Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 8758158085b0617217b13556f92cf55fda883f8b / . / src / security / identity / sec-public-info-sqlite3.cpp
blob: 78ea986d5402e6c641d0b5085ccc228696425af0 [file] [log] [blame]
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
Jeff Thompson22285ec2013-10-22 17:43:02 -0700[diff] [blame]5 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]6 * See COPYING for copyright and distribution information.
7 */
8
Jeff Thompsonb7523002013-10-09 10:25:00 -0700[diff] [blame]9// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
Jeff Thompson6e229042013-10-10 11:09:49 -0700[diff] [blame]10#include <ndn-cpp/ndn-cpp-config.h>
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]11#ifdef NDN_CPP_HAVE_SQLITE3
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]12
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]13#include <stdio.h>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]14#include <stdlib.h>
15#include <sstream>
16#include <fstream>
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]17#include "../../util/logging.hpp"
Jeff Thompson3bd90bc2013-10-19 16:40:14 -0700[diff] [blame]18#include "../../c/util/time.h"
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]19#include <ndn-cpp/data.hpp>
20#include <ndn-cpp/security/certificate/identity-certificate.hpp>
21#include <ndn-cpp/security/identity/sec-public-info-sqlite3.hpp>
Alexander Afanasyev6be1a6a2014-01-06 00:08:14 -0800[diff] [blame]22#include <ndn-cpp/security/signature/signature-sha256-with-rsa.hpp>
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]23
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]24
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]25INIT_LOGGER("BasicKeyMetaInfo");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]26
27using namespace std;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]28
29namespace ndn
30{
31
32static const string INIT_ID_TABLE = "\
33CREATE TABLE IF NOT EXISTS \n \
34 Identity( \n \
35 identity_name BLOB NOT NULL, \n \
36 default_identity INTEGER DEFAULT 0, \n \
37 \
38 PRIMARY KEY (identity_name) \n \
39 ); \n \
40 \
41CREATE INDEX identity_index ON Identity(identity_name); \n \
42";
43
44static const string INIT_KEY_TABLE = "\
45CREATE TABLE IF NOT EXISTS \n \
46 Key( \n \
47 identity_name BLOB NOT NULL, \n \
48 key_identifier BLOB NOT NULL, \n \
49 key_type INTEGER, \n \
50 public_key BLOB, \n \
51 default_key INTEGER DEFAULT 0, \n \
52 active INTEGER DEFAULT 0, \n \
53 \
54 PRIMARY KEY (identity_name, key_identifier) \n \
55 ); \n \
56 \
57CREATE INDEX key_index ON Key(identity_name); \n \
58";
59
60static const string INIT_CERT_TABLE = "\
61CREATE TABLE IF NOT EXISTS \n \
62 Certificate( \n \
63 cert_name BLOB NOT NULL, \n \
64 cert_issuer BLOB NOT NULL, \n \
65 identity_name BLOB NOT NULL, \n \
66 key_identifier BLOB NOT NULL, \n \
67 not_before TIMESTAMP, \n \
68 not_after TIMESTAMP, \n \
69 certificate_data BLOB NOT NULL, \n \
Jeff Thompson22285ec2013-10-22 17:43:02 -0700[diff] [blame]70 valid_flag INTEGER DEFAULT 1, \n \
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]71 default_cert INTEGER DEFAULT 0, \n \
72 \
73 PRIMARY KEY (cert_name) \n \
74 ); \n \
75 \
76CREATE INDEX cert_index ON Certificate(cert_name); \n \
77CREATE INDEX subject ON Certificate(identity_name); \n \
78";
79
80/**
81 * A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
82 */
83static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(*destructor)(void*))
84{
85 return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
86}
87
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]88SecPublicInfoSqlite3::SecPublicInfoSqlite3()
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]89{
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]90 // Note: We don't use <filesystem> support because it is not "header-only" and require linking to libraries.
Jeff Thompsonab5440f2013-10-22 11:54:00 -0700[diff] [blame]91 // TODO: Handle non-unix file system paths which don't use '/'.
