blob: 8bf1c1a98f04f756b3ce801f6e467ad278ae8310 [file] [log] [blame]
Jeff Thompson7ca11f22013-10-04 19:01:30 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * See COPYING for copyright and distribution information.
6 */
7
Jeff Thompsonb7523002013-10-09 10:25:00 -07008// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
Jeff Thompson6e229042013-10-10 11:09:49 -07009#include <ndn-cpp/ndn-cpp-config.h>
Jeff Thompson1975def2013-10-09 17:06:43 -070010#ifdef NDN_CPP_HAVE_SQLITE3
Jeff Thompson7ca11f22013-10-04 19:01:30 -070011
Jeff Thompson351ac302013-10-19 18:45:00 -070012#include <stdio.h>
Jeff Thompson7ca11f22013-10-04 19:01:30 -070013#include <stdlib.h>
14#include <sstream>
15#include <fstream>
Jeff Thompson3bd90bc2013-10-19 16:40:14 -070016#include <math.h>
Jeff Thompson25b4e612013-10-10 16:03:24 -070017#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -070018#include "../../util/logging.hpp"
Jeff Thompson3bd90bc2013-10-19 16:40:14 -070019#include <ndn-cpp/security/security-exception.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -070020#include "ndn-cpp/data.hpp"
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -070021#include <ndn-cpp/security/certificate/identity-certificate.hpp>
Jeff Thompson3bd90bc2013-10-19 16:40:14 -070022#include "../../c/util/time.h"
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -070023#include <ndn-cpp/sha256-with-rsa-signature.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -070024
25INIT_LOGGER("BasicIdentityStorage");
26
27using namespace std;
28using namespace ndn::ptr_lib;
Jeff Thompson7ca11f22013-10-04 19:01:30 -070029
30namespace ndn
31{
32
33static const string INIT_ID_TABLE = "\
34CREATE TABLE IF NOT EXISTS \n \
35 Identity( \n \
36 identity_name BLOB NOT NULL, \n \
37 default_identity INTEGER DEFAULT 0, \n \
38 \
39 PRIMARY KEY (identity_name) \n \
40 ); \n \
41 \
42CREATE INDEX identity_index ON Identity(identity_name); \n \
43";
44
45static const string INIT_KEY_TABLE = "\
46CREATE TABLE IF NOT EXISTS \n \
47 Key( \n \
48 identity_name BLOB NOT NULL, \n \
49 key_identifier BLOB NOT NULL, \n \
50 key_type INTEGER, \n \
51 public_key BLOB, \n \
52 default_key INTEGER DEFAULT 0, \n \
53 active INTEGER DEFAULT 0, \n \
54 \
55 PRIMARY KEY (identity_name, key_identifier) \n \
56 ); \n \
57 \
58CREATE INDEX key_index ON Key(identity_name); \n \
59";
60
61static const string INIT_CERT_TABLE = "\
62CREATE TABLE IF NOT EXISTS \n \
63 Certificate( \n \
64 cert_name BLOB NOT NULL, \n \
65 cert_issuer BLOB NOT NULL, \n \
66 identity_name BLOB NOT NULL, \n \
67 key_identifier BLOB NOT NULL, \n \
68 not_before TIMESTAMP, \n \
69 not_after TIMESTAMP, \n \
70 certificate_data BLOB NOT NULL, \n \
71 valid_flag INTEGER DEFAULT 0, \n \
72 default_cert INTEGER DEFAULT 0, \n \
73 \
74 PRIMARY KEY (cert_name) \n \
75 ); \n \
76 \
77CREATE INDEX cert_index ON Certificate(cert_name); \n \
78CREATE INDEX subject ON Certificate(identity_name); \n \
79";
80
81/**
82 * A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
83 */
84static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(*destructor)(void*))
85{
86 return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
87}
88
89BasicIdentityStorage::BasicIdentityStorage()
90{
Jeff Thompson351ac302013-10-19 18:45:00 -070091 // Note: We don't use <filesystem> support because it is not "header-only" and require linking to libraries.
