blob: 37e872ef6bbcc0e69d752cc17e25991575389788 [file] [log] [blame]
Jeff Thompson7ca11f22013-10-04 19:01:30 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
2/**
3 * Copyright (C) 2013 Regents of the University of California.
4 * @author: Yingdi Yu <yingdi@cs.ucla.edu>
Jeff Thompson22285ec2013-10-22 17:43:02 -07005 * @author: Jeff Thompson <jefft0@remap.ucla.edu>
Jeff Thompson7ca11f22013-10-04 19:01:30 -07006 * See COPYING for copyright and distribution information.
7 */
8
Jeff Thompsonb7523002013-10-09 10:25:00 -07009// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
Jeff Thompson6e229042013-10-10 11:09:49 -070010#include <ndn-cpp/ndn-cpp-config.h>
Jeff Thompson1975def2013-10-09 17:06:43 -070011#ifdef NDN_CPP_HAVE_SQLITE3
Jeff Thompson7ca11f22013-10-04 19:01:30 -070012
Jeff Thompson351ac302013-10-19 18:45:00 -070013#include <stdio.h>
Jeff Thompson7ca11f22013-10-04 19:01:30 -070014#include <stdlib.h>
15#include <sstream>
16#include <fstream>
Yingdi Yu4f324632014-01-15 18:10:03 -080017#include "../util/logging.hpp"
18#include "../c/util/time.h"
Yingdi Yu87581582014-01-14 14:28:39 -080019#include <ndn-cpp/data.hpp>
Yingdi Yu4f324632014-01-15 18:10:03 -080020#include <ndn-cpp/security/identity-certificate.hpp>
21#include <ndn-cpp/security/sec-public-info-sqlite3.hpp>
22#include <ndn-cpp/security/signature-sha256-with-rsa.hpp>
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -080023
Jeff Thompson7ca11f22013-10-04 19:01:30 -070024
Yingdi Yu87581582014-01-14 14:28:39 -080025INIT_LOGGER("BasicKeyMetaInfo");
Jeff Thompson7ca11f22013-10-04 19:01:30 -070026
27using namespace std;
Jeff Thompson7ca11f22013-10-04 19:01:30 -070028
29namespace ndn
30{
31
32static const string INIT_ID_TABLE = "\
33CREATE TABLE IF NOT EXISTS \n \
34 Identity( \n \
35 identity_name BLOB NOT NULL, \n \
36 default_identity INTEGER DEFAULT 0, \n \
37 \
38 PRIMARY KEY (identity_name) \n \
39 ); \n \
40 \
41CREATE INDEX identity_index ON Identity(identity_name); \n \
42";
43
44static const string INIT_KEY_TABLE = "\
45CREATE TABLE IF NOT EXISTS \n \
46 Key( \n \
47 identity_name BLOB NOT NULL, \n \
48 key_identifier BLOB NOT NULL, \n \
49 key_type INTEGER, \n \
50 public_key BLOB, \n \
51 default_key INTEGER DEFAULT 0, \n \
52 active INTEGER DEFAULT 0, \n \
53 \
54 PRIMARY KEY (identity_name, key_identifier) \n \
55 ); \n \
56 \
57CREATE INDEX key_index ON Key(identity_name); \n \
58";
59
60static const string INIT_CERT_TABLE = "\
61CREATE TABLE IF NOT EXISTS \n \
62 Certificate( \n \
63 cert_name BLOB NOT NULL, \n \
64 cert_issuer BLOB NOT NULL, \n \
65 identity_name BLOB NOT NULL, \n \
66 key_identifier BLOB NOT NULL, \n \
67 not_before TIMESTAMP, \n \
68 not_after TIMESTAMP, \n \
69 certificate_data BLOB NOT NULL, \n \
Jeff Thompson22285ec2013-10-22 17:43:02 -070070 valid_flag INTEGER DEFAULT 1, \n \
Jeff Thompson7ca11f22013-10-04 19:01:30 -070071 default_cert INTEGER DEFAULT 0, \n \
72 \
73 PRIMARY KEY (cert_name) \n \
74 ); \n \
75 \
76CREATE INDEX cert_index ON Certificate(cert_name); \n \
77CREATE INDEX subject ON Certificate(identity_name); \n \
78";
79
80/**
81 * A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
82 */
83static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(*destructor)(void*))
84{
85 return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
86}
87
Yingdi Yu87581582014-01-14 14:28:39 -080088SecPublicInfoSqlite3::SecPublicInfoSqlite3()
Jeff Thompson7ca11f22013-10-04 19:01:30 -070089{
Jeff Thompson351ac302013-10-19 18:45:00 -070090 // Note: We don't use <filesystem> support because it is not "header-only" and require linking to libraries.
