Blame - ndn-cpp/security/identity/basic-identity-storage.cpp - ndnSIM/ndn-cxx

blob: 3fcd3dd561df4839a41ec20897098902bded889d [file] [log] [blame]

Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	1	/* -- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -- */
				2	/**
				3	* Copyright (C) 2013 Regents of the University of California.
				4	* @author: Yingdi Yu <yingdi@cs.ucla.edu>
				5	* See COPYING for copyright and distribution information.
				6	*/
				7
Jeff Thompson	b752300	2013-10-09 10:25:00 -0700	[diff] [blame]	8	// Only compile if ndn-cpp-config.h defines NDN_CPP_HAVE_SQLITE3.
Jeff Thompson	6e22904	2013-10-10 11:09:49 -0700	[diff] [blame]	9	#include <ndn-cpp/ndn-cpp-config.h>
Jeff Thompson	1975def	2013-10-09 17:06:43 -0700	[diff] [blame]	10	#ifdef NDN_CPP_HAVE_SQLITE3
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	11
Jeff Thompson	814d205	2013-10-09 18:52:19 -0700	[diff] [blame]	12	#if 1
				13	#include <stdexcept>
				14	#endif
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	15	#include <stdlib.h>
				16	#include <sstream>
				17	#include <fstream>
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	18	#include <math.h>
Jeff Thompson	25b4e61	2013-10-10 16:03:24 -0700	[diff] [blame]	19	#include <ndn-cpp/security/identity/basic-identity-storage.hpp>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	20	#include "../../util/logging.hpp"
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	21	#include <ndn-cpp/security/security-exception.hpp>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	22	#include "ndn-cpp/data.hpp"
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	23	#include <ndn-cpp/security/certificate/identity-certificate.hpp>
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	24	#include "../../c/util/time.h"
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	25	#include <ndn-cpp/sha256-with-rsa-signature.hpp>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	26	#if 0
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	27	#include "ndn.cxx/regex/regex.h"
				28	#include <boost/filesystem.hpp>
				29	#endif
				30
				31	INIT_LOGGER("BasicIdentityStorage");
				32
				33	using namespace std;
				34	using namespace ndn::ptr_lib;
				35	#if 0
				36	namespace fs = boost::filesystem;
				37	#endif
				38
				39	namespace ndn
				40	{
				41
				42	static const string INIT_ID_TABLE = "\
				43	CREATE TABLE IF NOT EXISTS \n \
				44	Identity( \n \
				45	identity_name BLOB NOT NULL, \n \
				46	default_identity INTEGER DEFAULT 0, \n \
				47	\
				48	PRIMARY KEY (identity_name) \n \
				49	); \n \
				50	\
				51	CREATE INDEX identity_index ON Identity(identity_name); \n \
				52	";
				53
				54	static const string INIT_KEY_TABLE = "\
				55	CREATE TABLE IF NOT EXISTS \n \
				56	Key( \n \
				57	identity_name BLOB NOT NULL, \n \
				58	key_identifier BLOB NOT NULL, \n \
				59	key_type INTEGER, \n \
				60	public_key BLOB, \n \
				61	default_key INTEGER DEFAULT 0, \n \
				62	active INTEGER DEFAULT 0, \n \
				63	\
				64	PRIMARY KEY (identity_name, key_identifier) \n \
				65	); \n \
				66	\
				67	CREATE INDEX key_index ON Key(identity_name); \n \
				68	";
				69
				70	static const string INIT_CERT_TABLE = "\
				71	CREATE TABLE IF NOT EXISTS \n \
				72	Certificate( \n \
				73	cert_name BLOB NOT NULL, \n \
				74	cert_issuer BLOB NOT NULL, \n \
				75	identity_name BLOB NOT NULL, \n \
				76	key_identifier BLOB NOT NULL, \n \
				77	not_before TIMESTAMP, \n \
				78	not_after TIMESTAMP, \n \
				79	certificate_data BLOB NOT NULL, \n \
				80	valid_flag INTEGER DEFAULT 0, \n \
				81	default_cert INTEGER DEFAULT 0, \n \
				82	\
				83	PRIMARY KEY (cert_name) \n \
				84	); \n \
				85	\
				86	CREATE INDEX cert_index ON Certificate(cert_name); \n \
				87	CREATE INDEX subject ON Certificate(identity_name); \n \
				88	";
				89
				90	/**
				91	* A utility function to call the normal sqlite3_bind_text where the value and length are value.c_str() and value.size().