92 // TOOD: Handle non-unix file system paths which don't use '/'.
93 const char* home = getenv("HOME");
94 if (!home || *home == '\0')
95 // Don't expect this to happen;
96 home = ".";
97 string homeDir(home);
98 if (homeDir[homeDir.size() - 1] == '/')
99 // Strip the ending '/'.
100 homeDir.erase(homeDir.size() - 1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700101
Jeff Thompson351ac302013-10-19 18:45:00 -0700102 string identityDir = homeDir + '/' + ".ndn-identity";
103 ::system(("mkdir " + identityDir).c_str());
104
105 int res = sqlite3_open((identityDir + '/' + "identity.db").c_str(), &database_);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700106
107 if (res != SQLITE_OK)
Jeff Thompson351ac302013-10-19 18:45:00 -0700108 throw SecurityException("identity DB cannot be opened/created");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700109
110 //Check if Key table exists;
111 sqlite3_stmt *statement;
112 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
Jeff Thompson351ac302013-10-19 18:45:00 -0700113 res = sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700114
115 bool idTableExists = false;
116 if (res == SQLITE_ROW)
117 idTableExists = true;
118
119 sqlite3_finalize(statement);
120
121 if (!idTableExists) {
122 char *errorMessage = 0;
123 res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
124
125 if (res != SQLITE_OK && errorMessage != 0) {
126 _LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
127 sqlite3_free(errorMessage);
128 }
129 }
130
131 //Check if Key table exists;
132 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
133 res = sqlite3_step(statement);
134
135 bool keyTableExists = false;
136 if (res == SQLITE_ROW)
137 keyTableExists = true;
138
139 sqlite3_finalize(statement);
140
141 if (!keyTableExists) {
142 char *errorMessage = 0;
143 res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
144
145 if (res != SQLITE_OK && errorMessage != 0) {
146 _LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
147 sqlite3_free(errorMessage);
148 }
149 }
150
151 //Check if Certificate table exists;
152 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
153 res = sqlite3_step(statement);
154
155 bool idCertificateTableExists = false;
156 if (res == SQLITE_ROW)
157 idCertificateTableExists = true;
158
159 sqlite3_finalize(statement);
160
161 if (!idCertificateTableExists) {
162 char *errorMessage = 0;
163 res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
164
165 if (res != SQLITE_OK && errorMessage != 0) {
166 _LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
167 sqlite3_free(errorMessage);
168 }
169 }
170}
171
172BasicIdentityStorage::~BasicIdentityStorage()
173{
174}
175
176bool
177BasicIdentityStorage::doesIdentityExist(const Name& identityName)
178{
179 bool result = false;
180
181 sqlite3_stmt *statement;
182 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
183
184 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
185 int res = sqlite3_step(statement);
186
187 if (res == SQLITE_ROW) {
188 int countAll = sqlite3_column_int(statement, 0);
189 if (countAll > 0)
190 result = true;
191 }
192
193 sqlite3_finalize(statement);
194
195 return result;
196}
197
198void
199BasicIdentityStorage::addIdentity(const Name& identityName)
200{
201 if (doesIdentityExist(identityName))
202 throw SecurityException("Identity already exists");
203
204 sqlite3_stmt *statement;
205
206 sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
207
208 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
209
210 int res = sqlite3_step(statement);
211
212 sqlite3_finalize(statement);
213}
214
215bool
216BasicIdentityStorage::revokeIdentity()
217{
218 //TODO:
219 return false;
220}
221
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700222Name
223BasicIdentityStorage::getNewKeyName(const Name& identityName, bool useKsk)
224{
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700225 MillisecondsSince1970 ti = ::ndn_getNowMilliseconds();
226 // Get the number of seconds.