Jeff Thompsonab5440f2013-10-22 11:54:00 -070091 // TODO: Handle non-unix file system paths which don't use '/'.
Jeff Thompson351ac302013-10-19 18:45:00 -070092 const char* home = getenv("HOME");
93 if (!home || *home == '\0')
94 // Don't expect this to happen;
95 home = ".";
96 string homeDir(home);
97 if (homeDir[homeDir.size() - 1] == '/')
98 // Strip the ending '/'.
99 homeDir.erase(homeDir.size() - 1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700100
Jeff Thompsonac64b132013-11-25 15:04:53 -0800101 string identityDir = homeDir + '/' + ".ndnx";
102 // TODO: Handle non-unix file systems which don't have "mkdir -p".
Jeff Thompsonab5440f2013-10-22 11:54:00 -0700103 ::system(("mkdir -p " + identityDir).c_str());
Jeff Thompson351ac302013-10-19 18:45:00 -0700104
Jeff Thompsonac64b132013-11-25 15:04:53 -0800105 int res = sqlite3_open((identityDir + '/' + "ndnsec-identity.db").c_str(), &database_);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700106
107 if (res != SQLITE_OK)
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800108 throw Error("identity DB cannot be opened/created");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700109
110 //Check if Key table exists;
111 sqlite3_stmt *statement;
112 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
Jeff Thompson351ac302013-10-19 18:45:00 -0700113 res = sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700114
115 bool idTableExists = false;
116 if (res == SQLITE_ROW)
117 idTableExists = true;
118
119 sqlite3_finalize(statement);
120
121 if (!idTableExists) {
122 char *errorMessage = 0;
123 res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
124
125 if (res != SQLITE_OK && errorMessage != 0) {
126 _LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
127 sqlite3_free(errorMessage);
128 }
129 }
130
131 //Check if Key table exists;
132 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
133 res = sqlite3_step(statement);
134
135 bool keyTableExists = false;
136 if (res == SQLITE_ROW)
137 keyTableExists = true;
138
139 sqlite3_finalize(statement);
140
141 if (!keyTableExists) {
142 char *errorMessage = 0;
143 res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
144
145 if (res != SQLITE_OK && errorMessage != 0) {
146 _LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
147 sqlite3_free(errorMessage);
148 }
149 }
150
151 //Check if Certificate table exists;
152 sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
153 res = sqlite3_step(statement);
154
155 bool idCertificateTableExists = false;
156 if (res == SQLITE_ROW)
157 idCertificateTableExists = true;
158
159 sqlite3_finalize(statement);
160
161 if (!idCertificateTableExists) {
162 char *errorMessage = 0;
163 res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
164
165 if (res != SQLITE_OK && errorMessage != 0) {
166 _LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
167 sqlite3_free(errorMessage);
168 }
169 }
170}
171
Yingdi Yu87581582014-01-14 14:28:39 -0800172SecPublicInfoSqlite3::~SecPublicInfoSqlite3()
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700173{
174}
175
176bool
Yingdi Yu87581582014-01-14 14:28:39 -0800177SecPublicInfoSqlite3::doesIdentityExist(const Name& identityName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700178{
179 bool result = false;
180
181 sqlite3_stmt *statement;
182 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
183
184 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
185 int res = sqlite3_step(statement);
186
187 if (res == SQLITE_ROW) {
188 int countAll = sqlite3_column_int(statement, 0);
189 if (countAll > 0)
190 result = true;
191 }
192
193 sqlite3_finalize(statement);
194
195 return result;
196}
197
198void
Yingdi Yu87581582014-01-14 14:28:39 -0800199SecPublicInfoSqlite3::addIdentity(const Name& identityName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700200{
201 if (doesIdentityExist(identityName))
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800202 throw Error("Identity already exists");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700203
204 sqlite3_stmt *statement;
205
206 sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
207
208 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
209
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800210 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700211
212 sqlite3_finalize(statement);
213}
214
215bool
Yingdi Yu87581582014-01-14 14:28:39 -0800216SecPublicInfoSqlite3::revokeIdentity()
