Blame - src/security/identity/basic-identity-storage.cpp - NDN-CPP

blob: 38cd55b8265261339001e1cfe5e7e9f093356d16 [file] [log] [blame]

Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	1	/* -- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -- */
				2	/**
				3	* Copyright (C) 2013 Regents of the University of California.
				4	* @author: Yingdi Yu <yingdi@cs.ucla.edu>
Jeff Thompson	22285ec	2013-10-22 17:43:02 -0700	[diff] [blame]	5	* @author: Jeff Thompson <jefft0@remap.ucla.edu>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	6	* See COPYING for copyright and distribution information.
				7	*/
				8
Jeff Thompson	b752300	2013-10-09 10:25:00 -0700	[diff] [blame]	9	// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
Jeff Thompson	6e22904	2013-10-10 11:09:49 -0700	[diff] [blame]	10	#include <ndn-cpp/ndn-cpp-config.h>
Jeff Thompson	1975def	2013-10-09 17:06:43 -0700	[diff] [blame]	11	#ifdef NDN_CPP_HAVE_SQLITE3
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	12
Jeff Thompson	351ac30	2013-10-19 18:45:00 -0700	[diff] [blame]	13	#include <stdio.h>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	14	#include <stdlib.h>
				15	#include <sstream>
				16	#include <fstream>
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	17	#include <math.h>
Jeff Thompson	25b4e61	2013-10-10 16:03:24 -0700	[diff] [blame]	18	#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	19	#include "../../util/logging.hpp"
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	20	#include <ndn-cpp/security/security-exception.hpp>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	21	#include "ndn-cpp/data.hpp"
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	22	#include <ndn-cpp/security/certificate/identity-certificate.hpp>
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	23	#include "../../c/util/time.h"
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	24	#include <ndn-cpp/sha256-with-rsa-signature.hpp>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	25
				26	INIT_LOGGER("BasicIdentityStorage");
				27
				28	using namespace std;
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	29
				30	namespace ndn
				31	{
				32
				33	static const string INIT_ID_TABLE = "\
				34	CREATE TABLE IF NOT EXISTS \n \
				35	Identity( \n \
				36	identity_name BLOB NOT NULL, \n \
				37	default_identity INTEGER DEFAULT 0, \n \
				38	\
				39	PRIMARY KEY (identity_name) \n \
				40	); \n \
				41	\
				42	CREATE INDEX identity_index ON Identity(identity_name); \n \
				43	";
				44
				45	static const string INIT_KEY_TABLE = "\
				46	CREATE TABLE IF NOT EXISTS \n \
				47	Key( \n \
				48	identity_name BLOB NOT NULL, \n \
				49	key_identifier BLOB NOT NULL, \n \
				50	key_type INTEGER, \n \
				51	public_key BLOB, \n \
				52	default_key INTEGER DEFAULT 0, \n \
				53	active INTEGER DEFAULT 0, \n \
				54	\
				55	PRIMARY KEY (identity_name, key_identifier) \n \
				56	); \n \
				57	\
				58	CREATE INDEX key_index ON Key(identity_name); \n \
				59	";
				60
				61	static const string INIT_CERT_TABLE = "\
				62	CREATE TABLE IF NOT EXISTS \n \
				63	Certificate( \n \
				64	cert_name BLOB NOT NULL, \n \
				65	cert_issuer BLOB NOT NULL, \n \
				66	identity_name BLOB NOT NULL, \n \
				67	key_identifier BLOB NOT NULL, \n \
				68	not_before TIMESTAMP, \n \
				69	not_after TIMESTAMP, \n \
				70	certificate_data BLOB NOT NULL, \n \
Jeff Thompson	22285ec	2013-10-22 17:43:02 -0700	[diff] [blame]	71	valid_flag INTEGER DEFAULT 1, \n \
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	72	default_cert INTEGER DEFAULT 0, \n \
				73	\
				74	PRIMARY KEY (cert_name) \n \
				75	); \n \
				76	\
				77	CREATE INDEX cert_index ON Certificate(cert_name); \n \
				78	CREATE INDEX subject ON Certificate(identity_name); \n \
				79	";
				80
				81	/**
				82	* A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
				83	*/
				84	static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(destructor)(void))
				85	{
				86	return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
				87	}
				88
				89	BasicIdentityStorage::BasicIdentityStorage()
				90	{
Jeff Thompson	351ac30	2013-10-19 18:45:00 -0700	[diff] [blame]	91	// Note: We don't use <filesystem> support because it is not "header-only" and require linking to libraries.
