Make sure the valid key check works with read-only dbs

Author: jberkel

SQLite/Extensions/Cipher.swift

@@ -55,10 +55,7 @@ extension Connection {
     // the key provided is incorrect. To test that the database can be successfully opened with the
     // provided key, it is necessary to perform some operation on the database (i.e. read from it).
     private func cipher_key_check() throws {
-        try execute(
-            "CREATE TABLE \"__SQLCipher.swift__\" (\"cipher key check\");\n" +
-            "DROP TABLE \"__SQLCipher.swift__\";"
-        )
+        try scalar("SELECT count(*) FROM sqlite_master;")
     }
 }
 #endif

SQLiteTests/CipherTests.swift

@@ -59,11 +59,12 @@ class CipherTests: XCTestCase {
 
         try! connA.key("hello")
 
-        let connB = try! Connection(path)
+        let connB = try! Connection(path, readonly: true)
 
         var rc: Int32?
         do {
             try connB.key("world")
+            XCTFail("expected exception")
         } catch Result.error(_, let code, _) {
             rc = code
         } catch {
@@ -78,6 +79,10 @@ class CipherTests: XCTestCase {
         // sqlite> CREATE TABLE foo (bar TEXT);
         // sqlite> INSERT INTO foo (bar) VALUES ('world');
         let encryptedFile = fixture("encrypted", withExtension: "sqlite")
+
+        try! FileManager.default.setAttributes([FileAttributeKey.immutable : 1], ofItemAtPath: encryptedFile)
+        XCTAssertFalse(FileManager.default.isWritableFile(atPath: encryptedFile))
+
         let conn = try! Connection(encryptedFile)
         try! conn.key("sqlcipher-test")
         XCTAssertEqual(1, try! conn.scalar("SELECT count(*) FROM foo") as? Int64)