Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 8bd8e5be263ceba7fdf27dfe2f889dc0d5f94917 / . / src / ca-storage-detail / ca-sqlite.cpp
blob: 905bfa55f6e8ca84527ba2ab687e78695d04764a [file] [log] [blame]
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]2/*
3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
21#include "ca-sqlite.hpp"
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]22
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]23#include <sqlite3.h>
24
25#include <boost/filesystem.hpp>
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]26#include <ndn-cxx/security/v2/validation-policy.hpp>
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]27#include <ndn-cxx/util/sqlite3-statement.hpp>
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]28
29namespace ndn {
30namespace ndncert {
31
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]32const std::string CaSqlite::STORAGE_TYPE = "ca-storage-sqlite3";
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]33
34NDNCERT_REGISTER_CA_STORAGE(CaSqlite);
35
36using namespace ndn::util;
37
38static const std::string INITIALIZATION = R"_DBTEXT_(
39CREATE TABLE IF NOT EXISTS
40 CertRequests(
41 id INTEGER PRIMARY KEY,
42 request_id TEXT NOT NULL,
43 ca_name BLOB NOT NULL,
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]44 request_type INTEGER NOT NULL,
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]45 status INTEGER NOT NULL,
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]46 cert_key_name BLOB NOT NULL,
47 cert_request BLOB NOT NULL,
48 challenge_type TEXT,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]49 challenge_status TEXT,
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]50 challenge_tp TEXT,
51 remaining_tries INTEGER,
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]52 remaining_time INTEGER,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]53 challenge_secrets TEXT
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]54 );
55CREATE UNIQUE INDEX IF NOT EXISTS
56 CertRequestIdIndex ON CertRequests(request_id);
57CREATE UNIQUE INDEX IF NOT EXISTS
58 CertRequestKeyNameIndex ON CertRequests(cert_key_name);
59
60CREATE TABLE IF NOT EXISTS
61 IssuedCerts(
62 id INTEGER PRIMARY KEY,
63 cert_id TEXT NOT NULL,
64 cert_key_name BLOB NOT NULL,
65 cert BLOB NOT NULL
66 );
67CREATE UNIQUE INDEX IF NOT EXISTS
68 IssuedCertRequestIdIndex ON IssuedCerts(cert_id);
69CREATE UNIQUE INDEX IF NOT EXISTS
70 IssuedCertKeyNameIndex ON IssuedCerts(cert_key_name);
71)_DBTEXT_";
72
73CaSqlite::CaSqlite(const std::string& location)
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]74 : CaStorage()
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]75{
76 // Determine the path of sqlite db
77 boost::filesystem::path dbDir;
78 if (!location.empty()) {
79 dbDir = boost::filesystem::path(location);
80 }
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]81 else if (getenv("HOME") != nullptr) {
82 dbDir = boost::filesystem::path(getenv("HOME")) / ".ndn";
83 }
84 else {
85 dbDir = boost::filesystem::current_path() / ".ndn";
86 }
87 boost::filesystem::create_directories(dbDir);
88
89 // open and initialize database
90 int result = sqlite3_open_v2((dbDir / "ndncert-ca.db").c_str(), &m_database,
91 SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE,
92#ifdef NDN_CXX_DISABLE_SQLITE3_FS_LOCKING
93 "unix-dotfile"
94#else
95 nullptr
96#endif
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]97 );
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]98 if (result != SQLITE_OK)
99 BOOST_THROW_EXCEPTION(Error("CaSqlite DB cannot be opened/created: " + dbDir.string()));
100
101 // initialize database specific tables
102 char* errorMessage = nullptr;
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]103 result = sqlite3_exec(m_database, INITIALIZATION.data(),
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]104 nullptr, nullptr, &errorMessage);
105 if (result != SQLITE_OK && errorMessage != nullptr) {
106 sqlite3_free(errorMessage);
107 BOOST_THROW_EXCEPTION(Error("CaSqlite DB cannot be initialized"));
108 }
109}
110
111CaSqlite::~CaSqlite()
112{
113 sqlite3_close(m_database);
114}
115
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]116RequestState
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]117CaSqlite::getRequest(const std::string& requestId)
118{
119 Sqlite3Statement statement(m_database,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]120 R"_SQLTEXT_(SELECT id, ca_name, status,
121 challenge_status, cert_request,
122 challenge_type, challenge_secrets,
123 challenge_tp, remaining_tries, remaining_time, request_type
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]124 FROM CertRequests where request_id = ?)_SQLTEXT_");
125 statement.bind(1, requestId, SQLITE_TRANSIENT);
126
127 if (statement.step() == SQLITE_ROW) {
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]128 Name caName(statement.getBlock(1));
129 auto status = static_cast<Status>(statement.getInt(2));
130 auto challengeStatus = statement.getString(3);
131 security::v2::Certificate cert(statement.getBlock(4));
132 auto challengeType = statement.getString(5);
