Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 3bd90bcd3a9dd77c27484de7060eb55cd976024f / . / ndn-cpp / security / identity / basic-identity-storage.cpp
blob: 90cd9e67d3f73be3f2f519464b31914cf4f0d3eb [file] [log] [blame]
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * See COPYING for copyright and distribution information.
6 */
7
Jeff Thompsonb7523002013-10-09 10:25:00 -0700[diff] [blame]8// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
Jeff Thompson6e229042013-10-10 11:09:49 -0700[diff] [blame]9#include <ndn-cpp/ndn-cpp-config.h>
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]10#ifdef NDN_CPP_HAVE_SQLITE3
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]11
Jeff Thompson814d2052013-10-09 18:52:19 -0700[diff] [blame]12#if 1
13#include <stdexcept>
14#endif
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]15#include <stdlib.h>
16#include <sstream>
17#include <fstream>
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame^]18#include <math.h>
Jeff Thompson25b4e612013-10-10 16:03:24 -0700[diff] [blame]19#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]20#include "../../util/logging.hpp"
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame^]21#include <ndn-cpp/security/security-exception.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]22#include "ndn-cpp/data.hpp"
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame^]23#include <ndn-cpp/security/certificate/certificate.hpp>
24#include "../../c/util/time.h"
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]25
26#if 0
27#include "ndn.cxx/fields/signature-sha256-with-rsa.h"
28#include "ndn.cxx/regex/regex.h"
29#include <boost/filesystem.hpp>
30#endif
31
32INIT_LOGGER("BasicIdentityStorage");
33
34using namespace std;
35using namespace ndn::ptr_lib;
36#if 0
37namespace fs = boost::filesystem;
38#endif
39
40namespace ndn
41{
42
43static const string INIT_ID_TABLE = "\
44CREATE TABLE IF NOT EXISTS \n \
45 Identity( \n \
46 identity_name BLOB NOT NULL, \n \
47 default_identity INTEGER DEFAULT 0, \n \
48 \
49 PRIMARY KEY (identity_name) \n \
50 ); \n \
51 \
52CREATE INDEX identity_index ON Identity(identity_name); \n \
53";
54
55static const string INIT_KEY_TABLE = "\
56CREATE TABLE IF NOT EXISTS \n \
57 Key( \n \
58 identity_name BLOB NOT NULL, \n \
59 key_identifier BLOB NOT NULL, \n \
60 key_type INTEGER, \n \
61 public_key BLOB, \n \
62 default_key INTEGER DEFAULT 0, \n \
63 active INTEGER DEFAULT 0, \n \
64 \
65 PRIMARY KEY (identity_name, key_identifier) \n \
66 ); \n \
67 \
68CREATE INDEX key_index ON Key(identity_name); \n \
69";
70
71static const string INIT_CERT_TABLE = "\
72CREATE TABLE IF NOT EXISTS \n \
73 Certificate( \n \
74 cert_name BLOB NOT NULL, \n \
75 cert_issuer BLOB NOT NULL, \n \
76 identity_name BLOB NOT NULL, \n \
77 key_identifier BLOB NOT NULL, \n \
78 not_before TIMESTAMP, \n \
79 not_after TIMESTAMP, \n \
80 certificate_data BLOB NOT NULL, \n \
81 valid_flag INTEGER DEFAULT 0, \n \
82 default_cert INTEGER DEFAULT 0, \n \
83 \
84 PRIMARY KEY (cert_name) \n \
85 ); \n \
86 \
87CREATE INDEX cert_index ON Certificate(cert_name); \n \
88CREATE INDEX subject ON Certificate(identity_name); \n \
89";
90
91/**
92 * A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
93 */
94static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(*destructor)(void*))
95{
96 return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
97}
98
99BasicIdentityStorage::BasicIdentityStorage()
100{
101#if 0
102 fs::path identityDir = fs::path(getenv("HOME")) / ".ndn-identity";
103 fs::create_directories(identityDir);
104
105 int res = sqlite3_open((identityDir / "identity.db").c_str(), &database_);
106
107 if (res != SQLITE_OK)
108 {
109 throw SecurityException("identity DB cannot be opened/created");
110 }
111#endif
112
113 //Check if Key table exists;
114 sqlite3_stmt *statement;
115 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
116 int res = sqlite3_step(statement);
117
118 bool idTableExists = false;
119 if (res == SQLITE_ROW)
120 idTableExists = true;
121
122 sqlite3_finalize(statement);
123
124 if (!idTableExists) {
125 char *errorMessage = 0;
126 res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
127
128 if (res != SQLITE_OK && errorMessage != 0) {
129 _LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
130 sqlite3_free(errorMessage);
131 }
132 }
133
134 //Check if Key table exists;
