Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 0c6321101ba893370873380d3c28fdf01f368954 / . / src / security / identity / basic-identity-storage.cpp
blob: 598549912f0536d90feada851fc9531d644c6d59 [file] [log] [blame]
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
Jeff Thompson22285ec2013-10-22 17:43:02 -0700[diff] [blame]5 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]6 * See COPYING for copyright and distribution information.
7 */
8
Jeff Thompsonb7523002013-10-09 10:25:00 -0700[diff] [blame]9// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
Jeff Thompson6e229042013-10-10 11:09:49 -0700[diff] [blame]10#include <ndn-cpp/ndn-cpp-config.h>
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]11#ifdef NDN_CPP_HAVE_SQLITE3
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]12
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]13#include <stdio.h>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]14#include <stdlib.h>
15#include <sstream>
16#include <fstream>
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame]17#include <math.h>
Jeff Thompson25b4e612013-10-10 16:03:24 -0700[diff] [blame]18#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]19#include "../../util/logging.hpp"
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame]20#include <ndn-cpp/security/security-exception.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]21#include "ndn-cpp/data.hpp"
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]22#include <ndn-cpp/security/certificate/identity-certificate.hpp>
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame]23#include "../../c/util/time.h"
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]24#include <ndn-cpp/sha256-with-rsa-signature.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]25
26INIT_LOGGER("BasicIdentityStorage");
27
28using namespace std;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]29
30namespace ndn
31{
32
33static const string INIT_ID_TABLE = "\
34CREATE TABLE IF NOT EXISTS \n \
35 Identity( \n \
36 identity_name BLOB NOT NULL, \n \
37 default_identity INTEGER DEFAULT 0, \n \
38 \
39 PRIMARY KEY (identity_name) \n \
40 ); \n \
41 \
42CREATE INDEX identity_index ON Identity(identity_name); \n \
43";
44
45static const string INIT_KEY_TABLE = "\
46CREATE TABLE IF NOT EXISTS \n \
47 Key( \n \
48 identity_name BLOB NOT NULL, \n \
49 key_identifier BLOB NOT NULL, \n \
50 key_type INTEGER, \n \
51 public_key BLOB, \n \
52 default_key INTEGER DEFAULT 0, \n \
53 active INTEGER DEFAULT 0, \n \
54 \
55 PRIMARY KEY (identity_name, key_identifier) \n \
56 ); \n \
57 \
58CREATE INDEX key_index ON Key(identity_name); \n \
59";
60
61static const string INIT_CERT_TABLE = "\
62CREATE TABLE IF NOT EXISTS \n \
63 Certificate( \n \
64 cert_name BLOB NOT NULL, \n \
65 cert_issuer BLOB NOT NULL, \n \
66 identity_name BLOB NOT NULL, \n \
67 key_identifier BLOB NOT NULL, \n \
68 not_before TIMESTAMP, \n \
69 not_after TIMESTAMP, \n \
70 certificate_data BLOB NOT NULL, \n \
Jeff Thompson22285ec2013-10-22 17:43:02 -0700[diff] [blame]71 valid_flag INTEGER DEFAULT 1, \n \
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]72 default_cert INTEGER DEFAULT 0, \n \
73 \
74 PRIMARY KEY (cert_name) \n \
75 ); \n \
76 \
77CREATE INDEX cert_index ON Certificate(cert_name); \n \
78CREATE INDEX subject ON Certificate(identity_name); \n \
79";
80
81/**
82 * A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
83 */
84static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(*destructor)(void*))
85{
86 return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
87}
88
89BasicIdentityStorage::BasicIdentityStorage()
90{
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]91 // Note: We don't use <filesystem> support because it is not "header-only" and require linking to libraries.
Jeff Thompsonab5440f2013-10-22 11:54:00 -0700[diff] [blame]92 // TODO: Handle non-unix file system paths which don't use '/'.
