Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 09a00fdfbd90f29b9286dee8fb1bdbb5edffd8c4 / . / src / ca-storage-detail / ca-sqlite.cpp
blob: a658c4377aafa251f64bf0d605994f9d97eeb213 [file] [log] [blame]
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]2/*
3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
21#include "ca-sqlite.hpp"
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]22
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]23#include <sqlite3.h>
24
25#include <boost/filesystem.hpp>
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]26#include <ndn-cxx/security/v2/validation-policy.hpp>
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]27#include <ndn-cxx/util/sqlite3-statement.hpp>
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]28
29namespace ndn {
30namespace ndncert {
31
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]32const std::string CaSqlite::STORAGE_TYPE = "ca-storage-sqlite3";
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]33
34NDNCERT_REGISTER_CA_STORAGE(CaSqlite);
35
36using namespace ndn::util;
37
38static const std::string INITIALIZATION = R"_DBTEXT_(
39CREATE TABLE IF NOT EXISTS
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]40 CaStates(
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]41 id INTEGER PRIMARY KEY,
42 request_id TEXT NOT NULL,
43 ca_name BLOB NOT NULL,
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]44 request_type INTEGER NOT NULL,
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]45 status INTEGER NOT NULL,
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]46 cert_key_name BLOB NOT NULL,
47 cert_request BLOB NOT NULL,
48 challenge_type TEXT,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]49 challenge_status TEXT,
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]50 challenge_tp TEXT,
51 remaining_tries INTEGER,
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]52 remaining_time INTEGER,
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]53 challenge_secrets TEXT,
54 encryption_key BLOB NOT NULL
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]55 );
56CREATE UNIQUE INDEX IF NOT EXISTS
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]57 CaStateIdIndex ON CaStates(request_id);
tylerliu09a00fd2020-10-04 11:11:18 -0700[diff] [blame^]58CREATE INDEX IF NOT EXISTS
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]59 CaStateKeyNameIndex ON CaStates(cert_key_name);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]60
61CREATE TABLE IF NOT EXISTS
62 IssuedCerts(
63 id INTEGER PRIMARY KEY,
64 cert_id TEXT NOT NULL,
65 cert_key_name BLOB NOT NULL,
66 cert BLOB NOT NULL
67 );
68CREATE UNIQUE INDEX IF NOT EXISTS
tylerliu63900d52020-09-30 03:01:18 -0700[diff] [blame]69 IssuedCertIdIndex ON IssuedCerts(cert_id);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]70CREATE UNIQUE INDEX IF NOT EXISTS
71 IssuedCertKeyNameIndex ON IssuedCerts(cert_key_name);
72)_DBTEXT_";
73
74CaSqlite::CaSqlite(const std::string& location)
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]75 : CaStorage()
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]76{
77 // Determine the path of sqlite db
78 boost::filesystem::path dbDir;
79 if (!location.empty()) {
80 dbDir = boost::filesystem::path(location);
81 }
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]82 else if (getenv("HOME") != nullptr) {
83 dbDir = boost::filesystem::path(getenv("HOME")) / ".ndn";
84 }
85 else {
86 dbDir = boost::filesystem::current_path() / ".ndn";
87 }
88 boost::filesystem::create_directories(dbDir);
89
90 // open and initialize database
91 int result = sqlite3_open_v2((dbDir / "ndncert-ca.db").c_str(), &m_database,
92 SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE,
93#ifdef NDN_CXX_DISABLE_SQLITE3_FS_LOCKING
94 "unix-dotfile"
95#else
96 nullptr
97#endif
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]98 );
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]99 if (result != SQLITE_OK)
100 BOOST_THROW_EXCEPTION(Error("CaSqlite DB cannot be opened/created: " + dbDir.string()));
101
102 // initialize database specific tables
103 char* errorMessage = nullptr;
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]104 result = sqlite3_exec(m_database, INITIALIZATION.data(),
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]105 nullptr, nullptr, &errorMessage);
106 if (result != SQLITE_OK && errorMessage != nullptr) {
107 sqlite3_free(errorMessage);
108 BOOST_THROW_EXCEPTION(Error("CaSqlite DB cannot be initialized"));
109 }
110}
111
112CaSqlite::~CaSqlite()
113{
114 sqlite3_close(m_database);
115}
116
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]117CaState
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]118CaSqlite::getRequest(const std::string& requestId)
119{
120 Sqlite3Statement statement(m_database,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]121 R"_SQLTEXT_(SELECT id, ca_name, status,
122 challenge_status, cert_request,
123 challenge_type, challenge_secrets,
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]124 challenge_tp, remaining_tries, remaining_time, request_type, encryption_key
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]125 FROM CaStates where request_id = ?)_SQLTEXT_");
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]126 statement.bind(1, requestId, SQLITE_TRANSIENT);
127
128 if (statement.step() == SQLITE_ROW) {
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]129 Name caName(statement.getBlock(1));
