29 #include "../data.hpp" 36 #include <boost/filesystem.hpp> 46 "CREATE TABLE IF NOT EXISTS " 48 " tpm_locator BLOB NOT NULL," 49 " PRIMARY KEY (tpm_locator) " 53 "CREATE TABLE IF NOT EXISTS " 55 " identity_name BLOB NOT NULL, " 56 " default_identity INTEGER DEFAULT 0, " 57 " PRIMARY KEY (identity_name) " 59 "CREATE INDEX identity_index ON Identity(identity_name);";
62 "CREATE TABLE IF NOT EXISTS " 64 " identity_name BLOB NOT NULL, " 65 " key_identifier BLOB NOT NULL, " 68 " default_key INTEGER DEFAULT 0, " 69 " active INTEGER DEFAULT 0, " 70 " PRIMARY KEY (identity_name, key_identifier)" 72 "CREATE INDEX key_index ON Key(identity_name); ";
76 "CREATE TABLE IF NOT EXISTS " 78 " cert_name BLOB NOT NULL, " 79 " cert_issuer BLOB NOT NULL, " 80 " identity_name BLOB NOT NULL, " 81 " key_identifier BLOB NOT NULL, " 82 " not_before TIMESTAMP, " 83 " not_after TIMESTAMP, " 84 " certificate_data BLOB NOT NULL, " 85 " valid_flag INTEGER DEFAULT 1, " 86 " default_cert INTEGER DEFAULT 0, " 87 " PRIMARY KEY (cert_name) " 89 "CREATE INDEX cert_index ON Certificate(cert_name); " 90 "CREATE INDEX subject ON Certificate(identity_name);";
100 void(*destructor)(
void*))
102 return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
108 return string(reinterpret_cast<const char*>(sqlite3_column_text(statement, column)),
109 sqlite3_column_bytes(statement, column));
114 , m_database(nullptr)
116 boost::filesystem::path identityDir;
118 identityDir = boost::filesystem::path(getenv(
"HOME")) /
".ndn";
120 identityDir = boost::filesystem::path(dir) /
".ndn";
121 boost::filesystem::create_directories(identityDir);
124 int res = sqlite3_open_v2((identityDir /
"ndnsec-public-info.db").c_str(), &m_database,
125 SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE,
126 #ifdef NDN_CXX_DISABLE_SQLITE3_FS_LOCKING
132 if (res != SQLITE_OK)
133 BOOST_THROW_EXCEPTION(
Error(
"identity DB cannot be opened/created"));
136 BOOST_ASSERT(m_database !=
nullptr);
138 initializeTable(
"TpmInfo", INIT_TPM_INFO_TABLE);
139 initializeTable(
"Identity", INIT_ID_TABLE);
140 initializeTable(
"Key", INIT_KEY_TABLE);
141 initializeTable(
"Certificate", INIT_CERT_TABLE);
146 sqlite3_close(m_database);
147 m_database =
nullptr;
151 SecPublicInfoSqlite3::doesTableExist(
const string& tableName)
154 bool doesTableExist =
false;
155 string checkingString =
156 "SELECT name FROM sqlite_master WHERE type='table' AND name='" + tableName +
"'";
158 sqlite3_stmt* statement =
nullptr;
159 sqlite3_prepare_v2(m_database, checkingString.c_str(), -1, &statement, 0);
161 int result = sqlite3_step(statement);
162 if (result == SQLITE_ROW)
163 doesTableExist =
true;
164 sqlite3_finalize(statement);
166 return doesTableExist;
170 SecPublicInfoSqlite3::initializeTable(
const string& tableName,
const string& initCommand)
173 if (!doesTableExist(tableName)) {
174 char* errorMessage = 0;
175 int result = sqlite3_exec(m_database, initCommand.c_str(), NULL, NULL, &errorMessage);
