Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / f51e316c2ced57329c9b2ddec226d173efcff292 / . / src / detail / ca-sqlite.cpp
blob: 05a4c8033f6f78b0d522bf29f5c85a0d6abd0a16 [file] [log] [blame]
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]2/*
3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangb041d442020-10-22 21:57:11 -0700[diff] [blame]21#include "detail/ca-sqlite.hpp"
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]22
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]23#include <sqlite3.h>
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]24#include <boost/filesystem.hpp>
tylerliua7bea662020-10-08 18:51:02 -0700[diff] [blame]25#include <ndn-cxx/security/validation-policy.hpp>
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]26#include <ndn-cxx/util/sqlite3-statement.hpp>
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]27
28namespace ndn {
29namespace ndncert {
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]30namespace ca {
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]31
Zhiyi Zhang59812232020-10-12 13:11:35 -0700[diff] [blame]32using namespace ndn::util;
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]33const std::string CaSqlite::STORAGE_TYPE = "ca-storage-sqlite3";
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]34
35NDNCERT_REGISTER_CA_STORAGE(CaSqlite);
36
Zhiyi Zhang59812232020-10-12 13:11:35 -0700[diff] [blame]37std::string
38convertJson2String(const JsonSection& json)
39{
40 std::stringstream ss;
41 boost::property_tree::write_json(ss, json);
42 return ss.str();
43}
44
45JsonSection
46convertString2Json(const std::string& jsonContent)
47{
48 std::istringstream ss(jsonContent);
49 JsonSection json;
50 boost::property_tree::json_parser::read_json(ss, json);
51 return json;
52}
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]53
54static const std::string INITIALIZATION = R"_DBTEXT_(
55CREATE TABLE IF NOT EXISTS
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]56 RequestStates(
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]57 id INTEGER PRIMARY KEY,
Zhiyi Zhang8fdb36b2020-10-18 11:58:51 -0700[diff] [blame]58 request_id BLOB NOT NULL,
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]59 ca_name BLOB NOT NULL,
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]60 request_type INTEGER NOT NULL,
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]61 status INTEGER NOT NULL,
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]62 cert_request BLOB NOT NULL,
63 challenge_type TEXT,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]64 challenge_status TEXT,
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]65 challenge_tp TEXT,
66 remaining_tries INTEGER,
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]67 remaining_time INTEGER,
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]68 challenge_secrets TEXT,
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]69 encryption_key BLOB NOT NULL,
70 aes_block_counter INTEGER
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]71 );
72CREATE UNIQUE INDEX IF NOT EXISTS
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]73 RequestStateIdIndex ON RequestStates(request_id);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]74)_DBTEXT_";
75
Zhiyi Zhangd1d9f5a2020-10-05 18:04:23 -0700[diff] [blame]76CaSqlite::CaSqlite(const Name& caName, const std::string& path)
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]77 : CaStorage()
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]78{
79 // Determine the path of sqlite db
80 boost::filesystem::path dbDir;
Zhiyi Zhangd1d9f5a2020-10-05 18:04:23 -0700[diff] [blame]81 if (!path.empty()) {
82 dbDir = boost::filesystem::path(path);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]83 }
84 else {
Zhiyi Zhangd1d9f5a2020-10-05 18:04:23 -0700[diff] [blame]85 std::string dbName = caName.toUri();
86 std::replace(dbName.begin(), dbName.end(), '/', '_');
87 dbName += ".db";
88 if (getenv("HOME") != nullptr) {
89 dbDir = boost::filesystem::path(getenv("HOME")) / ".ndncert";
90 }
91 else {
92 dbDir = boost::filesystem::current_path() / ".ndncert";
93 }
94 boost::filesystem::create_directories(dbDir);
95 dbDir /= dbName;
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]96 }
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]97