Jeff Thompson	ab5440f	2013-10-22 11:54:00 -0700	[diff] [blame]	92	// TODO: Handle non-unix file system paths which don't use '/'.
Jeff Thompson	351ac30	2013-10-19 18:45:00 -0700	[diff] [blame]	93	const char* home = getenv("HOME");
				94	if (!home \|\| *home == '\0')
				95	// Don't expect this to happen;
				96	home = ".";
				97	string homeDir(home);
				98	if (homeDir[homeDir.size() - 1] == '/')
				99	// Strip the ending '/'.
				100	homeDir.erase(homeDir.size() - 1);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	101
Jeff Thompson	351ac30	2013-10-19 18:45:00 -0700	[diff] [blame]	102	string identityDir = homeDir + '/' + ".ndn-identity";
Jeff Thompson	ab5440f	2013-10-22 11:54:00 -0700	[diff] [blame]	103	::system(("mkdir -p " + identityDir).c_str());
Jeff Thompson	351ac30	2013-10-19 18:45:00 -0700	[diff] [blame]	104
				105	int res = sqlite3_open((identityDir + '/' + "identity.db").c_str(), &database_);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	106
				107	if (res != SQLITE_OK)
Jeff Thompson	351ac30	2013-10-19 18:45:00 -0700	[diff] [blame]	108	throw SecurityException("identity DB cannot be opened/created");
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	109
				110	//Check if Key table exists;
				111	sqlite3_stmt *statement;
				112	sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
Jeff Thompson	351ac30	2013-10-19 18:45:00 -0700	[diff] [blame]	113	res = sqlite3_step(statement);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	114
				115	bool idTableExists = false;
				116	if (res == SQLITE_ROW)
				117	idTableExists = true;
				118
				119	sqlite3_finalize(statement);
				120
				121	if (!idTableExists) {
				122	char *errorMessage = 0;
				123	res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
				124
				125	if (res != SQLITE_OK && errorMessage != 0) {
				126	_LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
				127	sqlite3_free(errorMessage);
				128	}
				129	}
				130
				131	//Check if Key table exists;
				132	sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
				133	res = sqlite3_step(statement);
				134
				135	bool keyTableExists = false;
				136	if (res == SQLITE_ROW)
				137	keyTableExists = true;
				138
				139	sqlite3_finalize(statement);
				140
				141	if (!keyTableExists) {
				142	char *errorMessage = 0;
				143	res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
				144
				145	if (res != SQLITE_OK && errorMessage != 0) {
				146	_LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
				147	sqlite3_free(errorMessage);
				148	}
				149	}
				150
				151	//Check if Certificate table exists;
				152	sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
				153	res = sqlite3_step(statement);
				154
				155	bool idCertificateTableExists = false;
				156	if (res == SQLITE_ROW)
				157	idCertificateTableExists = true;
				158
				159	sqlite3_finalize(statement);
				160
				161	if (!idCertificateTableExists) {
				162	char *errorMessage = 0;
				163	res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
				164
				165	if (res != SQLITE_OK && errorMessage != 0) {
				166	_LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
				167	sqlite3_free(errorMessage);
				168	}
				169	}
				170	}
				171
				172	BasicIdentityStorage::~BasicIdentityStorage()
				173	{
				174	}
				175
				176	bool
				177	BasicIdentityStorage::doesIdentityExist(const Name& identityName)
				178	{
				179	bool result = false;
				180
				181	sqlite3_stmt *statement;
				182	sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
				183
				184	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				185	int res = sqlite3_step(statement);
				186
				187	if (res == SQLITE_ROW) {
				188	int countAll = sqlite3_column_int(statement, 0);
				189	if (countAll > 0)
				190	result = true;
				191	}
				192
				193	sqlite3_finalize(statement);
				194
				195	return result;
				196	}
				197
				198	void
				199	BasicIdentityStorage::addIdentity(const Name& identityName)
				200	{
				201	if (doesIdentityExist(identityName))
				202	throw SecurityException("Identity already exists");
				203
				204	sqlite3_stmt *statement;
				205
				206	sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
				207
				208	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				209
				210	int res = sqlite3_step(statement);
				211
				212	sqlite3_finalize(statement);
				213	}
				214
				215	bool
				216	BasicIdentityStorage::revokeIdentity()
				217	{
				218	//TODO:
				219	return false;
				220	}
				221
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	222	bool
				223	BasicIdentityStorage::doesKeyExist(const Name& keyName)
				224	{
				225	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				226	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				227
				228	sqlite3_stmt *statement;
				229	sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
				230
				231	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				232	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				233
				234	int res = sqlite3_step(statement);
				235
				236	bool keyIdExist = false;
				237	if (res == SQLITE_ROW) {
				238	int countAll = sqlite3_column_int(statement, 0);
