blob: 5055dc80e899cf25ac20223061538213b8b10f82 [file] [log] [blame]
Jeff Thompson7ca11f22013-10-04 19:01:30 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
5 * See COPYING for copyright and distribution information.
6 */
7
Jeff Thompsonb7523002013-10-09 10:25:00 -07008// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
Jeff Thompson6e229042013-10-10 11:09:49 -07009#include <ndn-cpp/ndn-cpp-config.h>
Jeff Thompson1975def2013-10-09 17:06:43 -070010#ifdef NDN_CPP_HAVE_SQLITE3
Jeff Thompson7ca11f22013-10-04 19:01:30 -070011
Jeff Thompson814d2052013-10-09 18:52:19 -070012#if 1
13#include <stdexcept>
14#endif
Jeff Thompson7ca11f22013-10-04 19:01:30 -070015#include <stdlib.h>
16#include <sstream>
17#include <fstream>
Jeff Thompson25b4e612013-10-10 16:03:24 -070018#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -070019#include "../../util/logging.hpp"
Jeff Thompson25b4e612013-10-10 16:03:24 -070020#include <ndn-cpp/security//security-exception.hpp>
Jeff Thompson7ca11f22013-10-04 19:01:30 -070021#include "ndn-cpp/data.hpp"
22
23#if 0
24#include "ndn.cxx/fields/signature-sha256-with-rsa.h"
25#include "ndn.cxx/regex/regex.h"
26#include <boost/filesystem.hpp>
27#endif
28
29INIT_LOGGER("BasicIdentityStorage");
30
31using namespace std;
32using namespace ndn::ptr_lib;
33#if 0
34namespace fs = boost::filesystem;
35#endif
36
37namespace ndn
38{
39
40static const string INIT_ID_TABLE = "\
41CREATE TABLE IF NOT EXISTS \n \
42 Identity( \n \
43 identity_name BLOB NOT NULL, \n \
44 default_identity INTEGER DEFAULT 0, \n \
45 \
46 PRIMARY KEY (identity_name) \n \
47 ); \n \
48 \
49CREATE INDEX identity_index ON Identity(identity_name); \n \
50";
51
52static const string INIT_KEY_TABLE = "\
53CREATE TABLE IF NOT EXISTS \n \
54 Key( \n \
55 identity_name BLOB NOT NULL, \n \
56 key_identifier BLOB NOT NULL, \n \
57 key_type INTEGER, \n \
58 public_key BLOB, \n \
59 default_key INTEGER DEFAULT 0, \n \
60 active INTEGER DEFAULT 0, \n \
61 \
62 PRIMARY KEY (identity_name, key_identifier) \n \
63 ); \n \
64 \
65CREATE INDEX key_index ON Key(identity_name); \n \
66";
67
68static const string INIT_CERT_TABLE = "\
69CREATE TABLE IF NOT EXISTS \n \
70 Certificate( \n \
71 cert_name BLOB NOT NULL, \n \
72 cert_issuer BLOB NOT NULL, \n \
73 identity_name BLOB NOT NULL, \n \
74 key_identifier BLOB NOT NULL, \n \
75 not_before TIMESTAMP, \n \
76 not_after TIMESTAMP, \n \
77 certificate_data BLOB NOT NULL, \n \
78 valid_flag INTEGER DEFAULT 0, \n \
79 default_cert INTEGER DEFAULT 0, \n \
80 \
81 PRIMARY KEY (cert_name) \n \
82 ); \n \
83 \
84CREATE INDEX cert_index ON Certificate(cert_name); \n \
85CREATE INDEX subject ON Certificate(identity_name); \n \
86";
87
88/**
89 * A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
90 */
91static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(*destructor)(void*))
92{
93 return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
94}
95
96BasicIdentityStorage::BasicIdentityStorage()
97{
98#if 0
99 fs::path identityDir = fs::path(getenv("HOME")) / ".ndn-identity";
100 fs::create_directories(identityDir);
101
102 int res = sqlite3_open((identityDir / "identity.db").c_str(), &database_);
103
104 if (res != SQLITE_OK)
105 {
106 throw SecurityException("identity DB cannot be opened/created");
107 }
108#endif
109
110 //Check if Key table exists;
111 sqlite3_stmt *statement;
112 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
113 int res = sqlite3_step(statement);
114
115 bool idTableExists = false;
116 if (res == SQLITE_ROW)
117 idTableExists = true;
118
119 sqlite3_finalize(statement);
120
121 if (!idTableExists) {
122 char *errorMessage = 0;
123 res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
124
125 if (res != SQLITE_OK && errorMessage != 0) {
126 _LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
127 sqlite3_free(errorMessage);
128 }
129 }
130
131 //Check if Key table exists;
132 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
133 res = sqlite3_step(statement);
134
135 bool keyTableExists = false;
136 if (res == SQLITE_ROW)
137 keyTableExists = true;
138
139 sqlite3_finalize(statement);
140
141 if (!keyTableExists) {
142 char *errorMessage = 0;
143 res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
144
