Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 649e95fe53ed73b610b6b57124618feb21b52f2f / . / ndn-cpp / security / identity / basic-identity-storage.cpp
blob: 135bbe8ba0ab9b4c5b31ed8b3baa4a363d0fda23 [file] [log] [blame]
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * See COPYING for copyright and distribution information.
6 */
7
Jeff Thompson649e95f2013-10-08 17:13:09 -0700[diff] [blame^]8// Only compile if ndn-cpp-config.h defines HAVE_SQLITE3.
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]9#include "../../c/common.h"
10#if 0 // temporarily disable.
11//#ifdef HAVE_SQLITE3
12
13#include <stdlib.h>
14#include <sstream>
15#include <fstream>
16#include "basic-identity-storage.hpp"
17#include "../../util/logging.hpp"
18#include "../security-exception.hpp"
19#include "ndn-cpp/data.hpp"
20
21#if 0
22#include "ndn.cxx/fields/signature-sha256-with-rsa.h"
23#include "ndn.cxx/regex/regex.h"
24#include <boost/filesystem.hpp>
25#endif
26
27INIT_LOGGER("BasicIdentityStorage");
28
29using namespace std;
30using namespace ndn::ptr_lib;
31#if 0
32namespace fs = boost::filesystem;
33#endif
34
35namespace ndn
36{
37
38static const string INIT_ID_TABLE = "\
39CREATE TABLE IF NOT EXISTS \n \
40 Identity( \n \
41 identity_name BLOB NOT NULL, \n \
42 default_identity INTEGER DEFAULT 0, \n \
43 \
44 PRIMARY KEY (identity_name) \n \
45 ); \n \
46 \
47CREATE INDEX identity_index ON Identity(identity_name); \n \
48";
49
50static const string INIT_KEY_TABLE = "\
51CREATE TABLE IF NOT EXISTS \n \
52 Key( \n \
53 identity_name BLOB NOT NULL, \n \
54 key_identifier BLOB NOT NULL, \n \
55 key_type INTEGER, \n \
56 public_key BLOB, \n \
57 default_key INTEGER DEFAULT 0, \n \
58 active INTEGER DEFAULT 0, \n \
59 \
60 PRIMARY KEY (identity_name, key_identifier) \n \
61 ); \n \
62 \
63CREATE INDEX key_index ON Key(identity_name); \n \
64";
65
66static const string INIT_CERT_TABLE = "\
67CREATE TABLE IF NOT EXISTS \n \
68 Certificate( \n \
69 cert_name BLOB NOT NULL, \n \
70 cert_issuer BLOB NOT NULL, \n \
71 identity_name BLOB NOT NULL, \n \
72 key_identifier BLOB NOT NULL, \n \
73 not_before TIMESTAMP, \n \
74 not_after TIMESTAMP, \n \
75 certificate_data BLOB NOT NULL, \n \
76 valid_flag INTEGER DEFAULT 0, \n \
77 default_cert INTEGER DEFAULT 0, \n \
78 \
79 PRIMARY KEY (cert_name) \n \
80 ); \n \
81 \
82CREATE INDEX cert_index ON Certificate(cert_name); \n \
83CREATE INDEX subject ON Certificate(identity_name); \n \
84";
85
86/**
87 * A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
88 */
89static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(*destructor)(void*))
90{
91 return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
92}
93
94BasicIdentityStorage::BasicIdentityStorage()
95{
96#if 0
97 fs::path identityDir = fs::path(getenv("HOME")) / ".ndn-identity";
98 fs::create_directories(identityDir);
99
100 int res = sqlite3_open((identityDir / "identity.db").c_str(), &database_);
101
102 if (res != SQLITE_OK)
103 {
104 throw SecurityException("identity DB cannot be opened/created");
105 }
106#endif
107
108 //Check if Key table exists;
109 sqlite3_stmt *statement;
110 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
111 int res = sqlite3_step(statement);
112
113 bool idTableExists = false;
114 if (res == SQLITE_ROW)
115 idTableExists = true;
116
117 sqlite3_finalize(statement);
118
119 if (!idTableExists) {
120 char *errorMessage = 0;
121 res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
122
123 if (res != SQLITE_OK && errorMessage != 0) {
124 _LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
125 sqlite3_free(errorMessage);
126 }
127 }
128
129 //Check if Key table exists;
130 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
131 res = sqlite3_step(statement);
132
133 bool keyTableExists = false;
134 if (res == SQLITE_ROW)
135 keyTableExists = true;
136
137 sqlite3_finalize(statement);
138
139 if (!keyTableExists) {
140 char *errorMessage = 0;
141 res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
142
143 if (res != SQLITE_OK && errorMessage != 0) {
144 _LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
145 sqlite3_free(errorMessage);
146 }
147 }
148
149 //Check if Certificate table exists;
150 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
151 res = sqlite3_step(statement);
152
153 bool idCertificateTableExists = false;
154 if (res == SQLITE_ROW)
155 idCertificateTableExists = true;
156
157 sqlite3_finalize(statement);
158
159 if (!idCertificateTableExists) {
160 char *errorMessage = 0;
161 res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
162
163 if (res != SQLITE_OK && errorMessage != 0) {
164 _LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
165 sqlite3_free(errorMessage);
166 }
167 }
168}
169
170BasicIdentityStorage::~BasicIdentityStorage()
171{
172}
173
174bool
175BasicIdentityStorage::doesIdentityExist(const Name& identityName)