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]92 const char* home = getenv("HOME");
93 if (!home || *home == '\0')
94 // Don't expect this to happen;
95 home = ".";
96 string homeDir(home);
97 if (homeDir[homeDir.size() - 1] == '/')
98 // Strip the ending '/'.
99 homeDir.erase(homeDir.size() - 1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]100
Jeff Thompsonac64b132013-11-25 15:04:53 -0800[diff] [blame]101 string identityDir = homeDir + '/' + ".ndnx";
102 // TODO: Handle non-unix file systems which don't have "mkdir -p".
Jeff Thompsonab5440f2013-10-22 11:54:00 -0700[diff] [blame]103 ::system(("mkdir -p " + identityDir).c_str());
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]104
Jeff Thompsonac64b132013-11-25 15:04:53 -0800[diff] [blame]105 int res = sqlite3_open((identityDir + '/' + "ndnsec-identity.db").c_str(), &database_);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]106
107 if (res != SQLITE_OK)
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]108 throw Error("identity DB cannot be opened/created");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]109
110 //Check if Key table exists;
111 sqlite3_stmt *statement;
112 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
Jeff Thompson351ac302013-10-19 18:45:00 -0700[diff] [blame]113 res = sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]114
115 bool idTableExists = false;
116 if (res == SQLITE_ROW)
117 idTableExists = true;
118
119 sqlite3_finalize(statement);
120
121 if (!idTableExists) {
122 char *errorMessage = 0;
123 res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
124
125 if (res != SQLITE_OK && errorMessage != 0) {
126 _LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
127 sqlite3_free(errorMessage);
128 }
129 }
130
131 //Check if Key table exists;
132 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
133 res = sqlite3_step(statement);
134
135 bool keyTableExists = false;
136 if (res == SQLITE_ROW)
137 keyTableExists = true;
138
139 sqlite3_finalize(statement);
140
141 if (!keyTableExists) {
142 char *errorMessage = 0;
143 res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
144
145 if (res != SQLITE_OK && errorMessage != 0) {
146 _LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
147 sqlite3_free(errorMessage);
148 }
149 }
150
151 //Check if Certificate table exists;
152 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
153 res = sqlite3_step(statement);
154
155 bool idCertificateTableExists = false;
156 if (res == SQLITE_ROW)
157 idCertificateTableExists = true;
158
159 sqlite3_finalize(statement);
160
161 if (!idCertificateTableExists) {
162 char *errorMessage = 0;
163 res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
164
165 if (res != SQLITE_OK && errorMessage != 0) {
166 _LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
167 sqlite3_free(errorMessage);
168 }
169 }
170}
171
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]172SecPublicInfoSqlite3::~SecPublicInfoSqlite3()
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]173{
174}
175
176bool
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]177SecPublicInfoSqlite3::doesIdentityExist(const Name& identityName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]178{
179 bool result = false;
180
181 sqlite3_stmt *statement;
182 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
183
184 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
185 int res = sqlite3_step(statement);
186
187 if (res == SQLITE_ROW) {
188 int countAll = sqlite3_column_int(statement, 0);
189 if (countAll > 0)
190 result = true;
191 }
192
193 sqlite3_finalize(statement);
194
195 return result;
196}
197
198void
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]199SecPublicInfoSqlite3::addIdentity(const Name& identityName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]200{
201 if (doesIdentityExist(identityName))
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]202 throw Error("Identity already exists");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]203
204 sqlite3_stmt *statement;
205
206 sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
207
208 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
209
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800[diff] [blame]210 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]211
212 sqlite3_finalize(statement);
213}
214
215bool
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]216SecPublicInfoSqlite3::revokeIdentity()
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]217{
218 //TODO:
219 return false;
220}
221
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]222bool
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]223SecPublicInfoSqlite3::doesPublicKeyExist(const Name& keyName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]224{
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]225 string keyId = keyName.get(-1).toEscapedString();
226 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]227
228 sqlite3_stmt *statement;
229 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
230
231 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
232 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
233
234 int res = sqlite3_step(statement);
235
236 bool keyIdExist = false;
237 if (res == SQLITE_ROW) {
238 int countAll = sqlite3_column_int(statement, 0);
239 if (countAll > 0)
240 keyIdExist = true;
241 }
242
243 sqlite3_finalize(statement);
244
245 return keyIdExist;
246}
247
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]248void
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]249SecPublicInfoSqlite3::addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKeyDer)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]250{
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]251 string keyId = keyName.get(-1).toEscapedString();
