NS-3 based Named Data Networking (NDN) simulator
ndnSIM 2.3: NDN, CCN, CCNx, content centric networks 		API Documentation
sec-public-info-sqlite3.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
25 #include "sec-public-info-sqlite3.hpp"
26 #include "v1/identity-certificate.hpp"
27 #include "signature-sha256-with-rsa.hpp"
28 #include "signature-sha256-with-ecdsa.hpp"
29 #include "../data.hpp"
30 
31 #include <sqlite3.h>
32 #include <stdio.h>
33 #include <stdlib.h>
34 #include <sstream>
35 #include <fstream>
36 #include <boost/filesystem.hpp>
37 
38 namespace ndn {
39 namespace security {
40 
41 using std::string;
42 using std::vector;
43 
44 const std::string SecPublicInfoSqlite3::SCHEME("pib-sqlite3");
45 
46 static const string INIT_TPM_INFO_TABLE =
47  "CREATE TABLE IF NOT EXISTS "
48  " TpmInfo( "
49  " tpm_locator BLOB NOT NULL,"
50  " PRIMARY KEY (tpm_locator) "
51  " ); ";
52 
53 static const string INIT_ID_TABLE =
54  "CREATE TABLE IF NOT EXISTS "
55  " Identity( "
56  " identity_name BLOB NOT NULL, "
57  " default_identity INTEGER DEFAULT 0, "
58  " PRIMARY KEY (identity_name) "
59  " ); "
60  "CREATE INDEX identity_index ON Identity(identity_name);";
61 
62 static const string INIT_KEY_TABLE =
63  "CREATE TABLE IF NOT EXISTS "
64  " Key( "
65  " identity_name BLOB NOT NULL, "
66  " key_identifier BLOB NOT NULL, "
67  " key_type INTEGER, "
68  " public_key BLOB, "
69  " default_key INTEGER DEFAULT 0, "
70  " active INTEGER DEFAULT 0, "
71  " PRIMARY KEY (identity_name, key_identifier)"
72  " ); "
73  "CREATE INDEX key_index ON Key(identity_name); ";
74 
75 
76 static const string INIT_CERT_TABLE =
77  "CREATE TABLE IF NOT EXISTS "
78  " Certificate( "
79  " cert_name BLOB NOT NULL, "
80  " cert_issuer BLOB NOT NULL, "
81  " identity_name BLOB NOT NULL, "
82  " key_identifier BLOB NOT NULL, "
83  " not_before TIMESTAMP, "
84  " not_after TIMESTAMP, "
85  " certificate_data BLOB NOT NULL, "
86  " valid_flag INTEGER DEFAULT 1, "
87  " default_cert INTEGER DEFAULT 0, "
88  " PRIMARY KEY (cert_name) "
89  " ); "
90  "CREATE INDEX cert_index ON Certificate(cert_name); "
91  "CREATE INDEX subject ON Certificate(identity_name);";
92 
97 static int
98 sqlite3_bind_string(sqlite3_stmt* statement,
99  int index,
100  const string& value,
101  void(*destructor)(void*))
102 {
103  return sqlite3_bind_text(statement, index, value.c_str(), value.size(), destructor);
104 }
105 
106 static string
107 sqlite3_column_string(sqlite3_stmt* statement, int column)
108 {
109  return string(reinterpret_cast<const char*>(sqlite3_column_text(statement, column)),
110  sqlite3_column_bytes(statement, column));
111 }
112 
113 SecPublicInfoSqlite3::SecPublicInfoSqlite3(const std::string& dir)
114  : SecPublicInfo(dir)
115  , m_database(nullptr)
116 {
117  boost::filesystem::path identityDir;
118  if (dir == "") {
119 #ifdef NDN_CXX_HAVE_TESTS
120  if (getenv("TEST_HOME") != nullptr) {
121  identityDir = boost::filesystem::path(getenv("TEST_HOME")) / ".ndn";
122  }
123  else
124 #endif // NDN_CXX_HAVE_TESTS
125  if (getenv("HOME") != nullptr) {
126  identityDir = boost::filesystem::path(getenv("HOME")) / ".ndn";
127  }
128  else {
129  identityDir = boost::filesystem::path(".") / ".ndn";
130  }
131  }
132  else {
133  identityDir = boost::filesystem::path(dir);
134  }
135  boost::filesystem::create_directories(identityDir);
136 