177 if (result != SQLITE_OK && errorMessage != 0) {
178 sqlite3_free(errorMessage);
187 SecPublicInfoSqlite3::deleteTable(
const string& tableName)
189 string query =
"DROP TABLE IF EXISTS " + tableName;
191 sqlite3_stmt* statement =
nullptr;
192 sqlite3_prepare_v2(m_database, query.c_str(), -1, &statement, 0);
194 sqlite3_step(statement);
195 sqlite3_finalize(statement);
206 setTpmLocatorInternal(tpmLocator,
false);
210 if (currentTpm == tpmLocator)
213 setTpmLocatorInternal(tpmLocator,
true);
219 sqlite3_stmt* statement =
nullptr;
220 sqlite3_prepare_v2(m_database,
"SELECT tpm_locator FROM TpmInfo", -1, &statement, 0);
222 int res = sqlite3_step(statement);
224 if (res == SQLITE_ROW) {
226 sqlite3_finalize(statement);
230 sqlite3_finalize(statement);
236 SecPublicInfoSqlite3::setTpmLocatorInternal(
const string& tpmLocator,
bool needReset)
238 sqlite3_stmt* statement =
nullptr;
241 deleteTable(
"Identity");
243 deleteTable(
"Certificate");
245 initializeTable(
"Identity", INIT_ID_TABLE);
246 initializeTable(
"Key", INIT_KEY_TABLE);
247 initializeTable(
"Certificate", INIT_CERT_TABLE);
249 sqlite3_prepare_v2(m_database,
"UPDATE TpmInfo SET tpm_locator = ?",
255 sqlite3_prepare_v2(m_database,
"INSERT INTO TpmInfo (tpm_locator) VALUES (?)",
260 sqlite3_step(statement);
261 sqlite3_finalize(statement);
267 return string(
"pib-sqlite3:").append(
m_location);
275 sqlite3_stmt* statement =
nullptr;
276 sqlite3_prepare_v2(m_database,
277 "SELECT count(*) FROM Identity WHERE identity_name=?",
281 int res = sqlite3_step(statement);
283 if (res == SQLITE_ROW) {
284 int countAll = sqlite3_column_int(statement, 0);
289 sqlite3_finalize(statement);
300 sqlite3_stmt* statement =
nullptr;
302 sqlite3_prepare_v2(m_database,
303 "INSERT OR REPLACE INTO Identity (identity_name) values (?)",
308 sqlite3_step(statement);
310 sqlite3_finalize(statement);
324 BOOST_THROW_EXCEPTION(
Error(
"Incorrect key name " + keyName.
toUri()));
326 string keyId = keyName.
get(-1).
toUri();
329 sqlite3_stmt* statement =
nullptr;
330 sqlite3_prepare_v2(m_database,
331 "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?",
337 int res = sqlite3_step(statement);
339 bool keyIdExist =
false;
340 if (res == SQLITE_ROW) {
341 int countAll = sqlite3_column_int(statement, 0);
346 sqlite3_finalize(statement);
361 string keyId = keyName.
get(-1).
toUri();
366 sqlite3_stmt* statement =
nullptr;
367 sqlite3_prepare_v2(m_database,
368 "INSERT OR REPLACE INTO Key \ 369 (identity_name, key_identifier, key_type, public_key) \ 370 values (?, ?, ?, ?)",
375 sqlite3_bind_int(statement, 3, publicKeyDer.
getKeyType());
376 sqlite3_bind_blob(statement, 4,
378 publicKeyDer.
get().size(),
381 sqlite3_step(statement);
383 sqlite3_finalize(statement);
386 shared_ptr<PublicKey>
390 BOOST_THROW_EXCEPTION(
Error(
"SecPublicInfoSqlite3::getPublicKey Empty keyName"));
392 string keyId = keyName.
get(-1).