				239	if (countAll > 0)
				240	keyIdExist = true;
				241	}
				242
				243	sqlite3_finalize(statement);
				244
				245	return keyIdExist;
				246	}
				247
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	248	void
				249	BasicIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
				250	{
				251	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				252	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				253
				254
				255	if (!doesIdentityExist(identityName))
				256	addIdentity(identityName);
				257
				258	if (doesKeyExist(keyName))
				259	throw SecurityException("a key with the same name already exists!");
				260
				261	sqlite3_stmt *statement;
				262	sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
				263
				264	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				265	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				266	sqlite3_bind_int(statement, 3, (int)keyType);
				267	sqlite3_bind_blob(statement, 4, publicKeyDer.buf(), publicKeyDer.size(), SQLITE_TRANSIENT);
				268
				269	int res = sqlite3_step(statement);
				270
				271	sqlite3_finalize(statement);
				272	}
				273
				274	Blob
				275	BasicIdentityStorage::getKey(const Name& keyName)
				276	{
				277	if (!doesKeyExist(keyName)) {
				278	_LOG_DEBUG("keyName does not exist");
				279	return Blob();
				280	}
				281
				282	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				283	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				284
				285	sqlite3_stmt *statement;
				286	sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
				287
				288	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				289	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				290
				291	int res = sqlite3_step(statement);
				292
				293	Blob result;
				294	if (res == SQLITE_ROW)
				295	result = Blob(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
				296
				297	sqlite3_finalize(statement);
				298
				299	return result;
				300	}
				301
				302	void
				303	BasicIdentityStorage::activateKey(const Name& keyName)
				304	{
				305	updateKeyStatus(keyName, true);
				306	}
				307
				308	void
				309	BasicIdentityStorage::deactivateKey(const Name& keyName)
				310	{
				311	updateKeyStatus(keyName, false);
				312	}
				313
				314	void
				315	BasicIdentityStorage::updateKeyStatus(const Name& keyName, bool isActive)
				316	{
				317	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				318	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				319
				320	sqlite3_stmt *statement;
				321	sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
				322
				323	sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
				324	sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
				325	sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
				326
				327	int res = sqlite3_step(statement);
				328
				329	sqlite3_finalize(statement);
				330	}
				331
				332	bool
				333	BasicIdentityStorage::doesCertificateExist(const Name& certificateName)
				334	{
				335	sqlite3_stmt *statement;
				336	sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
				337
				338	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
				339
				340	int res = sqlite3_step(statement);
				341
				342	bool certExist = false;
				343	if (res == SQLITE_ROW) {
				344	int countAll = sqlite3_column_int(statement, 0);
				345	if (countAll > 0)
				346	certExist = true;
				347	}
				348
				349	sqlite3_finalize(statement);
				350
				351	return certExist;
				352	}
				353
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	354	void
Jeff Thompson	c69163b	2013-10-12 13:49:50 -0700	[diff] [blame]	355	BasicIdentityStorage::addAnyCertificate(const IdentityCertificate& certificate)
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	356	{
				357	const Name& certificateName = certificate.getName();
Jeff Thompson	22285ec	2013-10-22 17:43:02 -0700	[diff] [blame]	358	Name keyName = certificate.getPublicKeyName();
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	359
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	360	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	361	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				362
				363	sqlite3_stmt *statement;
				364	sqlite3_prepare_v2(database_,
				365	"INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
				366	values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
				367	-1, &statement, 0);
				368
				369
				370	_LOG_DEBUG("certName: " << certificateName.toUri().c_str());
				371	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
				372
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	373	const Sha256WithRsaSignature* signature = dynamic_cast<const Sha256WithRsaSignature*>(certificate.getSignature());
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	374	const Name& signerName = signature->getKeyLocator().getKeyName();
				375	sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
				376
				377	sqlite3_bind_text(statement, 3, identityName.toUri(), SQLITE_TRANSIENT);
				378	sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
				379
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	380	// Convert from milliseconds to seconds since 1/1/1970.
