Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 1975def40c1335e29ca1c142d49e2a6cc351b327 / . / ndn-cpp / security / identity / basic-identity-storage.cpp
blob: 18320d309a30e5bae9f84c778c9666d1f437a3c7 [file] [log] [blame]
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * See COPYING for copyright and distribution information.
6 */
7
Jeff Thompsonb7523002013-10-09 10:25:00 -0700[diff] [blame]8// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
9#include "../../ndn-cpp-config.h"
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]10#ifdef NDN_CPP_HAVE_SQLITE3
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]11
12#include <stdlib.h>
13#include <sstream>
14#include <fstream>
15#include "basic-identity-storage.hpp"
16#include "../../util/logging.hpp"
17#include "../security-exception.hpp"
18#include "ndn-cpp/data.hpp"
19
20#if 0
21#include "ndn.cxx/fields/signature-sha256-with-rsa.h"
22#include "ndn.cxx/regex/regex.h"
23#include <boost/filesystem.hpp>
24#endif
25
26INIT_LOGGER("BasicIdentityStorage");
27
28using namespace std;
29using namespace ndn::ptr_lib;
30#if 0
31namespace fs = boost::filesystem;
32#endif
33
34namespace ndn
35{
36
37static const string INIT_ID_TABLE = "\
38CREATE TABLE IF NOT EXISTS \n \
39 Identity( \n \
40 identity_name BLOB NOT NULL, \n \
41 default_identity INTEGER DEFAULT 0, \n \
42 \
43 PRIMARY KEY (identity_name) \n \
44 ); \n \
45 \
46CREATE INDEX identity_index ON Identity(identity_name); \n \
47";
48
49static const string INIT_KEY_TABLE = "\
50CREATE TABLE IF NOT EXISTS \n \
51 Key( \n \
52 identity_name BLOB NOT NULL, \n \
53 key_identifier BLOB NOT NULL, \n \
54 key_type INTEGER, \n \
55 public_key BLOB, \n \
56 default_key INTEGER DEFAULT 0, \n \
57 active INTEGER DEFAULT 0, \n \
58 \
59 PRIMARY KEY (identity_name, key_identifier) \n \
60 ); \n \
61 \
62CREATE INDEX key_index ON Key(identity_name); \n \
63";
64
65static const string INIT_CERT_TABLE = "\
66CREATE TABLE IF NOT EXISTS \n \
67 Certificate( \n \
68 cert_name BLOB NOT NULL, \n \
69 cert_issuer BLOB NOT NULL, \n \
70 identity_name BLOB NOT NULL, \n \
71 key_identifier BLOB NOT NULL, \n \
72 not_before TIMESTAMP, \n \
73 not_after TIMESTAMP, \n \
74 certificate_data BLOB NOT NULL, \n \
75 valid_flag INTEGER DEFAULT 0, \n \
76 default_cert INTEGER DEFAULT 0, \n \
77 \
78 PRIMARY KEY (cert_name) \n \
79 ); \n \
80 \
81CREATE INDEX cert_index ON Certificate(cert_name); \n \
82CREATE INDEX subject ON Certificate(identity_name); \n \
83";
84
85/**
86 * A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
87 */
88static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(*destructor)(void*))
89{
90 return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
91}
92
93BasicIdentityStorage::BasicIdentityStorage()
94{
95#if 0
96 fs::path identityDir = fs::path(getenv("HOME")) / ".ndn-identity";
97 fs::create_directories(identityDir);
98
99 int res = sqlite3_open((identityDir / "identity.db").c_str(), &database_);
100
101 if (res != SQLITE_OK)
102 {
103 throw SecurityException("identity DB cannot be opened/created");
104 }
105#endif
106
107 //Check if Key table exists;
108 sqlite3_stmt *statement;
109 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
110 int res = sqlite3_step(statement);
111
112 bool idTableExists = false;
113 if (res == SQLITE_ROW)
114 idTableExists = true;
115
116 sqlite3_finalize(statement);
117
118 if (!idTableExists) {
119 char *errorMessage = 0;
120 res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
121
122 if (res != SQLITE_OK && errorMessage != 0) {
123 _LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
124 sqlite3_free(errorMessage);
125 }
126 }
127
128 //Check if Key table exists;
129 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
130 res = sqlite3_step(statement);
131
132 bool keyTableExists = false;
133 if (res == SQLITE_ROW)
134 keyTableExists = true;
135
136 sqlite3_finalize(statement);
137
138 if (!keyTableExists) {
139 char *errorMessage = 0;
140 res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
141
142 if (res != SQLITE_OK && errorMessage != 0) {
143 _LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
144 sqlite3_free(errorMessage);
145 }
146 }
147
148 //Check if Certificate table exists;
149 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
150 res = sqlite3_step(statement);
151
152 bool idCertificateTableExists = false;
153 if (res == SQLITE_ROW)
154 idCertificateTableExists = true;
155
156 sqlite3_finalize(statement);
157
158 if (!idCertificateTableExists) {
159 char *errorMessage = 0;
160 res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
161
162 if (res != SQLITE_OK && errorMessage != 0) {
163 _LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
164 sqlite3_free(errorMessage);
165 }
166 }
167}
168
169BasicIdentityStorage::~BasicIdentityStorage()
170{
171}
172
173bool
174BasicIdentityStorage::doesIdentityExist(const Name& identityName)
175{
176 bool result = false;
177
178 sqlite3_stmt *statement;
179 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
180
181 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
182 int res = sqlite3_step(statement);
183
184 if (res == SQLITE_ROW) {
185 int countAll = sqlite3_column_int(statement, 0);
186 if (countAll > 0)