toUri();
395 sqlite3_stmt* statement =
nullptr;
396 sqlite3_prepare_v2(m_database,
397 "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?",
403 int res = sqlite3_step(statement);
405 shared_ptr<PublicKey> result;
406 if (res == SQLITE_ROW) {
407 result = make_shared<PublicKey>(
static_cast<const uint8_t*
>(sqlite3_column_blob(statement, 0)),
408 sqlite3_column_bytes(statement, 0));
409 sqlite3_finalize(statement);
413 sqlite3_finalize(statement);
414 BOOST_THROW_EXCEPTION(
Error(
"SecPublicInfoSqlite3::getPublicKey public key does not exist"));
424 string keyId = keyName.
get(-1).
toUri();
427 sqlite3_stmt* statement =
nullptr;
428 sqlite3_prepare_v2(m_database,
429 "SELECT key_type FROM Key WHERE identity_name=? AND key_identifier=?",
435 int res = sqlite3_step(statement);
437 if (res == SQLITE_ROW) {
438 int typeValue = sqlite3_column_int(statement, 0);
439 sqlite3_finalize(statement);
440 return static_cast<KeyType>(typeValue);
443 sqlite3_finalize(statement);
451 sqlite3_stmt* statement =
nullptr;
452 sqlite3_prepare_v2(m_database,
453 "SELECT count(*) FROM Certificate WHERE cert_name=?",
458 int res = sqlite3_step(statement);
460 bool certExist =
false;
461 if (res == SQLITE_ROW) {
462 int countAll = sqlite3_column_int(statement, 0);
467 sqlite3_finalize(statement);
475 const Name& certificateName = certificate.
getName();
485 string keyId = keyName.
get(-1).
toUri();
489 sqlite3_stmt* statement =
nullptr;
490 sqlite3_prepare_v2(m_database,
491 "INSERT OR REPLACE INTO Certificate \ 492 (cert_name, cert_issuer, identity_name, key_identifier, \ 493 not_before, not_after, certificate_data) \ 494 values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
512 sqlite3_bind_int64(statement, 5,
514 sqlite3_bind_int64(statement, 6,
517 sqlite3_bind_blob(statement, 7,
522 sqlite3_step(statement);
524 sqlite3_finalize(statement);
527 shared_ptr<IdentityCertificate>
530 sqlite3_stmt* statement =
nullptr;
532 sqlite3_prepare_v2(m_database,
533 "SELECT certificate_data FROM Certificate WHERE cert_name=?",
538 int res = sqlite3_step(statement);
540 if (res == SQLITE_ROW) {
541 shared_ptr<IdentityCertificate> certificate = make_shared<IdentityCertificate>();
543 certificate->wireDecode(
Block(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)),
544 sqlite3_column_bytes(statement, 0)));
547 sqlite3_finalize(statement);
548 BOOST_THROW_EXCEPTION(
Error(
"SecPublicInfoSqlite3::getCertificate certificate cannot be " 552 sqlite3_finalize(statement);
556 sqlite3_finalize(statement);
557 BOOST_THROW_EXCEPTION(
Error(
"SecPublicInfoSqlite3::getCertificate certificate does not " 566 sqlite3_stmt* statement =
nullptr;
567 sqlite3_prepare_v2(m_database,
568 "SELECT identity_name FROM Identity WHERE default_identity=1",
571 int res = sqlite3_step(statement);
573 if (res == SQLITE_ROW) {
575 sqlite3_finalize(statement);
579 sqlite3_finalize(statement);
580 BOOST_THROW_EXCEPTION(
Error(
"SecPublicInfoSqlite3::getDefaultIdentity no default identity"));
585 SecPublicInfoSqlite3::setDefaultIdentityInternal(
const Name& identityName)
589 sqlite3_stmt* statement =
nullptr;
592 sqlite3_prepare_v2(m_database,
593 "UPDATE Identity SET default_identity=0 WHERE default_identity=1",
596 while (sqlite3_step(statement) == SQLITE_ROW)
599 sqlite3_finalize(statement);
602 sqlite3_prepare_v2(m_database,
603 "UPDATE Identity SET default_identity=1 WHERE identity_name=?",
608 sqlite3_step(statement);
610 sqlite3_finalize(statement);
616 sqlite3_stmt* statement =
nullptr;
617 sqlite3_prepare_v2(m_database,
618 "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1",
623 int res = sqlite3_step(statement);
625 if (res == SQLITE_ROW) {
626 Name keyName = identityName;
627 keyName.
