`dissect.database.sqlite3.encryption.sqlcipher.sqlcipher`¶

Module Contents¶

Classes¶

`SQLCipher`	SQLCipher Community Edition implementation.
`SQLCipherStream`	Implements a transparent decryption stream for SQLCipher databases.
`SQLCipher4`	SQLCipher Community Edition implementation.
`SQLCipher3`	SQLCipher Community Edition implementation.
`SQLCipher2`	SQLCipher Community Edition implementation.
`SQLCipher1`	SQLCipher Community Edition implementation.

Functions¶

derive_key

Derive the database key as SQLCipher would using PBKDF2.

Attributes¶

HAS_CRYPTO

dissect.database.sqlite3.encryption.sqlcipher.sqlcipher.HAS_CRYPTO = True¶

Bases: dissect.database.sqlite3.sqlite3.SQLite3

SQLCipher Community Edition implementation.

Instantiate with a subclass from SQLCipher4, SQLCipher3, SQLCipher2 or SQLCipher1.

Decrypts a SQLCipher database from the given path or file-like oject.

Example usage:

>>> from dissect.database.sqlite3.encryption import SQLCipher4
>>> db = SQLCipher4(Path("file.db"), "passphrase")
>>> row = db.table("MyTable").row(0)

Parameters:

fh (Path | BinaryIO) – The path or file-like object to open.
passphrase (str | bytes) – String or bytes passphrase.
salt (bytes) – Optionally provide the 16-byte salt directly.
plaintext_header_size (int) – Size of plaintext header to use.
page_size (int) – Override size of each page.
kdf_iter (int) – Override amount of KDF iterations.
kdf_algo (str | hashlib._Hash) – Override KDF digest alrorithm.
hmac_algo (str | hashlib._Hash) – Override HMAC digest algorithm.
no_kdf (bool) – Disable KDF from passphrase, use as raw key.
verify_hmac (bool) – Optionally verify digest of every page.

Raises:

SQLCipherError – If decryption failed using the provided arguments.

References

DEFAULT_PAGE_SIZE: int¶

DEFAULT_KDF_ITER: int¶

DEFAULT_KDF_ALGO: str¶

DEFAULT_HMAC_ALGO: str | None¶

cipher_fh¶

cipher_path¶

cipher_page_size¶

kdf_iter¶

kdf_algo¶

hmac_algo¶

verify_hmac = False¶

salt¶

passphrase¶

hmac_salt¶

hmac_key¶

__repr__() → str¶

close() → None¶: Close the database.

stream() → SQLCipherStream¶: Create a transparent decryption stream.

class dissect.database.sqlite3.encryption.sqlcipher.sqlcipher.SQLCipherStream(sqlcipher: SQLCipher)¶

Bases: dissect.util.stream.AlignedStream

Implements a transparent decryption stream for SQLCipher databases.

fh¶

sqlcipher¶

Bases: SQLCipher

SQLCipher Community Edition implementation.

Instantiate with a subclass from SQLCipher4, SQLCipher3, SQLCipher2 or SQLCipher1.

Decrypts a SQLCipher database from the given path or file-like oject.

Example usage:

>>> from dissect.database.sqlite3.encryption import SQLCipher4
>>> db = SQLCipher4(Path("file.db"), "passphrase")
>>> row = db.table("MyTable").row(0)

Parameters:

fh (Path | BinaryIO) – The path or file-like object to open.
passphrase (str | bytes) – String or bytes passphrase.
salt (bytes) – Optionally provide the 16-byte salt directly.
plaintext_header_size (int) – Size of plaintext header to use.
page_size (int) – Override size of each page.
kdf_iter (int) – Override amount of KDF iterations.
kdf_algo (str | hashlib._Hash) – Override KDF digest alrorithm.
hmac_algo (str | hashlib._Hash) – Override HMAC digest algorithm.
no_kdf (bool) – Disable KDF from passphrase, use as raw key.
verify_hmac (bool) – Optionally verify digest of every page.

Raises:

SQLCipherError – If decryption failed using the provided arguments.

References

DEFAULT_PAGE_SIZE = 4096¶

DEFAULT_KDF_ITER = 256000¶

DEFAULT_KDF_ALGO = 'SHA512'¶

DEFAULT_HMAC_ALGO = 'SHA512'¶

Bases: SQLCipher

SQLCipher Community Edition implementation.

Instantiate with a subclass from SQLCipher4, SQLCipher3, SQLCipher2 or SQLCipher1.

Decrypts a SQLCipher database from the given path or file-like oject.