145 if (res != SQLITE_OK && errorMessage != 0) {
146 _LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
147 sqlite3_free(errorMessage);
148 }
149 }
150
151 //Check if Certificate table exists;
152 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
153 res = sqlite3_step(statement);
154
155 bool idCertificateTableExists = false;
156 if (res == SQLITE_ROW)
157 idCertificateTableExists = true;
158
159 sqlite3_finalize(statement);
160
161 if (!idCertificateTableExists) {
162 char *errorMessage = 0;
163 res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
164
165 if (res != SQLITE_OK && errorMessage != 0) {
166 _LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
167 sqlite3_free(errorMessage);
168 }
169 }
170}
171
172BasicIdentityStorage::~BasicIdentityStorage()
173{
174}
175
176bool
177BasicIdentityStorage::doesIdentityExist(const Name& identityName)
178{
179 bool result = false;
180
181 sqlite3_stmt *statement;
182 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
183
184 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
185 int res = sqlite3_step(statement);
186
187 if (res == SQLITE_ROW) {
188 int countAll = sqlite3_column_int(statement, 0);
189 if (countAll > 0)
190 result = true;
191 }
192
193 sqlite3_finalize(statement);
194
195 return result;
196}
197
198void
199BasicIdentityStorage::addIdentity(const Name& identityName)
200{
201 if (doesIdentityExist(identityName))
202 throw SecurityException("Identity already exists");
203
204 sqlite3_stmt *statement;
205
206 sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
207
208 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
209
210 int res = sqlite3_step(statement);
211
212 sqlite3_finalize(statement);
213}
214
215bool
216BasicIdentityStorage::revokeIdentity()
217{
218 //TODO:
219 return false;
220}
221
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700222Name
223BasicIdentityStorage::getNewKeyName(const Name& identityName, bool useKsk)
224{
Jeff Thompson1975def2013-10-09 17:06:43 -0700225#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700226 TimeInterval ti = time::NowUnixTimestamp();
227 ostringstream oss;
228 oss << ti.total_seconds();
229
230 string keyIdStr;
231
232 if (useKsk)
233 keyIdStr = ("KSK-" + oss.str());
234 else
235 keyIdStr = ("DSK-" + oss.str());
236
237
238 Name keyName = Name(identityName).append(keyIdStr);
239
240 if (doesKeyExist(keyName))
241 throw SecurityException("Key name already exists");
242
243 return keyName;
Jeff Thompson1975def2013-10-09 17:06:43 -0700244#else
245 throw logic_error("unimplemented");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700246#endif
Jeff Thompson1975def2013-10-09 17:06:43 -0700247}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700248
249bool
250BasicIdentityStorage::doesKeyExist(const Name& keyName)
251{
252 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
253 Name identityName = keyName.getSubName(0, keyName.size() - 1);
254
255 sqlite3_stmt *statement;
256 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
257
258 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
259 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
260
261 int res = sqlite3_step(statement);
262
263 bool keyIdExist = false;
264 if (res == SQLITE_ROW) {
265 int countAll = sqlite3_column_int(statement, 0);
266 if (countAll > 0)
267 keyIdExist = true;
268 }
269
270 sqlite3_finalize(statement);
271
272 return keyIdExist;
273}
274
275Name
276BasicIdentityStorage::getKeyNameForCertificate(const Name& certificateName)
277{
278 int i = certificateName.size() - 1;
279
280 for (; i >= 0; --i) {
281 if (certificateName.get(i).toEscapedString() == string("ID-CERT"))
282 break;
283 }
284
285 return certificateName.getSubName(0, i);
286}
287
288void
289BasicIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
290{
291 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
292 Name identityName = keyName.getSubName(0, keyName.size() - 1);
293
294
295 if (!doesIdentityExist(identityName))
296 addIdentity(identityName);
297
298 if (doesKeyExist(keyName))
299 throw SecurityException("a key with the same name already exists!");
300
301 sqlite3_stmt *statement;
302 sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
303