append(
string(reinterpret_cast<const char*>(sqlite3_column_text(statement, 0)),
628 sqlite3_column_bytes(statement, 0)));
629 sqlite3_finalize(statement);
633 sqlite3_finalize(statement);
634 BOOST_THROW_EXCEPTION(
Error(
"SecPublicInfoSqlite3::getDefaultKeyNameForIdentity key not " 640 SecPublicInfoSqlite3::setDefaultKeyNameForIdentityInternal(
const Name& keyName)
643 BOOST_THROW_EXCEPTION(
Error(
"Key does not exist:" + keyName.
toUri()));
645 string keyId = keyName.
get(-1).
toUri();
648 sqlite3_stmt* statement =
nullptr;
651 sqlite3_prepare_v2(m_database,
652 "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?",
657 while (sqlite3_step(statement) == SQLITE_ROW)
660 sqlite3_finalize(statement);
663 sqlite3_prepare_v2(m_database,
664 "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?",
670 sqlite3_step(statement);
672 sqlite3_finalize(statement);
679 BOOST_THROW_EXCEPTION(
Error(
"SecPublicInfoSqlite3::getDefaultCertificateNameForKey wrong key"));
681 string keyId = keyName.
get(-1).
toUri();
684 sqlite3_stmt* statement =
nullptr;
685 sqlite3_prepare_v2(m_database,
686 "SELECT cert_name FROM Certificate \ 687 WHERE identity_name=? AND key_identifier=? AND default_cert=1",
693 int res = sqlite3_step(statement);
695 if (res == SQLITE_ROW) {
696 Name certName(
string(reinterpret_cast<const char*>(sqlite3_column_text(statement, 0)),
697 sqlite3_column_bytes(statement, 0)));
698 sqlite3_finalize(statement);
702 sqlite3_finalize(statement);
703 BOOST_THROW_EXCEPTION(
Error(
"certificate not found"));
708 SecPublicInfoSqlite3::setDefaultCertificateNameForKeyInternal(
const Name& certificateName)
711 BOOST_THROW_EXCEPTION(
Error(
"certificate does not exist:" + certificateName.
toUri()));
714 string keyId = keyName.
get(-1).
toUri();
717 sqlite3_stmt* statement =
nullptr;
720 sqlite3_prepare_v2(m_database,
721 "UPDATE Certificate SET default_cert=0 \ 722 WHERE default_cert=1 AND identity_name=? AND key_identifier=?",
728 while (sqlite3_step(statement) == SQLITE_ROW)
731 sqlite3_finalize(statement);
734 sqlite3_prepare_v2(m_database,
735 "UPDATE Certificate SET default_cert=1 \ 736 WHERE identity_name=? AND key_identifier=? AND cert_name=?",
743 sqlite3_step(statement);
745 sqlite3_finalize(statement);
753 sqlite3_prepare_v2(m_database,
754 "SELECT identity_name FROM Identity WHERE default_identity=1",
757 sqlite3_prepare_v2(m_database,
758 "SELECT identity_name FROM Identity WHERE default_identity=0",
761 while (sqlite3_step(stmt) == SQLITE_ROW)
762 nameList.push_back(
Name(
string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
763 sqlite3_column_bytes(stmt, 0))));
765 sqlite3_finalize(stmt);
774 sqlite3_prepare_v2(m_database,
775 "SELECT identity_name, key_identifier FROM Key WHERE default_key=1",
778 sqlite3_prepare_v2(m_database,
779 "SELECT identity_name, key_identifier FROM Key WHERE default_key=0",
782 while (sqlite3_step(stmt) == SQLITE_ROW) {
783 Name keyName(
string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
784 sqlite3_column_bytes(stmt, 0)));
785 keyName.