				92	*/
				93	static int sqlite3_bind_text(sqlite3_stmt* statement, int index, const string& value, void(destructor)(void))
				94	{
				95	return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
				96	}
				97
				98	BasicIdentityStorage::BasicIdentityStorage()
				99	{
				100	#if 0
				101	fs::path identityDir = fs::path(getenv("HOME")) / ".ndn-identity";
				102	fs::create_directories(identityDir);
				103
				104	int res = sqlite3_open((identityDir / "identity.db").c_str(), &database_);
				105
				106	if (res != SQLITE_OK)
				107	{
				108	throw SecurityException("identity DB cannot be opened/created");
				109	}
				110	#endif
				111
				112	//Check if Key table exists;
				113	sqlite3_stmt *statement;
				114	sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Identity'", -1, &statement, 0);
				115	int res = sqlite3_step(statement);
				116
				117	bool idTableExists = false;
				118	if (res == SQLITE_ROW)
				119	idTableExists = true;
				120
				121	sqlite3_finalize(statement);
				122
				123	if (!idTableExists) {
				124	char *errorMessage = 0;
				125	res = sqlite3_exec(database_, INIT_ID_TABLE.c_str(), NULL, NULL, &errorMessage);
				126
				127	if (res != SQLITE_OK && errorMessage != 0) {
				128	_LOG_TRACE("Init \"error\" in Identity: " << errorMessage);
				129	sqlite3_free(errorMessage);
				130	}
				131	}
				132
				133	//Check if Key table exists;
				134	sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Key'", -1, &statement, 0);
				135	res = sqlite3_step(statement);
				136
				137	bool keyTableExists = false;
				138	if (res == SQLITE_ROW)
				139	keyTableExists = true;
				140
				141	sqlite3_finalize(statement);
				142
				143	if (!keyTableExists) {
				144	char *errorMessage = 0;
				145	res = sqlite3_exec(database_, INIT_KEY_TABLE.c_str(), NULL, NULL, &errorMessage);
				146
				147	if (res != SQLITE_OK && errorMessage != 0) {
				148	_LOG_TRACE("Init \"error\" in KEY: " << errorMessage);
				149	sqlite3_free(errorMessage);
				150	}
				151	}
				152
				153	//Check if Certificate table exists;
				154	sqlite3_prepare_v2(database_, "SELECT name FROM sqlite_master WHERE type='table' And name='Certificate'", -1, &statement, 0);
				155	res = sqlite3_step(statement);
				156
				157	bool idCertificateTableExists = false;
				158	if (res == SQLITE_ROW)
				159	idCertificateTableExists = true;
				160
				161	sqlite3_finalize(statement);
				162
				163	if (!idCertificateTableExists) {
				164	char *errorMessage = 0;
				165	res = sqlite3_exec(database_, INIT_CERT_TABLE.c_str(), NULL, NULL, &errorMessage);
				166
				167	if (res != SQLITE_OK && errorMessage != 0) {
				168	_LOG_TRACE("Init \"error\" in ID-CERT: " << errorMessage);
				169	sqlite3_free(errorMessage);
				170	}
				171	}
				172	}
				173
				174	BasicIdentityStorage::~BasicIdentityStorage()
				175	{
				176	}
				177
				178	bool
				179	BasicIdentityStorage::doesIdentityExist(const Name& identityName)
				180	{
				181	bool result = false;
				182
				183	sqlite3_stmt *statement;
				184	sqlite3_prepare_v2(database_, "SELECT count(*) FROM Identity WHERE identity_name=?", -1, &statement, 0);
				185
				186	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				187	int res = sqlite3_step(statement);
				188
				189	if (res == SQLITE_ROW) {
				190	int countAll = sqlite3_column_int(statement, 0);
				191	if (countAll > 0)
				192	result = true;
				193	}
				194
				195	sqlite3_finalize(statement);
				196
				197	return result;
				198	}
				199
				200	void
				201	BasicIdentityStorage::addIdentity(const Name& identityName)
				202	{
				203	if (doesIdentityExist(identityName))
				204	throw SecurityException("Identity already exists");
				205
				206	sqlite3_stmt *statement;
				207
				208	sqlite3_prepare_v2(database_, "INSERT INTO Identity (identity_name) values (?)", -1, &statement, 0);
				209
				210	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				211
				212	int res = sqlite3_step(statement);
				213
				214	sqlite3_finalize(statement);
				215	}
				216
				217	bool
				218	BasicIdentityStorage::revokeIdentity()
				219	{
				220	//TODO:
				221	return false;
				222	}
				223
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	224	Name
				225	BasicIdentityStorage::getNewKeyName(const Name& identityName, bool useKsk)
				226	{
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	227	MillisecondsSince1970 ti = ::ndn_getNowMilliseconds();
				228	// Get the number of seconds.