130 auto status = static_cast<Status>(statement.getInt(2));
131 auto challengeStatus = statement.getString(3);
132 security::v2::Certificate cert(statement.getBlock(4));
133 auto challengeType = statement.getString(5);
134 auto challengeSecrets = statement.getString(6);
135 auto challengeTp = statement.getString(7);
136 auto remainingTries = statement.getInt(8);
137 auto remainingTime = statement.getInt(9);
138 auto requestType = static_cast<RequestType>(statement.getInt(10));
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]139 auto encryptionKey = statement.getBlock(11);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]140 if (challengeType != "") {
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]141 return CaState(caName, requestId, requestType, status, cert,
142 challengeType, challengeStatus, time::fromIsoString(challengeTp),
143 remainingTries, time::seconds(remainingTime),
144 convertString2Json(challengeSecrets), encryptionKey);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]145 }
146 else {
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]147 return CaState(caName, requestId, requestType, status, cert, encryptionKey);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]148 }
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]149 }
150 else {
151 BOOST_THROW_EXCEPTION(Error("Request " + requestId + " cannot be fetched from database"));
152 }
153}
154
155void
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]156CaSqlite::addRequest(const CaState& request)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]157{
tylerliu63900d52020-09-30 03:01:18 -0700[diff] [blame]158
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]159 // check whether request is there already
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]160 auto keyNameTlv = request.m_cert.getKeyName().wireEncode();
tylerliu09a00fd2020-10-04 11:11:18 -0700[diff] [blame^]161 if (request.m_requestType == RequestType::NEW) {
162 Sqlite3Statement statement1(m_database,
163 R"_SQLTEXT_(SELECT 1 FROM CaStates where cert_key_name = ?)_SQLTEXT_");
164 statement1.bind(1, keyNameTlv, SQLITE_TRANSIENT);
165 if (statement1.step() == SQLITE_ROW) {
166 BOOST_THROW_EXCEPTION(Error("Request for " + request.m_cert.getKeyName().toUri() + " already exists"));
167 }
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]168
tylerliu09a00fd2020-10-04 11:11:18 -0700[diff] [blame^]169 // check whether certificate is already issued
170 Sqlite3Statement statement2(m_database,
171 R"_SQLTEXT_(SELECT 1 FROM IssuedCerts where cert_key_name = ?)_SQLTEXT_");
172 statement2.bind(1, keyNameTlv, SQLITE_TRANSIENT);
173 if (statement2.step() == SQLITE_ROW) {
174 BOOST_THROW_EXCEPTION(Error("Cert for " + request.m_cert.getKeyName().toUri() + " already exists"));
175 }
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]176 }
177
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]178 Sqlite3Statement statement(
179 m_database,
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]180 R"_SQLTEXT_(INSERT OR ABORT INTO CaStates (request_id, ca_name, status, request_type,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]181 cert_key_name, cert_request, challenge_type, challenge_status, challenge_secrets,
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]182 challenge_tp, remaining_tries, remaining_time, encryption_key)
183 values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?))_SQLTEXT_");
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]184 statement.bind(1, request.m_requestId, SQLITE_TRANSIENT);
185 statement.bind(2, request.m_caPrefix.wireEncode(), SQLITE_TRANSIENT);
186 statement.bind(3, static_cast<int>(request.m_status));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]187 statement.bind(4, static_cast<int>(request.m_requestType));
188 statement.bind(5, keyNameTlv, SQLITE_TRANSIENT);
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]189 statement.bind(6, request.m_cert.wireEncode(), SQLITE_TRANSIENT);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]190 statement.bind(13, request.m_encryptionKey, SQLITE_TRANSIENT);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]191 if (request.m_challengeState) {
192 statement.bind(7, request.m_challengeType, SQLITE_TRANSIENT);
193 statement.bind(8, request.m_challengeState->m_challengeStatus, SQLITE_TRANSIENT);
194 statement.bind(9, convertJson2String(request.m_challengeState->m_secrets),
195 SQLITE_TRANSIENT);
196 statement.bind(10, time::toIsoString(request.m_challengeState->m_timestamp), SQLITE_TRANSIENT);
197 statement.bind(11, request.m_challengeState->m_remainingTries);
198 statement.bind(12, request.m_challengeState->m_remainingTime.count());
199 }
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]200 if (statement.step() != SQLITE_DONE) {
201 BOOST_THROW_EXCEPTION(Error("Request " + request.m_requestId + " cannot be added to database"));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]202 }
203}
204
205void
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]206CaSqlite::updateRequest(const CaState& request)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]207{
208 Sqlite3Statement statement(m_database,
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]209 R"_SQLTEXT_(UPDATE CaStates
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]210 SET status = ?, challenge_type = ?, challenge_status = ?, challenge_secrets = ?,
211 challenge_tp = ?, remaining_tries = ?, remaining_time = ?