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]93 const char* home = getenv("HOME");
94 if (!home || *home == '\0')
95 // Don't expect this to happen;
96 home = ".";
97 string homeDir(home);
98 if (homeDir[homeDir.size() - 1] == '/')
99 // Strip the ending '/'.
100 homeDir.erase(homeDir.size() - 1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]101
Jeff Thompsonac64b132013-11-25 15:04:53 -0800[diff] [blame]102 string identityDir = homeDir + '/' + ".ndnx";
103 // TODO: Handle non-unix file systems which don't have "mkdir -p".
Jeff Thompsonab5440f2013-10-22 11:54:00 -0700[diff] [blame]104 ::system(("mkdir -p " + identityDir).c_str());
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]105
Jeff Thompsonac64b132013-11-25 15:04:53 -0800[diff] [blame]106 int res = sqlite3_open((identityDir + '/' + "ndnsec-identity.db").c_str(), &database_);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]107
108 if (res != SQLITE_OK)
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]109 throw SecurityException("identity DB cannot be opened/created");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]110
111 //Check if Key table exists;
112 sqlite3_stmt *statement;
113 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]114 res = sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]115
116 bool idTableExists = false;
117 if (res == SQLITE_ROW)
118 idTableExists = true;
119
120 sqlite3_finalize(statement);
121
122 if (!idTableExists) {
123 char *errorMessage = 0;
124 res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
125
126 if (res != SQLITE_OK && errorMessage != 0) {
127 _LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
128 sqlite3_free(errorMessage);
129 }
130 }
131
132 //Check if Key table exists;
133 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
134 res = sqlite3_step(statement);
135
136 bool keyTableExists = false;
137 if (res == SQLITE_ROW)
138 keyTableExists = true;
139
140 sqlite3_finalize(statement);
141
142 if (!keyTableExists) {
143 char *errorMessage = 0;
144 res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
145
146 if (res != SQLITE_OK && errorMessage != 0) {
147 _LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
148 sqlite3_free(errorMessage);
149 }
150 }
151
152 //Check if Certificate table exists;
153 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
154 res = sqlite3_step(statement);
155
156 bool idCertificateTableExists = false;
157 if (res == SQLITE_ROW)
158 idCertificateTableExists = true;
159
160 sqlite3_finalize(statement);
161
162 if (!idCertificateTableExists) {
163 char *errorMessage = 0;
164 res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
165
166 if (res != SQLITE_OK && errorMessage != 0) {
167 _LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
168 sqlite3_free(errorMessage);
169 }
170 }
171}
172
173BasicIdentityStorage::~BasicIdentityStorage()
174{
175}
176
177bool
178BasicIdentityStorage::doesIdentityExist(const Name& identityName)
179{
180 bool result = false;
181
182 sqlite3_stmt *statement;
183 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
184
185 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
186 int res = sqlite3_step(statement);
187
188 if (res == SQLITE_ROW) {
189 int countAll = sqlite3_column_int(statement, 0);
190 if (countAll > 0)
191 result = true;
192 }
193
194 sqlite3_finalize(statement);
195
196 return result;
197}
198
199void
200BasicIdentityStorage::addIdentity(const Name& identityName)
201{
202 if (doesIdentityExist(identityName))
203 throw SecurityException("Identity already exists");
204
205 sqlite3_stmt *statement;
206
207 sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
208
209 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
210
211 int res = sqlite3_step(statement);
212
213 sqlite3_finalize(statement);
214}
215
216bool
217BasicIdentityStorage::revokeIdentity()
218{
219 //TODO:
220 return false;
221}
222
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]223bool
224BasicIdentityStorage::doesKeyExist(const Name& keyName)
225{
226 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
227 Name identityName = keyName.getSubName(0, keyName.size() - 1);
228
229 sqlite3_stmt *statement;
230 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
231
232 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
233 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
234
235 int res = sqlite3_step(statement);
236
237 bool keyIdExist = false;
238 if (res == SQLITE_ROW) {
239 int countAll = sqlite3_column_int(statement, 0);
240 if (countAll > 0)
241 keyIdExist = true;
242 }
243