135 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
136 res = sqlite3_step(statement);
137
138 bool keyTableExists = false;
139 if (res == SQLITE_ROW)
140 keyTableExists = true;
141
142 sqlite3_finalize(statement);
143
144 if (!keyTableExists) {
145 char *errorMessage = 0;
146 res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
147
148 if (res != SQLITE_OK && errorMessage != 0) {
149 _LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
150 sqlite3_free(errorMessage);
151 }
152 }
153
154 //Check if Certificate table exists;
155 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
156 res = sqlite3_step(statement);
157
158 bool idCertificateTableExists = false;
159 if (res == SQLITE_ROW)
160 idCertificateTableExists = true;
161
162 sqlite3_finalize(statement);
163
164 if (!idCertificateTableExists) {
165 char *errorMessage = 0;
166 res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
167
168 if (res != SQLITE_OK && errorMessage != 0) {
169 _LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
170 sqlite3_free(errorMessage);
171 }
172 }
173}
174
175BasicIdentityStorage::~BasicIdentityStorage()
176{
177}
178
179bool
180BasicIdentityStorage::doesIdentityExist(const Name& identityName)
181{
182 bool result = false;
183
184 sqlite3_stmt *statement;
185 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
186
187 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
188 int res = sqlite3_step(statement);
189
190 if (res == SQLITE_ROW) {
191 int countAll = sqlite3_column_int(statement, 0);
192 if (countAll > 0)
193 result = true;
194 }
195
196 sqlite3_finalize(statement);
197
198 return result;
199}
200
201void
202BasicIdentityStorage::addIdentity(const Name& identityName)
203{
204 if (doesIdentityExist(identityName))
205 throw SecurityException("Identity already exists");
206
207 sqlite3_stmt *statement;
208
209 sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
210
211 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
212
213 int res = sqlite3_step(statement);
214
215 sqlite3_finalize(statement);
216}
217
218bool
219BasicIdentityStorage::revokeIdentity()
220{
221 //TODO:
222 return false;
223}
224
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]225Name
226BasicIdentityStorage::getNewKeyName(const Name& identityName, bool useKsk)
227{
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]228#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]229 TimeInterval ti = time::NowUnixTimestamp();
230 ostringstream oss;
231 oss << ti.total_seconds();
232
233 string keyIdStr;
234
235 if (useKsk)
236 keyIdStr = ("KSK-" + oss.str());
237 else
238 keyIdStr = ("DSK-" + oss.str());
239
240
241 Name keyName = Name(identityName).append(keyIdStr);
242
243 if (doesKeyExist(keyName))
244 throw SecurityException("Key name already exists");
245
246 return keyName;
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]247#else
248 throw logic_error("unimplemented");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]249#endif
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]250}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]251
252bool
253BasicIdentityStorage::doesKeyExist(const Name& keyName)
254{
255 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
256 Name identityName = keyName.getSubName(0, keyName.size() - 1);
257
258 sqlite3_stmt *statement;
259 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
260
261 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
262 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
263
264 int res = sqlite3_step(statement);
265
266 bool keyIdExist = false;
267 if (res == SQLITE_ROW) {
268 int countAll = sqlite3_column_int(statement, 0);
269 if (countAll > 0)
270 keyIdExist = true;
271 }
272
273 sqlite3_finalize(statement);
274
275 return keyIdExist;
276}
277
278Name
279BasicIdentityStorage::getKeyNameForCertificate(const Name& certificateName)
280{
281 int i = certificateName.size() - 1;
282
283 for (; i >= 0; --i) {
284 if (certificateName.get(i).toEscapedString() == string("ID-CERT"))
285 break;
286 }
287
288 return certificateName.getSubName(0, i);
289}
290
291void
292BasicIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
293{
294 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
295 Name identityName = keyName.getSubName(0, keyName.size() - 1);
296
297
298 if (!doesIdentityExist(identityName))
299 addIdentity(identityName);