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	229	ostringstream oss;
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	230	oss << floor(ti / 1000.0);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	231
				232	string keyIdStr;
				233
				234	if (useKsk)
				235	keyIdStr = ("KSK-" + oss.str());
				236	else
				237	keyIdStr = ("DSK-" + oss.str());
				238
				239
				240	Name keyName = Name(identityName).append(keyIdStr);
				241
				242	if (doesKeyExist(keyName))
				243	throw SecurityException("Key name already exists");
				244
				245	return keyName;
Jeff Thompson	1975def	2013-10-09 17:06:43 -0700	[diff] [blame]	246	}
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	247
				248	bool
				249	BasicIdentityStorage::doesKeyExist(const Name& keyName)
				250	{
				251	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				252	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				253
				254	sqlite3_stmt *statement;
				255	sqlite3_prepare_v2(database_, "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
				256
				257	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				258	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				259
				260	int res = sqlite3_step(statement);
				261
				262	bool keyIdExist = false;
				263	if (res == SQLITE_ROW) {
				264	int countAll = sqlite3_column_int(statement, 0);
				265	if (countAll > 0)
				266	keyIdExist = true;
				267	}
				268
				269	sqlite3_finalize(statement);
				270
				271	return keyIdExist;
				272	}
				273
				274	Name
				275	BasicIdentityStorage::getKeyNameForCertificate(const Name& certificateName)
				276	{
				277	int i = certificateName.size() - 1;
				278
				279	for (; i >= 0; --i) {
				280	if (certificateName.get(i).toEscapedString() == string("ID-CERT"))
				281	break;
				282	}
				283
				284	return certificateName.getSubName(0, i);
				285	}
				286
				287	void
				288	BasicIdentityStorage::addKey(const Name& keyName, KeyType keyType, const Blob& publicKeyDer)
				289	{
				290	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				291	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				292
				293
				294	if (!doesIdentityExist(identityName))
				295	addIdentity(identityName);
				296
				297	if (doesKeyExist(keyName))
				298	throw SecurityException("a key with the same name already exists!");
				299
				300	sqlite3_stmt *statement;
				301	sqlite3_prepare_v2(database_, "INSERT INTO Key (identity_name, key_identifier, key_type, public_key) values (?, ?, ?, ?)", -1, &statement, 0);
				302
				303	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				304	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				305	sqlite3_bind_int(statement, 3, (int)keyType);
				306	sqlite3_bind_blob(statement, 4, publicKeyDer.buf(), publicKeyDer.size(), SQLITE_TRANSIENT);
				307
				308	int res = sqlite3_step(statement);
				309
				310	sqlite3_finalize(statement);
				311	}
				312
				313	Blob
				314	BasicIdentityStorage::getKey(const Name& keyName)
				315	{
				316	if (!doesKeyExist(keyName)) {
				317	_LOG_DEBUG("keyName does not exist");
				318	return Blob();
				319	}
				320
				321	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				322	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				323
				324	sqlite3_stmt *statement;
				325	sqlite3_prepare_v2(database_, "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
				326
				327	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				328	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				329
				330	int res = sqlite3_step(statement);
				331
				332	Blob result;
				333	if (res == SQLITE_ROW)
				334	result = Blob(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)), sqlite3_column_bytes(statement, 0));
				335
				336	sqlite3_finalize(statement);
				337
				338	return result;
				339	}
				340
				341	void
				342	BasicIdentityStorage::activateKey(const Name& keyName)
				343	{
				344	updateKeyStatus(keyName, true);
				345	}
				346
				347	void
				348	BasicIdentityStorage::deactivateKey(const Name& keyName)
				349	{
				350	updateKeyStatus(keyName, false);
				351	}
				352
				353	void
				354	BasicIdentityStorage::updateKeyStatus(const Name& keyName, bool isActive)