138  int res = sqlite3_open_v2((identityDir / "ndnsec-public-info.db").c_str(), &m_database,
139  SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE,
140 #ifdef NDN_CXX_DISABLE_SQLITE3_FS_LOCKING
141  "unix-dotfile"
142 #else
143  0
144 #endif
145  );
146  if (res != SQLITE_OK)
147  BOOST_THROW_EXCEPTION(Error("identity DB cannot be opened/created"));
148 
149 
150  BOOST_ASSERT(m_database != nullptr);
151 
152  initializeTable("TpmInfo", INIT_TPM_INFO_TABLE); // Check if TpmInfo table exists;
153  initializeTable("Identity", INIT_ID_TABLE); // Check if Identity table exists;
154  initializeTable("Key", INIT_KEY_TABLE); // Check if Key table exists;
155  initializeTable("Certificate", INIT_CERT_TABLE); // Check if Certificate table exists;
156 }
157 
158 SecPublicInfoSqlite3::~SecPublicInfoSqlite3()
159 {
160  sqlite3_close(m_database);
161  m_database = nullptr;
162 }
163 
164 bool
165 SecPublicInfoSqlite3::doesTableExist(const string& tableName)
166 {
167  // Check if the table exists;
168  bool doesTableExist = false;
169  string checkingString =
170  "SELECT name FROM sqlite_master WHERE type='table' AND name='" + tableName + "'";
171 
172  sqlite3_stmt* statement = nullptr;
173  sqlite3_prepare_v2(m_database, checkingString.c_str(), -1, &statement, 0);
174 
175  int result = sqlite3_step(statement);
176  if (result == SQLITE_ROW)
177  doesTableExist = true;
178  sqlite3_finalize(statement);
179 
180  return doesTableExist;
181 }
182 
183 bool
184 SecPublicInfoSqlite3::initializeTable(const string& tableName, const string& initCommand)
185 {
186  // Create the table if it does not exist
187  if (!doesTableExist(tableName)) {
188  char* errorMessage = 0;
189  int result = sqlite3_exec(m_database, initCommand.c_str(), NULL, NULL, &errorMessage);
190 
191  if (result != SQLITE_OK && errorMessage != 0) {
192  sqlite3_free(errorMessage);
193  return false;
194  }
195  }
196 
197  return true;
198 }
199 
200 void
201 SecPublicInfoSqlite3::deleteTable(const string& tableName)
202 {
203  string query = "DROP TABLE IF EXISTS " + tableName;
204 
205  sqlite3_stmt* statement = nullptr;
206  sqlite3_prepare_v2(m_database, query.c_str(), -1, &statement, 0);
207 
208  sqlite3_step(statement);
209  sqlite3_finalize(statement);
210 }
211 
212 void
213 SecPublicInfoSqlite3::setTpmLocator(const string& tpmLocator)
214 {
215  string currentTpm;
216  try {
217  currentTpm = getTpmLocator();
218  }
219  catch (SecPublicInfo::Error&) {
220  setTpmLocatorInternal(tpmLocator, false); // set tpmInfo without resetting
221  return;
222  }
223 
224  if (currentTpm == tpmLocator)
225  return; // if the same, nothing will be changed
226 
227  setTpmLocatorInternal(tpmLocator, true); // set tpmInfo and reset pib
228 }
229 
230 string
231 SecPublicInfoSqlite3::getTpmLocator()
232 {
233  sqlite3_stmt* statement = nullptr;
234  sqlite3_prepare_v2(m_database, "SELECT tpm_locator FROM TpmInfo", -1, &statement, 0);
235 
236  int res = sqlite3_step(statement);
237 
238  if (res == SQLITE_ROW) {
239  string tpmLocator = sqlite3_column_string(statement, 0);
240  sqlite3_finalize(statement);
241  return tpmLocator;
242  }
243  else {
244  sqlite3_finalize(statement);
245  BOOST_THROW_EXCEPTION(SecPublicInfo::Error("TPM info does not exist"));
246  }
247 }
248 
249 void
250 SecPublicInfoSqlite3::setTpmLocatorInternal(const string& tpmLocator, bool needReset)
251 {
252  sqlite3_stmt* statement = nullptr;