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700217{
218 //TODO:
219 return false;
220}
221
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700222bool
Yingdi Yu87581582014-01-14 14:28:39 -0800223SecPublicInfoSqlite3::doesPublicKeyExist(const Name& keyName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700224{
Yingdi Yu88663af2014-01-15 15:21:38 -0800225 if(keyName.empty())
226 throw Error("Incorrect key name " + keyName.toUri());
227
Yingdi Yu87581582014-01-14 14:28:39 -0800228 string keyId = keyName.get(-1).toEscapedString();
229 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700230
231 sqlite3_stmt *statement;
232 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
233
234 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
235 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
236
237 int res = sqlite3_step(statement);
238
239 bool keyIdExist = false;
240 if (res == SQLITE_ROW) {
241 int countAll = sqlite3_column_int(statement, 0);
242 if (countAll > 0)
243 keyIdExist = true;
244 }
245
246 sqlite3_finalize(statement);
247
248 return keyIdExist;
249}
250
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700251void
Yingdi Yu87581582014-01-14 14:28:39 -0800252SecPublicInfoSqlite3::addPublicKey(const Name& keyName, KeyType keyType, const PublicKey& publicKeyDer)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700253{
Yingdi Yu88663af2014-01-15 15:21:38 -0800254 if(keyName.empty())
255 throw Error("Incorrect key name " + keyName.toUri());
256
Yingdi Yu87581582014-01-14 14:28:39 -0800257 string keyId = keyName.get(-1).toEscapedString();
258 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700259
260
261 if (!doesIdentityExist(identityName))
262 addIdentity(identityName);
263
Yingdi Yu87581582014-01-14 14:28:39 -0800264 if (doesPublicKeyExist(keyName))
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800265 throw Error("a key with the same name already exists!");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700266
267 sqlite3_stmt *statement;
268 sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
269
270 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
271 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
272 sqlite3_bind_int(statement, 3, (int)keyType);
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800273 sqlite3_bind_blob(statement, 4, publicKeyDer.get().buf(), publicKeyDer.get().size(), SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700274
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800275 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700276
277 sqlite3_finalize(statement);
278}
279
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800280ptr_lib::shared_ptr<PublicKey>
Yingdi Yu87581582014-01-14 14:28:39 -0800281SecPublicInfoSqlite3::getPublicKey(const Name& keyName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700282{
Yingdi Yu87581582014-01-14 14:28:39 -0800283 if (!doesPublicKeyExist(keyName)) {
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700284 _LOG_DEBUG("keyName does not exist");
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800285 return ptr_lib::shared_ptr<PublicKey>();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700286 }
287
Yingdi Yu87581582014-01-14 14:28:39 -0800288 string keyId = keyName.get(-1).toEscapedString();
289 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700290
291 sqlite3_stmt *statement;
292 sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
293
294 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
295 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
296
297 int res = sqlite3_step(statement);
298
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800299 ptr_lib::shared_ptr<PublicKey> result;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700300 if (res == SQLITE_ROW)
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800301 result = ptr_lib::make_shared<PublicKey>(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700302
303 sqlite3_finalize(statement);
304
305 return result;
306}
307
308void
Yingdi Yu87581582014-01-14 14:28:39 -0800309SecPublicInfoSqlite3::updateKeyStatus(const Name& keyName, bool isActive)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700310{
Yingdi Yu88663af2014-01-15 15:21:38 -0800311 if(keyName.empty())
312 throw Error("Incorrect key name " + keyName.toUri());
313
Yingdi Yu87581582014-01-14 14:28:39 -0800314 string keyId = keyName.get(-1).toEscapedString();
315 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700316