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700227 ostringstream oss;
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700228 oss << floor(ti / 1000.0);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700229
230 string keyIdStr;
231
232 if (useKsk)
233 keyIdStr = ("KSK-" + oss.str());
234 else
235 keyIdStr = ("DSK-" + oss.str());
236
237
238 Name keyName = Name(identityName).append(keyIdStr);
239
240 if (doesKeyExist(keyName))
241 throw SecurityException("Key name already exists");
242
243 return keyName;
Jeff Thompson1975def2013-10-09 17:06:43 -0700244}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700245
246bool
247BasicIdentityStorage::doesKeyExist(const Name& keyName)
248{
249 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
250 Name identityName = keyName.getSubName(0, keyName.size() - 1);
251
252 sqlite3_stmt *statement;
253 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
254
255 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
256 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
257
258 int res = sqlite3_step(statement);
259
260 bool keyIdExist = false;
261 if (res == SQLITE_ROW) {
262 int countAll = sqlite3_column_int(statement, 0);
263 if (countAll > 0)
264 keyIdExist = true;
265 }
266
267 sqlite3_finalize(statement);
268
269 return keyIdExist;
270}
271
272Name
273BasicIdentityStorage::getKeyNameForCertificate(const Name& certificateName)
274{
275 int i = certificateName.size() - 1;
276
277 for (; i >= 0; --i) {
278 if (certificateName.get(i).toEscapedString() == string("ID-CERT"))
279 break;
280 }
281
282 return certificateName.getSubName(0, i);
283}
284
285void
286BasicIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
287{
288 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
289 Name identityName = keyName.getSubName(0, keyName.size() - 1);
290
291
292 if (!doesIdentityExist(identityName))
293 addIdentity(identityName);
294
295 if (doesKeyExist(keyName))
296 throw SecurityException("a key with the same name already exists!");
297
298 sqlite3_stmt *statement;
299 sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
300
301 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
302 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
303 sqlite3_bind_int(statement, 3, (int)keyType);
304 sqlite3_bind_blob(statement, 4, publicKeyDer.buf(), publicKeyDer.size(), SQLITE_TRANSIENT);
305
306 int res = sqlite3_step(statement);
307
308 sqlite3_finalize(statement);
309}
310
311Blob
312BasicIdentityStorage::getKey(const Name& keyName)
313{
314 if (!doesKeyExist(keyName)) {
315 _LOG_DEBUG("keyName does not exist");
316 return Blob();
317 }
318
319 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
320 Name identityName = keyName.getSubName(0, keyName.size() - 1);
321
322 sqlite3_stmt *statement;
323 sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
324
325 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
326 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
327
328 int res = sqlite3_step(statement);
329
330 Blob result;
331 if (res == SQLITE_ROW)
332 result = Blob(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
333
334 sqlite3_finalize(statement);
335
336 return result;
337}
338
339void
340BasicIdentityStorage::activateKey(const Name& keyName)
341{
342 updateKeyStatus(keyName, true);
343}
344
345void
346BasicIdentityStorage::deactivateKey(const Name& keyName)
347{
348 updateKeyStatus(keyName, false);
349}
350
351void
352BasicIdentityStorage::updateKeyStatus(const Name& keyName, bool isActive)
353{
354 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
355 Name identityName = keyName.getSubName(0, keyName.size() - 1);
356
357 sqlite3_stmt *statement;
358 sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
359
360 sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
361 sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
362 sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
363
364 int res = sqlite3_step(statement);
365
366 sqlite3_finalize(statement);
367}
368
369bool
370BasicIdentityStorage::doesCertificateExist(const Name& certificateName)
371{
372 sqlite3_stmt *statement;
373 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
374
375 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
376
377 int res = sqlite3_step(statement);
378
379 bool certExist = false;
380 if (res == SQLITE_ROW) {
381 int countAll = sqlite3_column_int(statement, 0);
382 if (countAll > 0)
383 certExist = true;
384 }
385
386 sqlite3_finalize(statement);
387
388 return certExist;
389}
390
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700391void
Jeff Thompsonc69163b2013-10-12 13:49:50 -0700392BasicIdentityStorage::addAnyCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700393{
394 const Name& certificateName = certificate.getName();
395 Name keyName = getKeyNameForCertificate(certificateName);
396
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700397 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700398 Name identityName = keyName.getSubName(0, keyName.size() - 1);
399
400 sqlite3_stmt *statement;
401 sqlite3_prepare_v2(database_,
402 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
403 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
404 -1, &statement, 0);
405
406
407 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
408 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
409
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700410 const Sha256WithRsaSignature* signature = dynamic_cast<const Sha256WithRsaSignature*>(certificate.getSignature());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700411 const Name& signerName = signature->getKeyLocator().getKeyName();
412 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
413
414 sqlite3_bind_text(statement, 3, identityName.toUri(), SQLITE_TRANSIENT);
415 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
416
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700417 // Convert from milliseconds to seconds since 1/1/1970.