187 result = true;
188 }
189
190 sqlite3_finalize(statement);
191
192 return result;
193}
194
195void
196BasicIdentityStorage::addIdentity(const Name& identityName)
197{
198 if (doesIdentityExist(identityName))
199 throw SecurityException("Identity already exists");
200
201 sqlite3_stmt *statement;
202
203 sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
204
205 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
206
207 int res = sqlite3_step(statement);
208
209 sqlite3_finalize(statement);
210}
211
212bool
213BasicIdentityStorage::revokeIdentity()
214{
215 //TODO:
216 return false;
217}
218
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]219Name
220BasicIdentityStorage::getNewKeyName(const Name& identityName, bool useKsk)
221{
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]222#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]223 TimeInterval ti = time::NowUnixTimestamp();
224 ostringstream oss;
225 oss << ti.total_seconds();
226
227 string keyIdStr;
228
229 if (useKsk)
230 keyIdStr = ("KSK-" + oss.str());
231 else
232 keyIdStr = ("DSK-" + oss.str());
233
234
235 Name keyName = Name(identityName).append(keyIdStr);
236
237 if (doesKeyExist(keyName))
238 throw SecurityException("Key name already exists");
239
240 return keyName;
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]241#else
242 throw logic_error("unimplemented");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]243#endif
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]244}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]245
246bool
247BasicIdentityStorage::doesKeyExist(const Name& keyName)
248{
249 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
250 Name identityName = keyName.getSubName(0, keyName.size() - 1);
251
252 sqlite3_stmt *statement;
253 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
254
255 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
256 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
257
258 int res = sqlite3_step(statement);
259
260 bool keyIdExist = false;
261 if (res == SQLITE_ROW) {
262 int countAll = sqlite3_column_int(statement, 0);
263 if (countAll > 0)
264 keyIdExist = true;
265 }
266
267 sqlite3_finalize(statement);
268
269 return keyIdExist;
270}
271
272Name
273BasicIdentityStorage::getKeyNameForCertificate(const Name& certificateName)
274{
275 int i = certificateName.size() - 1;
276
277 for (; i >= 0; --i) {
278 if (certificateName.get(i).toEscapedString() == string("ID-CERT"))
279 break;
280 }
281
282 return certificateName.getSubName(0, i);
283}
284
285void
286BasicIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
287{
288 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
289 Name identityName = keyName.getSubName(0, keyName.size() - 1);
290
291
292 if (!doesIdentityExist(identityName))
293 addIdentity(identityName);
294
295 if (doesKeyExist(keyName))
296 throw SecurityException("a key with the same name already exists!");
297
298 sqlite3_stmt *statement;
299 sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
300
301 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
302 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
303 sqlite3_bind_int(statement, 3, (int)keyType);
304 sqlite3_bind_blob(statement, 4, publicKeyDer.buf(), publicKeyDer.size(), SQLITE_TRANSIENT);
305
306 int res = sqlite3_step(statement);
307
308 sqlite3_finalize(statement);
309}
310
311Blob
312BasicIdentityStorage::getKey(const Name& keyName)
313{
314 if (!doesKeyExist(keyName)) {
315 _LOG_DEBUG("keyName does not exist");
316 return Blob();
317 }
318
319 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
320 Name identityName = keyName.getSubName(0, keyName.size() - 1);
321
322 sqlite3_stmt *statement;
323 sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
324
325 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
326 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
327
328 int res = sqlite3_step(statement);
329
330 Blob result;
331 if (res == SQLITE_ROW)
332 result = Blob(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
333
334 sqlite3_finalize(statement);
335
336 return result;
337}
338
339void
340BasicIdentityStorage::activateKey(const Name& keyName)
341{
342 updateKeyStatus(keyName, true);
343}
344
345void
346BasicIdentityStorage::deactivateKey(const Name& keyName)
347{
348 updateKeyStatus(keyName, false);
349}
350
351void
352BasicIdentityStorage::updateKeyStatus(const Name& keyName, bool isActive)
353{
354 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
355 Name identityName = keyName.getSubName(0, keyName.size() - 1);
356
357 sqlite3_stmt *statement;
358 sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
359
360 sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
361 sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
362 sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
363
364 int res = sqlite3_step(statement);
365
366 sqlite3_finalize(statement);
367}
368
369bool
370BasicIdentityStorage::doesCertificateExist(const Name& certificateName)
371{
372 sqlite3_stmt *statement;
373 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
374
375 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
376
377 int res = sqlite3_step(statement);
378