append(
string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 1)),
786 sqlite3_column_bytes(stmt, 1)));
787 nameList.push_back(keyName);
789 sqlite3_finalize(stmt);
794 vector<Name>& nameList,
800 sqlite3_prepare_v2(m_database,
801 "SELECT key_identifier FROM Key WHERE default_key=1 and identity_name=?",
804 sqlite3_prepare_v2(m_database,
805 "SELECT key_identifier FROM Key WHERE default_key=0 and identity_name=?",
810 while (sqlite3_step(stmt) == SQLITE_ROW) {
811 Name keyName(identity);
812 keyName.
append(
string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
813 sqlite3_column_bytes(stmt, 0)));
814 nameList.push_back(keyName);
816 sqlite3_finalize(stmt);
825 sqlite3_prepare_v2(m_database,
826 "SELECT cert_name FROM Certificate WHERE default_cert=1",
829 sqlite3_prepare_v2(m_database,
830 "SELECT cert_name FROM Certificate WHERE default_cert=0",
833 while (sqlite3_step(stmt) == SQLITE_ROW)
834 nameList.push_back(
string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
835 sqlite3_column_bytes(stmt, 0)));
837 sqlite3_finalize(stmt);
842 vector<Name>& nameList,
850 sqlite3_prepare_v2(m_database,
851 "SELECT cert_name FROM Certificate \ 852 WHERE default_cert=1 and identity_name=? and key_identifier=?",
855 sqlite3_prepare_v2(m_database,
856 "SELECT cert_name FROM Certificate \ 857 WHERE default_cert=0 and identity_name=? and key_identifier=?",
863 std::string baseKeyName = keyName.
get(-1).
toUri();
866 while (sqlite3_step(stmt) == SQLITE_ROW)
867 nameList.push_back(
string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
868 sqlite3_column_bytes(stmt, 0)));
870 sqlite3_finalize(stmt);
876 if (certName.
empty())
880 sqlite3_prepare_v2(m_database,
"DELETE FROM Certificate WHERE cert_name=?", -1, &stmt, 0);
883 sqlite3_finalize(stmt);
893 string keyId = keyName.
get(-1).
toUri();
896 sqlite3_prepare_v2(m_database,
897 "DELETE FROM Certificate WHERE identity_name=? and key_identifier=?",
902 sqlite3_finalize(stmt);
904 sqlite3_prepare_v2(m_database,
905 "DELETE FROM Key WHERE identity_name=? and key_identifier=?",
910 sqlite3_finalize(stmt);
916 string identity = identityName.
toUri();
919 sqlite3_prepare_v2(m_database,
"DELETE FROM Certificate WHERE identity_name=?", -1, &stmt, 0);
922 sqlite3_finalize(stmt);
924 sqlite3_prepare_v2(m_database,
"DELETE FROM Key WHERE identity_name=?", -1, &stmt, 0);
927 sqlite3_finalize(stmt);
929 sqlite3_prepare_v2(m_database,
"DELETE FROM Identity WHERE identity_name=?", -1, &stmt, 0);
932 sqlite3_finalize(stmt);
936 SecPublicInfoSqlite3::getScheme()
time::system_clock::TimePoint & getNotBefore()
Copyright (c) 2011-2015 Regents of the University of California.
virtual bool doesIdentityExist(const Name &identityName)
Check if the specified identity already exists.
time::system_clock::TimePoint & getNotAfter()
virtual void getAllKeyNames(std::vector< Name > &nameList, bool isDefault)
Get all the key names from public info.
virtual shared_ptr< IdentityCertificate > getCertificate(const Name &certificateName)
Get a shared pointer to identity certificate object from the identity storage.
virtual std::string getPibLocator()
virtual ~SecPublicInfoSqlite3()
static Name certificateNameToPublicKeyName(const Name &certificateName)
Get the public key name from the full certificate name.