133 auto challengeSecrets = statement.getString(6);
134 auto challengeTp = statement.getString(7);
135 auto remainingTries = statement.getInt(8);
136 auto remainingTime = statement.getInt(9);
137 auto requestType = static_cast<RequestType>(statement.getInt(10));
138 if (challengeType != "") {
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]139 return RequestState(caName, requestId, requestType, status, cert,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]140 challengeType, challengeStatus, time::fromIsoString(challengeTp),
141 remainingTries, time::seconds(remainingTime),
142 convertString2Json(challengeSecrets));
143 }
144 else {
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]145 return RequestState(caName, requestId, requestType, status, cert);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]146 }
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]147 }
148 else {
149 BOOST_THROW_EXCEPTION(Error("Request " + requestId + " cannot be fetched from database"));
150 }
151}
152
153void
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]154CaSqlite::addRequest(const RequestState& request)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]155{
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]156 // check whether request is there already
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]157 auto keyNameTlv = request.m_cert.getKeyName().wireEncode();
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]158 Sqlite3Statement statement1(m_database,
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]159 R"_SQLTEXT_(SELECT * FROM CertRequests where cert_key_name = ?)_SQLTEXT_");
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]160 statement1.bind(1, keyNameTlv, SQLITE_TRANSIENT);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]161 if (statement1.step() == SQLITE_ROW) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]162 BOOST_THROW_EXCEPTION(Error("Request for " + request.m_cert.getKeyName().toUri() + " already exists"));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]163 }
164
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]165 // check whether certificate is already issued
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]166 Sqlite3Statement statement2(m_database,
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]167 R"_SQLTEXT_(SELECT * FROM IssuedCerts where cert_key_name = ?)_SQLTEXT_");
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]168 statement2.bind(1, keyNameTlv, SQLITE_TRANSIENT);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]169 if (statement2.step() == SQLITE_ROW) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]170 BOOST_THROW_EXCEPTION(Error("Cert for " + request.m_cert.getKeyName().toUri() + " already exists"));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]171 }
172
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]173 Sqlite3Statement statement(
174 m_database,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]175 R"_SQLTEXT_(INSERT INTO CertRequests (request_id, ca_name, status, request_type,
176 cert_key_name, cert_request, challenge_type, challenge_status, challenge_secrets,
177 challenge_tp, remaining_tries, remaining_time)
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]178 values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?))_SQLTEXT_");
179 statement.bind(1, request.m_requestId, SQLITE_TRANSIENT);
180 statement.bind(2, request.m_caPrefix.wireEncode(), SQLITE_TRANSIENT);
181 statement.bind(3, static_cast<int>(request.m_status));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]182 statement.bind(4, static_cast<int>(request.m_requestType));
183 statement.bind(5, keyNameTlv, SQLITE_TRANSIENT);
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]184 statement.bind(6, request.m_cert.wireEncode(), SQLITE_TRANSIENT);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]185 if (request.m_challengeState) {
186 statement.bind(7, request.m_challengeType, SQLITE_TRANSIENT);
187 statement.bind(8, request.m_challengeState->m_challengeStatus, SQLITE_TRANSIENT);
188 statement.bind(9, convertJson2String(request.m_challengeState->m_secrets),
189 SQLITE_TRANSIENT);
190 statement.bind(10, time::toIsoString(request.m_challengeState->m_timestamp), SQLITE_TRANSIENT);
191 statement.bind(11, request.m_challengeState->m_remainingTries);
192 statement.bind(12, request.m_challengeState->m_remainingTime.count());
193 }
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]194 if (statement.step() != SQLITE_DONE) {
195 BOOST_THROW_EXCEPTION(Error("Request " + request.m_requestId + " cannot be added to database"));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]196 }
197}
198
199void
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]200CaSqlite::updateRequest(const RequestState& request)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]201{
202 Sqlite3Statement statement(m_database,
203 R"_SQLTEXT_(UPDATE CertRequests
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]204 SET status = ?, challenge_type = ?, challenge_status = ?, challenge_secrets = ?,
205 challenge_tp = ?, remaining_tries = ?, remaining_time = ?