304 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
305 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
306 sqlite3_bind_int(statement, 3, (int)keyType);
307 sqlite3_bind_blob(statement, 4, publicKeyDer.buf(), publicKeyDer.size(), SQLITE_TRANSIENT);
308
309 int res = sqlite3_step(statement);
310
311 sqlite3_finalize(statement);
312}
313
314Blob
315BasicIdentityStorage::getKey(const Name& keyName)
316{
317 if (!doesKeyExist(keyName)) {
318 _LOG_DEBUG("keyName does not exist");
319 return Blob();
320 }
321
322 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
323 Name identityName = keyName.getSubName(0, keyName.size() - 1);
324
325 sqlite3_stmt *statement;
326 sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
327
328 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
329 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
330
331 int res = sqlite3_step(statement);
332
333 Blob result;
334 if (res == SQLITE_ROW)
335 result = Blob(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
336
337 sqlite3_finalize(statement);
338
339 return result;
340}
341
342void
343BasicIdentityStorage::activateKey(const Name& keyName)
344{
345 updateKeyStatus(keyName, true);
346}
347
348void
349BasicIdentityStorage::deactivateKey(const Name& keyName)
350{
351 updateKeyStatus(keyName, false);
352}
353
354void
355BasicIdentityStorage::updateKeyStatus(const Name& keyName, bool isActive)
356{
357 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
358 Name identityName = keyName.getSubName(0, keyName.size() - 1);
359
360 sqlite3_stmt *statement;
361 sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
362
363 sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
364 sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
365 sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
366
367 int res = sqlite3_step(statement);
368
369 sqlite3_finalize(statement);
370}
371
372bool
373BasicIdentityStorage::doesCertificateExist(const Name& certificateName)
374{
375 sqlite3_stmt *statement;
376 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
377
378 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
379
380 int res = sqlite3_step(statement);
381
382 bool certExist = false;
383 if (res == SQLITE_ROW) {
384 int countAll = sqlite3_column_int(statement, 0);
385 if (countAll > 0)
386 certExist = true;
387 }
388
389 sqlite3_finalize(statement);
390
391 return certExist;
392}
393
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700394void
Jeff Thompsonc69163b2013-10-12 13:49:50 -0700395BasicIdentityStorage::addAnyCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700396{
Jeff Thompson1975def2013-10-09 17:06:43 -0700397#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700398 const Name& certificateName = certificate.getName();
399 Name keyName = getKeyNameForCertificate(certificateName);
400
401 string keyId = keyName.get(keyName.size() - 1).toUri();
402 Name identityName = keyName.getSubName(0, keyName.size() - 1);
403
404 sqlite3_stmt *statement;
405 sqlite3_prepare_v2(database_,
406 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
407 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
408 -1, &statement, 0);
409
410
411 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
412 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
413
414 Ptr<const signature::Sha256WithRsa> signature = boost::dynamic_pointer_cast<const signature::Sha256WithRsa>(certificate.getSignature());
415 const Name& signerName = signature->getKeyLocator().getKeyName();
416 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
417
418 sqlite3_bind_text(statement, 3, identityName.toUri(), SQLITE_TRANSIENT);
419 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
420
421 sqlite3_bind_int64(statement, 5, (sqlite3_int64)(certificate.getNotBefore() - time::UNIX_EPOCH_TIME).total_seconds());
422 sqlite3_bind_int64(statement, 6, (sqlite3_int64)(certificate.getNotAfter() - time::UNIX_EPOCH_TIME).total_seconds());
423
424 Blob certificateEncoding = certificate.wireEncode();
425
426 sqlite3_bind_blob(statement, 7, certificateEncoding->buf(), certBlob->size(), SQLITE_TRANSIENT);
427
428 int res = sqlite3_step(statement);
429
430 sqlite3_finalize(statement);
Jeff Thompson1975def2013-10-09 17:06:43 -0700431#else
