Uploaded image for project: 'Couchbase Lite'
  1. Couchbase Lite
  2. CBL-2319

Confusing copyDatabase API when used with encryptionKey

    XMLWordPrintable

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.8.5
    • 3.0
    • API
    • Security Level: Public
    • None
    • 1

    Description

      The current definition of copy database API states

         /// Copies a canned databaes from the given path to a new database with the given name and

          /// the configuration. The new database will be created at the directory specified in the

          /// configuration. Without given the database configuration, the default configuration that

          /// is equivalent to setting all properties in the configuration to nil will be used.

          ///

          /// - Parameters:

          ///   - path: The source database path.

          ///   - name: The name of the new database to be created.

          ///   - config: The database configuration for the new database name.

       

      Requirement: Copy (unencrypted) database and encrypt the target copy

      Expected: Specify encryptionKey in config and expect it to work

       

      Observed: Arcane exception is thrown. Turns out that encryptionKey thats specified in config is expected is for decrypting source database

       

      There are several related issues here

      1) API spec is not aligned. If config is for target, there cannot  not be expectation of providing decryption key for source db in that config. Seems like we should have a different option for specifying key for encrypted source database

      2) Error log is non-informative. I don't have it at hand but you can test it and you will see that it provides no indication of the mistake

      3) API documentation needs to be updated to describe what should be expected (and what one should do if they want to encrypt target database)

       

      Attachments

        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            pasin Pasin Suriyentrakorn added a comment - - edited

            1) API spec is not aligned. If config is for target, there cannot  not be expectation of providing decryption key for source db in that config. Seems like we should have a different option for specifying key for encrypted source database

            The behavior is expected. The method is for copying the database (It doesn't recreate the database and copy data over) as a result the encryptionKey specified in the config is the encryption key for both original database and the copied database (no change).

            The encryption key in the config is used for opening and not for changing. We have a dedicated method for changing the encryption key. Therefore, if the encryption key needs to be changed or needs to be enabled (from no encryption), the changeEncryptionKey(key) method will need to be explicitly called after.

            pasin Pasin Suriyentrakorn added a comment - - edited 1) API spec is not aligned. If config is for target, there cannot  not be expectation of providing decryption key for source db in that config. Seems like we should have a different option for specifying key for encrypted source database The behavior is expected. The method is for copying the database (It doesn't recreate the database and copy data over) as a result the encryptionKey specified in the config is the encryption key for both original database and the copied database (no change). The encryption key in the config is used for opening and not for changing. We have a dedicated method for changing the encryption key. Therefore, if the encryption key needs to be changed or needs to be enabled (from no encryption), the changeEncryptionKey(key) method will need to be explicitly called after.

            2) Error log is non-informative. I don't have it at hand but you can test it and you will see that it provides no indication of the mistake

            Here is the current log and yes, it could be improved.

            2021-09-20 16:52:39.430464-0700 xctest[18383:27484333] CouchbaseLite Database Info: {DB#3} Opening database
            2021-09-20 16:52:39.434310-0700 xctest[18383:27484333] CouchbaseLite Database ERROR: SQLite error (code 26): file is not a database in "SELECT count(*) FROM sqlite_master"
            2021-09-20 16:52:39.434624-0700 xctest[18383:27484333] CouchbaseLite Database ERROR: {DB#3} Could not decrypt database with AES256
            2021-09-20 16:52:39.434983-0700 xctest[18383:27484333] CouchbaseLite Database Info: {DB#3} Retrying decryption with AES128...
            2021-09-20 16:52:39.437663-0700 xctest[18383:27484333] CouchbaseLite Database ERROR: SQLite error (code 26): file is not a database in "SELECT count(*) FROM sqlite_master"
            2021-09-20 16:52:39.437943-0700 xctest[18383:27484333] CouchbaseLite Database ERROR: {DB#3} Could not decrypt database with AES128
            

            pasin Pasin Suriyentrakorn added a comment - 2) Error log is non-informative. I don't have it at hand but you can test it and you will see that it provides no indication of the mistake Here is the current log and yes, it could be improved. 2021 - 09 - 20 16 : 52 : 39.430464 - 0700 xctest[ 18383 : 27484333 ] CouchbaseLite Database Info: {DB# 3 } Opening database 2021 - 09 - 20 16 : 52 : 39.434310 - 0700 xctest[ 18383 : 27484333 ] CouchbaseLite Database ERROR: SQLite error (code 26 ): file is not a database in "SELECT count(*) FROM sqlite_master" 2021 - 09 - 20 16 : 52 : 39.434624 - 0700 xctest[ 18383 : 27484333 ] CouchbaseLite Database ERROR: {DB# 3 } Could not decrypt database with AES256 2021 - 09 - 20 16 : 52 : 39.434983 - 0700 xctest[ 18383 : 27484333 ] CouchbaseLite Database Info: {DB# 3 } Retrying decryption with AES128... 2021 - 09 - 20 16 : 52 : 39.437663 - 0700 xctest[ 18383 : 27484333 ] CouchbaseLite Database ERROR: SQLite error (code 26 ): file is not a database in "SELECT count(*) FROM sqlite_master" 2021 - 09 - 20 16 : 52 : 39.437943 - 0700 xctest[ 18383 : 27484333 ] CouchbaseLite Database ERROR: {DB# 3 } Could not decrypt database with AES128

            I have created 1 Doc issue, 3 API docs issues, and 1 Lite-Core issue for fixing error message in the log. Please see the linked issues.

            pasin Pasin Suriyentrakorn added a comment - I have created 1 Doc issue, 3 API docs issues, and 1 Lite-Core issue for fixing error message in the log. Please see the linked issues.

            People

              priya.rajagopal Priya Rajagopal
              priya.rajagopal Priya Rajagopal
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty