port NAC to security v2
This commit is based on Lei Pi's commit, which changed certificate version from v1 to v2.
The later changes fix some bugs and refactor algo part of the library to get rid of cryptopp.
Change-Id: I3be7e0341fe85ee69f1b5f1c3ed7421a6c61d0b5
diff --git a/src/group-manager-db.cpp b/src/group-manager-db.cpp
index 6b0eb2d..57a3697 100644
--- a/src/group-manager-db.cpp
+++ b/src/group-manager-db.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2017, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of ndn-group-encrypt (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of ndn-group-encrypt authors and contributors.
@@ -16,55 +16,54 @@
* You should have received a copy of the GNU General Public License along with
* ndn-group-encrypt, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
*
- * @author Zhiyi Zhang <dreamerbarrychang@gmail.com>
+ * @author Zhiyi Zhang <zhiyi@cs.ucla.edu>
*/
#include "group-manager-db.hpp"
#include "algo/rsa.hpp"
-
-#include <sqlite3.h>
-#include <boost/filesystem.hpp>
#include <ndn-cxx/util/sqlite3-statement.hpp>
-#include <ndn-cxx/security/identity-certificate.hpp>
+#include <boost/filesystem.hpp>
+#include <sqlite3.h>
+#include <ndn-cxx/util/string-helper.hpp>
namespace ndn {
namespace gep {
using util::Sqlite3Statement;
-static const std::string INITIALIZATION =
- "CREATE TABLE IF NOT EXISTS \n"
- " schedules( \n"
- " schedule_id INTEGER PRIMARY KEY, \n"
- " schedule_name TEXT NOT NULL, \n"
- " schedule BLOB NOT NULL \n"
- " ); \n"
- "CREATE UNIQUE INDEX IF NOT EXISTS \n"
- " scheduleNameIndex ON schedules(schedule_name); \n"
- " \n"
- "CREATE TABLE IF NOT EXISTS \n"
- " members( \n"
- " member_id INTEGER PRIMARY KEY, \n"
- " schedule_id INTEGER NOT NULL, \n"
- " member_name BLOB NOT NULL, \n"
- " key_name BLOB NOT NULL, \n"
- " pubkey BLOB NOT NULL, \n"
- " FOREIGN KEY(schedule_id) \n"
- " REFERENCES schedules(schedule_id) \n"
- " ON DELETE CASCADE \n"
- " ON UPDATE CASCADE \n"
- " ); \n"
- "CREATE UNIQUE INDEX IF NOT EXISTS \n"
- " memNameIndex ON members(member_name); \n"
- " \n"
- "CREATE TABLE IF NOT EXISTS \n"
- " ekeys( \n"
- " ekey_id INTEGER PRIMARY KEY, \n"
- " ekey_name BLOB NOT NULL, \n"
- " pub_key BLOB NOT NULL \n"
- " ); \n"
- "CREATE UNIQUE INDEX IF NOT EXISTS \n"
- " ekeyNameIndex ON ekeys(ekey_name); \n";
+static const std::string INITIALIZATION = R"_DBTEXT_(
+CREATE TABLE IF NOT EXISTS
+ schedules(
+ schedule_id INTEGER PRIMARY KEY,
+ schedule_name TEXT NOT NULL,
+ schedule BLOB NOT NULL
+ );
+CREATE UNIQUE INDEX IF NOT EXISTS
+ scheduleNameIndex ON schedules(schedule_name);
+
+CREATE TABLE IF NOT EXISTS
+ members(
+ member_id INTEGER PRIMARY KEY,
+ schedule_id INTEGER NOT NULL,
+ member_name BLOB NOT NULL,
+ key_name BLOB NOT NULL,
+ pubkey BLOB NOT NULL,
+ FOREIGN KEY(schedule_id)
+ REFERENCES schedules(schedule_id)
+ ON DELETE CASCADE
+ ON UPDATE CASCADE
+ );
+CREATE UNIQUE INDEX IF NOT EXISTS
+ memNameIndex ON members(member_name);
+
+CREATE TABLE IF NOT EXISTS
+ ekeys(
+ ekey_id INTEGER PRIMARY KEY,
+ ekey_name BLOB NOT NULL,
+ pub_key BLOB NOT NULL
+ );
+CREATE UNIQUE INDEX IF NOT EXISTS