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]212 WHERE request_id = ?)_SQLTEXT_");
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]213 statement.bind(1, static_cast<int>(request.m_status));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]214 statement.bind(2, request.m_challengeType, SQLITE_TRANSIENT);
215 if (request.m_challengeState) {
216 statement.bind(3, request.m_challengeState->m_challengeStatus, SQLITE_TRANSIENT);
217 statement.bind(4, convertJson2String(request.m_challengeState->m_secrets),
218 SQLITE_TRANSIENT);
219 statement.bind(5, time::toIsoString(request.m_challengeState->m_timestamp), SQLITE_TRANSIENT);
220 statement.bind(6, request.m_challengeState->m_remainingTries);
221 statement.bind(7, request.m_challengeState->m_remainingTime.count());
222 }
223 else {
224 statement.bind(3, "", SQLITE_TRANSIENT);
225 statement.bind(4, "", SQLITE_TRANSIENT);
226 statement.bind(5, "", SQLITE_TRANSIENT);
227 statement.bind(6, 0);
228 statement.bind(7, 0);
229 }
230 statement.bind(8, request.m_requestId, SQLITE_TRANSIENT);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]231
232 if (statement.step() != SQLITE_DONE) {
233 addRequest(request);
234 }
235}
236
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]237std::list<CaState>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]238CaSqlite::listAllRequests()
239{
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]240 std::list<CaState> result;
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]241 Sqlite3Statement statement(m_database, R"_SQLTEXT_(SELECT id, request_id, ca_name, status,
242 challenge_status, cert_key_name, cert_request, challenge_type, challenge_secrets,
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]243 challenge_tp, remaining_tries, remaining_time, request_type, encryption_key
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]244 FROM CaStates)_SQLTEXT_");
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]245 while (statement.step() == SQLITE_ROW) {
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]246 auto requestId = statement.getString(1);
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]247 Name caName(statement.getBlock(2));
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]248 auto status = static_cast<Status>(statement.getInt(3));
249 auto challengeStatus = statement.getString(4);
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]250 security::v2::Certificate cert(statement.getBlock(6));
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]251 auto challengeType = statement.getString(7);
252 auto challengeSecrets = statement.getString(8);
253 auto challengeTp = statement.getString(9);
254 auto remainingTries = statement.getInt(10);
255 auto remainingTime = statement.getInt(11);
256 auto requestType = static_cast<RequestType>(statement.getInt(12));
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]257 auto encryptionKey = statement.getBlock(13);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]258 if (challengeType != "") {
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]259 result.push_back(CaState(caName, requestId, requestType, status, cert,
260 challengeType, challengeStatus, time::fromIsoString(challengeTp),
261 remainingTries, time::seconds(remainingTime),
262 convertString2Json(challengeSecrets), encryptionKey));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]263 }
264 else {
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]265 result.push_back(CaState(caName, requestId, requestType, status, cert, encryptionKey));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]266 }
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]267 }
268 return result;
269}
270
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]271std::list<CaState>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]272CaSqlite::listAllRequests(const Name& caName)
273{
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]274 std::list<CaState> result;
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]275 Sqlite3Statement statement(m_database,
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]276 R"_SQLTEXT_(SELECT id, request_id, ca_name, status,
277 challenge_status, cert_key_name, cert_request, challenge_type, challenge_secrets,
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]278 challenge_tp, remaining_tries, remaining_time, request_type, encryption_key
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]279 FROM CaStates WHERE ca_name = ?)_SQLTEXT_");
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]280 statement.bind(1, caName.wireEncode(), SQLITE_TRANSIENT);
281
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]282 while (statement.step() == SQLITE_ROW) {
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]283 auto requestId = statement.getString(1);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]284 Name caName(statement.getBlock(2));
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]285 auto status = static_cast<Status>(statement.getInt(3));
286 auto challengeStatus = statement.getString(4);
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]287 security::v2::Certificate cert(statement.getBlock(6));
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]288 auto challengeType = statement.getString(7);
289 auto challengeSecrets = statement.getString(8);