252 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]253
254
255 if (!doesIdentityExist(identityName))
256 addIdentity(identityName);
257
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]258 if (doesPublicKeyExist(keyName))
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]259 throw Error("a key with the same name already exists!");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]260
261 sqlite3_stmt *statement;
262 sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
263
264 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
265 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
266 sqlite3_bind_int(statement, 3, (int)keyType);
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]267 sqlite3_bind_blob(statement, 4, publicKeyDer.get().buf(), publicKeyDer.get().size(), SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]268
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800[diff] [blame]269 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]270
271 sqlite3_finalize(statement);
272}
273
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]274ptr_lib::shared_ptr<PublicKey>
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]275SecPublicInfoSqlite3::getPublicKey(const Name& keyName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]276{
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]277 if (!doesPublicKeyExist(keyName)) {
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]278 _LOG_DEBUG("keyName does not exist");
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]279 return ptr_lib::shared_ptr<PublicKey>();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]280 }
281
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]282 string keyId = keyName.get(-1).toEscapedString();
283 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]284
285 sqlite3_stmt *statement;
286 sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
287
288 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
289 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
290
291 int res = sqlite3_step(statement);
292
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]293 ptr_lib::shared_ptr<PublicKey> result;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]294 if (res == SQLITE_ROW)
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]295 result = ptr_lib::make_shared<PublicKey>(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]296
297 sqlite3_finalize(statement);
298
299 return result;
300}
301
302void
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]303SecPublicInfoSqlite3::updateKeyStatus(const Name& keyName, bool isActive)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]304{
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]305 string keyId = keyName.get(-1).toEscapedString();
306 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]307
308 sqlite3_stmt *statement;
309 sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
310
311 sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
312 sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
313 sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
314
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800[diff] [blame]315 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]316
317 sqlite3_finalize(statement);
318}
319
320bool
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]321SecPublicInfoSqlite3::doesCertificateExist(const Name& certificateName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]322{
323 sqlite3_stmt *statement;
324 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
325
326 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
327
328 int res = sqlite3_step(statement);
329
330 bool certExist = false;
331 if (res == SQLITE_ROW) {
332 int countAll = sqlite3_column_int(statement, 0);
333 if (countAll > 0)
334 certExist = true;
335 }
336
337 sqlite3_finalize(statement);
338
339 return certExist;
340}
341
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]342void
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]343SecPublicInfoSqlite3::addAnyCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]344{
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]345 std::string certificateName = certificate.getName().toUri();
Jeff Thompson22285ec2013-10-22 17:43:02 -0700[diff] [blame]346 Name keyName = certificate.getPublicKeyName();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]347
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]348 std::string keyId = keyName.get(-1).toEscapedString();
349 std::string identityName = keyName.getPrefix(-1).toUri();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]350
351 sqlite3_stmt *statement;
352 sqlite3_prepare_v2(database_,
353 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
354 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
355 -1, &statement, 0);
356
357
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]358 _LOG_DEBUG("certName: " << certificateName);
359 sqlite3_bind_text(statement, 1, certificateName, SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]360
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]361 // this will throw an exception if the signature is not the standard one or there is no key locator present
362 SignatureSha256WithRsa signature(certificate.getSignature());
363 std::string signerName = signature.getKeyLocator().getName().toUri();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]364
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]365 sqlite3_bind_text(statement, 2, signerName, SQLITE_STATIC);
366
367 sqlite3_bind_text(statement, 3, identityName, SQLITE_STATIC);
368 sqlite3_bind_text(statement, 4, keyId, SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]369
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]370 // Convert from milliseconds to seconds since 1/1/1970.