+ ekeyNameIndex ON ekeys(ekey_name);)_DBTEXT_";
class GroupManagerDB::Impl
{
@@ -73,14 +72,10 @@
{
// open Database
- int result = sqlite3_open_v2(dbPath.c_str(), &m_database,
+ int result = sqlite3_open_v2(dbPath.c_str(),
+ &m_database,
SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE,
-#ifdef NDN_CXX_DISABLE_SQLITE3_FS_LOCKING
- "unix-dotfile"
-#else
- nullptr
-#endif
- );
+ nullptr);
if (result != SQLITE_OK)
BOOST_THROW_EXCEPTION(Error("GroupManager DB cannot be opened/created: " + dbPath));
@@ -106,7 +101,8 @@
getScheduleId(const std::string& name) const
{
Sqlite3Statement statement(m_database,
- "SELECT schedule_id FROM schedules WHERE schedule_name=?");
+ R"_DBTEXT_(SELECT schedule_id FROM schedules
+ WHERE schedule_name=?)_DBTEXT_");
statement.bind(1, name, SQLITE_TRANSIENT);
int result = -1;
@@ -131,7 +127,8 @@
GroupManagerDB::hasSchedule(const std::string& name) const
{
Sqlite3Statement statement(m_impl->m_database,
- "SELECT schedule_id FROM schedules where schedule_name=?");
+ R"_DBTEXT_(SELECT schedule_id FROM schedules
+ WHERE schedule_name=?)_DBTEXT_");
statement.bind(1, name, SQLITE_TRANSIENT);
return (statement.step() == SQLITE_ROW);
}
@@ -141,7 +138,7 @@
{
std::list<std::string> result;
Sqlite3Statement statement(m_impl->m_database,
- "SELECT schedule_name FROM schedules");
+ R"_DBTEXT_(SELECT schedule_name FROM schedules)_DBTEXT_");
result.clear();
while (statement.step() == SQLITE_ROW) {
@@ -154,7 +151,7 @@
GroupManagerDB::getSchedule(const std::string& name) const
{
Sqlite3Statement statement(m_impl->m_database,
- "SELECT schedule FROM schedules where schedule_name=?");
+ R"_DBTEXT_(SELECT schedule FROM schedules where schedule_name=?)_DBTEXT_");
statement.bind(1, name, SQLITE_TRANSIENT);
Schedule result;
@@ -172,10 +169,10 @@
{
std::map<Name, Buffer> result;
Sqlite3Statement statement(m_impl->m_database,
- "SELECT key_name, pubkey\
- FROM members JOIN schedules\
- ON members.schedule_id=schedules.schedule_id\
- WHERE schedule_name=?");
+ R"_DBTEXT_(SELECT key_name, pubkey
+ FROM members JOIN schedules
+ ON members.schedule_id=schedules.schedule_id
+ WHERE schedule_name=?)_DBTEXT_");
statement.bind(1, name, SQLITE_TRANSIENT);
result.clear();
@@ -195,8 +192,8 @@
BOOST_ASSERT(name.length() != 0);
Sqlite3Statement statement(m_impl->m_database,
- "INSERT INTO schedules (schedule_name, schedule)\
- values (?, ?)");
+ R"_DBTEXT_(INSERT INTO schedules (schedule_name, schedule)
+ values (?, ?))_DBTEXT_");
statement.bind(1, name, SQLITE_TRANSIENT);
statement.bind(2, schedule.wireEncode(), SQLITE_TRANSIENT);
if (statement.step() != SQLITE_DONE)
@@ -207,7 +204,7 @@
GroupManagerDB::deleteSchedule(const std::string& name)
{
Sqlite3Statement statement(m_impl->m_database,
- "DELETE FROM schedules WHERE schedule_name=?");
+ R"_DBTEXT_(DELETE FROM schedules WHERE schedule_name=?)_DBTEXT_");
statement.bind(1, name, SQLITE_TRANSIENT);
statement.step();
}
@@ -218,7 +215,8 @@
BOOST_ASSERT(newName.length() != 0);
Sqlite3Statement statement(m_impl->m_database,
- "UPDATE schedules SET schedule_name=? WHERE schedule_name=?");
+ R"_DBTEXT_(UPDATE schedules SET schedule_name=?