Example usage:

>>> from dissect.database.sqlite3.encryption import SQLCipher4
>>> db = SQLCipher4(Path("file.db"), "passphrase")
>>> row = db.table("MyTable").row(0)

Parameters:

fh (Path | BinaryIO) – The path or file-like object to open.
passphrase (str | bytes) – String or bytes passphrase.
salt (bytes) – Optionally provide the 16-byte salt directly.
plaintext_header_size (int) – Size of plaintext header to use.
page_size (int) – Override size of each page.
kdf_iter (int) – Override amount of KDF iterations.
kdf_algo (str | hashlib._Hash) – Override KDF digest alrorithm.
hmac_algo (str | hashlib._Hash) – Override HMAC digest algorithm.
no_kdf (bool) – Disable KDF from passphrase, use as raw key.
verify_hmac (bool) – Optionally verify digest of every page.

Raises:

SQLCipherError – If decryption failed using the provided arguments.

References

DEFAULT_PAGE_SIZE = 1024¶

DEFAULT_KDF_ITER = 64000¶

DEFAULT_KDF_ALGO = 'SHA1'¶

DEFAULT_HMAC_ALGO = 'SHA1'¶

Bases: SQLCipher

SQLCipher Community Edition implementation.

Instantiate with a subclass from SQLCipher4, SQLCipher3, SQLCipher2 or SQLCipher1.

Decrypts a SQLCipher database from the given path or file-like oject.

Example usage:

>>> from dissect.database.sqlite3.encryption import SQLCipher4
>>> db = SQLCipher4(Path("file.db"), "passphrase")
>>> row = db.table("MyTable").row(0)

Parameters:

fh (Path | BinaryIO) – The path or file-like object to open.
passphrase (str | bytes) – String or bytes passphrase.
salt (bytes) – Optionally provide the 16-byte salt directly.
plaintext_header_size (int) – Size of plaintext header to use.
page_size (int) – Override size of each page.
kdf_iter (int) – Override amount of KDF iterations.
kdf_algo (str | hashlib._Hash) – Override KDF digest alrorithm.
hmac_algo (str | hashlib._Hash) – Override HMAC digest algorithm.
no_kdf (bool) – Disable KDF from passphrase, use as raw key.
verify_hmac (bool) – Optionally verify digest of every page.

Raises:

SQLCipherError – If decryption failed using the provided arguments.

References

DEFAULT_PAGE_SIZE = 1024¶

DEFAULT_KDF_ITER = 4000¶

DEFAULT_KDF_ALGO = 'SHA1'¶

DEFAULT_HMAC_ALGO = 'SHA1'¶

Bases: SQLCipher

SQLCipher Community Edition implementation.

Instantiate with a subclass from SQLCipher4, SQLCipher3, SQLCipher2 or SQLCipher1.

Decrypts a SQLCipher database from the given path or file-like oject.

Example usage:

>>> from dissect.database.sqlite3.encryption import SQLCipher4
>>> db = SQLCipher4(Path("file.db"), "passphrase")
>>> row = db.table("MyTable").row(0)

Parameters:

fh (Path | BinaryIO) – The path or file-like object to open.
passphrase (str | bytes) – String or bytes passphrase.
salt (bytes) – Optionally provide the 16-byte salt directly.
plaintext_header_size (int) – Size of plaintext header to use.
page_size (int) – Override size of each page.
kdf_iter (int) – Override amount of KDF iterations.
kdf_algo (str | hashlib._Hash) – Override KDF digest alrorithm.
hmac_algo (str | hashlib._Hash) – Override HMAC digest algorithm.
no_kdf (bool) – Disable KDF from passphrase, use as raw key.
verify_hmac (bool) – Optionally verify digest of every page.

Raises:

SQLCipherError – If decryption failed using the provided arguments.

References

DEFAULT_PAGE_SIZE = 1024¶

DEFAULT_KDF_ITER = 4000¶

DEFAULT_KDF_ALGO = 'SHA1'¶

DEFAULT_HMAC_ALGO = None¶

dissect.database.sqlite3.encryption.sqlcipher.sqlcipher.derive_key(passphrase: bytes, salt: bytes, kdf_iter: int, kdf_algo: str | None) → bytes¶: Derive the database key as SQLCipher would using PBKDF2.

dissect.database.sqlite3.encryption.sqlcipher.sqlcipher¶

Module Contents¶

Classes¶

Functions¶

Attributes¶

`dissect.database.sqlite3.encryption.sqlcipher.sqlcipher`¶