98 // open and initialize database
Zhiyi Zhangd1d9f5a2020-10-05 18:04:23 -0700[diff] [blame]99 int result = sqlite3_open_v2(dbDir.c_str(), &m_database,
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]100 SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE,
101#ifdef NDN_CXX_DISABLE_SQLITE3_FS_LOCKING
102 "unix-dotfile"
103#else
104 nullptr
105#endif
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]106 );
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]107 if (result != SQLITE_OK)
tylerliu41c11532020-10-10 16:14:45 -0700[diff] [blame]108 NDN_THROW(std::runtime_error("CaSqlite DB cannot be opened/created: " + dbDir.string()));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]109
110 // initialize database specific tables
111 char* errorMessage = nullptr;
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]112 result = sqlite3_exec(m_database, INITIALIZATION.data(),
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]113 nullptr, nullptr, &errorMessage);
114 if (result != SQLITE_OK && errorMessage != nullptr) {
115 sqlite3_free(errorMessage);
tylerliu41c11532020-10-10 16:14:45 -0700[diff] [blame]116 NDN_THROW(std::runtime_error("CaSqlite DB cannot be initialized"));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]117 }
118}
119
120CaSqlite::~CaSqlite()
121{
122 sqlite3_close(m_database);
123}
124
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]125RequestState
Zhiyi Zhangc9ada1b2020-10-29 19:13:15 -0700[diff] [blame]126CaSqlite::getRequest(const RequestId& requestId)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]127{
128 Sqlite3Statement statement(m_database,
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]129 R"_SQLTEXT_(SELECT id, ca_name, status,
130 challenge_status, cert_request,
131 challenge_type, challenge_secrets,
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]132 challenge_tp, remaining_tries, remaining_time,
133 request_type, encryption_key, aes_block_counter
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]134 FROM RequestStates where request_id = ?)_SQLTEXT_");
Zhiyi Zhang8fdb36b2020-10-18 11:58:51 -0700[diff] [blame]135 statement.bind(1, requestId.data(), requestId.size(), SQLITE_TRANSIENT);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]136
137 if (statement.step() == SQLITE_ROW) {
Zhiyi Zhang1f5e86e2020-12-04 15:07:57 -0800[diff] [blame]138 RequestState state;
139 state.caPrefix = Name(statement.getBlock(1));
140 state.status = static_cast<Status>(statement.getInt(2));
141 state.cert = security::Certificate(statement.getBlock(4));
142 state.challengeType = statement.getString(5);
143 state.requestType = static_cast<RequestType>(statement.getInt(10));
144 std::memcpy(state.encryptionKey.data(), statement.getBlob(11), statement.getSize(11));
145 state.aesBlockCounter = statement.getInt(12);
146 if (state.challengeType != "") {
147 ChallengeState challengeState(statement.getString(3), time::fromIsoString(statement.getString(7)),
148 statement.getInt(8), time::seconds(statement.getInt(9)),
149 convertString2Json(statement.getString(6)));
150 state.challengeState = challengeState;
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]151 }
Zhiyi Zhang1f5e86e2020-12-04 15:07:57 -0800[diff] [blame]152 return state;
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]153 }
154 else {
Zhiyi Zhang1f5e86e2020-12-04 15:07:57 -0800[diff] [blame]155 NDN_THROW(std::runtime_error("Request " + toHex(requestId.data(), requestId.size()) +
156 " cannot be fetched from database"));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]157 }
158}
159
160void
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]161CaSqlite::addRequest(const RequestState& request)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]162{
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]163 Sqlite3Statement statement(
164 m_database,
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]165 R"_SQLTEXT_(INSERT OR ABORT INTO RequestStates (request_id, ca_name, status, request_type,
Zhiyi Zhangd1d9f5a2020-10-05 18:04:23 -0700[diff] [blame]166 cert_request, challenge_type, challenge_status, challenge_secrets,
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]167 challenge_tp, remaining_tries, remaining_time, encryption_key, aes_block_counter)
168 values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?))_SQLTEXT_");