+ WHERE schedule_name=?)_DBTEXT_");
statement.bind(1, newName, SQLITE_TRANSIENT);
statement.bind(2, oldName, SQLITE_TRANSIENT);
if (statement.step() != SQLITE_DONE)
@@ -234,7 +232,8 @@
}
Sqlite3Statement statement(m_impl->m_database,
- "UPDATE schedules SET schedule=? WHERE schedule_name=?");
+ R"_DBTEXT_(UPDATE schedules SET schedule=?
+ WHERE schedule_name=?)_DBTEXT_");
statement.bind(1, schedule.wireEncode(), SQLITE_TRANSIENT);
statement.bind(2, name, SQLITE_TRANSIENT);
statement.step();
@@ -244,7 +243,7 @@
GroupManagerDB::hasMember(const Name& identity) const
{
Sqlite3Statement statement(m_impl->m_database,
- "SELECT member_id FROM members WHERE member_name=?");
+ R"_DBTEXT_(SELECT member_id FROM members WHERE member_name=?)_DBTEXT_");
statement.bind(1, identity.wireEncode(), SQLITE_TRANSIENT);
return (statement.step() == SQLITE_ROW);
}
@@ -254,7 +253,7 @@
{
std::list<Name> result;
Sqlite3Statement statement(m_impl->m_database,
- "SELECT member_name FROM members");
+ R"_DBTEXT_(SELECT member_name FROM members)_DBTEXT_");
result.clear();
while (statement.step() == SQLITE_ROW) {
@@ -267,10 +266,10 @@
GroupManagerDB::getMemberSchedule(const Name& identity) const
{
Sqlite3Statement statement(m_impl->m_database,
- "SELECT schedule_name\
- FROM schedules JOIN members\
- ON schedules.schedule_id = members.schedule_id\
- WHERE member_name=?");
+ R"_DBTEXT_(SELECT schedule_name
+ FROM schedules JOIN members
+ ON schedules.schedule_id = members.schedule_id
+ WHERE member_name=?)_DBTEXT_");
statement.bind(1, identity.wireEncode(), SQLITE_TRANSIENT);
std::string result = "";
@@ -284,8 +283,7 @@
}
void
-GroupManagerDB::addMember(const std::string& scheduleName, const Name& keyName,
- const Buffer& key)
+GroupManagerDB::addMember(const std::string& scheduleName, const Name& keyName, const Buffer& key)
{
int scheduleId = m_impl->getScheduleId(scheduleName);
if (scheduleId == -1)
@@ -295,12 +293,12 @@
Name memberName = keyName.getPrefix(-1);
Sqlite3Statement statement(m_impl->m_database,
- "INSERT INTO members(schedule_id, member_name, key_name, pubkey)\
- values (?, ?, ?, ?)");
+ R"_DBTEXT_(INSERT INTO members(schedule_id, member_name, key_name, pubkey)
+ values (?, ?, ?, ?))_DBTEXT_");
statement.bind(1, scheduleId);
statement.bind(2, memberName.wireEncode(), SQLITE_TRANSIENT);
statement.bind(3, keyName.wireEncode(), SQLITE_TRANSIENT);
- statement.bind(4, key.buf(), key.size(), SQLITE_TRANSIENT);
+ statement.bind(4, key.data(), key.size(), SQLITE_TRANSIENT);
if (statement.step() != SQLITE_DONE)
BOOST_THROW_EXCEPTION(Error("Cannot add the member to database"));
@@ -314,7 +312,8 @@
BOOST_THROW_EXCEPTION(Error("The schedule dose not exist"));
Sqlite3Statement statement(m_impl->m_database,
- "UPDATE members SET schedule_id=? WHERE member_name=?");
+ R"_DBTEXT_(UPDATE members SET schedule_id=?