317 sqlite3_stmt *statement;
318 sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
319
320 sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
321 sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
322 sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
323
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800324 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700325
326 sqlite3_finalize(statement);
327}
328
329bool
Yingdi Yu87581582014-01-14 14:28:39 -0800330SecPublicInfoSqlite3::doesCertificateExist(const Name& certificateName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700331{
332 sqlite3_stmt *statement;
333 sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
334
335 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
336
337 int res = sqlite3_step(statement);
338
339 bool certExist = false;
340 if (res == SQLITE_ROW) {
341 int countAll = sqlite3_column_int(statement, 0);
342 if (countAll > 0)
343 certExist = true;
344 }
345
346 sqlite3_finalize(statement);
347
348 return certExist;
349}
350
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700351void
Yingdi Yu87581582014-01-14 14:28:39 -0800352SecPublicInfoSqlite3::addAnyCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700353{
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800354 std::string certificateName = certificate.getName().toUri();
Yingdi Yu88663af2014-01-15 15:21:38 -0800355 Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
356
357 if(keyName.empty())
358 throw Error("Incorrect key name " + keyName.toUri());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700359
Yingdi Yu87581582014-01-14 14:28:39 -0800360 std::string keyId = keyName.get(-1).toEscapedString();
361 std::string identityName = keyName.getPrefix(-1).toUri();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700362
363 sqlite3_stmt *statement;
364 sqlite3_prepare_v2(database_,
365 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
366 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
367 -1, &statement, 0);
368
369
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800370 _LOG_DEBUG("certName: " << certificateName);
371 sqlite3_bind_text(statement, 1, certificateName, SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700372
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800373 // this will throw an exception if the signature is not the standard one or there is no key locator present
374 SignatureSha256WithRsa signature(certificate.getSignature());
375 std::string signerName = signature.getKeyLocator().getName().toUri();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700376
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800377 sqlite3_bind_text(statement, 2, signerName, SQLITE_STATIC);
378
379 sqlite3_bind_text(statement, 3, identityName, SQLITE_STATIC);
380 sqlite3_bind_text(statement, 4, keyId, SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700381
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700382 // Convert from milliseconds to seconds since 1/1/1970.
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800383 sqlite3_bind_int64(statement, 5, static_cast<sqlite3_int64>(certificate.getNotBefore() / 1000));
384 sqlite3_bind_int64(statement, 6, static_cast<sqlite3_int64>(certificate.getNotAfter() / 1000));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700385
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800386 sqlite3_bind_blob(statement, 7, certificate.wireEncode().wire(), certificate.wireEncode().size(), SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700387
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800388 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700389
390 sqlite3_finalize(statement);
391}
392
393void
Yingdi Yu87581582014-01-14 14:28:39 -0800394SecPublicInfoSqlite3::addCertificate(const IdentityCertificate& certificate)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700395{
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700396 const Name& certificateName = certificate.getName();
Yingdi Yu88663af2014-01-15 15:21:38 -0800397 Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700398
Yingdi Yu87581582014-01-14 14:28:39 -0800399 if (!doesPublicKeyExist(keyName))
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800400 throw Error("No corresponding Key record for certificate!" + keyName.toUri() + " " + certificateName.toUri());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700401
402 // Check if certificate has already existed!
