Migration from 2.x format to 3.x failed

clydeza · September 9, 2015, 9:02am

WeChat for Android uses SQLCipher to encrypt its data, however the file format is incompatible with SQLCipher 3.x. When i tried to migrate the database file format in my Android app using SQLCipher for Android 3.3.1, things do not work out for me.

Here is my code:

SQLiteDatabase.loadLibs(context);

SQLiteDatabaseHook hook = new SQLiteDatabaseHook() {
    public void preKey(SQLiteDatabase database) {
    }

    public void postKey(SQLiteDatabase database) {
        database.rawExecSQL("PRAGMA cipher_use_hmac = off;");
        database.rawExecSQL("PRAGMA cipher_page_size = 1024;");
        database.rawExecSQL("PRAGMA kdf_iter = 4000;");

        Cursor cursor = database.rawQuery("PRAGMA cipher_migrate", new String[]{});
        if (cursor != null) {
            cursor.moveToFirst();
            Log.d(TAG, "cipher_migrate return code: " + cursor.getString(0));
            cursor.close();
        } else {
            Log.d(TAG, "cipher_migrate return cursor is null");
        }
    }
};

SQLiteDatabase database = SQLiteDatabase.openOrCreateDatabase(dbFile, "password", null, hook);
database.close();

When i executed PRAGMA cipher_migrate in the postKey method of SQLiteDatabaseHook, i got a return code of 1.
The full logcat messages can be found here http://pastebin.com/sbszqP63

Thanks,
Clyde

clydeza · September 9, 2015, 9:03am

Note i used other pragma statements according to http://articles.forensicfocus.com/2014/10/01/decrypt-wechat-enmicromsgdb-database/, however i got no luck with these statements removed too.

sjlombardo · September 9, 2015, 5:41pm

Are you able to open the database using the command line pragma statements referenced in the article?

If not, then it is likely that the key is incorrect. It is of course possible that WeChat has made some changes to their key generation algorithm in the year since their approach was reverse engineered and published.

clydeza · September 14, 2015, 3:21pm

Thanks @sjlombardo. It turns out to be a problem of incorrect permissions on the external storage files. Sorry for the nonsense.

And for those who may be of interest, using PRAGMA cipher_migrate in postKey will just work with SQLCipher for Android 3.3.1. However i moved from the latest version 3.x to version 2.2.0, and replacing this pragma with the following is required to make it work.

PRAGMA cipher_use_hmac = off
PRAGMA cipher_page_size = 1024
PRAGMA kdf_iter = 4000

developernotes · September 14, 2015, 3:44pm

Hello @clydeza

Just to clarify for others:

Those settings are specific to the SQLCipher 1.x database format, not 2.2.0. In 2.x we introduced a per page HMAC, and in 3.x we increased the KDF to 64,000.

Topic		Replies	Views
Migrating from SQLCipher 3.5.1 to 4.1.3 in Android Issues	12	4775	April 5, 2024
Upgrading Sqlcipher for Android from 3 to 4 Issues	6	4565	October 7, 2020
How to properly use SQLCipher 4.5.0 on Android? SQLCipher	2	1080	February 4, 2022
PRAGMA cipher_migrate problem Issues	7	3122	October 7, 2020
2.x.db by v3.5.4 sdk open,why......? Issues	3	790	March 17, 2017

Migration from 2.x format to 3.x failed

Related topics