176{
177 bool result = false;
178
179 sqlite3_stmt *statement;
180 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
181
182 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
183 int res = sqlite3_step(statement);
184
185 if (res == SQLITE_ROW) {
186 int countAll = sqlite3_column_int(statement, 0);
187 if (countAll > 0)
188 result = true;
189 }
190
191 sqlite3_finalize(statement);
192
193 return result;
194}
195
196void
197BasicIdentityStorage::addIdentity(const Name& identityName)
198{
199 if (doesIdentityExist(identityName))
200 throw SecurityException("Identity already exists");
201
202 sqlite3_stmt *statement;
203
204 sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
205
206 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
207
208 int res = sqlite3_step(statement);
209
210 sqlite3_finalize(statement);
211}
212
213bool
214BasicIdentityStorage::revokeIdentity()
215{
216 //TODO:
217 return false;
218}
219
220#if 0
221Name
222BasicIdentityStorage::getNewKeyName(const Name& identityName, bool useKsk)
223{
224 TimeInterval ti = time::NowUnixTimestamp();
225 ostringstream oss;
226 oss << ti.total_seconds();
227
228 string keyIdStr;
229
230 if (useKsk)
231 keyIdStr = ("KSK-" + oss.str());
232 else
233 keyIdStr = ("DSK-" + oss.str());
234
235
236 Name keyName = Name(identityName).append(keyIdStr);
237
238 if (doesKeyExist(keyName))
239 throw SecurityException("Key name already exists");
240
241 return keyName;
242}
243#endif
244
245bool
246BasicIdentityStorage::doesKeyExist(const Name& keyName)
247{
248 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
249 Name identityName = keyName.getSubName(0, keyName.size() - 1);
250
251 sqlite3_stmt *statement;
252 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
253
254 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
255 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
256
257 int res = sqlite3_step(statement);
258
259 bool keyIdExist = false;
260 if (res == SQLITE_ROW) {
261 int countAll = sqlite3_column_int(statement, 0);
262 if (countAll > 0)
263 keyIdExist = true;
264 }
265
266 sqlite3_finalize(statement);
267
268 return keyIdExist;
269}
270
271Name
272BasicIdentityStorage::getKeyNameForCertificate(const Name& certificateName)
273{
274 int i = certificateName.size() - 1;
275
276 for (; i >= 0; --i) {
277 if (certificateName.get(i).toEscapedString() == string("ID-CERT"))
278 break;
279 }
280
281 return certificateName.getSubName(0, i);
282}
283
284void
285BasicIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
286{
287 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
288 Name identityName = keyName.getSubName(0, keyName.size() - 1);
289
290
291 if (!doesIdentityExist(identityName))
292 addIdentity(identityName);
293
294 if (doesKeyExist(keyName))
295 throw SecurityException("a key with the same name already exists!");
296
297 sqlite3_stmt *statement;
298 sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
299
300 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
301 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
302 sqlite3_bind_int(statement, 3, (int)keyType);
303 sqlite3_bind_blob(statement, 4, publicKeyDer.buf(), publicKeyDer.size(), SQLITE_TRANSIENT);
304
305 int res = sqlite3_step(statement);
306
307 sqlite3_finalize(statement);
308}
309
310Blob
311BasicIdentityStorage::getKey(const Name& keyName)
312{
313 if (!doesKeyExist(keyName)) {
314 _LOG_DEBUG("keyName does not exist");
315 return Blob();
316 }
317
318 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
319 Name identityName = keyName.getSubName(0, keyName.size() - 1);
320
321 sqlite3_stmt *statement;
322 sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
323
324 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
325 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
326
327 int res = sqlite3_step(statement);
328
329 Blob result;
330 if (res == SQLITE_ROW)
331 result = Blob(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
332
333 sqlite3_finalize(statement);
334
335 return result;
336}
337
338void
339BasicIdentityStorage::activateKey(const Name& keyName)
340{
341 updateKeyStatus(keyName, true);
342}
343
344void
345BasicIdentityStorage::deactivateKey(const Name& keyName)
346{
347 updateKeyStatus(keyName, false);
348}
349
350void
351BasicIdentityStorage::updateKeyStatus(const Name& keyName, bool isActive)
352{
353 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
354 Name identityName = keyName.getSubName(0, keyName.size() - 1);
355
356 sqlite3_stmt *statement;
357 sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
358
359 sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
360 sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
361 sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
362
363 int res = sqlite3_step(statement);
364
365 sqlite3_finalize(statement);