244 sqlite3_finalize(statement);
245
246 return keyIdExist;
247}
248
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]249void
250BasicIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
251{
252 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
253 Name identityName = keyName.getSubName(0, keyName.size() - 1);
254
255
256 if (!doesIdentityExist(identityName))
257 addIdentity(identityName);
258
259 if (doesKeyExist(keyName))
260 throw SecurityException("a key with the same name already exists!");
261
262 sqlite3_stmt *statement;
263 sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
264
265 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
266 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
267 sqlite3_bind_int(statement, 3, (int)keyType);
268 sqlite3_bind_blob(statement, 4, publicKeyDer.buf(), publicKeyDer.size(), SQLITE_TRANSIENT);
269
270 int res = sqlite3_step(statement);
271
272 sqlite3_finalize(statement);
273}
274
275Blob
276BasicIdentityStorage::getKey(const Name& keyName)
277{
278 if (!doesKeyExist(keyName)) {
279 _LOG_DEBUG("keyName does not exist");
280 return Blob();
281 }
282
283 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
284 Name identityName = keyName.getSubName(0, keyName.size() - 1);
285
286 sqlite3_stmt *statement;
287 sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
288
289 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
290 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
291
292 int res = sqlite3_step(statement);
293
294 Blob result;
295 if (res == SQLITE_ROW)
296 result = Blob(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
297
298 sqlite3_finalize(statement);
299
300 return result;
301}
302
303void
304BasicIdentityStorage::activateKey(const Name& keyName)
305{
306 updateKeyStatus(keyName, true);
307}
308
309void
310BasicIdentityStorage::deactivateKey(const Name& keyName)
311{
312 updateKeyStatus(keyName, false);
313}
314
315void
316BasicIdentityStorage::updateKeyStatus(const Name& keyName, bool isActive)
317{
318 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
319 Name identityName = keyName.getSubName(0, keyName.size() - 1);
320
321 sqlite3_stmt *statement;
322 sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
323
324 sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
325 sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
326 sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
327
328 int res = sqlite3_step(statement);
329
330 sqlite3_finalize(statement);
331}
332
333bool
334BasicIdentityStorage::doesCertificateExist(const Name& certificateName)
335{
336 sqlite3_stmt *statement;
337 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
338
339 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
340
341 int res = sqlite3_step(statement);
342
343 bool certExist = false;
344 if (res == SQLITE_ROW) {
345 int countAll = sqlite3_column_int(statement, 0);
346 if (countAll > 0)
347 certExist = true;
348 }
349
350 sqlite3_finalize(statement);
351
352 return certExist;
353}
354
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]355void
Jeff Thompsonc69163b2013-10-12 13:49:50 -0700[diff] [blame]356BasicIdentityStorage::addAnyCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]357{
358 const Name& certificateName = certificate.getName();
Jeff Thompson22285ec2013-10-22 17:43:02 -0700[diff] [blame]359 Name keyName = certificate.getPublicKeyName();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]360
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]361 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]362 Name identityName = keyName.getSubName(0, keyName.size() - 1);
363
364 sqlite3_stmt *statement;
365 sqlite3_prepare_v2(database_,
366 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
367 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
368 -1, &statement, 0);
369
370
371 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
372 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
373
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]374 const Sha256WithRsaSignature* signature = dynamic_cast<const Sha256WithRsaSignature*>(certificate.getSignature());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]375 const Name& signerName = signature->getKeyLocator().getKeyName();
376 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
377
378 sqlite3_bind_text(statement, 3, identityName.toUri(), SQLITE_TRANSIENT);
379 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
380
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]381 // Convert from milliseconds to seconds since 1/1/1970.