300
301 if (doesKeyExist(keyName))
302 throw SecurityException("a key with the same name already exists!");
303
304 sqlite3_stmt *statement;
305 sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
306
307 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
308 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
309 sqlite3_bind_int(statement, 3, (int)keyType);
310 sqlite3_bind_blob(statement, 4, publicKeyDer.buf(), publicKeyDer.size(), SQLITE_TRANSIENT);
311
312 int res = sqlite3_step(statement);
313
314 sqlite3_finalize(statement);
315}
316
317Blob
318BasicIdentityStorage::getKey(const Name& keyName)
319{
320 if (!doesKeyExist(keyName)) {
321 _LOG_DEBUG("keyName does not exist");
322 return Blob();
323 }
324
325 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
326 Name identityName = keyName.getSubName(0, keyName.size() - 1);
327
328 sqlite3_stmt *statement;
329 sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
330
331 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
332 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
333
334 int res = sqlite3_step(statement);
335
336 Blob result;
337 if (res == SQLITE_ROW)
338 result = Blob(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
339
340 sqlite3_finalize(statement);
341
342 return result;
343}
344
345void
346BasicIdentityStorage::activateKey(const Name& keyName)
347{
348 updateKeyStatus(keyName, true);
349}
350
351void
352BasicIdentityStorage::deactivateKey(const Name& keyName)
353{
354 updateKeyStatus(keyName, false);
355}
356
357void
358BasicIdentityStorage::updateKeyStatus(const Name& keyName, bool isActive)
359{
360 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
361 Name identityName = keyName.getSubName(0, keyName.size() - 1);
362
363 sqlite3_stmt *statement;
364 sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
365
366 sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
367 sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
368 sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
369
370 int res = sqlite3_step(statement);
371
372 sqlite3_finalize(statement);
373}
374
375bool
376BasicIdentityStorage::doesCertificateExist(const Name& certificateName)
377{
378 sqlite3_stmt *statement;
379 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
380
381 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
382
383 int res = sqlite3_step(statement);
384
385 bool certExist = false;
386 if (res == SQLITE_ROW) {
387 int countAll = sqlite3_column_int(statement, 0);
388 if (countAll > 0)
389 certExist = true;
390 }
391
392 sqlite3_finalize(statement);
393
394 return certExist;
395}
396
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]397void
Jeff Thompsonc69163b2013-10-12 13:49:50 -0700[diff] [blame]398BasicIdentityStorage::addAnyCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]399{
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]400#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]401 const Name& certificateName = certificate.getName();
402 Name keyName = getKeyNameForCertificate(certificateName);
403
404 string keyId = keyName.get(keyName.size() - 1).toUri();
405 Name identityName = keyName.getSubName(0, keyName.size() - 1);
406
407 sqlite3_stmt *statement;
408 sqlite3_prepare_v2(database_,
409 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
410 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
411 -1, &statement, 0);
412
413
414 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
415 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
416
417 Ptr<const signature::Sha256WithRsa> signature = boost::dynamic_pointer_cast<const signature::Sha256WithRsa>(certificate.getSignature());
418 const Name& signerName = signature->getKeyLocator().getKeyName();
419 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
420
421 sqlite3_bind_text(statement, 3, identityName.toUri(), SQLITE_TRANSIENT);
422 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
423
424 sqlite3_bind_int64(statement, 5, (sqlite3_int64)(certificate.getNotBefore() - time::UNIX_EPOCH_TIME).total_seconds());
425 sqlite3_bind_int64(statement, 6, (sqlite3_int64)(certificate.getNotAfter() - time::UNIX_EPOCH_TIME).total_seconds());
426
427 Blob certificateEncoding = certificate.wireEncode();
428
429 sqlite3_bind_blob(statement, 7, certificateEncoding->buf(), certBlob->size(), SQLITE_TRANSIENT);
430
431 int res = sqlite3_step(statement);