366}
367
368bool
369BasicIdentityStorage::doesCertificateExist(const Name& certificateName)
370{
371 sqlite3_stmt *statement;
372 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
373
374 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
375
376 int res = sqlite3_step(statement);
377
378 bool certExist = false;
379 if (res == SQLITE_ROW) {
380 int countAll = sqlite3_column_int(statement, 0);
381 if (countAll > 0)
382 certExist = true;
383 }
384
385 sqlite3_finalize(statement);
386
387 return certExist;
388}
389
390#if 0
391void
392BasicIdentityStorage::addAnyCertificate(const Certificate& certificate)
393{
394 const Name& certificateName = certificate.getName();
395 Name keyName = getKeyNameForCertificate(certificateName);
396
397 string keyId = keyName.get(keyName.size() - 1).toUri();
398 Name identityName = keyName.getSubName(0, keyName.size() - 1);
399
400 sqlite3_stmt *statement;
401 sqlite3_prepare_v2(database_,
402 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
403 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
404 -1, &statement, 0);
405
406
407 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
408 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
409
410 Ptr<const signature::Sha256WithRsa> signature = boost::dynamic_pointer_cast<const signature::Sha256WithRsa>(certificate.getSignature());
411 const Name& signerName = signature->getKeyLocator().getKeyName();
412 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
413
414 sqlite3_bind_text(statement, 3, identityName.toUri(), SQLITE_TRANSIENT);
415 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
416
417 sqlite3_bind_int64(statement, 5, (sqlite3_int64)(certificate.getNotBefore() - time::UNIX_EPOCH_TIME).total_seconds());
418 sqlite3_bind_int64(statement, 6, (sqlite3_int64)(certificate.getNotAfter() - time::UNIX_EPOCH_TIME).total_seconds());
419
420 Blob certificateEncoding = certificate.wireEncode();
421
422 sqlite3_bind_blob(statement, 7, certificateEncoding->buf(), certBlob->size(), SQLITE_TRANSIENT);
423
424 int res = sqlite3_step(statement);
425
426 sqlite3_finalize(statement);
427}
428
429void
430BasicIdentityStorage::addCertificate(const Certificate& certificate)
431{
432 _LOG_DEBUG("1");
433 const Name& certificateName = certificate.getName();
434 Name keyName = getKeyNameForCertificate(certificateName);
435
436 _LOG_DEBUG("2");
437 if (!doesKeyExist(keyName))
438 {
439 _LOG_DEBUG("here wrong");
440 throw SecurityException("No corresponding Key record for the certificate!");
441 }
442
443 // Check if certificate has already existed!
444 if (doesCertificateExist(certificateName))
445 throw SecurityException("Certificate has already been installed!");
446
447 _LOG_DEBUG("3");
448 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
449 Name identity = keyName.getSubName(0, keyName.size() - 1);
450
451 // Check if the public key of certificate is the same as the key record
452
453 Ptr<Blob> keyBlob = getKey(keyName);
454
455 if (keyBlob == NULL or (*keyBlob) != (certificate.getPublicKeyInfo().getKeyBlob()))
456 throw SecurityException("Certificate does not match the public key!");
457
458 _LOG_DEBUG("4");
459 // Insert the certificate
460 sqlite3_stmt *statement;
461 sqlite3_prepare_v2(database_,
462 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
463 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
464 -1, &statement, 0);
465
466 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
467 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
468
469 Ptr<const signature::Sha256WithRsa> signature = boost::dynamic_pointer_cast<const signature::Sha256WithRsa>(certificate.getSignature());
470 const Name & signerName = signature->getKeyLocator().getKeyName();
471 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
472
473 sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
474 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
475
476 sqlite3_bind_int64(statement, 5, (sqlite3_int64)(certificate.getNotBefore() - time::UNIX_EPOCH_TIME).total_seconds());
477 sqlite3_bind_int64(statement, 6, (sqlite3_int64)(certificate.getNotAfter() - time::UNIX_EPOCH_TIME).total_seconds());
478
479 Blob certificateEncoding = certificate.wireEncode();
480
481 sqlite3_bind_blob(statement, 7, certificateEncoding->buf(), certificateEncoding->size(), SQLITE_TRANSIENT);
482
483 int res = sqlite3_step(statement);
484
485 sqlite3_finalize(statement);
486}
487
488shared_ptr<Certificate>
489BasicIdentityStorage::getCertificate(const Name &certificateName, bool allowAny)
490{
491 if (doesCertificateExist(certificateName)) {
492 sqlite3_stmt *statement;
493 if (!allowAny) {
494 sqlite3_prepare_v2(database_,
495 "SELECT certificate_data FROM Certificate \
496 WHERE cert_name=? AND not_before<datetime(?, 'unixepoch') AND not_after>datetime(?, 'unixepoch') and valid_flag=1",
497 -1, &statement, 0);