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]206 WHERE request_id = ?)_SQLTEXT_");
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]207 statement.bind(1, static_cast<int>(request.m_status));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]208 statement.bind(2, request.m_challengeType, SQLITE_TRANSIENT);
209 if (request.m_challengeState) {
210 statement.bind(3, request.m_challengeState->m_challengeStatus, SQLITE_TRANSIENT);
211 statement.bind(4, convertJson2String(request.m_challengeState->m_secrets),
212 SQLITE_TRANSIENT);
213 statement.bind(5, time::toIsoString(request.m_challengeState->m_timestamp), SQLITE_TRANSIENT);
214 statement.bind(6, request.m_challengeState->m_remainingTries);
215 statement.bind(7, request.m_challengeState->m_remainingTime.count());
216 }
217 else {
218 statement.bind(3, "", SQLITE_TRANSIENT);
219 statement.bind(4, "", SQLITE_TRANSIENT);
220 statement.bind(5, "", SQLITE_TRANSIENT);
221 statement.bind(6, 0);
222 statement.bind(7, 0);
223 }
224 statement.bind(8, request.m_requestId, SQLITE_TRANSIENT);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]225
226 if (statement.step() != SQLITE_DONE) {
227 addRequest(request);
228 }
229}
230
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]231std::list<RequestState>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]232CaSqlite::listAllRequests()
233{
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]234 std::list<RequestState> result;
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]235 Sqlite3Statement statement(m_database, R"_SQLTEXT_(SELECT id, request_id, ca_name, status,
236 challenge_status, cert_key_name, cert_request, challenge_type, challenge_secrets,
237 challenge_tp, remaining_tries, remaining_time, request_type
238 FROM CertRequests)_SQLTEXT_");
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]239 while (statement.step() == SQLITE_ROW) {
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]240 auto requestId = statement.getString(1);
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]241 Name caName(statement.getBlock(2));
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]242 auto status = static_cast<Status>(statement.getInt(3));
243 auto challengeStatus = statement.getString(4);
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]244 security::v2::Certificate cert(statement.getBlock(6));
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]245 auto challengeType = statement.getString(7);
246 auto challengeSecrets = statement.getString(8);
247 auto challengeTp = statement.getString(9);
248 auto remainingTries = statement.getInt(10);
249 auto remainingTime = statement.getInt(11);
250 auto requestType = static_cast<RequestType>(statement.getInt(12));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]251 if (challengeType != "") {
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]252 result.push_back(RequestState(caName, requestId, requestType, status, cert,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]253 challengeType, challengeStatus, time::fromIsoString(challengeTp),
254 remainingTries, time::seconds(remainingTime),
255 convertString2Json(challengeSecrets)));
256 }
257 else {
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]258 result.push_back(RequestState(caName, requestId, requestType, status, cert));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]259 }
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]260 }
261 return result;
262}
263
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]264std::list<RequestState>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]265CaSqlite::listAllRequests(const Name& caName)
266{
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]267 std::list<RequestState> result;
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]268 Sqlite3Statement statement(m_database,
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]269 R"_SQLTEXT_(SELECT id, request_id, ca_name, status,
270 challenge_status, cert_key_name, cert_request, challenge_type, challenge_secrets,
271 challenge_tp, remaining_tries, remaining_time, request_type
272 FROM CertRequests WHERE ca_name = ?)_SQLTEXT_");
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]273 statement.bind(1, caName.wireEncode(), SQLITE_TRANSIENT);
274
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]275 while (statement.step() == SQLITE_ROW) {
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]276 auto requestId = statement.getString(1);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]277 Name caName(statement.getBlock(2));
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]278 auto status = static_cast<Status>(statement.getInt(3));
279 auto challengeStatus = statement.getString(4);
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]280 security::v2::Certificate cert(statement.getBlock(6));
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]281 auto challengeType = statement.getString(7);
282 auto challengeSecrets = statement.getString(8);
283 auto challengeTp = statement.getString(9);
284 auto remainingTries = statement.getInt(10);