253 
254  if (needReset) {
255  deleteTable("Identity");
256  deleteTable("Key");
257  deleteTable("Certificate");
258 
259  initializeTable("Identity", INIT_ID_TABLE);
260  initializeTable("Key", INIT_KEY_TABLE);
261  initializeTable("Certificate", INIT_CERT_TABLE);
262 
263  sqlite3_prepare_v2(m_database, "UPDATE TpmInfo SET tpm_locator = ?",
264  -1, &statement, 0);
265  sqlite3_bind_string(statement, 1, tpmLocator, SQLITE_TRANSIENT);
266  }
267  else {
268  // no reset implies there is no tpmLocator record, insert one
269  sqlite3_prepare_v2(m_database, "INSERT INTO TpmInfo (tpm_locator) VALUES (?)",
270  -1, &statement, 0);
271  sqlite3_bind_string(statement, 1, tpmLocator, SQLITE_TRANSIENT);
272  }
273 
274  sqlite3_step(statement);
275  sqlite3_finalize(statement);
276 }
277 
278 std::string
279 SecPublicInfoSqlite3::getPibLocator()
280 {
281  return string("pib-sqlite3:").append(m_location);
282 }
283 
284 bool
285 SecPublicInfoSqlite3::doesIdentityExist(const Name& identityName)
286 {
287  bool result = false;
288 
289  sqlite3_stmt* statement = nullptr;
290  sqlite3_prepare_v2(m_database,
291  "SELECT count(*) FROM Identity WHERE identity_name=?",
292  -1, &statement, 0);
293 
294  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
295  int res = sqlite3_step(statement);
296 
297  if (res == SQLITE_ROW) {
298  int countAll = sqlite3_column_int(statement, 0);
299  if (countAll > 0)
300  result = true;
301  }
302 
303  sqlite3_finalize(statement);
304 
305  return result;
306 }
307 
308 void
309 SecPublicInfoSqlite3::addIdentity(const Name& identityName)
310 {
311  if (doesIdentityExist(identityName))
312  return;
313 
314  sqlite3_stmt* statement = nullptr;
315 
316  sqlite3_prepare_v2(m_database,
317  "INSERT OR REPLACE INTO Identity (identity_name) values (?)",
318  -1, &statement, 0);
319 
320  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
321 
322  sqlite3_step(statement);
323 
324  sqlite3_finalize(statement);
325 }
326 
327 bool
328 SecPublicInfoSqlite3::revokeIdentity()
329 {
330  //TODO:
331  return false;
332 }
333 
334 bool
335 SecPublicInfoSqlite3::doesPublicKeyExist(const Name& keyName)
336 {
337  if (keyName.empty())
338  BOOST_THROW_EXCEPTION(Error("Incorrect key name " + keyName.toUri()));
339 
340  string keyId = keyName.get(-1).toUri();
341  Name identityName = keyName.getPrefix(-1);
342 
343  sqlite3_stmt* statement = nullptr;
344  sqlite3_prepare_v2(m_database,
345  "SELECT count(*) FROM Key WHERE identity_name=? AND key_identifier=?",
346  -1, &statement, 0);
347 
348  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
349  sqlite3_bind_string(statement, 2, keyId, SQLITE_TRANSIENT);
350 
351  int res = sqlite3_step(statement);
352 
353  bool keyIdExist = false;
354  if (res == SQLITE_ROW) {
355  int countAll = sqlite3_column_int(statement, 0);
356  if (countAll > 0)
357  keyIdExist = true;
358  }
359 
360  sqlite3_finalize(statement);
361 
362  return keyIdExist;
363 }
364 
365 void
366 SecPublicInfoSqlite3::addKey(const Name& keyName,
367  const v1::PublicKey& publicKeyDer)
368 {
369  if (keyName.empty())
370  return;
371 
372  if (doesPublicKeyExist(keyName))
373  return;
374 
375  string keyId = keyName.get(-1).toUri();
376  Name identityName = keyName.getPrefix(-1);
377 
378  addIdentity(identityName);
379 
380  sqlite3_stmt* statement = nullptr;
381  sqlite3_prepare_v2(m_database,