498
499 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
500 sqlite3_bind_int64(statement, 2, (sqlite3_int64)time::NowUnixTimestamp().total_seconds());
501 sqlite3_bind_int64(statement, 3, (sqlite3_int64)time::NowUnixTimestamp().total_seconds());
502 }
503 else {
504 sqlite3_prepare_v2(database_,
505 "SELECT certificate_data FROM Certificate WHERE cert_name=?", -1, &statement, 0);
506
507 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
508 }
509
510 int res = sqlite3_step(statement);
511
512 shared_ptr<Certificate> certificate(new Certificate());
513
514 if (res == SQLITE_ROW)
515 certificate->wireDecode(sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0));
516 sqlite3_finalize(statement);
517
518 return certificate;
519 }
520 else {
521 _LOG_DEBUG("Certificate does not exist!");
522 return shared_ptr<Certificate>();
523 }
524}
525#endif
526
527Name
528BasicIdentityStorage::getDefaultIdentity()
529{
530 sqlite3_stmt *statement;
531 sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
532
533 int res = sqlite3_step(statement);
534
535 Name identity;
536
537 if (res == SQLITE_ROW)
538 identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
539
540 sqlite3_finalize(statement);
541
542 return identity;
543}
544
545Name
546BasicIdentityStorage::getDefaultKeyNameForIdentity(const Name& identityName)
547{
548 sqlite3_stmt *statement;
549 sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
550
551 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
552
553 int res = sqlite3_step(statement);
554
555 Name keyName;
556
557 if (res == SQLITE_ROW)
558 keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
559
560 sqlite3_finalize(statement);
561
562 return keyName;
563}
564
565Name
566BasicIdentityStorage::getDefaultCertificateNameForKey(const Name& keyName)
567{
568 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
569 Name identityName = keyName.getSubName(0, keyName.size() - 1);
570
571 sqlite3_stmt *statement;
572 sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
573
574 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
575 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
576
577 int res = sqlite3_step(statement);
578
579 Name certName;
580
581 if (res == SQLITE_ROW)
582 certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
583
584 sqlite3_finalize(statement);
585
586 return certName;
587}
588
589void
590BasicIdentityStorage::setDefaultIdentity(const Name& identityName)
591{
592 sqlite3_stmt *statement;
593
594 //Reset previous default identity
595 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
596
597 while (sqlite3_step(statement) == SQLITE_ROW)
598 {}
599
600 sqlite3_finalize(statement);
601
602 //Set current default identity
603 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
604
605 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
606
607 sqlite3_step(statement);
608
609 sqlite3_finalize(statement);
610}
611
612void
613BasicIdentityStorage::setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck)
614{
615 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
616 Name identityName = keyName.getSubName(0, keyName.size() - 1);
617
618 if (identityNameCheck.size() > 0 && !identityNameCheck.equals(identityName))
619 throw SecurityException("Specified identity name does not match the key name");
620
621 sqlite3_stmt *statement;
622
623 //Reset previous default Key
624 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
625
626 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
627
628 while (sqlite3_step(statement) == SQLITE_ROW)
629 {}
630
631 sqlite3_finalize(statement);
632
633 //Set current default Key
634 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
635
636 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
637 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
638
639 sqlite3_step(statement);
640
641 sqlite3_finalize(statement);
642}
643
644void
645BasicIdentityStorage::setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName)
646{
647 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
648 Name identityName = keyName.getSubName(0, keyName.size() - 1);
649
650 sqlite3_stmt *statement;
651
652 //Reset previous default Key
653 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
654
655 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
656 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
657
658 while (sqlite3_step(statement) == SQLITE_ROW)
659 {}
660
661 sqlite3_finalize(statement);
662
663 //Set current default Key
664 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
665
666 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
667 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
668 sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
669
670 sqlite3_step(statement);
671
672 sqlite3_finalize(statement);
673}
674
675}
676
677#endif // HAVE_SQLITE3