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]371 sqlite3_bind_int64(statement, 5, static_cast<sqlite3_int64>(certificate.getNotBefore() / 1000));
372 sqlite3_bind_int64(statement, 6, static_cast<sqlite3_int64>(certificate.getNotAfter() / 1000));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]373
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]374 sqlite3_bind_blob(statement, 7, certificate.wireEncode().wire(), certificate.wireEncode().size(), SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]375
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800[diff] [blame]376 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]377
378 sqlite3_finalize(statement);
379}
380
381void
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]382SecPublicInfoSqlite3::addCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]383{
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]384 const Name& certificateName = certificate.getName();
Jeff Thompson22285ec2013-10-22 17:43:02 -0700[diff] [blame]385 Name keyName = certificate.getPublicKeyName();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]386
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]387 if (!doesPublicKeyExist(keyName))
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]388 throw Error("No corresponding Key record for certificate!" + keyName.toUri() + " " + certificateName.toUri());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]389
390 // Check if certificate has already existed!
391 if (doesCertificateExist(certificateName))
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]392 throw Error("Certificate has already been installed!");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]393
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]394 string keyId = keyName.get(-1).toEscapedString();
395 Name identity = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]396
397 // Check if the public key of certificate is the same as the key record
398
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]399 ptr_lib::shared_ptr<PublicKey> pubKey = getPublicKey(keyName);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]400
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]401 if (!pubKey || (*pubKey) != certificate.getPublicKeyInfo())
402 throw Error("Certificate does not match the public key!");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]403
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]404 // Insert the certificate
405 sqlite3_stmt *statement;
406 sqlite3_prepare_v2(database_,
407 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
408 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
409 -1, &statement, 0);
410
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]411 _LOG_DEBUG("certName: " << certificateName.toUri());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]412 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
413
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]414 // this will throw an exception if the signature is not the standard one or there is no key locator present
415 SignatureSha256WithRsa signature(certificate.getSignature());
416 std::string signerName = signature.getKeyLocator().getName().toUri();
417
418 sqlite3_bind_text(statement, 2, signerName, SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]419
420 sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]421 sqlite3_bind_text(statement, 4, keyId, SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]422
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700[diff] [blame]423 // Convert from milliseconds to seconds since 1/1/1970.
424 sqlite3_bind_int64(statement, 5, (sqlite3_int64)floor(certificate.getNotBefore() / 1000.0));
425 sqlite3_bind_int64(statement, 6, (sqlite3_int64)floor(certificate.getNotAfter() / 1000.0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]426
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]427 sqlite3_bind_blob(statement, 7, certificate.wireEncode().wire(), certificate.wireEncode().size(), SQLITE_TRANSIENT);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]428
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800[diff] [blame]429 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]430
431 sqlite3_finalize(statement);
432}
433
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]434ptr_lib::shared_ptr<IdentityCertificate>
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]435SecPublicInfoSqlite3::getCertificate(const Name &certificateName, bool allowAny)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]436{
437 if (doesCertificateExist(certificateName)) {
438 sqlite3_stmt *statement;
439 if (!allowAny) {
440 sqlite3_prepare_v2(database_,
441 "SELECT certificate_data FROM Certificate \
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]442 WHERE cert_name=? AND not_before<datetime('now') AND not_after>datetime('now') and valid_flag=1",
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]443 -1, &statement, 0);
444
445 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]446 }
447 else {