432 throw logic_error("unimplemented");
433#endif
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700434}
435
436void
Jeff Thompsonc69163b2013-10-12 13:49:50 -0700437BasicIdentityStorage::addCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700438{
Jeff Thompson1975def2013-10-09 17:06:43 -0700439#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700440 _LOG_DEBUG("1");
441 const Name& certificateName = certificate.getName();
442 Name keyName = getKeyNameForCertificate(certificateName);
443
444 _LOG_DEBUG("2");
445 if (!doesKeyExist(keyName))
446 {
447 _LOG_DEBUG("here wrong");
448 throw SecurityException("No corresponding Key record for the certificate!");
449 }
450
451 // Check if certificate has already existed!
452 if (doesCertificateExist(certificateName))
453 throw SecurityException("Certificate has already been installed!");
454
455 _LOG_DEBUG("3");
456 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
457 Name identity = keyName.getSubName(0, keyName.size() - 1);
458
459 // Check if the public key of certificate is the same as the key record
460
461 Ptr<Blob> keyBlob = getKey(keyName);
462
463 if (keyBlob == NULL or (*keyBlob) != (certificate.getPublicKeyInfo().getKeyBlob()))
464 throw SecurityException("Certificate does not match the public key!");
465
466 _LOG_DEBUG("4");
467 // Insert the certificate
468 sqlite3_stmt *statement;
469 sqlite3_prepare_v2(database_,
470 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
471 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
472 -1, &statement, 0);
473
474 _LOG_DEBUG("certName: " << certificateName.toUri().c_str());
475 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
476
477 Ptr<const signature::Sha256WithRsa> signature = boost::dynamic_pointer_cast<const signature::Sha256WithRsa>(certificate.getSignature());
478 const Name & signerName = signature->getKeyLocator().getKeyName();
479 sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
480
481 sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
482 sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
483
484 sqlite3_bind_int64(statement, 5, (sqlite3_int64)(certificate.getNotBefore() - time::UNIX_EPOCH_TIME).total_seconds());
485 sqlite3_bind_int64(statement, 6, (sqlite3_int64)(certificate.getNotAfter() - time::UNIX_EPOCH_TIME).total_seconds());
486
487 Blob certificateEncoding = certificate.wireEncode();
488
489 sqlite3_bind_blob(statement, 7, certificateEncoding->buf(), certificateEncoding->size(), SQLITE_TRANSIENT);
490
491 int res = sqlite3_step(statement);
492
493 sqlite3_finalize(statement);
Jeff Thompson1975def2013-10-09 17:06:43 -0700494#else
495 throw logic_error("unimplemented");
496#endif
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700497}
498
499shared_ptr<Certificate>
500BasicIdentityStorage::getCertificate(const Name &certificateName, bool allowAny)
501{
Jeff Thompson1975def2013-10-09 17:06:43 -0700502#if 0
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700503 if (doesCertificateExist(certificateName)) {
504 sqlite3_stmt *statement;
505 if (!allowAny) {
506 sqlite3_prepare_v2(database_,
507 "SELECT certificate_data FROM Certificate \
508 WHERE cert_name=? AND not_before<datetime(?, 'unixepoch') AND not_after>datetime(?, 'unixepoch') and valid_flag=1",
509 -1, &statement, 0);
510
511 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
512 sqlite3_bind_int64(statement, 2, (sqlite3_int64)time::NowUnixTimestamp().total_seconds());
513 sqlite3_bind_int64(statement, 3, (sqlite3_int64)time::NowUnixTimestamp().total_seconds());
514 }
515 else {
516 sqlite3_prepare_v2(database_,
517 "SELECT certificate_data FROM Certificate WHERE cert_name=?", -1, &statement, 0);
518
519 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
520 }
521
522 int res = sqlite3_step(statement);
523
524 shared_ptr<Certificate> certificate(new Certificate());
525
526 if (res == SQLITE_ROW)
527 certificate->wireDecode(sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0));
528 sqlite3_finalize(statement);
529
530 return certificate;
531 }
532 else {
533 _LOG_DEBUG("Certificate does not exist!");
534 return shared_ptr<Certificate>();
535 }
Jeff Thompson1975def2013-10-09 17:06:43 -0700536#else