418 sqlite3_bind_int64(statement, 5, (sqlite3_int64)floor(certificate.getNotBefore() / 1000.0));
419 sqlite3_bind_int64(statement, 6, (sqlite3_int64)floor(certificate.getNotAfter() / 1000.0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700420
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700421 if (!certificate.getDefaultWireEncoding())
422 certificate.wireEncode();
423 sqlite3_bind_blob(statement, 7, certificate.getDefaultWireEncoding().buf(), certificate.getDefaultWireEncoding().size(), SQLITE_TRANSIENT);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700424
425 int res = sqlite3_step(statement);
426
427 sqlite3_finalize(statement);
428}
429
430void
Jeff Thompsonc69163b2013-10-12 13:49:50 -0700431BasicIdentityStorage::addCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700432{
433 _LOG_DEBUG("1");
434 const Name& certificateName = certificate.getName();
435 Name keyName = getKeyNameForCertificate(certificateName);
436
437 _LOG_DEBUG("2");
438 if (!doesKeyExist(keyName))
439 {
440 _LOG_DEBUG("here wrong");
441 throw SecurityException("No corresponding Key record for the certificate!");
442 }
443
444 // Check if certificate has already existed!
445 if (doesCertificateExist(certificateName))
446 throw SecurityException("Certificate has already been installed!");
447
448 _LOG_DEBUG("3");
449 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
450 Name identity = keyName.getSubName(0, keyName.size() - 1);
451
452 // Check if the public key of certificate is the same as the key record
453
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700454 Blob keyBlob = getKey(keyName);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700455
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700456 if (!keyBlob || (*keyBlob) != *(certificate.getPublicKeyInfo().getKeyDer()))
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700457 throw SecurityException("Certificate does not match the public key!");
458
459 _LOG_DEBUG("4");
460 // Insert the certificate
461 sqlite3_stmt *statement;
462 sqlite3_prepare_v2(database_,
463 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
464 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
465 -1, &statement, 0);
466
467 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
468 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
469
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700470 const Sha256WithRsaSignature* signature = dynamic_cast<const Sha256WithRsaSignature*>(certificate.getSignature());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700471 const Name & signerName = signature->getKeyLocator().getKeyName();
472 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
473
474 sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
475 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
476
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700477 // Convert from milliseconds to seconds since 1/1/1970.