379 bool certExist = false;
380 if (res == SQLITE_ROW) {
381 int countAll = sqlite3_column_int(statement, 0);
382 if (countAll > 0)
383 certExist = true;
384 }
385
386 sqlite3_finalize(statement);
387
388 return certExist;
389}
390
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]391void
392BasicIdentityStorage::addAnyCertificate(const Certificate& certificate)
393{
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]394#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]395 const Name& certificateName = certificate.getName();
396 Name keyName = getKeyNameForCertificate(certificateName);
397
398 string keyId = keyName.get(keyName.size() - 1).toUri();
399 Name identityName = keyName.getSubName(0, keyName.size() - 1);
400
401 sqlite3_stmt *statement;
402 sqlite3_prepare_v2(database_,
403 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
404 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
405 -1, &statement, 0);
406
407
408 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
409 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
410
411 Ptr<const signature::Sha256WithRsa> signature = boost::dynamic_pointer_cast<const signature::Sha256WithRsa>(certificate.getSignature());
412 const Name& signerName = signature->getKeyLocator().getKeyName();
413 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
414
415 sqlite3_bind_text(statement, 3, identityName.toUri(), SQLITE_TRANSIENT);
416 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
417
418 sqlite3_bind_int64(statement, 5, (sqlite3_int64)(certificate.getNotBefore() - time::UNIX_EPOCH_TIME).total_seconds());
419 sqlite3_bind_int64(statement, 6, (sqlite3_int64)(certificate.getNotAfter() - time::UNIX_EPOCH_TIME).total_seconds());
420
421 Blob certificateEncoding = certificate.wireEncode();
422
423 sqlite3_bind_blob(statement, 7, certificateEncoding->buf(), certBlob->size(), SQLITE_TRANSIENT);
424
425 int res = sqlite3_step(statement);
426
427 sqlite3_finalize(statement);
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]428#else
429 throw logic_error("unimplemented");
430#endif
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]431}
432
433void
434BasicIdentityStorage::addCertificate(const Certificate& certificate)
435{
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]436#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]437 _LOG_DEBUG("1");
438 const Name& certificateName = certificate.getName();
439 Name keyName = getKeyNameForCertificate(certificateName);
440
441 _LOG_DEBUG("2");
442 if (!doesKeyExist(keyName))
443 {
444 _LOG_DEBUG("here wrong");
445 throw SecurityException("No corresponding Key record for the certificate!");
446 }
447
448 // Check if certificate has already existed!
449 if (doesCertificateExist(certificateName))
450 throw SecurityException("Certificate has already been installed!");
451
452 _LOG_DEBUG("3");
453 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
454 Name identity = keyName.getSubName(0, keyName.size() - 1);
455
456 // Check if the public key of certificate is the same as the key record
457
458 Ptr<Blob> keyBlob = getKey(keyName);
459
460 if (keyBlob == NULL or (*keyBlob) != (certificate.getPublicKeyInfo().getKeyBlob()))
461 throw SecurityException("Certificate does not match the public key!");
462
463 _LOG_DEBUG("4");
464 // Insert the certificate
465 sqlite3_stmt *statement;
466 sqlite3_prepare_v2(database_,
467 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
468 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
469 -1, &statement, 0);
470
471 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
472 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
473
474 Ptr<const signature::Sha256WithRsa> signature = boost::dynamic_pointer_cast<const signature::Sha256WithRsa>(certificate.getSignature());
475 const Name & signerName = signature->getKeyLocator().getKeyName();
476 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
477
478 sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
479 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
480
481 sqlite3_bind_int64(statement, 5, (sqlite3_int64)(certificate.getNotBefore() - time::UNIX_EPOCH_TIME).total_seconds());
482 sqlite3_bind_int64(statement, 6, (sqlite3_int64)(certificate.getNotAfter() - time::UNIX_EPOCH_TIME).total_seconds());
483
484 Blob certificateEncoding = certificate.wireEncode();
485
486 sqlite3_bind_blob(statement, 7, certificateEncoding->buf(), certificateEncoding->size(), SQLITE_TRANSIENT);
487
488 int res = sqlite3_step(statement);
489
490 sqlite3_finalize(statement);
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]491#else
492 throw logic_error("unimplemented");
493#endif
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]494}
495
496shared_ptr<Certificate>
497BasicIdentityStorage::getCertificate(const Name &certificateName, bool allowAny)
498{
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]499#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]500 if (doesCertificateExist(certificateName)) {
501 sqlite3_stmt *statement;
502 if (!allowAny) {
503 sqlite3_prepare_v2(database_,
504 "SELECT certificate_data FROM Certificate \
505 WHERE cert_name=? AND not_before<datetime(?, 'unixepoch') AND not_after>datetime(?, 'unixepoch') and valid_flag=1",