+ WHERE member_name=?)_DBTEXT_");
statement.bind(1, scheduleId);
statement.bind(2, identity.wireEncode(), SQLITE_TRANSIENT);
statement.step();
@@ -324,7 +323,7 @@
GroupManagerDB::deleteMember(const Name& identity)
{
Sqlite3Statement statement(m_impl->m_database,
- "DELETE FROM members WHERE member_name=?");
+ R"_DBTEXT_(DELETE FROM members WHERE member_name=?)_DBTEXT_");
statement.bind(1, identity.wireEncode(), SQLITE_TRANSIENT);
statement.step();
}
@@ -333,7 +332,7 @@
GroupManagerDB::hasEKey(const Name& eKeyName)
{
Sqlite3Statement statement(m_impl->m_database,
- "SELECT ekey_id FROM ekeys where ekey_name=?");
+ R"_DBTEXT_(SELECT ekey_id FROM ekeys where ekey_name=?)_DBTEXT_");
statement.bind(1, eKeyName.wireEncode(), SQLITE_TRANSIENT);
return (statement.step() == SQLITE_ROW);
}
@@ -342,9 +341,10 @@
GroupManagerDB::addEKey(const Name& eKeyName, const Buffer& pubKey, const Buffer& priKey)
{
Sqlite3Statement statement(m_impl->m_database,
- "INSERT INTO ekeys(ekey_name, pub_key) values (?, ?)");
+ R"_DBTEXT_(INSERT INTO ekeys(ekey_name, pub_key)
+ values (?, ?))_DBTEXT_");
statement.bind(1, eKeyName.wireEncode(), SQLITE_TRANSIENT);
- statement.bind(2, pubKey.buf(), pubKey.size(), SQLITE_TRANSIENT);
+ statement.bind(2, pubKey.data(), pubKey.size(), SQLITE_TRANSIENT);
if (statement.step() != SQLITE_DONE)
BOOST_THROW_EXCEPTION(Error("Cannot add the EKey to database"));
@@ -355,7 +355,7 @@
GroupManagerDB::getEKey(const Name& eKeyName)
{
Sqlite3Statement statement(m_impl->m_database,
- "SELECT * FROM ekeys where ekey_name=?");
+ R"_DBTEXT_(SELECT * FROM ekeys where ekey_name=?)_DBTEXT_");
statement.bind(1, eKeyName.wireEncode(), SQLITE_TRANSIENT);
Buffer pubKey, priKey;
@@ -371,7 +371,8 @@
void
GroupManagerDB::cleanEKeys()
{
- Sqlite3Statement statement(m_impl->m_database, "DELETE FROM ekeys");
+ Sqlite3Statement statement(m_impl->m_database,
+ R"_DBTEXT_(DELETE FROM ekeys)_DBTEXT_");
statement.step();
m_impl->m_priKeyBase.clear();
}
@@ -380,12 +381,14 @@
GroupManagerDB::deleteEKey(const Name& eKeyName)
{
Sqlite3Statement statement(m_impl->m_database,
- "DELETE FROM ekeys WHERE ekey_name=?");
+ R"_DBTEXT_(DELETE FROM ekeys WHERE ekey_name=?)_DBTEXT_");
statement.bind(1, eKeyName.wireEncode(), SQLITE_TRANSIENT);
statement.step();
auto search = m_impl->m_priKeyBase.find(eKeyName);
- m_impl->m_priKeyBase.erase(search);
+ if (search != m_impl->m_priKeyBase.end()) {
+ m_impl->m_priKeyBase.erase(search);
+ }
}
} // namespace gep