382  "INSERT OR REPLACE INTO Key \
383  (identity_name, key_identifier, key_type, public_key) \
384  values (?, ?, ?, ?)",
385  -1, &statement, 0);
386 
387  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
388  sqlite3_bind_string(statement, 2, keyId, SQLITE_TRANSIENT);
389  sqlite3_bind_int(statement, 3, static_cast<int>(publicKeyDer.getKeyType()));
390  sqlite3_bind_blob(statement, 4,
391  publicKeyDer.get().buf(),
392  publicKeyDer.get().size(),
393  SQLITE_STATIC);
394 
395  sqlite3_step(statement);
396 
397  sqlite3_finalize(statement);
398 }
399 
400 shared_ptr<v1::PublicKey>
401 SecPublicInfoSqlite3::getPublicKey(const Name& keyName)
402 {
403  if (keyName.empty())
404  BOOST_THROW_EXCEPTION(Error("SecPublicInfoSqlite3::getPublicKey Empty keyName"));
405 
406  string keyId = keyName.get(-1).toUri();
407  Name identityName = keyName.getPrefix(-1);
408 
409  sqlite3_stmt* statement = nullptr;
410  sqlite3_prepare_v2(m_database,
411  "SELECT public_key FROM Key WHERE identity_name=? AND key_identifier=?",
412  -1, &statement, 0);
413 
414  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
415  sqlite3_bind_string(statement, 2, keyId, SQLITE_TRANSIENT);
416 
417  int res = sqlite3_step(statement);
418 
419  shared_ptr<v1::PublicKey> result;
420  if (res == SQLITE_ROW) {
421  result = make_shared<v1::PublicKey>(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)),
422  sqlite3_column_bytes(statement, 0));
423  sqlite3_finalize(statement);
424  return result;
425  }
426  else {
427  sqlite3_finalize(statement);
428  BOOST_THROW_EXCEPTION(Error("SecPublicInfoSqlite3::getPublicKey public key does not exist"));
429  }
430 }
431 
432 KeyType
433 SecPublicInfoSqlite3::getPublicKeyType(const Name& keyName)
434 {
435  if (keyName.empty())
436  return KeyType::NONE;
437 
438  string keyId = keyName.get(-1).toUri();
439  Name identityName = keyName.getPrefix(-1);
440 
441  sqlite3_stmt* statement = nullptr;
442  sqlite3_prepare_v2(m_database,
443  "SELECT key_type FROM Key WHERE identity_name=? AND key_identifier=?",
444  -1, &statement, 0);
445 
446  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
447  sqlite3_bind_string(statement, 2, keyId, SQLITE_TRANSIENT);
448 
449  int res = sqlite3_step(statement);
450 
451  if (res == SQLITE_ROW) {
452  int typeValue = sqlite3_column_int(statement, 0);
453  sqlite3_finalize(statement);
454  return static_cast<KeyType>(typeValue);
455  }
456  else {
457  sqlite3_finalize(statement);
458  return KeyType::NONE;
459  }
460 }
461 
462 bool
463 SecPublicInfoSqlite3::doesCertificateExist(const Name& certificateName)
464 {
465  sqlite3_stmt* statement = nullptr;
466  sqlite3_prepare_v2(m_database,
467  "SELECT count(*) FROM Certificate WHERE cert_name=?",
468  -1, &statement, 0);
469 
470  sqlite3_bind_string(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
471 
472  int res = sqlite3_step(statement);
473 
474  bool certExist = false;
475  if (res == SQLITE_ROW) {
476  int countAll = sqlite3_column_int(statement, 0);
477  if (countAll > 0)
478  certExist = true;
479  }
480 
481  sqlite3_finalize(statement);
482 
483  return certExist;
484 }
485 
486 void
487 SecPublicInfoSqlite3::addCertificate(const v1::IdentityCertificate& certificate)
488 {
489  const Name& certificateName = certificate.getName();
490  // KeyName is from v1::IdentityCertificate name, so should be qualified.