290 auto challengeTp = statement.getString(9);
291 auto remainingTries = statement.getInt(10);
292 auto remainingTime = statement.getInt(11);
293 auto requestType = static_cast<RequestType>(statement.getInt(12));
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]294 auto encryptionKey = statement.getBlock(13);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]295 if (challengeType != "") {
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]296 result.push_back(CaState(caName, requestId, requestType, status, cert,
297 challengeType, challengeStatus, time::fromIsoString(challengeTp),
298 remainingTries, time::seconds(remainingTime),
299 convertString2Json(challengeSecrets), encryptionKey));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]300 }
301 else {
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]302 result.push_back(CaState(caName, requestId, requestType, status, cert, encryptionKey));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]303 }
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]304 }
305 return result;
306}
307
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]308void
309CaSqlite::deleteRequest(const std::string& requestId)
310{
311 Sqlite3Statement statement(m_database,
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]312 R"_SQLTEXT_(DELETE FROM CaStates WHERE request_id = ?)_SQLTEXT_");
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]313 statement.bind(1, requestId, SQLITE_TRANSIENT);
314 statement.step();
315}
316
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]317security::v2::Certificate
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]318CaSqlite::getCertificate(const std::string& certId)
319{
320 Sqlite3Statement statement(m_database,
321 R"_SQLTEXT_(SELECT cert FROM IssuedCerts where cert_id = ?)_SQLTEXT_");
322 statement.bind(1, certId, SQLITE_TRANSIENT);
323
324 if (statement.step() == SQLITE_ROW) {
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]325 return security::v2::Certificate(statement.getBlock(0));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]326 }
327 else {
328 BOOST_THROW_EXCEPTION(Error("Certificate with ID " + certId + " cannot be fetched from database"));
329 }
330}
331
332void
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]333CaSqlite::addCertificate(const std::string& certId, const security::v2::Certificate& cert)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]334{
335 Sqlite3Statement statement(m_database,
336 R"_SQLTEXT_(INSERT INTO IssuedCerts (cert_id, cert_key_name, cert)
337 values (?, ?, ?))_SQLTEXT_");
338 statement.bind(1, certId, SQLITE_TRANSIENT);
339 statement.bind(2, cert.getKeyName().wireEncode(), SQLITE_TRANSIENT);
340 statement.bind(3, cert.wireEncode(), SQLITE_TRANSIENT);
341
342 if (statement.step() != SQLITE_DONE) {
343 BOOST_THROW_EXCEPTION(Error("Certificate " + cert.getName().toUri() + " cannot be added to database"));
344 }
345}
346
347void
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]348CaSqlite::updateCertificate(const std::string& certId, const security::v2::Certificate& cert)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]349{
350 Sqlite3Statement statement(m_database,
351 R"_SQLTEXT_(UPDATE IssuedCerts SET cert = ? WHERE cert_id = ?)_SQLTEXT_");
352 statement.bind(1, cert.wireEncode(), SQLITE_TRANSIENT);
353 statement.bind(2, certId, SQLITE_TRANSIENT);
354
355 if (statement.step() != SQLITE_DONE) {
356 addCertificate(certId, cert);
357 }
358}
359
360void
361CaSqlite::deleteCertificate(const std::string& certId)
362{
363 Sqlite3Statement statement(m_database,
364 R"_SQLTEXT_(DELETE FROM IssuedCerts WHERE cert_id = ?)_SQLTEXT_");
365 statement.bind(1, certId, SQLITE_TRANSIENT);
366 statement.step();
367}
368
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]369std::list<security::v2::Certificate>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]370CaSqlite::listAllIssuedCertificates()
371{
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]372 std::list<security::v2::Certificate> result;
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]373 Sqlite3Statement statement(m_database, R"_SQLTEXT_(SELECT * FROM IssuedCerts)_SQLTEXT_");
374
375 while (statement.step() == SQLITE_ROW) {
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]376 result.emplace_back(statement.getBlock(3));
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]377 }
378 return result;
379}
380
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]381std::list<security::v2::Certificate>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]382CaSqlite::listAllIssuedCertificates(const Name& caName)
383{
384 auto allCerts = listAllIssuedCertificates();
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]385 std::list<security::v2::Certificate> result;
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]386 for (const auto& entry : allCerts) {
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]387 const auto& klName = entry.getSignature().getKeyLocator().getName();
388 if (security::v2::extractIdentityFromKeyName(klName) == caName) {
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]389 result.push_back(entry);
390 }
391 }
392 return result;
393}
394
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]395} // namespace ndncert
396} // namespace ndn