403 if (doesCertificateExist(certificateName))
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800404 throw Error("Certificate has already been installed!");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700405
Yingdi Yu87581582014-01-14 14:28:39 -0800406 string keyId = keyName.get(-1).toEscapedString();
407 Name identity = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700408
409 // Check if the public key of certificate is the same as the key record
410
Yingdi Yu87581582014-01-14 14:28:39 -0800411 ptr_lib::shared_ptr<PublicKey> pubKey = getPublicKey(keyName);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700412
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800413 if (!pubKey || (*pubKey) != certificate.getPublicKeyInfo())
414 throw Error("Certificate does not match the public key!");
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700415
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700416 // Insert the certificate
417 sqlite3_stmt *statement;
418 sqlite3_prepare_v2(database_,
419 "INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
420 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
421 -1, &statement, 0);
422
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800423 _LOG_DEBUG("certName: " << certificateName.toUri());
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700424 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
425
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800426 // this will throw an exception if the signature is not the standard one or there is no key locator present
427 SignatureSha256WithRsa signature(certificate.getSignature());
428 std::string signerName = signature.getKeyLocator().getName().toUri();
429
430 sqlite3_bind_text(statement, 2, signerName, SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700431
432 sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800433 sqlite3_bind_text(statement, 4, keyId, SQLITE_STATIC);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700434
Jeff Thompson9f2b9fc2013-10-19 18:00:12 -0700435 // Convert from milliseconds to seconds since 1/1/1970.
Yingdi Yu88663af2014-01-15 15:21:38 -0800436 sqlite3_bind_int64(statement, 5, static_cast<sqlite3_int64>(certificate.getNotBefore() / 1000));
437 sqlite3_bind_int64(statement, 6, static_cast<sqlite3_int64>(certificate.getNotAfter() / 1000));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700438
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800439 sqlite3_bind_blob(statement, 7, certificate.wireEncode().wire(), certificate.wireEncode().size(), SQLITE_TRANSIENT);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700440
Alexander Afanasyev736708b2014-01-06 14:45:34 -0800441 sqlite3_step(statement);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700442
443 sqlite3_finalize(statement);
444}
445
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800446ptr_lib::shared_ptr<IdentityCertificate>
Yingdi Yu88663af2014-01-15 15:21:38 -0800447SecPublicInfoSqlite3::getCertificate(const Name &certificateName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700448{
449 if (doesCertificateExist(certificateName)) {
450 sqlite3_stmt *statement;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700451
Yingdi Yu88663af2014-01-15 15:21:38 -0800452 sqlite3_prepare_v2(database_,
453 "SELECT certificate_data FROM Certificate \
454 WHERE cert_name=? AND not_before<datetime('now') AND not_after>datetime('now') and valid_flag=1",
455 -1, &statement, 0);
456
457 sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700458
459 int res = sqlite3_step(statement);
460
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800461 ptr_lib::shared_ptr<IdentityCertificate> certificate = ptr_lib::make_shared<IdentityCertificate>();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700462 if (res == SQLITE_ROW)
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800463 {
464 certificate->wireDecode(Block((const uint8_t*)sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0)));
465 }
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700466 sqlite3_finalize(statement);
467
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800468 return certificate;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700469 }
470 else {
471 _LOG_DEBUG("Certificate does not exist!");
Alexander Afanasyevfab95ed2014-01-05 23:26:30 -0800472 return ptr_lib::shared_ptr<IdentityCertificate>();
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700473 }
Jeff Thompson1975def2013-10-09 17:06:43 -0700474}
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700475
476Name
Yingdi Yu87581582014-01-14 14:28:39 -0800477SecPublicInfoSqlite3::getDefaultIdentity()