432
433 sqlite3_finalize(statement);
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]434#else
435 throw logic_error("unimplemented");
436#endif
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]437}
438
439void
Jeff Thompsonc69163b2013-10-12 13:49:50 -0700[diff] [blame]440BasicIdentityStorage::addCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]441{
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]442#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]443 _LOG_DEBUG("1");
444 const Name& certificateName = certificate.getName();
445 Name keyName = getKeyNameForCertificate(certificateName);
446
447 _LOG_DEBUG("2");
448 if (!doesKeyExist(keyName))
449 {
450 _LOG_DEBUG("here wrong");
451 throw SecurityException("No corresponding Key record for the certificate!");
452 }
453
454 // Check if certificate has already existed!
455 if (doesCertificateExist(certificateName))
456 throw SecurityException("Certificate has already been installed!");
457
458 _LOG_DEBUG("3");
459 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
460 Name identity = keyName.getSubName(0, keyName.size() - 1);
461
462 // Check if the public key of certificate is the same as the key record
463
464 Ptr<Blob> keyBlob = getKey(keyName);
465
466 if (keyBlob == NULL or (*keyBlob) != (certificate.getPublicKeyInfo().getKeyBlob()))
467 throw SecurityException("Certificate does not match the public key!");
468
469 _LOG_DEBUG("4");
470 // Insert the certificate
471 sqlite3_stmt *statement;
472 sqlite3_prepare_v2(database_,
473 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
474 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
475 -1, &statement, 0);
476
477 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
478 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
479
480 Ptr<const signature::Sha256WithRsa> signature = boost::dynamic_pointer_cast<const signature::Sha256WithRsa>(certificate.getSignature());
481 const Name & signerName = signature->getKeyLocator().getKeyName();
482 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
483
484 sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
485 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
486
487 sqlite3_bind_int64(statement, 5, (sqlite3_int64)(certificate.getNotBefore() - time::UNIX_EPOCH_TIME).total_seconds());
488 sqlite3_bind_int64(statement, 6, (sqlite3_int64)(certificate.getNotAfter() - time::UNIX_EPOCH_TIME).total_seconds());
489
490 Blob certificateEncoding = certificate.wireEncode();
491
492 sqlite3_bind_blob(statement, 7, certificateEncoding->buf(), certificateEncoding->size(), SQLITE_TRANSIENT);
493
494 int res = sqlite3_step(statement);
495
496 sqlite3_finalize(statement);
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]497#else
498 throw logic_error("unimplemented");
499#endif
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]500}
501
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame^]502shared_ptr<Data>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]503BasicIdentityStorage::getCertificate(const Name &certificateName, bool allowAny)
504{
505 if (doesCertificateExist(certificateName)) {
506 sqlite3_stmt *statement;
507 if (!allowAny) {
508 sqlite3_prepare_v2(database_,
509 "SELECT certificate_data FROM Certificate \
510 WHERE cert_name=? AND not_before<datetime(?, 'unixepoch') AND not_after>datetime(?, 'unixepoch') and valid_flag=1",
511 -1, &statement, 0);
512
513 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame^]514 sqlite3_bind_int64(statement, 2, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
515 sqlite3_bind_int64(statement, 3, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]516 }
517 else {
518 sqlite3_prepare_v2(database_,
519 "SELECT certificate_data FROM Certificate WHERE cert_name=?", -1, &statement, 0);
520
521 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
522 }
523
524 int res = sqlite3_step(statement);
525
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame^]526 shared_ptr<Data> data;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]527
528 if (res == SQLITE_ROW)
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame^]529 data->wireDecode((const uint8_t*)sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]530 sqlite3_finalize(statement);
531
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame^]532 return data;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]533 }