285 auto remainingTime = statement.getInt(11);
286 auto requestType = static_cast<RequestType>(statement.getInt(12));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]287 if (challengeType != "") {
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]288 result.push_back(RequestState(caName, requestId, requestType, status, cert,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]289 challengeType, challengeStatus, time::fromIsoString(challengeTp),
290 remainingTries, time::seconds(remainingTime),
291 convertString2Json(challengeSecrets)));
292 }
293 else {
Zhiyi Zhange232a742020-09-29 17:34:17 -0700[diff] [blame]294 result.push_back(RequestState(caName, requestId, requestType, status, cert));
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]295 }
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]296 }
297 return result;
298}
299
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]300void
301CaSqlite::deleteRequest(const std::string& requestId)
302{
303 Sqlite3Statement statement(m_database,
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]304 R"_SQLTEXT_(DELETE FROM CertRequests WHERE request_id = ?)_SQLTEXT_");
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]305 statement.bind(1, requestId, SQLITE_TRANSIENT);
306 statement.step();
307}
308
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]309security::v2::Certificate
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]310CaSqlite::getCertificate(const std::string& certId)
311{
312 Sqlite3Statement statement(m_database,
313 R"_SQLTEXT_(SELECT cert FROM IssuedCerts where cert_id = ?)_SQLTEXT_");
314 statement.bind(1, certId, SQLITE_TRANSIENT);
315
316 if (statement.step() == SQLITE_ROW) {
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]317 return security::v2::Certificate(statement.getBlock(0));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]318 }
319 else {
320 BOOST_THROW_EXCEPTION(Error("Certificate with ID " + certId + " cannot be fetched from database"));
321 }
322}
323
324void
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]325CaSqlite::addCertificate(const std::string& certId, const security::v2::Certificate& cert)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]326{
327 Sqlite3Statement statement(m_database,
328 R"_SQLTEXT_(INSERT INTO IssuedCerts (cert_id, cert_key_name, cert)
329 values (?, ?, ?))_SQLTEXT_");
330 statement.bind(1, certId, SQLITE_TRANSIENT);
331 statement.bind(2, cert.getKeyName().wireEncode(), SQLITE_TRANSIENT);
332 statement.bind(3, cert.wireEncode(), SQLITE_TRANSIENT);
333
334 if (statement.step() != SQLITE_DONE) {
335 BOOST_THROW_EXCEPTION(Error("Certificate " + cert.getName().toUri() + " cannot be added to database"));
336 }
337}
338
339void
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]340CaSqlite::updateCertificate(const std::string& certId, const security::v2::Certificate& cert)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]341{
342 Sqlite3Statement statement(m_database,
343 R"_SQLTEXT_(UPDATE IssuedCerts SET cert = ? WHERE cert_id = ?)_SQLTEXT_");
344 statement.bind(1, cert.wireEncode(), SQLITE_TRANSIENT);
345 statement.bind(2, certId, SQLITE_TRANSIENT);
346
347 if (statement.step() != SQLITE_DONE) {
348 addCertificate(certId, cert);
349 }
350}
351
352void
353CaSqlite::deleteCertificate(const std::string& certId)
354{
355 Sqlite3Statement statement(m_database,
356 R"_SQLTEXT_(DELETE FROM IssuedCerts WHERE cert_id = ?)_SQLTEXT_");
357 statement.bind(1, certId, SQLITE_TRANSIENT);
358 statement.step();
359}
360
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]361std::list<security::v2::Certificate>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]362CaSqlite::listAllIssuedCertificates()
363{
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]364 std::list<security::v2::Certificate> result;
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]365 Sqlite3Statement statement(m_database, R"_SQLTEXT_(SELECT * FROM IssuedCerts)_SQLTEXT_");
366
367 while (statement.step() == SQLITE_ROW) {
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]368 result.emplace_back(statement.getBlock(3));
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]369 }
370 return result;
371}
372
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]373std::list<security::v2::Certificate>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]374CaSqlite::listAllIssuedCertificates(const Name& caName)
375{
376 auto allCerts = listAllIssuedCertificates();
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]377 std::list<security::v2::Certificate> result;
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]378 for (const auto& entry : allCerts) {
Zhiyi Zhangef6b36a2020-09-22 21:20:59 -0700[diff] [blame]379 const auto& klName = entry.getSignature().getKeyLocator().getName();
380 if (security::v2::extractIdentityFromKeyName(klName) == caName) {
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]381 result.push_back(entry);
382 }
383 }
384 return result;
385}
386
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]387} // namespace ndncert
388} // namespace ndn