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700478{
479 sqlite3_stmt *statement;
480 sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
481
482 int res = sqlite3_step(statement);
483
484 Name identity;
485
486 if (res == SQLITE_ROW)
487 identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
488
489 sqlite3_finalize(statement);
490
491 return identity;
492}
493
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700494void
Yingdi Yu87581582014-01-14 14:28:39 -0800495SecPublicInfoSqlite3::setDefaultIdentityInternal(const Name& identityName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700496{
497 sqlite3_stmt *statement;
498
499 //Reset previous default identity
500 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
501
502 while (sqlite3_step(statement) == SQLITE_ROW)
503 {}
504
505 sqlite3_finalize(statement);
506
507 //Set current default identity
508 sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
509
510 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
511
512 sqlite3_step(statement);
513
514 sqlite3_finalize(statement);
515}
516
Yingdi Yu87581582014-01-14 14:28:39 -0800517Name
518SecPublicInfoSqlite3::getDefaultKeyNameForIdentity(const Name& identityName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700519{
Yingdi Yu87581582014-01-14 14:28:39 -0800520 sqlite3_stmt *statement;
521 sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700522
Yingdi Yu87581582014-01-14 14:28:39 -0800523 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
524
525 int res = sqlite3_step(statement);
526
527 Name keyName;
528
529 if (res == SQLITE_ROW)
530 keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
531
532 sqlite3_finalize(statement);
533
534 return keyName;
535}
536
537void
538SecPublicInfoSqlite3::setDefaultKeyNameForIdentityInternal(const Name& keyName)
539{
Yingdi Yu88663af2014-01-15 15:21:38 -0800540 if(keyName.empty())
541 throw Error("Incorrect key name " + keyName.toUri());
542
Yingdi Yu87581582014-01-14 14:28:39 -0800543 string keyId = keyName.get(-1).toEscapedString();
544 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700545
546 sqlite3_stmt *statement;
547
548 //Reset previous default Key
549 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
550
551 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
552
553 while (sqlite3_step(statement) == SQLITE_ROW)
554 {}
555
556 sqlite3_finalize(statement);
557
558 //Set current default Key
559 sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
560
561 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
562 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
563
564 sqlite3_step(statement);
565
566 sqlite3_finalize(statement);
567}
568
Yingdi Yu87581582014-01-14 14:28:39 -0800569Name
570SecPublicInfoSqlite3::getDefaultCertificateNameForKey(const Name& keyName)
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700571{
Yingdi Yu88663af2014-01-15 15:21:38 -0800572 if(keyName.empty())
573 return Name();
574
Yingdi Yu87581582014-01-14 14:28:39 -0800575 string keyId = keyName.get(-1).toEscapedString();
576 Name identityName = keyName.getPrefix(-1);
577
578 sqlite3_stmt *statement;
579 sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
580
581 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
582 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
583
584 int res = sqlite3_step(statement);
585
586 Name certName;
587
588 if (res == SQLITE_ROW)
589 certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
590
591 sqlite3_finalize(statement);
592
593 return certName;
594}
595
596void
597SecPublicInfoSqlite3::setDefaultCertificateNameForKeyInternal(const Name& certificateName)
598{
599 Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificateName);
Yingdi Yu88663af2014-01-15 15:21:38 -0800600 if(keyName.empty())
601 throw Error("Incorrect key name for certificate " + certificateName.toUri());
602
Yingdi Yu87581582014-01-14 14:28:39 -0800603 string keyId = keyName.get(-1).toEscapedString();
604 Name identityName = keyName.getPrefix(-1);
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700605
606 sqlite3_stmt *statement;
607
608 //Reset previous default Key
609 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
610
611 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
612 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
613
614 while (sqlite3_step(statement) == SQLITE_ROW)
615 {}
616
617 sqlite3_finalize(statement);
618
619 //Set current default Key
620 sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
621
622 sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
623 sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
624 sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
625
626 sqlite3_step(statement);