534 else {
535 _LOG_DEBUG("Certificate does not exist!");
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame^]536 return shared_ptr<Data>();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]537 }
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]538}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]539
540Name
541BasicIdentityStorage::getDefaultIdentity()
542{
543 sqlite3_stmt *statement;
544 sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
545
546 int res = sqlite3_step(statement);
547
548 Name identity;
549
550 if (res == SQLITE_ROW)
551 identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
552
553 sqlite3_finalize(statement);
554
555 return identity;
556}
557
558Name
559BasicIdentityStorage::getDefaultKeyNameForIdentity(const Name& identityName)
560{
561 sqlite3_stmt *statement;
562 sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
563
564 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
565
566 int res = sqlite3_step(statement);
567
568 Name keyName;
569
570 if (res == SQLITE_ROW)
571 keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
572
573 sqlite3_finalize(statement);
574
575 return keyName;
576}
577
578Name
579BasicIdentityStorage::getDefaultCertificateNameForKey(const Name& keyName)
580{
581 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
582 Name identityName = keyName.getSubName(0, keyName.size() - 1);
583
584 sqlite3_stmt *statement;
585 sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
586
587 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
588 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
589
590 int res = sqlite3_step(statement);
591
592 Name certName;
593
594 if (res == SQLITE_ROW)
595 certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
596
597 sqlite3_finalize(statement);
598
599 return certName;
600}
601
602void
603BasicIdentityStorage::setDefaultIdentity(const Name& identityName)
604{
605 sqlite3_stmt *statement;
606
607 //Reset previous default identity
608 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
609
610 while (sqlite3_step(statement) == SQLITE_ROW)
611 {}
612
613 sqlite3_finalize(statement);
614
615 //Set current default identity
616 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
617
618 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
619
620 sqlite3_step(statement);
621
622 sqlite3_finalize(statement);
623}
624
625void
626BasicIdentityStorage::setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck)
627{
628 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
629 Name identityName = keyName.getSubName(0, keyName.size() - 1);
630
631 if (identityNameCheck.size() > 0 && !identityNameCheck.equals(identityName))
632 throw SecurityException("Specified identity name does not match the key name");
633
634 sqlite3_stmt *statement;
635
636 //Reset previous default Key
637 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
638
639 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
640
641 while (sqlite3_step(statement) == SQLITE_ROW)
642 {}
643
644 sqlite3_finalize(statement);
645
646 //Set current default Key
647 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
648
649 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
650 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
651
652 sqlite3_step(statement);
653
654 sqlite3_finalize(statement);
655}
656
657void
658BasicIdentityStorage::setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName)
659{
660 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
661 Name identityName = keyName.getSubName(0, keyName.size() - 1);
662
663 sqlite3_stmt *statement;
664
665 //Reset previous default Key
666 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
667
668 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
669 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
670
671 while (sqlite3_step(statement) == SQLITE_ROW)
672 {}
673
674 sqlite3_finalize(statement);
675
676 //Set current default Key
677 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
678
679 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
680 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
681 sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
682
683 sqlite3_step(statement);
684
685 sqlite3_finalize(statement);
686}
687
688}
689
Jeff Thompsonb7523002013-10-09 10:25:00 -0700[diff] [blame]690#endif // NDN_CPP_HAVE_SQLITE3