				355	{
				356	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				357	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				358
				359	sqlite3_stmt *statement;
				360	sqlite3_prepare_v2(database_, "UPDATE Key SET active=? WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
				361
				362	sqlite3_bind_int(statement, 1, (isActive ? 1 : 0));
				363	sqlite3_bind_text(statement, 2, identityName.toUri(), SQLITE_TRANSIENT);
				364	sqlite3_bind_text(statement, 3, keyId, SQLITE_TRANSIENT);
				365
				366	int res = sqlite3_step(statement);
				367
				368	sqlite3_finalize(statement);
				369	}
				370
				371	bool
				372	BasicIdentityStorage::doesCertificateExist(const Name& certificateName)
				373	{
				374	sqlite3_stmt *statement;
				375	sqlite3_prepare_v2(database_, "SELECT count(*) FROM Certificate WHERE cert_name=?", -1, &statement, 0);
				376
				377	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
				378
				379	int res = sqlite3_step(statement);
				380
				381	bool certExist = false;
				382	if (res == SQLITE_ROW) {
				383	int countAll = sqlite3_column_int(statement, 0);
				384	if (countAll > 0)
				385	certExist = true;
				386	}
				387
				388	sqlite3_finalize(statement);
				389
				390	return certExist;
				391	}
				392
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	393	void
Jeff Thompson	c69163b	2013-10-12 13:49:50 -0700	[diff] [blame]	394	BasicIdentityStorage::addAnyCertificate(const IdentityCertificate& certificate)
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	395	{
				396	const Name& certificateName = certificate.getName();
				397	Name keyName = getKeyNameForCertificate(certificateName);
				398
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	399	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	400	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				401
				402	sqlite3_stmt *statement;
				403	sqlite3_prepare_v2(database_,
				404	"INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
				405	values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
				406	-1, &statement, 0);
				407
				408
				409	_LOG_DEBUG("certName: " << certificateName.toUri().c_str());
				410	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
				411
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	412	const Sha256WithRsaSignature* signature = dynamic_cast<const Sha256WithRsaSignature*>(certificate.getSignature());
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	413	const Name& signerName = signature->getKeyLocator().getKeyName();
				414	sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
				415
				416	sqlite3_bind_text(statement, 3, identityName.toUri(), SQLITE_TRANSIENT);
				417	sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
				418
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	419	// Convert from milliseconds to seconds since 1/1/1970.
				420	sqlite3_bind_int64(statement, 5, (sqlite3_int64)floor(certificate.getNotBefore() / 1000.0));
				421	sqlite3_bind_int64(statement, 6, (sqlite3_int64)floor(certificate.getNotAfter() / 1000.0));
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	422
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	423	if (!certificate.getDefaultWireEncoding())
				424	certificate.wireEncode();
				425	sqlite3_bind_blob(statement, 7, certificate.getDefaultWireEncoding().buf(), certificate.getDefaultWireEncoding().size(), SQLITE_TRANSIENT);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	426
				427	int res = sqlite3_step(statement);
				428
				429	sqlite3_finalize(statement);
				430	}
				431
				432	void
Jeff Thompson	c69163b	2013-10-12 13:49:50 -0700	[diff] [blame]	433	BasicIdentityStorage::addCertificate(const IdentityCertificate& certificate)
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	434	{
				435	_LOG_DEBUG("1");
				436	const Name& certificateName = certificate.getName();
				437	Name keyName = getKeyNameForCertificate(certificateName);
				438
				439	_LOG_DEBUG("2");
				440	if (!doesKeyExist(keyName))
				441	{
				442	_LOG_DEBUG("here wrong");
				443	throw SecurityException("No corresponding Key record for the certificate!");
				444	}
				445
				446	// Check if certificate has already existed!