478 sqlite3_bind_int64(statement, 5, (sqlite3_int64)floor(certificate.getNotBefore() / 1000.0));
479 sqlite3_bind_int64(statement, 6, (sqlite3_int64)floor(certificate.getNotAfter() / 1000.0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700480
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700481 if (!certificate.getDefaultWireEncoding())
482 certificate.wireEncode();
483 sqlite3_bind_blob(statement, 7, certificate.getDefaultWireEncoding().buf(), certificate.getDefaultWireEncoding().size(), SQLITE_TRANSIENT);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700484
485 int res = sqlite3_step(statement);
486
487 sqlite3_finalize(statement);
488}
489
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700490shared_ptr<Data>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700491BasicIdentityStorage::getCertificate(const Name &certificateName, bool allowAny)
492{
493 if (doesCertificateExist(certificateName)) {
494 sqlite3_stmt *statement;
495 if (!allowAny) {
496 sqlite3_prepare_v2(database_,
497 "SELECT certificate_data FROM Certificate \
498 WHERE cert_name=? AND not_before<datetime(?, 'unixepoch') AND not_after>datetime(?, 'unixepoch') and valid_flag=1",
499 -1, &statement, 0);
500
501 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700502 sqlite3_bind_int64(statement, 2, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
503 sqlite3_bind_int64(statement, 3, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700504 }
505 else {
506 sqlite3_prepare_v2(database_,
507 "SELECT certificate_data FROM Certificate WHERE cert_name=?", -1, &statement, 0);
508
509 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
510 }
511
512 int res = sqlite3_step(statement);
513
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700514 shared_ptr<Data> data;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700515
516 if (res == SQLITE_ROW)
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700517 data->wireDecode((const uint8_t*)sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700518 sqlite3_finalize(statement);
519
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700520 return data;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700521 }
522 else {
523 _LOG_DEBUG("Certificate does not exist!");
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700524 return shared_ptr<Data>();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700525 }
Jeff Thompson1975def2013-10-09 17:06:43 -0700526}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700527
528Name
529BasicIdentityStorage::getDefaultIdentity()
530{
531 sqlite3_stmt *statement;
532 sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
533
534 int res = sqlite3_step(statement);
535
536 Name identity;
537
538 if (res == SQLITE_ROW)
539 identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
540
541 sqlite3_finalize(statement);
542
543 return identity;
544}
545
546Name
547BasicIdentityStorage::getDefaultKeyNameForIdentity(const Name& identityName)
548{
549 sqlite3_stmt *statement;
550 sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
551
552 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
553
554 int res = sqlite3_step(statement);
555
556 Name keyName;
557
558 if (res == SQLITE_ROW)
559 keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
560
561 sqlite3_finalize(statement);
562
563 return keyName;
564}
565
566Name
567BasicIdentityStorage::getDefaultCertificateNameForKey(const Name& keyName)
568{
569 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
570 Name identityName = keyName.getSubName(0, keyName.size() - 1);
571
572 sqlite3_stmt *statement;
573 sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
574
575 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
576 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
577
578 int res = sqlite3_step(statement);
579
580 Name certName;
581
582 if (res == SQLITE_ROW)
583 certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
584
585 sqlite3_finalize(statement);
586
587 return certName;
588}
589
590void
591BasicIdentityStorage::setDefaultIdentity(const Name& identityName)
592{
593 sqlite3_stmt *statement;
594
595 //Reset previous default identity
596 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
597
598 while (sqlite3_step(statement) == SQLITE_ROW)
599 {}
600
601 sqlite3_finalize(statement);
602
603 //Set current default identity
604 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
605
606 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
607
608 sqlite3_step(statement);
609
610 sqlite3_finalize(statement);
611}
612
613void
614BasicIdentityStorage::setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck)
615{
616 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
617 Name identityName = keyName.getSubName(0, keyName.size() - 1);
618
619 if (identityNameCheck.size() > 0 && !identityNameCheck.equals(identityName))
620 throw SecurityException("Specified identity name does not match the key name");
621
622 sqlite3_stmt *statement;
623
624 //Reset previous default Key
625 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
626
627 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
628
629 while (sqlite3_step(statement) == SQLITE_ROW)
630 {}
631
632 sqlite3_finalize(statement);
633
634 //Set current default Key
635 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
636
637 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
638 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
639
640 sqlite3_step(statement);
641
642 sqlite3_finalize(statement);
643}
644
645void
646BasicIdentityStorage::setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName)
647{
648 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
649 Name identityName = keyName.getSubName(0, keyName.size() - 1);
650
651 sqlite3_stmt *statement;
652
653 //Reset previous default Key
654 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
655
656 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
657 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
658
659 while (sqlite3_step(statement) == SQLITE_ROW)
660 {}
661
662 sqlite3_finalize(statement);
663
664 //Set current default Key
665 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
666
667 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
668 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
669 sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
670
671 sqlite3_step(statement);
672
673 sqlite3_finalize(statement);
674}
675
676}
677
Jeff Thompsonb7523002013-10-09 10:25:00 -0700678#endif // NDN_CPP_HAVE_SQLITE3