				381	sqlite3_bind_int64(statement, 5, (sqlite3_int64)floor(certificate.getNotBefore() / 1000.0));
				382	sqlite3_bind_int64(statement, 6, (sqlite3_int64)floor(certificate.getNotAfter() / 1000.0));
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	383
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	384	if (!certificate.getDefaultWireEncoding())
				385	certificate.wireEncode();
				386	sqlite3_bind_blob(statement, 7, certificate.getDefaultWireEncoding().buf(), certificate.getDefaultWireEncoding().size(), SQLITE_TRANSIENT);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	387
				388	int res = sqlite3_step(statement);
				389
				390	sqlite3_finalize(statement);
				391	}
				392
				393	void
Jeff Thompson	c69163b	2013-10-12 13:49:50 -0700	[diff] [blame]	394	BasicIdentityStorage::addCertificate(const IdentityCertificate& certificate)
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	395	{
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	396	const Name& certificateName = certificate.getName();
Jeff Thompson	22285ec	2013-10-22 17:43:02 -0700	[diff] [blame]	397	Name keyName = certificate.getPublicKeyName();
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	398
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	399	if (!doesKeyExist(keyName))
Jeff Thompson	22285ec	2013-10-22 17:43:02 -0700	[diff] [blame]	400	throw SecurityException("No corresponding Key record for certificate!" + keyName.toUri() + " " + certificateName.toUri());
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	401
				402	// Check if certificate has already existed!
				403	if (doesCertificateExist(certificateName))
				404	throw SecurityException("Certificate has already been installed!");
				405
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	406	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				407	Name identity = keyName.getSubName(0, keyName.size() - 1);
				408
				409	// Check if the public key of certificate is the same as the key record
				410
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	411	Blob keyBlob = getKey(keyName);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	412
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	413	if (!keyBlob \|\| (keyBlob) != (certificate.getPublicKeyInfo().getKeyDer()))
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	414	throw SecurityException("Certificate does not match the public key!");
				415
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	416	// Insert the certificate
				417	sqlite3_stmt *statement;
				418	sqlite3_prepare_v2(database_,
				419	"INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
				420	values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
				421	-1, &statement, 0);
				422
				423	_LOG_DEBUG("certName: " << certificateName.toUri().c_str());
				424	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
				425
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	426	const Sha256WithRsaSignature* signature = dynamic_cast<const Sha256WithRsaSignature*>(certificate.getSignature());
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	427	const Name & signerName = signature->getKeyLocator().getKeyName();
				428	sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
				429
				430	sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
				431	sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
				432
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	433	// Convert from milliseconds to seconds since 1/1/1970.
				434	sqlite3_bind_int64(statement, 5, (sqlite3_int64)floor(certificate.getNotBefore() / 1000.0));
				435	sqlite3_bind_int64(statement, 6, (sqlite3_int64)floor(certificate.getNotAfter() / 1000.0));
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	436
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame]	437	if (!certificate.getDefaultWireEncoding())
				438	certificate.wireEncode();
				439	sqlite3_bind_blob(statement, 7, certificate.getDefaultWireEncoding().buf(), certificate.getDefaultWireEncoding().size(), SQLITE_TRANSIENT);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	440
				441	int res = sqlite3_step(statement);
				442
				443	sqlite3_finalize(statement);
				444	}
				445
Alexander Afanasyev	b1d6746	2013-11-18 20:25:00 -0800	[diff] [blame]	446	ptr_lib::shared_ptr<Data>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	447	BasicIdentityStorage::getCertificate(const Name &certificateName, bool allowAny)
				448	{
				449	if (doesCertificateExist(certificateName)) {
				450	sqlite3_stmt *statement;
				451	if (!allowAny) {
				452	sqlite3_prepare_v2(database_,
				453	"SELECT certificate_data FROM Certificate \
				454	WHERE cert_name=? AND not_before<datetime(?, 'unixepoch') AND not_after>datetime(?, 'unixepoch') and valid_flag=1",
				455	-1, &statement, 0);
				456
				457	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	458	sqlite3_bind_int64(statement, 2, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
				459	sqlite3_bind_int64(statement, 3, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	460	}
				461	else {
				462	sqlite3_prepare_v2(database_,
				463	"SELECT certificate_data FROM Certificate WHERE cert_name=?", -1, &statement, 0);
				464
				465	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
				466	}
				467
				468	int res = sqlite3_step(statement);
				469
Alexander Afanasyev	b1d6746	2013-11-18 20:25:00 -0800	[diff] [blame]	470	ptr_lib::shared_ptr<Data> data(new Data());