tylerliu7b9185c2020-11-24 12:15:18 -0800[diff] [blame]169 statement.bind(1, request.requestId.data(), request.requestId.size(), SQLITE_TRANSIENT);
170 statement.bind(2, request.caPrefix.wireEncode(), SQLITE_TRANSIENT);
171 statement.bind(3, static_cast<int>(request.status));
172 statement.bind(4, static_cast<int>(request.requestType));
173 statement.bind(5, request.cert.wireEncode(), SQLITE_TRANSIENT);
174 statement.bind(12, request.encryptionKey.data(), request.encryptionKey.size(), SQLITE_TRANSIENT);
175 statement.bind(13, request.aesBlockCounter);
176 if (request.challengeState) {
177 statement.bind(6, request.challengeType, SQLITE_TRANSIENT);
178 statement.bind(7, request.challengeState->challengeStatus, SQLITE_TRANSIENT);
179 statement.bind(8, convertJson2String(request.challengeState->secrets),
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]180 SQLITE_TRANSIENT);
tylerliu7b9185c2020-11-24 12:15:18 -0800[diff] [blame]181 statement.bind(9, time::toIsoString(request.challengeState->timestamp), SQLITE_TRANSIENT);
182 statement.bind(10, request.challengeState->remainingTries);
183 statement.bind(11, request.challengeState->remainingTime.count());
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]184 }
Zhiyi Zhangb8bbc642020-09-29 14:08:26 -0700[diff] [blame]185 if (statement.step() != SQLITE_DONE) {
tylerliu7b9185c2020-11-24 12:15:18 -0800[diff] [blame]186 NDN_THROW(std::runtime_error("Request " + toHex(request.requestId.data(), request.requestId.size()) + " cannot be added to database"));
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]187 }
188}
189
190void
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]191CaSqlite::updateRequest(const RequestState& request)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]192{
193 Sqlite3Statement statement(m_database,
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]194 R"_SQLTEXT_(UPDATE RequestStates
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]195 SET status = ?, challenge_type = ?, challenge_status = ?, challenge_secrets = ?,
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]196 challenge_tp = ?, remaining_tries = ?, remaining_time = ?, aes_block_counter = ?
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]197 WHERE request_id = ?)_SQLTEXT_");
tylerliu7b9185c2020-11-24 12:15:18 -0800[diff] [blame]198 statement.bind(1, static_cast<int>(request.status));
199 statement.bind(2, request.challengeType, SQLITE_TRANSIENT);
200 if (request.challengeState) {
201 statement.bind(3, request.challengeState->challengeStatus, SQLITE_TRANSIENT);
202 statement.bind(4, convertJson2String(request.challengeState->secrets), SQLITE_TRANSIENT);
203 statement.bind(5, time::toIsoString(request.challengeState->timestamp), SQLITE_TRANSIENT);
204 statement.bind(6, request.challengeState->remainingTries);
205 statement.bind(7, request.challengeState->remainingTime.count());
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]206 }
207 else {
208 statement.bind(3, "", SQLITE_TRANSIENT);
209 statement.bind(4, "", SQLITE_TRANSIENT);
210 statement.bind(5, "", SQLITE_TRANSIENT);
211 statement.bind(6, 0);
212 statement.bind(7, 0);
213 }
tylerliu7b9185c2020-11-24 12:15:18 -0800[diff] [blame]214 statement.bind(8, request.aesBlockCounter);
215 statement.bind(9, request.requestId.data(), request.requestId.size(), SQLITE_TRANSIENT);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]216
217 if (statement.step() != SQLITE_DONE) {
218 addRequest(request);
219 }
220}
221
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]222std::list<RequestState>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]223CaSqlite::listAllRequests()
224{
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]225 std::list<RequestState> result;
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]226 Sqlite3Statement statement(m_database, R"_SQLTEXT_(SELECT id, request_id, ca_name, status,
Zhiyi Zhangd1d9f5a2020-10-05 18:04:23 -0700[diff] [blame]227 challenge_status, cert_request, challenge_type, challenge_secrets,
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]228 challenge_tp, remaining_tries, remaining_time, request_type,
229 encryption_key, aes_block_counter
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]230 FROM RequestStates)_SQLTEXT_");