382 sqlite3_bind_int64(statement, 5, (sqlite3_int64)floor(certificate.getNotBefore() / 1000.0));
383 sqlite3_bind_int64(statement, 6, (sqlite3_int64)floor(certificate.getNotAfter() / 1000.0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]384
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]385 if (!certificate.getDefaultWireEncoding())
386 certificate.wireEncode();
387 sqlite3_bind_blob(statement, 7, certificate.getDefaultWireEncoding().buf(), certificate.getDefaultWireEncoding().size(), SQLITE_TRANSIENT);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]388
389 int res = sqlite3_step(statement);
390
391 sqlite3_finalize(statement);
392}
393
394void
Jeff Thompsonc69163b2013-10-12 13:49:50 -0700[diff] [blame]395BasicIdentityStorage::addCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]396{
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]397 const Name& certificateName = certificate.getName();
Jeff Thompson22285ec2013-10-22 17:43:02 -0700[diff] [blame]398 Name keyName = certificate.getPublicKeyName();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]399
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]400 if (!doesKeyExist(keyName))
Jeff Thompson22285ec2013-10-22 17:43:02 -0700[diff] [blame]401 throw SecurityException("No corresponding Key record for certificate!" + keyName.toUri() + " " + certificateName.toUri());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]402
403 // Check if certificate has already existed!
404 if (doesCertificateExist(certificateName))
405 throw SecurityException("Certificate has already been installed!");
406
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]407 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
408 Name identity = keyName.getSubName(0, keyName.size() - 1);
409
410 // Check if the public key of certificate is the same as the key record
411
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]412 Blob keyBlob = getKey(keyName);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]413
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]414 if (!keyBlob || (*keyBlob) != *(certificate.getPublicKeyInfo().getKeyDer()))
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]415 throw SecurityException("Certificate does not match the public key!");
416
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]417 // Insert the certificate
418 sqlite3_stmt *statement;
419 sqlite3_prepare_v2(database_,
420 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
421 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
422 -1, &statement, 0);
423
424 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
425 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
426
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]427 const Sha256WithRsaSignature* signature = dynamic_cast<const Sha256WithRsaSignature*>(certificate.getSignature());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]428 const Name & signerName = signature->getKeyLocator().getKeyName();
429 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
430
431 sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
432 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
433
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]434 // Convert from milliseconds to seconds since 1/1/1970.
435 sqlite3_bind_int64(statement, 5, (sqlite3_int64)floor(certificate.getNotBefore() / 1000.0));
436 sqlite3_bind_int64(statement, 6, (sqlite3_int64)floor(certificate.getNotAfter() / 1000.0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]437
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]438 if (!certificate.getDefaultWireEncoding())
439 certificate.wireEncode();
440 sqlite3_bind_blob(statement, 7, certificate.getDefaultWireEncoding().buf(), certificate.getDefaultWireEncoding().size(), SQLITE_TRANSIENT);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]441
442 int res = sqlite3_step(statement);
443
444 sqlite3_finalize(statement);
445}
446
Jeff Thompsonce115762013-12-18 14:59:56 -0800[diff] [blame]447ptr_lib::shared_ptr<Data>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]448BasicIdentityStorage::getCertificate(const Name &certificateName, bool allowAny)
449{
450 if (doesCertificateExist(certificateName)) {
451 sqlite3_stmt *statement;
452 if (!allowAny) {
453 sqlite3_prepare_v2(database_,
454 "SELECT certificate_data FROM Certificate \
455 WHERE cert_name=? AND not_before<datetime(?, 'unixepoch') AND not_after>datetime(?, 'unixepoch') and valid_flag=1",
456 -1, &statement, 0);
457