537 throw logic_error("unimplemented");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700538#endif
Jeff Thompson1975def2013-10-09 17:06:43 -0700539}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700540
541Name
542BasicIdentityStorage::getDefaultIdentity()
543{
544 sqlite3_stmt *statement;
545 sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
546
547 int res = sqlite3_step(statement);
548
549 Name identity;
550
551 if (res == SQLITE_ROW)
552 identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
553
554 sqlite3_finalize(statement);
555
556 return identity;
557}
558
559Name
560BasicIdentityStorage::getDefaultKeyNameForIdentity(const Name& identityName)
561{
562 sqlite3_stmt *statement;
563 sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
564
565 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
566
567 int res = sqlite3_step(statement);
568
569 Name keyName;
570
571 if (res == SQLITE_ROW)
572 keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
573
574 sqlite3_finalize(statement);
575
576 return keyName;
577}
578
579Name
580BasicIdentityStorage::getDefaultCertificateNameForKey(const Name& keyName)
581{
582 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
583 Name identityName = keyName.getSubName(0, keyName.size() - 1);
584
585 sqlite3_stmt *statement;
586 sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
587
588 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
589 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
590
591 int res = sqlite3_step(statement);
592
593 Name certName;
594
595 if (res == SQLITE_ROW)
596 certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
597
598 sqlite3_finalize(statement);
599
600 return certName;
601}
602
603void
604BasicIdentityStorage::setDefaultIdentity(const Name& identityName)
605{
606 sqlite3_stmt *statement;
607
608 //Reset previous default identity
609 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
610
611 while (sqlite3_step(statement) == SQLITE_ROW)
612 {}
613
614 sqlite3_finalize(statement);
615
616 //Set current default identity
617 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
618
619 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
620
621 sqlite3_step(statement);
622
623 sqlite3_finalize(statement);
624}
625
626void
627BasicIdentityStorage::setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck)
628{
629 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
630 Name identityName = keyName.getSubName(0, keyName.size() - 1);
631
632 if (identityNameCheck.size() > 0 && !identityNameCheck.equals(identityName))
633 throw SecurityException("Specified identity name does not match the key name");
634
635 sqlite3_stmt *statement;
636
637 //Reset previous default Key
638 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
639
640 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
641
642 while (sqlite3_step(statement) == SQLITE_ROW)
643 {}
644
645 sqlite3_finalize(statement);
646
647 //Set current default Key
648 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
649
650 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
651 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
652
653 sqlite3_step(statement);
654
655 sqlite3_finalize(statement);
656}
657
658void
659BasicIdentityStorage::setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName)
660{
661 string keyId = keyName.get(keyName.size() - 1).toEscapedString();
662 Name identityName = keyName.getSubName(0, keyName.size() - 1);
663
664 sqlite3_stmt *statement;
665
666 //Reset previous default Key
667 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
668
669 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
670 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
671
672 while (sqlite3_step(statement) == SQLITE_ROW)
673 {}
674
675 sqlite3_finalize(statement);
676
677 //Set current default Key
678 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
679
680 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
681 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
682 sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
683
684 sqlite3_step(statement);
685
686 sqlite3_finalize(statement);
687}
688
689}
690
Jeff Thompsonb7523002013-10-09 10:25:00 -0700691#endif // NDN_CPP_HAVE_SQLITE3