiteOpenFlags.FullMutex | SQLiteOpenFlags.ReadWrite | SQLiteOpenFlags.Create, storeDateTimeAsTicks)
+		/// <param name="key">
+		/// Specifies the encryption key to use on the database. Should be a string or a byte[].
+		/// </param>
+		public SQLiteAsyncConnection (string databasePath, bool storeDateTimeAsTicks = true, object key = null)
+			: this (databasePath, SQLiteOpenFlags.FullMutex | SQLiteOpenFlags.ReadWrite | SQLiteOpenFlags.Create, storeDateTimeAsTicks, key: key)
 		{
 		}
 
@@ -76,12 +79,15 @@ public SQLiteAsyncConnection (string databasePath, bool storeDateTimeAsTicks = t
 		/// If you use DateTimeOffset properties, it will be always stored as ticks regardingless
 		/// the storeDateTimeAsTicks parameter.
 		/// </param>
-		public SQLiteAsyncConnection (string databasePath, SQLiteOpenFlags openFlags, bool storeDateTimeAsTicks = true)
+		/// <param name="key">
+		/// Specifies the encryption key to use on the database. Should be a string or a byte[].
+		/// </param>
+		public SQLiteAsyncConnection (string databasePath, SQLiteOpenFlags openFlags, bool storeDateTimeAsTicks = true, object key = null)
 		{
 			_openFlags = openFlags;
 			isFullMutex = _openFlags.HasFlag (SQLiteOpenFlags.FullMutex);
-			_connectionString = new SQLiteConnectionString (databasePath, storeDateTimeAsTicks);
-			if(isFullMutex)
+			_connectionString = new SQLiteConnectionString (databasePath, storeDateTimeAsTicks, key);
+			if (isFullMutex)
 				_fullMutexReadConnection = new SQLiteConnectionWithLock (_connectionString, openFlags) { SkipLock = true };
 		}
 
@@ -203,39 +209,6 @@ Task<T> WriteAsync<T> (Func<SQLiteConnectionWithLock, T> write)
 			}, CancellationToken.None, TaskCreationOptions.DenyChildAttach, TaskScheduler.Default);
 		}
 
-		/// <summary>
-		/// Sets the key used to encrypt/decrypt the database.
-		/// This must be the first thing you call before doing anything else with this connection
-		/// if your database is encrypted.
-		/// This only has an effect if you are using the SQLCipher nuget package.
-		/// </summary>
-		/// <param name="key">Ecryption key plain text that is converted to the real encryption key using PBKDF2 key derivation</param>
-		public Task SetKeyAsync (string key)
-		{
-			if (key == null) throw new ArgumentNullException (nameof (key));
-			return WriteAsync<object> (conn => {
-				conn.SetKey (key);
-				return null;
-			});
-		}
-
-		/// <summary>
-		/// Sets the key used to encrypt/decrypt the database.
-		/// This must be the first thing you call before doing anything else with this connection
-		/// if your database is encrypted.
-		/// This only has an effect if you are using the SQLCipher nuget package.
-		/// </summary>
-		/// <param name="key">256-bit (32 byte) ecryption key data</param>
-		public Task SetKeyAsync (byte[] key)
-		{
-			if (key == null) throw new ArgumentNullException (nameof (key));
-			if (key.Length != 32) throw new ArgumentException ("Key must be 32 bytes (256-bit)", nameof (key));
-			return WriteAsync<object> (conn => {
-				conn.SetKey (key);
-				return null;
-			});
-		}
-
 		/// <summary>
 		/// Enable or disable extension loading.
 		/// </summary>
@@ -1411,7 +1384,7 @@ public class SQLiteConnectionWithLock : SQLiteConnection
 		/// <param name="connectionString">Connection string containing the DatabasePath.</param>
 		/// <param name="openFlags">Open flags.</param>
 		public SQLiteConnectionWithLock (SQLiteConnectionString connectionString, SQLiteOpenFlags openFlags)
-			: base (connectionString.DatabasePath, openFlags, connectionString.StoreDateTimeAsTicks)
+			: base (connectionString.DatabasePath, openFlags, connectionString.StoreDateTimeAsTicks, key: connectionString.Key)
 		{
 		}
 

tests/SQLCipherTest.cs

@@ -31,20 +31,16 @@ public void SetStringKey ()
 
 			var key = "SecretPassword";
 
-			using (var db = new TestDb ()) {
+			using (var db = new TestDb (key: key)) {
 				path = db.DatabasePath;
 
-				db.SetKey (key);
-
 				db.CreateTable<TestTable> ();
 				db.Insert (new TestTable { Value = "Hello" });
 			}
 
-			using (var db = new TestDb (path)) {
+			using (var db = new TestDb (path, key: key)) {
 				path = db.DatabasePath;
 
-				db.SetKey (key);
-
 				var r = db.Table<TestTable> ().First ();
 
 				Assert.AreEqual ("Hello", r.Value);
@@ -60,32 +56,46 @@ public void SetBytesKey ()
 			var key = new byte[32];
 			rand.NextBytes (key);
 
-			using (var db = new TestDb ()) {
+			using (var db = new TestDb (key: key)) {
 				path = db.DatabasePath;
 
-				db.SetKey (key);
-
 				db.CreateTable<TestTable> ();
 				db.Insert (new TestTable { Value = "Hello" });
 			}
 
-			using (var db = new TestDb (path)) {
+			using (var db = new TestDb (path, key: key)) {
 				path = db.DatabasePath;
 
-				db.SetKey (key);
-
 				var r = db.Table<TestTable> ().First ();
 
 				Assert.AreEqual ("Hello", r.Value);
 			}
 		}
 
+		[Test]
+		public void SetEmptyStringKey ()
+		{
+			using (var db = new TestDb (key: "")) {
+			}
+		}
+
+		[Test]
+		public void SetBadTypeKey ()
+		{
+			try {
+				using (var db = new TestDb (key: 42)) {
+				}
+				Assert.Fail ("Should have thrown");
+			}
+			catch (ArgumentException) {
+			}
+		}
+
 		[Test]
 		public void SetBadBytesKey ()
 		{
 			try {
-				using (var db = new TestDb ()) {
-					db.SetKey (new byte[] { 1, 2, 3, 4 });
+				using (var db = new TestDb (key: new byte[] { 1, 2, 3, 4 })) {
 				}
 				Assert.Fail ("Should have thrown");
 			}

tests/TestDb.cs

@@ -53,12 +53,12 @@ public enum OrderLineStatus {
 
 	public class TestDb : SQLiteConnection
 	{
-		public TestDb (bool storeDateTimeAsTicks = true) : base (TestPath.GetTempFileName (), storeDateTimeAsTicks)
+		public TestDb (bool storeDateTimeAsTicks = true, object key = null) : base (TestPath.GetTempFileName (), storeDateTimeAsTicks, key: key)
 		{
 			Trace = true;
 		}
 
-		public TestDb (string path, bool storeDateTimeAsTicks = true) : base (path, storeDateTimeAsTicks)
+		public TestDb (string path, bool storeDateTimeAsTicks = true, object key = null) : base (path, storeDateTimeAsTicks, key: key)
 		{
 			Trace = true;
 		}