[BUG] Upgrading from Version 4 Throws LiteException: File is not encrypted as of Version 5.0.18

[hdocsek]

Version

• LiteDB Version: 5.0.20
• Win 11
• .Net 8.0

Describe the bug

• Upgrading a database created with version 4.1.4 using versions higher than 5.0.17 (i.e. 5.0.18 to 5.0.20) fails with a LiteException: File is not encrypted

Code to Reproduce

• Create a password protected database using version 4.1.4 or
  try to open the attached version 4 database in MyDataV4.zip using version 5.0.20. Password is pass123.

ConsoleApp1.csproj

<Project Sdk="Microsoft.NET.Sdk">
    <PropertyGroup>
        <OutputType>Exe</OutputType>
        <TargetFramework>net8.0</TargetFramework>
        <ImplicitUsings>enable</ImplicitUsings>
        <Nullable>enable</Nullable>
    </PropertyGroup>
    
    
    <ItemGroup>
      <None Remove="MyDataV4.db" />
      <Content Include="MyDataV4.db">
        <CopyToOutputDirectory>Always</CopyToOutputDirectory>
      </Content>
    </ItemGroup>
    
    <ItemGroup>
        <PackageReference Include="LiteDB" Version="5.0.20" />
    </ItemGroup>

</Project>

Program.cs

using LiteDB;

var connectionString = new ConnectionString(new FileInfo("MyDataV4.db").FullName)
{
    Password = "pass123",
    Upgrade = true,
};

using (var db = new LiteDatabase(connectionString)) // <= throws as of version 5.0.18
{
}

Expected behavior
The database should be upgraded to the new format without exception.

Screenshots/Stacktrace
The exception thrown is:

Unhandled exception. LiteDB.LiteException: File is not encrypted.
    at LiteDB.Engine.AesStream..ctor(String password, Stream stream)
at LiteDB.Engine.FileStreamFactory.GetStream(Boolean canWrite, Boolean sequencial)
at LiteDB.Engine.RebuildService.ReadFirstBytes()
at LiteDB.Engine.RebuildService..ctor(EngineSettings settings)
at LiteDB.Engine.LiteEngine.Recovery(Collation collation)
at LiteDB.Engine.LiteEngine.TryUpgrade()
at LiteDB.Engine.LiteEngine.Open()
at LiteDB.Engine.LiteEngine..ctor(EngineSettings settings)
at LiteDB.ConnectionString.CreateEngine()
at LiteDB.LiteDatabase..ctor(ConnectionString connectionString, BsonMapper mapper)

[JKamsker]

Thank you for reporting this issue. We appreciate your detailed description and code to reproduce the problem.

Given the current backlog of work and the focus on addressing existing pull requests, we won't be able to prioritize this issue immediately. However, if this issue is critical for your project, we encourage you to investigate and implement a fix yourself. You can then submit a pull request for review.

We appreciate your understanding and contributions to the project. If you choose to work on a fix, please ensure it includes thorough testing to verify compatibility with databases created using earlier versions.

[jdtkw]

We have the same issue for our use of LiteDB - older releases are on LiteDB v4, and would need to upgrade to LiteDB v5 due to the published security issue. However, the upgrade bug from v5.0.18 onwards means we can't use the library.

Based on my investigation, I believe this issue is an incompatibility with the v4 format with a password and the AesStream class. Essentially, any time a v4 file is opened, it has to use the Stream class instead of AesStream. I'll test my workaround for this with your sample and if it works, I'll put it up for review and we can iterate over that.