				447	if (doesCertificateExist(certificateName))
				448	throw SecurityException("Certificate has already been installed!");
				449
				450	_LOG_DEBUG("3");
				451	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				452	Name identity = keyName.getSubName(0, keyName.size() - 1);
				453
				454	// Check if the public key of certificate is the same as the key record
				455
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	456	Blob keyBlob = getKey(keyName);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	457
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	458	if (!keyBlob \|\| (keyBlob) != (certificate.getPublicKeyInfo().getKeyDer()))
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	459	throw SecurityException("Certificate does not match the public key!");
				460
				461	_LOG_DEBUG("4");
				462	// Insert the certificate
				463	sqlite3_stmt *statement;
				464	sqlite3_prepare_v2(database_,
				465	"INSERT INTO Certificate (cert_name, cert_issuer, identity_name, key_identifier, not_before, not_after, certificate_data)\
				466	values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
				467	-1, &statement, 0);
				468
				469	_LOG_DEBUG("certName: " << certificateName.toUri().c_str());
				470	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
				471
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	472	const Sha256WithRsaSignature* signature = dynamic_cast<const Sha256WithRsaSignature*>(certificate.getSignature());
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	473	const Name & signerName = signature->getKeyLocator().getKeyName();
				474	sqlite3_bind_text(statement, 2, signerName.toUri(), SQLITE_TRANSIENT);
				475
				476	sqlite3_bind_text(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
				477	sqlite3_bind_text(statement, 4, keyId, SQLITE_TRANSIENT);
				478
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	479	// Convert from milliseconds to seconds since 1/1/1970.
				480	sqlite3_bind_int64(statement, 5, (sqlite3_int64)floor(certificate.getNotBefore() / 1000.0));
				481	sqlite3_bind_int64(statement, 6, (sqlite3_int64)floor(certificate.getNotAfter() / 1000.0));
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	482
Jeff Thompson	9f2b9fc	2013-10-19 18:00:12 -0700	[diff] [blame^]	483	if (!certificate.getDefaultWireEncoding())
				484	certificate.wireEncode();
				485	sqlite3_bind_blob(statement, 7, certificate.getDefaultWireEncoding().buf(), certificate.getDefaultWireEncoding().size(), SQLITE_TRANSIENT);
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	486
				487	int res = sqlite3_step(statement);
				488
				489	sqlite3_finalize(statement);
				490	}
				491
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	492	shared_ptr<Data>
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	493	BasicIdentityStorage::getCertificate(const Name &certificateName, bool allowAny)
				494	{
				495	if (doesCertificateExist(certificateName)) {
				496	sqlite3_stmt *statement;
				497	if (!allowAny) {
				498	sqlite3_prepare_v2(database_,
				499	"SELECT certificate_data FROM Certificate \
				500	WHERE cert_name=? AND not_before<datetime(?, 'unixepoch') AND not_after>datetime(?, 'unixepoch') and valid_flag=1",
				501	-1, &statement, 0);
				502
				503	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	504	sqlite3_bind_int64(statement, 2, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
				505	sqlite3_bind_int64(statement, 3, (sqlite3_int64)floor(ndn_getNowMilliseconds() / 1000.0));
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	506	}
				507	else {
				508	sqlite3_prepare_v2(database_,
				509	"SELECT certificate_data FROM Certificate WHERE cert_name=?", -1, &statement, 0);
				510
				511	sqlite3_bind_text(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
				512	}
				513
				514	int res = sqlite3_step(statement);
				515
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	516	shared_ptr<Data> data;
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	517
				518	if (res == SQLITE_ROW)
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	519	data->wireDecode((const uint8_t*)sqlite3_column_blob(statement, 0), sqlite3_column_bytes(statement, 0));
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	520	sqlite3_finalize(statement);
				521
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	522	return data;
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	523	}
				524	else {
				525	_LOG_DEBUG("Certificate does not exist!");
Jeff Thompson	3bd90bc	2013-10-19 16:40:14 -0700	[diff] [blame]	526	return shared_ptr<Data>();
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	527	}
Jeff Thompson	1975def	2013-10-09 17:06:43 -0700	[diff] [blame]	528	}
Jeff Thompson	7ca11f2	2013-10-04 19:01:30 -0700	[diff] [blame]	529
				530	Name
				531	BasicIdentityStorage::getDefaultIdentity()
				532	{
				533	sqlite3_stmt *statement;
				534	sqlite3_prepare_v2(database_, "SELECT identity_name FROM Identity WHERE default_identity=1", -1, &statement, 0);
				535
				536	int res = sqlite3_step(statement);
				537
				538	Name identity;
				539