448 sqlite3_prepare_v2(database_,
449 "SELECT certificate_data FROM Certificate WHERE cert_name=?", -1, &statement, 0);
450
451 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
452 }
453
454 int res = sqlite3_step(statement);
455
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]456 ptr_lib::shared_ptr<IdentityCertificate> certificate = ptr_lib::make_shared<IdentityCertificate>();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]457 if (res == SQLITE_ROW)
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]458 {
459 certificate->wireDecode(Block((const uint8_t*)sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0)));
460 }
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]461 sqlite3_finalize(statement);
462
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]463 return certificate;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]464 }
465 else {
466 _LOG_DEBUG("Certificate does not exist!");
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800[diff] [blame]467 return ptr_lib::shared_ptr<IdentityCertificate>();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]468 }
Jeff Thompson1975def2013-10-09 17:06:43 -0700[diff] [blame]469}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]470
471Name
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]472SecPublicInfoSqlite3::getDefaultIdentity()
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]473{
474 sqlite3_stmt *statement;
475 sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
476
477 int res = sqlite3_step(statement);
478
479 Name identity;
480
481 if (res == SQLITE_ROW)
482 identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
483
484 sqlite3_finalize(statement);
485
486 return identity;
487}
488
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]489void
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]490SecPublicInfoSqlite3::setDefaultIdentityInternal(const Name& identityName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]491{
492 sqlite3_stmt *statement;
493
494 //Reset previous default identity
495 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
496
497 while (sqlite3_step(statement) == SQLITE_ROW)
498 {}
499
500 sqlite3_finalize(statement);
501
502 //Set current default identity
503 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
504
505 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
506
507 sqlite3_step(statement);
508
509 sqlite3_finalize(statement);
510}
511
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]512Name
513SecPublicInfoSqlite3::getDefaultKeyNameForIdentity(const Name& identityName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]514{
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]515 sqlite3_stmt *statement;
516 sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]517
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]518 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
519
520 int res = sqlite3_step(statement);
521
522 Name keyName;
523
524 if (res == SQLITE_ROW)
525 keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
526
527 sqlite3_finalize(statement);
528
529 return keyName;
530}
531
532void
533SecPublicInfoSqlite3::setDefaultKeyNameForIdentityInternal(const Name& keyName)
534{
535 string keyId = keyName.get(-1).toEscapedString();
536 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]537
538 sqlite3_stmt *statement;
539
540 //Reset previous default Key
541 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
542
543 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
544
545 while (sqlite3_step(statement) == SQLITE_ROW)
546 {}
547
548 sqlite3_finalize(statement);
549
550 //Set current default Key
551 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
552
553 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
554 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
555
556 sqlite3_step(statement);
557
558 sqlite3_finalize(statement);
559}
560
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]561Name
562SecPublicInfoSqlite3::getDefaultCertificateNameForKey(const Name& keyName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]563{
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]564 string keyId = keyName.get(-1).toEscapedString();
565 Name identityName = keyName.getPrefix(-1);
566
567 sqlite3_stmt *statement;
568 sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
569
570 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
571 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
572
573 int res = sqlite3_step(statement);
574
575 Name certName;
576
577 if (res == SQLITE_ROW)
578 certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
579
580 sqlite3_finalize(statement);
581
582 return certName;
583}
584
585void
586SecPublicInfoSqlite3::setDefaultCertificateNameForKeyInternal(const Name& certificateName)
587{
588 Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificateName);
589 string keyId = keyName.get(-1).toEscapedString();
590 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]591
592 sqlite3_stmt *statement;
593
594 //Reset previous default Key