506 -1, &statement, 0);
507
508 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
509 sqlite3_bind_int64(statement, 2, (sqlite3_int64)time::NowUnixTimestamp().total_seconds());
510 sqlite3_bind_int64(statement, 3, (sqlite3_int64)time::NowUnixTimestamp().total_seconds());
511 }
512 else {
513 sqlite3_prepare_v2(database_,
514 "SELECT certificate_data FROM Certificate WHERE cert_name=?", -1, &statement, 0);
515
516 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
517 }
518
519 int res = sqlite3_step(statement);
520
521 shared_ptr<Certificate> certificate(new Certificate());
522
523 if (res == SQLITE_ROW)
524 certificate->wireDecode(sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0));
525 sqlite3_finalize(statement);
526
527 return certificate;
528 }
529 else {
530 _LOG_DEBUG("Certificate does not exist!");
531 return shared_ptr<Certificate>();
532 }
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]533#else
534 throw logic_error("unimplemented");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]535#endif
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame^]536}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]537
538Name
539BasicIdentityStorage::getDefaultIdentity()
540{
541 sqlite3_stmt *statement;
542 sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
543
544 int res = sqlite3_step(statement);
545
546 Name identity;
547
548 if (res == SQLITE_ROW)
549 identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
550
551 sqlite3_finalize(statement);
552
553 return identity;
554}
555
556Name
557BasicIdentityStorage::getDefaultKeyNameForIdentity(const Name& identityName)
558{
559 sqlite3_stmt *statement;
560 sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
561
562 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
563
564 int res = sqlite3_step(statement);
565
566 Name keyName;
567
568 if (res == SQLITE_ROW)
569 keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
570
571 sqlite3_finalize(statement);
572
573 return keyName;
574}
575
576Name
577BasicIdentityStorage::getDefaultCertificateNameForKey(const Name& keyName)
578{
579 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
580 Name identityName = keyName.getSubName(0, keyName.size() - 1);
581
582 sqlite3_stmt *statement;
583 sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
584
585 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
586 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
587
588 int res = sqlite3_step(statement);
589
590 Name certName;
591
592 if (res == SQLITE_ROW)
593 certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
594
595 sqlite3_finalize(statement);
596
597 return certName;
598}
599
600void
601BasicIdentityStorage::setDefaultIdentity(const Name& identityName)
602{
603 sqlite3_stmt *statement;
604
605 //Reset previous default identity
606 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
607
608 while (sqlite3_step(statement) == SQLITE_ROW)
609 {}
610
611 sqlite3_finalize(statement);
612
613 //Set current default identity
614 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
615
616 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
617
618 sqlite3_step(statement);
619
620 sqlite3_finalize(statement);
621}
622
623void
624BasicIdentityStorage::setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck)
625{
626 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
627 Name identityName = keyName.getSubName(0, keyName.size() - 1);
628
629 if (identityNameCheck.size() > 0 && !identityNameCheck.equals(identityName))
630 throw SecurityException("Specified identity name does not match the key name");
631
632 sqlite3_stmt *statement;
633
634 //Reset previous default Key
635 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
636
637 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
638
639 while (sqlite3_step(statement) == SQLITE_ROW)
640 {}
641
642 sqlite3_finalize(statement);
643
644 //Set current default Key
645 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
646
647 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
648 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
649
650 sqlite3_step(statement);
651
652 sqlite3_finalize(statement);
653}
654
655void
656BasicIdentityStorage::setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName)
657{
658 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
659 Name identityName = keyName.getSubName(0, keyName.size() - 1);
660
661 sqlite3_stmt *statement;
662
663 //Reset previous default Key
664 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
665
666 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
667 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
668
669 while (sqlite3_step(statement) == SQLITE_ROW)
670 {}
671
672 sqlite3_finalize(statement);
673
674 //Set current default Key
675 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
676
677 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
678 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
679 sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
680
681 sqlite3_step(statement);
682
683 sqlite3_finalize(statement);
684}
685
686}
687
Jeff Thompsonb7523002013-10-09 10:25:00 -0700[diff] [blame]688#endif // NDN_CPP_HAVE_SQLITE3