ATTACH on encrypted DB returning SQLITE_NOTADB

I’m having a strange issue when trying to attach an encrypted database.

Using SQLite 3.28.0 with SQLCipher v4.2.0.

First I open up a database with the following commands:

sqlite3_open_v2("database1.db", ...);
sqlite3_exec(..., "PRAGMA key = 'password'; PRAGMA kdf_iter= 128000;", nullptr, nullptr, nullptr);

Everything is fine up to this point.

Now I try to attach another encrypted database:

sqlite3_exec(..., "ATTACH DATABASE 'c:/path/to/database2.db' AS db2 KEY 'password'; PRAGMA db2.kdf_iter= 128000;", nullptr, nullptr, nullptr);

The result of that action is SQLITE_NOTADB, yet that database is valid, and can be opened up using sqlite3_open_v2.

If I open a non-encrypted database, and then attach another non-encrypted database, it works 100%.

Is there something I’m missing when trying to attach an encrypted database?

Any help would be greatly appreciated.

Hi @r101

You will want to use pragma cipher_default_kdf_iter instead. Would you give that a try?

Using pragma cipher_default_kdf_iter = 128000; resulted in the same error, SQLITE_NOADB.

Both of the databases are created in code with the same encryption key just prior opening and attaching, just to make sure they have the correct settings, and both open perfectly fine in any application that supports SQLite with encryption (like DB Browser).

EDIT: ATTACH works if I leave the kdf_iter at default, which I assume is 256000. I am doing some more testing to figure out why it’s not working at 128000.

Never mind! pragma cipher_default_kdf_iter = 128000; worked once I realized I had introduced some errors in my DB creation code while testing this. Thank you for the help!

It seems that using PRAGMA kdf_iter = '128000'; after attaching a database successfully causes that attached DB to no longer work with any sqlite3_exec calls (resulting in SQLITE_NOMEM errors).

Hi @r101

Thanks for the update, we are happy that resolved the issue.