				540	if (res == SQLITE_ROW)
				541	identity = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
				542
				543	sqlite3_finalize(statement);
				544
				545	return identity;
				546	}
				547
				548	Name
				549	BasicIdentityStorage::getDefaultKeyNameForIdentity(const Name& identityName)
				550	{
				551	sqlite3_stmt *statement;
				552	sqlite3_prepare_v2(database_, "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1", -1, &statement, 0);
				553
				554	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				555
				556	int res = sqlite3_step(statement);
				557
				558	Name keyName;
				559
				560	if (res == SQLITE_ROW)
				561	keyName = Name(identityName).append(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
				562
				563	sqlite3_finalize(statement);
				564
				565	return keyName;
				566	}
				567
				568	Name
				569	BasicIdentityStorage::getDefaultCertificateNameForKey(const Name& keyName)
				570	{
				571	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				572	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				573
				574	sqlite3_stmt *statement;
				575	sqlite3_prepare_v2(database_, "SELECT cert_name FROM Certificate WHERE identity_name=? AND key_identifier=? AND default_cert=1", -1, &statement, 0);
				576
				577	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				578	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				579
				580	int res = sqlite3_step(statement);
				581
				582	Name certName;
				583
				584	if (res == SQLITE_ROW)
				585	certName = Name(string(reinterpret_cast<const char *>(sqlite3_column_text(statement, 0)), sqlite3_column_bytes(statement, 0)));
				586
				587	sqlite3_finalize(statement);
				588
				589	return certName;
				590	}
				591
				592	void
				593	BasicIdentityStorage::setDefaultIdentity(const Name& identityName)
				594	{
				595	sqlite3_stmt *statement;
				596
				597	//Reset previous default identity
				598	sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=0 WHERE default_identity=1", -1, &statement, 0);
				599
				600	while (sqlite3_step(statement) == SQLITE_ROW)
				601	{}
				602
				603	sqlite3_finalize(statement);
				604
				605	//Set current default identity
				606	sqlite3_prepare_v2(database_, "UPDATE Identity SET default_identity=1 WHERE identity_name=?", -1, &statement, 0);
				607
				608	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				609
				610	sqlite3_step(statement);
				611
				612	sqlite3_finalize(statement);
				613	}
				614
				615	void
				616	BasicIdentityStorage::setDefaultKeyNameForIdentity(const Name& keyName, const Name& identityNameCheck)
				617	{
				618	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				619	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				620
				621	if (identityNameCheck.size() > 0 && !identityNameCheck.equals(identityName))
				622	throw SecurityException("Specified identity name does not match the key name");
				623
				624	sqlite3_stmt *statement;
				625
				626	//Reset previous default Key
				627	sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?", -1, &statement, 0);
				628
				629	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				630
				631	while (sqlite3_step(statement) == SQLITE_ROW)
				632	{}
				633
				634	sqlite3_finalize(statement);
				635
				636	//Set current default Key
				637	sqlite3_prepare_v2(database_, "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?", -1, &statement, 0);
				638
				639	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				640	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				641
				642	sqlite3_step(statement);
				643
				644	sqlite3_finalize(statement);
				645	}
				646
				647	void
				648	BasicIdentityStorage::setDefaultCertificateNameForKey(const Name& keyName, const Name& certificateName)
				649	{
				650	string keyId = keyName.get(keyName.size() - 1).toEscapedString();
				651	Name identityName = keyName.getSubName(0, keyName.size() - 1);
				652
				653	sqlite3_stmt *statement;
				654
				655	//Reset previous default Key
				656	sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=0 WHERE default_cert=1 AND identity_name=? AND key_identifier=?", -1, &statement, 0);
				657
				658	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				659	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				660
				661	while (sqlite3_step(statement) == SQLITE_ROW)
				662	{}
				663
				664	sqlite3_finalize(statement);
				665
				666	//Set current default Key
				667	sqlite3_prepare_v2(database_, "UPDATE Certificate SET default_cert=1 WHERE identity_name=? AND key_identifier=? AND cert_name=?", -1, &statement, 0);
				668
				669	sqlite3_bind_text(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
				670	sqlite3_bind_text(statement, 2, keyId, SQLITE_TRANSIENT);
				671	sqlite3_bind_text(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
				672
				673	sqlite3_step(statement);
				674
				675	sqlite3_finalize(statement);
				676	}
				677
				678	}
				679
Jeff Thompson	b752300	2013-10-09 10:25:00 -0700	[diff] [blame]	680	#endif // NDN_CPP_HAVE_SQLITE3