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	471
				472	if (res == SQLITE_ROW)
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	473	data->wireDecode((const uint8_t*)sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0));
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	474	sqlite3_finalize(statement);
				475
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	476	return data;
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	477	}
				478	else {
				479	_LOG_DEBUG("Certificate does not exist!");
Alexander Afanasyev	b1d6746	2013-11-18 20:25:00 -0800	[diff] [blame]	480	return ptr_lib::shared_ptr<Data>();
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	481	}
Jeff Thompson	1975def	2013-10-09 17:06:43 -0700	[diff] [blame]	482	}
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	483
				484	Name
				485	BasicIdentityStorage::getDefaultIdentity()
				486	{
				487	sqlite3_stmt *statement;
				488	sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
				489
				490	int res = sqlite3_step(statement);
				491
				492	Name identity;
				493
				494	if (res == SQLITE_ROW)
				495	identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
				496
				497	sqlite3_finalize(statement);
				498
				499	return identity;
				500	}
				501
				502	Name
				503	BasicIdentityStorage::getDefaultKeyNameForIdentity(const Name& identityName)
				504	{
				505	sqlite3_stmt *statement;
				506	sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
				507
				508	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				509
				510	int res = sqlite3_step(statement);
				511
				512	Name keyName;
				513
				514	if (res == SQLITE_ROW)
				515	keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
				516
				517	sqlite3_finalize(statement);
				518
				519	return keyName;
				520	}
				521
				522	Name
				523	BasicIdentityStorage::getDefaultCertificateNameForKey(const Name& keyName)
				524	{
				525	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				526	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				527
				528	sqlite3_stmt *statement;
				529	sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
				530
				531	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				532	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				533
				534	int res = sqlite3_step(statement);
				535
				536	Name certName;
				537
				538	if (res == SQLITE_ROW)
				539	certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
				540
				541	sqlite3_finalize(statement);
				542
				543	return certName;
				544	}
				545
				546	void
				547	BasicIdentityStorage::setDefaultIdentity(const Name& identityName)
				548	{
				549	sqlite3_stmt *statement;
				550
				551	//Reset previous default identity
				552	sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
				553
				554	while (sqlite3_step(statement) == SQLITE_ROW)
				555	{}
				556
				557	sqlite3_finalize(statement);
				558
				559	//Set current default identity
				560	sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
				561
				562	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				563
				564	sqlite3_step(statement);
				565
				566	sqlite3_finalize(statement);
				567	}
				568
				569	void
				570	BasicIdentityStorage::setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck)
				571	{
				572	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				573	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				574
				575	if (identityNameCheck.size() > 0 && !identityNameCheck.equals(identityName))
				576	throw SecurityException("Specified identity name does not match the key name");
				577
				578	sqlite3_stmt *statement;
				579
				580	//Reset previous default Key
				581	sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
				582
				583	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				584
				585	while (sqlite3_step(statement) == SQLITE_ROW)
				586	{}
				587
				588	sqlite3_finalize(statement);
				589
				590	//Set current default Key
				591	sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
				592
				593	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				594	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				595
				596	sqlite3_step(statement);
				597
				598	sqlite3_finalize(statement);
				599	}
				600
				601	void
				602	BasicIdentityStorage::setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName)
				603	{
				604	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				605	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				606
				607	sqlite3_stmt *statement;
				608
				609	//Reset previous default Key
				610	sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
				611
				612	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				613	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				614
				615	while (sqlite3_step(statement) == SQLITE_ROW)
				616	{}
				617
				618	sqlite3_finalize(statement);
				619
				620	//Set current default Key
				621	sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
				622
				623	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				624	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				625	sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
				626
				627	sqlite3_step(statement);
				628
				629	sqlite3_finalize(statement);
				630	}
				631
				632	}
				633
Jeff Thompson	b752300	2013-10-09 10:25:00 -0700	[diff] [blame]	634	#endif // NDN_CPP_HAVE_SQLITE3