627
628 sqlite3_finalize(statement);
629}
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800630
631vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800632SecPublicInfoSqlite3::getAllIdentities(bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800633{
634 sqlite3_stmt *stmt;
635 if(isDefault)
636 sqlite3_prepare_v2 (database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &stmt, 0);
637 else
638 sqlite3_prepare_v2 (database_, "SELECT identity_name FROM Identity WHERE default_identity=0", -1, &stmt, 0);
639
640 vector<Name> nameList;
641 while(sqlite3_step (stmt) == SQLITE_ROW)
642 nameList.push_back(Name(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0))));
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700643
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800644 sqlite3_finalize (stmt);
645 return nameList;
Jeff Thompson7ca11f22013-10-04 19:01:30 -0700646}
647
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800648vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800649SecPublicInfoSqlite3::getAllKeyNames(bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800650{
651 sqlite3_stmt *stmt;
652 if(isDefault)
653 sqlite3_prepare_v2 (database_, "SELECT identity_name, key_identifier FROM Key WHERE default_key=1", -1, &stmt, 0);
654 else
655 sqlite3_prepare_v2 (database_, "SELECT identity_name, key_identifier FROM Key WHERE default_key=0", -1, &stmt, 0);
656
657 vector<Name> nameList;
658 while(sqlite3_step (stmt) == SQLITE_ROW)
659 {
660 Name keyName(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
661 keyName.append(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 1)), sqlite3_column_bytes (stmt, 1)));
662 nameList.push_back(keyName);
663 }
664 sqlite3_finalize (stmt);
665 return nameList;
666}
667
668vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800669SecPublicInfoSqlite3::getAllKeyNamesOfIdentity(const Name& identity, bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800670{
671 sqlite3_stmt *stmt;
672 if(isDefault)
673 sqlite3_prepare_v2 (database_, "SELECT key_identifier FROM Key WHERE default_key=1 and identity_name=?", -1, &stmt, 0);
674 else
675 sqlite3_prepare_v2 (database_, "SELECT key_identifier FROM Key WHERE default_key=0 and identity_name=?", -1, &stmt, 0);
676
677 sqlite3_bind_text(stmt, 1, identity.toUri().c_str(), identity.toUri().size (), SQLITE_TRANSIENT);
678
679 vector<Name> nameList;
680 while(sqlite3_step (stmt) == SQLITE_ROW)
681 {
682 Name keyName(identity);
683 keyName.append(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
684 nameList.push_back(keyName);
685 }
686 sqlite3_finalize (stmt);
687 return nameList;
688}
689
690vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800691SecPublicInfoSqlite3::getAllCertificateNames(bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800692{
693 sqlite3_stmt *stmt;
694 if(isDefault)
695 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=1", -1, &stmt, 0);
696 else
697 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=0", -1, &stmt, 0);
698
699 vector<Name> nameList;
700 while(sqlite3_step (stmt) == SQLITE_ROW)
701 nameList.push_back(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
702
703 sqlite3_finalize (stmt);
704 return nameList;
705}
706
707vector<Name>
Yingdi Yu87581582014-01-14 14:28:39 -0800708SecPublicInfoSqlite3::getAllCertificateNamesOfKey(const Name& keyName, bool isDefault)
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800709{
Yingdi Yu88663af2014-01-15 15:21:38 -0800710 if(keyName.empty())
711 return vector<Name>();
712
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800713 sqlite3_stmt *stmt;
714 if(isDefault)
715 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=1 and identity_name=? and key_identifier=?", -1, &stmt, 0);
716 else
717 sqlite3_prepare_v2 (database_, "SELECT cert_name FROM Certificate WHERE default_cert=0 and identity_name=? and key_identifier=?", -1, &stmt, 0);
718
Yingdi Yu87581582014-01-14 14:28:39 -0800719 Name identity = keyName.getPrefix(-1);
Alexander Afanasyev0c632112013-12-30 15:59:31 -0800720 sqlite3_bind_text(stmt, 1, identity.toUri().c_str(), identity.toUri().size (), SQLITE_TRANSIENT);
721 std::string baseKeyName = keyName.get(-1).toEscapedString();
722 sqlite3_bind_text(stmt, 2, baseKeyName.c_str(), baseKeyName.size(), SQLITE_TRANSIENT);
723
724 vector<Name> nameList;
725 while(sqlite3_step (stmt) == SQLITE_ROW)
726 nameList.push_back(string(reinterpret_cast<const char *>(sqlite3_column_text(stmt, 0)), sqlite3_column_bytes (stmt, 0)));
727
728 sqlite3_finalize (stmt);
729 return nameList;
730}
731
732} // namespace ndn
733
Jeff Thompsonb7523002013-10-09 10:25:00 -0700734#endif // NDN_CPP_HAVE_SQLITE3