491  Name keyName =
492  v1::IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
493 
494  addKey(keyName, certificate.getPublicKeyInfo());
495 
496  if (doesCertificateExist(certificateName))
497  return;
498 
499  string keyId = keyName.get(-1).toUri();
500  Name identity = keyName.getPrefix(-1);
501 
502  // Insert the certificate
503  sqlite3_stmt* statement = nullptr;
504  sqlite3_prepare_v2(m_database,
505  "INSERT OR REPLACE INTO Certificate \
506  (cert_name, cert_issuer, identity_name, key_identifier, \
507  not_before, not_after, certificate_data) \
508  values (?, ?, ?, ?, datetime(?, 'unixepoch'), datetime(?, 'unixepoch'), ?)",
509  -1, &statement, 0);
510 
511  sqlite3_bind_string(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
512 
513  try {
514  // this will throw an exception if the signature is not the standard one
515  // or there is no key locator present
516  std::string signerName = certificate.getSignature().getKeyLocator().getName().toUri();
517  sqlite3_bind_string(statement, 2, signerName, SQLITE_TRANSIENT);
518  }
519  catch (tlv::Error&) {
520  return;
521  }
522 
523  sqlite3_bind_string(statement, 3, identity.toUri(), SQLITE_TRANSIENT);
524  sqlite3_bind_string(statement, 4, keyId, SQLITE_STATIC);
525 
526  sqlite3_bind_int64(statement, 5,
527  static_cast<sqlite3_int64>(time::toUnixTimestamp(certificate.getNotBefore()).count()));
528  sqlite3_bind_int64(statement, 6,
529  static_cast<sqlite3_int64>(time::toUnixTimestamp(certificate.getNotAfter()).count()));
530 
531  sqlite3_bind_blob(statement, 7,
532  certificate.wireEncode().wire(),
533  certificate.wireEncode().size(),
534  SQLITE_TRANSIENT);
535 
536  sqlite3_step(statement);
537 
538  sqlite3_finalize(statement);
539 }
540 
541 shared_ptr<v1::IdentityCertificate>
542 SecPublicInfoSqlite3::getCertificate(const Name& certificateName)
543 {
544  sqlite3_stmt* statement = nullptr;
545 
546  sqlite3_prepare_v2(m_database,
547  "SELECT certificate_data FROM Certificate WHERE cert_name=?",
548  -1, &statement, 0);
549 
550  sqlite3_bind_string(statement, 1, certificateName.toUri(), SQLITE_TRANSIENT);
551 
552  int res = sqlite3_step(statement);
553 
554  if (res == SQLITE_ROW) {
555  shared_ptr<v1::IdentityCertificate> certificate = make_shared<v1::IdentityCertificate>();
556  try {
557  certificate->wireDecode(Block(static_cast<const uint8_t*>(sqlite3_column_blob(statement, 0)),
558  sqlite3_column_bytes(statement, 0)));
559  }
560  catch (tlv::Error&) {
561  sqlite3_finalize(statement);
562  BOOST_THROW_EXCEPTION(Error("SecPublicInfoSqlite3::getCertificate certificate cannot be "
563  "decoded"));
564  }
565 
566  sqlite3_finalize(statement);
567  return certificate;
568  }
569  else {
570  sqlite3_finalize(statement);
571  BOOST_THROW_EXCEPTION(Error("SecPublicInfoSqlite3::getCertificate certificate does not "
572  "exist"));
573  }
574 }
575 
576 
577 Name
578 SecPublicInfoSqlite3::getDefaultIdentity()
579 {
580  sqlite3_stmt* statement = nullptr;
581  sqlite3_prepare_v2(m_database,
582  "SELECT identity_name FROM Identity WHERE default_identity=1",
583  -1, &statement, 0);
584 
585  int res = sqlite3_step(statement);
586 
587  if (res == SQLITE_ROW) {
588  Name identity(sqlite3_column_string(statement, 0));
589  sqlite3_finalize(statement);
590  return identity;
591  }
592  else {
593  sqlite3_finalize(statement);
594  BOOST_THROW_EXCEPTION(Error("SecPublicInfoSqlite3::getDefaultIdentity no default identity"));
595  }
596 }
597 
598 void
599 SecPublicInfoSqlite3::setDefaultIdentityInternal(const Name& identityName)
600 {
601  addIdentity(identityName);
602 
603  sqlite3_stmt* statement = nullptr;
604 
605  //Reset previous default identity
606  sqlite3_prepare_v2(m_database,
607  "UPDATE Identity SET default_identity=0 WHERE default_identity=1",
608  -1, &statement, 0);
609 
610  while (sqlite3_step(statement) == SQLITE_ROW)