458 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame]459 sqlite3_bind_int64(statement, 2, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
460 sqlite3_bind_int64(statement, 3, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]461 }
462 else {
463 sqlite3_prepare_v2(database_,
464 "SELECT certificate_data FROM Certificate WHERE cert_name=?", -1, &statement, 0);
465
466 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
467 }
468
469 int res = sqlite3_step(statement);
470
Jeff Thompsonce115762013-12-18 14:59:56 -0800[diff] [blame]471 ptr_lib::shared_ptr<Data> data(new Data());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]472
473 if (res == SQLITE_ROW)
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame]474 data->wireDecode((const uint8_t*)sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]475 sqlite3_finalize(statement);
476
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame]477 return data;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]478 }
479 else {
480 _LOG_DEBUG("Certificate does not exist!");
Jeff Thompsonce115762013-12-18 14:59:56 -0800[diff] [blame]481 return ptr_lib::shared_ptr<Data>();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]482 }
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]483}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]484
485Name
486BasicIdentityStorage::getDefaultIdentity()
487{
488 sqlite3_stmt *statement;
489 sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
490
491 int res = sqlite3_step(statement);
492
493 Name identity;
494
495 if (res == SQLITE_ROW)
496 identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
497
498 sqlite3_finalize(statement);
499
500 return identity;
501}
502
503Name
504BasicIdentityStorage::getDefaultKeyNameForIdentity(const Name& identityName)
505{
506 sqlite3_stmt *statement;
507 sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
508
509 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
510
511 int res = sqlite3_step(statement);
512
513 Name keyName;
514
515 if (res == SQLITE_ROW)
516 keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
517
518 sqlite3_finalize(statement);
519
520 return keyName;
521}
522
523Name
524BasicIdentityStorage::getDefaultCertificateNameForKey(const Name& keyName)
525{
526 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
527 Name identityName = keyName.getSubName(0, keyName.size() - 1);
528
529 sqlite3_stmt *statement;
530 sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
531
532 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
533 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
534
535 int res = sqlite3_step(statement);
536
537 Name certName;
538
539 if (res == SQLITE_ROW)
540 certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
541
542 sqlite3_finalize(statement);
543
544 return certName;
545}
546
547void
548BasicIdentityStorage::setDefaultIdentity(const Name& identityName)
549{
550 sqlite3_stmt *statement;
551
552 //Reset previous default identity
553 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
554
555 while (sqlite3_step(statement) == SQLITE_ROW)
556 {}
557
558 sqlite3_finalize(statement);
559
560 //Set current default identity
561 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
562
563 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
564
565 sqlite3_step(statement);
566
567 sqlite3_finalize(statement);
568}
569
570void
571BasicIdentityStorage::setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck)
572{
573 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
574 Name identityName = keyName.getSubName(0, keyName.size() - 1);
575
576 if (identityNameCheck.size() > 0 && !identityNameCheck.equals(identityName))
577 throw SecurityException("Specified identity name does not match the key name");
578
579 sqlite3_stmt *statement;
580
581 //Reset previous default Key
582 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
583
584 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
585
586 while (sqlite3_step(statement) == SQLITE_ROW)
587 {}
588
589 sqlite3_finalize(statement);
590
591 //Set current default Key
592 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
593
594 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
595 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
596
597 sqlite3_step(statement);
598
599 sqlite3_finalize(statement);
600}
601
602void
603BasicIdentityStorage::setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName)
604{
605 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
606 Name identityName = keyName.getSubName(0, keyName.size() - 1);
607
608 sqlite3_stmt *statement;
609
610 //Reset previous default Key