595 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
596
597 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
598 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
599
600 while (sqlite3_step(statement) == SQLITE_ROW)
601 {}
602
603 sqlite3_finalize(statement);
604
605 //Set current default Key
606 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
607
608 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
609 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
610 sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
611
612 sqlite3_step(statement);
613
614 sqlite3_finalize(statement);
615}
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame]616
617vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]618SecPublicInfoSqlite3::getAllIdentities(bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame]619{
620 sqlite3_stmt *stmt;
621 if(isDefault)
622 sqlite3_prepare_v2 (database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &stmt, 0);
623 else
624 sqlite3_prepare_v2 (database_, "SELECT identity_name FROM Identity WHERE default_identity=0", -1, &stmt, 0);
625
626 vector<Name> nameList;
627 while(sqlite3_step (stmt) == SQLITE_ROW)
628 nameList.push_back(Name(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0))));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]629
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame]630 sqlite3_finalize (stmt);
631 return nameList;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700[diff] [blame]632}
633
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame]634vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]635SecPublicInfoSqlite3::getAllKeyNames(bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame]636{
637 sqlite3_stmt *stmt;
638 if(isDefault)
639 sqlite3_prepare_v2 (database_, "SELECT identity_name, key_identifier FROM Key WHERE default_key=1", -1, &stmt, 0);
640 else
641 sqlite3_prepare_v2 (database_, "SELECT identity_name, key_identifier FROM Key WHERE default_key=0", -1, &stmt, 0);
642
643 vector<Name> nameList;
644 while(sqlite3_step (stmt) == SQLITE_ROW)
645 {
646 Name keyName(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
647 keyName.append(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 1)), sqlite3_column_bytes (stmt, 1)));
648 nameList.push_back(keyName);
649 }
650 sqlite3_finalize (stmt);
651 return nameList;
652}
653
654vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]655SecPublicInfoSqlite3::getAllKeyNamesOfIdentity(const Name& identity, bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame]656{
657 sqlite3_stmt *stmt;
658 if(isDefault)
659 sqlite3_prepare_v2 (database_, "SELECT key_identifier FROM Key WHERE default_key=1 and identity_name=?", -1, &stmt, 0);
660 else
661 sqlite3_prepare_v2 (database_, "SELECT key_identifier FROM Key WHERE default_key=0 and identity_name=?", -1, &stmt, 0);
662
663 sqlite3_bind_text(stmt, 1, identity.toUri().c_str(), identity.toUri().size (), SQLITE_TRANSIENT);
664
665 vector<Name> nameList;
666 while(sqlite3_step (stmt) == SQLITE_ROW)
667 {
668 Name keyName(identity);
669 keyName.append(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
670 nameList.push_back(keyName);
671 }
672 sqlite3_finalize (stmt);
673 return nameList;
674}
675
676vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]677SecPublicInfoSqlite3::getAllCertificateNames(bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame]678{
679 sqlite3_stmt *stmt;
680 if(isDefault)
681 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=1", -1, &stmt, 0);
682 else
683 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=0", -1, &stmt, 0);
684
685 vector<Name> nameList;
686 while(sqlite3_step (stmt) == SQLITE_ROW)
687 nameList.push_back(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
688
689 sqlite3_finalize (stmt);
690 return nameList;
691}
692
693vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]694SecPublicInfoSqlite3::getAllCertificateNamesOfKey(const Name& keyName, bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame]695{
696 sqlite3_stmt *stmt;
697 if(isDefault)
698 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=1 and identity_name=? and key_identifier=?", -1, &stmt, 0);
699 else
700 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=0 and identity_name=? and key_identifier=?", -1, &stmt, 0);
701
Yingdi Yu87581582014-01-14 14:28:39 -0800[diff] [blame^]702 Name identity = keyName.getPrefix(-1);
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800[diff] [blame]703 sqlite3_bind_text(stmt, 1, identity.toUri().c_str(), identity.toUri().size (), SQLITE_TRANSIENT);
704 std::string baseKeyName = keyName.get(-1).toEscapedString();
705 sqlite3_bind_text(stmt, 2, baseKeyName.c_str(), baseKeyName.size(), SQLITE_TRANSIENT);
706
707 vector<Name> nameList;
708 while(sqlite3_step (stmt) == SQLITE_ROW)
709 nameList.push_back(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
710
711 sqlite3_finalize (stmt);
712 return nameList;
713}
714
715} // namespace ndn
716
Jeff Thompsonb7523002013-10-09 10:25:00 -0700[diff] [blame]717#endif // NDN_CPP_HAVE_SQLITE3