const KeyLocator & getKeyLocator() const
Get KeyLocator.
virtual void getAllCertificateNamesOfKey(const Name &keyName, std::vector< Name > &nameList, bool isDefault)
Get all the certificate name of a particular key name.
static const string INIT_KEY_TABLE
Class representing a wire element of NDN-TLV packet format.
virtual bool doesCertificateExist(const Name &certificateName)
Check if the specified certificate already exists.
static const string INIT_TPM_INFO_TABLE
PublicKey & getPublicKeyInfo()
virtual Name getDefaultKeyNameForIdentity(const Name &identityName)
Get name of the default key name for the specified identity.
virtual std::string getTpmLocator()
Get TPM Locator.
virtual bool doesPublicKeyExist(const Name &keyName)
Check if the specified key already exists.
const Name & getName() const
Get name of the Data packet.
std::string toUri() const
Encode this name as a URI.
const Name & getName() const
get Name element
virtual shared_ptr< PublicKey > getPublicKey(const Name &keyName)
Get shared pointer to PublicKey object from the identity storage.
size_t wireEncode(EncodingImpl< TAG > &encoder, bool wantUnsignedPortionOnly=false) const
Fast encoding or block size estimation.
static int sqlite3_bind_string(sqlite3_stmt *statement, int index, const string &value, void(*destructor)(void *))
A utility function to call the normal sqlite3_bind_text where the value and length are value...
virtual bool revokeIdentity()
Revoke the identity.
void toUri(std::ostream &os) const
Write *this to the output stream, escaping characters according to the NDN URI Scheme.
KeyType getKeyType() const
virtual KeyType getPublicKeyType(const Name &keyName)
Get the type of the queried public key.
virtual void deletePublicKeyInfo(const Name &keyName)
Delete a public key and related certificates.
static const string INIT_ID_TABLE
Name abstraction to represent an absolute name.
static const std::string SCHEME
virtual void getAllIdentities(std::vector< Name > &nameList, bool isDefault)
Get all the identities from public info.
virtual Name getDefaultIdentity()
Get name of the default identity.
const Signature & getSignature() const
const Buffer & get() const
milliseconds toUnixTimestamp(const system_clock::TimePoint &point)
Convert system_clock::TimePoint to UNIX timestamp.
virtual void addIdentity(const Name &identityName)
Add a new identity.
Name & append(const uint8_t *value, size_t valueLength)
Append a new component, copying from value of length valueLength.
virtual void addKey(const Name &keyName, const PublicKey &publicKeyDer)
Add a public key to the identity storage.
bool empty() const
Check if name is emtpy.
virtual void deleteCertificateInfo(const Name &certificateName)
Delete a certificate.
SecPublicInfoSqlite3(const std::string &dir="")
PartialName getPrefix(ssize_t nComponents) const
Extract a prefix (PartialName) of the name, containing first nComponents components.
static string sqlite3_column_string(sqlite3_stmt *statement, int column)
virtual void getAllKeyNamesOfIdentity(const Name &identity, std::vector< Name > &nameList, bool isDefault)
Get all the key names of a particular identity.
virtual Name getDefaultCertificateNameForKey(const Name &keyName)
Get name of the default certificate name for the specified key.
virtual void addCertificate(const IdentityCertificate &certificate)
Add a certificate to the identity storage.
virtual void deleteIdentityInfo(const Name &identity)
Delete an identity and related public keys and certificates.
const Component & get(ssize_t i) const
Get the component at the given index.
virtual void getAllCertificateNames(std::vector< Name > &nameList, bool isDefault)
Get all the certificate name in public info.
SecPublicInfo is a base class for the storage of public information.
represents an error in TLV encoding or decoding
static const string INIT_CERT_TABLE
virtual void setTpmLocator(const std::string &tpmLocator)
Set the corresponding TPM information to tpmLocator.