611 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
612
613 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
614 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
615
616 while (sqlite3_step(statement) == SQLITE_ROW)
617 {}
618
619 sqlite3_finalize(statement);
620
621 //Set current default Key
622 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
623
624 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
625 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
626 sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
627
628 sqlite3_step(statement);
629
630 sqlite3_finalize(statement);
631}
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame^]632
633vector<Name>
634BasicIdentityStorage::getAllIdentities(bool isDefault)
635{
636 sqlite3_stmt *stmt;
637 if(isDefault)
638 sqlite3_prepare_v2 (database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &stmt, 0);
639 else
640 sqlite3_prepare_v2 (database_, "SELECT identity_name FROM Identity WHERE default_identity=0", -1, &stmt, 0);
641
642 vector<Name> nameList;
643 while(sqlite3_step (stmt) == SQLITE_ROW)
644 nameList.push_back(Name(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0))));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]645
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame^]646 sqlite3_finalize (stmt);
647 return nameList;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]648}
649
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame^]650vector<Name>
651BasicIdentityStorage::getAllKeyNames(bool isDefault)
652{
653 sqlite3_stmt *stmt;
654 if(isDefault)
655 sqlite3_prepare_v2 (database_, "SELECT identity_name, key_identifier FROM Key WHERE default_key=1", -1, &stmt, 0);
656 else
657 sqlite3_prepare_v2 (database_, "SELECT identity_name, key_identifier FROM Key WHERE default_key=0", -1, &stmt, 0);
658
659 vector<Name> nameList;
660 while(sqlite3_step (stmt) == SQLITE_ROW)
661 {
662 Name keyName(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
663 keyName.append(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 1)), sqlite3_column_bytes (stmt, 1)));
664 nameList.push_back(keyName);
665 }
666 sqlite3_finalize (stmt);
667 return nameList;
668}
669
670vector<Name>
671BasicIdentityStorage::getAllKeyNamesOfIdentity(const Name& identity, bool isDefault)
672{
673 sqlite3_stmt *stmt;
674 if(isDefault)
675 sqlite3_prepare_v2 (database_, "SELECT key_identifier FROM Key WHERE default_key=1 and identity_name=?", -1, &stmt, 0);
676 else
677 sqlite3_prepare_v2 (database_, "SELECT key_identifier FROM Key WHERE default_key=0 and identity_name=?", -1, &stmt, 0);
678
679 sqlite3_bind_text(stmt, 1, identity.toUri().c_str(), identity.toUri().size (), SQLITE_TRANSIENT);
680
681 vector<Name> nameList;
682 while(sqlite3_step (stmt) == SQLITE_ROW)
683 {
684 Name keyName(identity);
685 keyName.append(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
686 nameList.push_back(keyName);
687 }
688 sqlite3_finalize (stmt);
689 return nameList;
690}
691
692vector<Name>
693BasicIdentityStorage::getAllCertificateNames(bool isDefault)
694{
695 sqlite3_stmt *stmt;
696 if(isDefault)
697 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=1", -1, &stmt, 0);
698 else
699 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=0", -1, &stmt, 0);
700
701 vector<Name> nameList;
702 while(sqlite3_step (stmt) == SQLITE_ROW)
703 nameList.push_back(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
704
705 sqlite3_finalize (stmt);
706 return nameList;
707}
708
709vector<Name>
710BasicIdentityStorage::getAllCertificateNamesOfKey(const Name& keyName, bool isDefault)
711{
712 sqlite3_stmt *stmt;
713 if(isDefault)
714 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=1 and identity_name=? and key_identifier=?", -1, &stmt, 0);
715 else
716 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=0 and identity_name=? and key_identifier=?", -1, &stmt, 0);
717
718 Name identity = keyName.getSubName(0, keyName.size()-1);
719 sqlite3_bind_text(stmt, 1, identity.toUri().c_str(), identity.toUri().size (), SQLITE_TRANSIENT);
720 std::string baseKeyName = keyName.get(-1).toEscapedString();
721 sqlite3_bind_text(stmt, 2, baseKeyName.c_str(), baseKeyName.size(), SQLITE_TRANSIENT);
722
723 vector<Name> nameList;
724 while(sqlite3_step (stmt) == SQLITE_ROW)
725 nameList.push_back(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
726
727 sqlite3_finalize (stmt);
728 return nameList;
729}
730
731} // namespace ndn
732
Jeff Thompsonb7523002013-10-09 10:25:00 -0700[diff] [blame]733#endif // NDN_CPP_HAVE_SQLITE3