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]231 while (statement.step() == SQLITE_ROW) {
Zhiyi Zhang1f5e86e2020-12-04 15:07:57 -0800[diff] [blame]232 RequestState state;
233 std::memcpy(state.requestId.data(), statement.getBlob(1), statement.getSize(1));
234 state.caPrefix = Name(statement.getBlock(2));
235 state.status = static_cast<Status>(statement.getInt(3));
236 state.challengeType = statement.getString(6);
237 state.cert = security::Certificate(statement.getBlock(5));
238 state.requestType = static_cast<RequestType>(statement.getInt(11));
239 std::memcpy(state.encryptionKey.data(), statement.getBlob(12), statement.getSize(12));
240 state.aesBlockCounter = statement.getInt(13);
241 if (state.challengeType != "") {
242 ChallengeState challengeState(statement.getString(4), time::fromIsoString(statement.getString(8)),
243 statement.getInt(9), time::seconds(statement.getInt(10)),
244 convertString2Json(statement.getString(7)));
245 state.challengeState = challengeState;
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]246 }
Zhiyi Zhang1f5e86e2020-12-04 15:07:57 -0800[diff] [blame]247 result.push_back(state);
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]248 }
249 return result;
250}
251
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]252std::list<RequestState>
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]253CaSqlite::listAllRequests(const Name& caName)
254{
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]255 std::list<RequestState> result;
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]256 Sqlite3Statement statement(m_database,
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]257 R"_SQLTEXT_(SELECT id, request_id, ca_name, status,
Zhiyi Zhangd1d9f5a2020-10-05 18:04:23 -0700[diff] [blame]258 challenge_status, cert_request, challenge_type, challenge_secrets,
Zhiyi Zhang1f9551b2020-10-30 10:30:43 -0700[diff] [blame]259 challenge_tp, remaining_tries, remaining_time, request_type,
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]260 encryption_key, aes_block_counter
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]261 FROM RequestStates WHERE ca_name = ?)_SQLTEXT_");
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]262 statement.bind(1, caName.wireEncode(), SQLITE_TRANSIENT);
263
Davide Pesaventob48bbda2020-07-27 19:41:37 -0400[diff] [blame]264 while (statement.step() == SQLITE_ROW) {
Zhiyi Zhang1f5e86e2020-12-04 15:07:57 -0800[diff] [blame]265 RequestState state;
266 std::memcpy(state.requestId.data(), statement.getBlob(1), statement.getSize(1));
267 state.caPrefix = Name(statement.getBlock(2));
268 state.status = static_cast<Status>(statement.getInt(3));
269 state.challengeType = statement.getString(6);
270 state.cert = security::Certificate(statement.getBlock(5));
271 state.requestType = static_cast<RequestType>(statement.getInt(11));
272 std::memcpy(state.encryptionKey.data(), statement.getBlob(12), statement.getSize(12));
273 state.aesBlockCounter = statement.getInt(13);
274 if (state.challengeType != "") {
275 ChallengeState challengeState(statement.getString(4), time::fromIsoString(statement.getString(8)),
276 statement.getInt(9), time::seconds(statement.getInt(10)),
277 convertString2Json(statement.getString(7)));
278 state.challengeState = challengeState;
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]279 }
Zhiyi Zhang1f5e86e2020-12-04 15:07:57 -0800[diff] [blame]280 result.push_back(state);
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]281 }
282 return result;
283}
284
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]285void
Zhiyi Zhangc9ada1b2020-10-29 19:13:15 -0700[diff] [blame]286CaSqlite::deleteRequest(const RequestId& requestId)
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]287{
288 Sqlite3Statement statement(m_database,
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]289 R"_SQLTEXT_(DELETE FROM RequestStates WHERE request_id = ?)_SQLTEXT_");
Zhiyi Zhang8fdb36b2020-10-18 11:58:51 -0700[diff] [blame]290 statement.bind(1, requestId.data(), requestId.size(), SQLITE_TRANSIENT);
Zhiyi Zhang91c846b2017-04-12 14:16:31 -0700[diff] [blame]291 statement.step();
292}
293
Zhiyi Zhang32d4b4e2020-10-28 22:10:49 -0700[diff] [blame]294} // namespace ca
Zhiyi Zhange4891b72020-10-10 15:11:57 -0700[diff] [blame]295} // namespace ndncert
296} // namespace ndn