611  ;
612 
613  sqlite3_finalize(statement);
614 
615  //Set current default identity
616  sqlite3_prepare_v2(m_database,
617  "UPDATE Identity SET default_identity=1 WHERE identity_name=?",
618  -1, &statement, 0);
619 
620  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
621 
622  sqlite3_step(statement);
623 
624  sqlite3_finalize(statement);
625 }
626 
627 Name
628 SecPublicInfoSqlite3::getDefaultKeyNameForIdentity(const Name& identityName)
629 {
630  sqlite3_stmt* statement = nullptr;
631  sqlite3_prepare_v2(m_database,
632  "SELECT key_identifier FROM Key WHERE identity_name=? AND default_key=1",
633  -1, &statement, 0);
634 
635  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
636 
637  int res = sqlite3_step(statement);
638 
639  if (res == SQLITE_ROW) {
640  Name keyName = identityName;
641  keyName.append(string(reinterpret_cast<const char*>(sqlite3_column_text(statement, 0)),
642  sqlite3_column_bytes(statement, 0)));
643  sqlite3_finalize(statement);
644  return keyName;
645  }
646  else {
647  sqlite3_finalize(statement);
648  BOOST_THROW_EXCEPTION(Error("SecPublicInfoSqlite3::getDefaultKeyNameForIdentity key not "
649  "found"));
650  }
651 }
652 
653 void
654 SecPublicInfoSqlite3::setDefaultKeyNameForIdentityInternal(const Name& keyName)
655 {
656  if (!doesPublicKeyExist(keyName))
657  BOOST_THROW_EXCEPTION(Error("Key does not exist:" + keyName.toUri()));
658 
659  string keyId = keyName.get(-1).toUri();
660  Name identityName = keyName.getPrefix(-1);
661 
662  sqlite3_stmt* statement = nullptr;
663 
664  //Reset previous default Key
665  sqlite3_prepare_v2(m_database,
666  "UPDATE Key SET default_key=0 WHERE default_key=1 and identity_name=?",
667  -1, &statement, 0);
668 
669  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
670 
671  while (sqlite3_step(statement) == SQLITE_ROW)
672  ;
673 
674  sqlite3_finalize(statement);
675 
676  //Set current default Key
677  sqlite3_prepare_v2(m_database,
678  "UPDATE Key SET default_key=1 WHERE identity_name=? AND key_identifier=?",
679  -1, &statement, 0);
680 
681  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
682  sqlite3_bind_string(statement, 2, keyId, SQLITE_TRANSIENT);
683 
684  sqlite3_step(statement);
685 
686  sqlite3_finalize(statement);
687 }
688 
689 Name
690 SecPublicInfoSqlite3::getDefaultCertificateNameForKey(const Name& keyName)
691 {
692  if (keyName.empty())
693  BOOST_THROW_EXCEPTION(Error("SecPublicInfoSqlite3::getDefaultCertificateNameForKey wrong key"));
694 
695  string keyId = keyName.get(-1).toUri();
696  Name identityName = keyName.getPrefix(-1);
697 
698  sqlite3_stmt* statement = nullptr;
699  sqlite3_prepare_v2(m_database,
700  "SELECT cert_name FROM Certificate \
701  WHERE identity_name=? AND key_identifier=? AND default_cert=1",
702  -1, &statement, 0);
703 
704  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
705  sqlite3_bind_string(statement, 2, keyId, SQLITE_TRANSIENT);
706 
707  int res = sqlite3_step(statement);
708 
709  if (res == SQLITE_ROW) {
710  Name certName(string(reinterpret_cast<const char*>(sqlite3_column_text(statement, 0)),
711  sqlite3_column_bytes(statement, 0)));
712  sqlite3_finalize(statement);
713  return certName;
714  }
715  else {
716  sqlite3_finalize(statement);
717  BOOST_THROW_EXCEPTION(Error("certificate not found"));
718  }
719 }
720 
721 void
722 SecPublicInfoSqlite3::setDefaultCertificateNameForKeyInternal(const Name& certificateName)
723 {
724  if (!doesCertificateExist(certificateName))
725  BOOST_THROW_EXCEPTION(Error("certificate does not exist:" + certificateName.toUri()));
726 
727  Name keyName = v1::IdentityCertificate::certificateNameToPublicKeyName(certificateName);
728  string keyId = keyName.get(-1).toUri();
729  Name identityName = keyName.getPrefix(-1);
730 
731  sqlite3_stmt* statement = nullptr;
732 
733  //Reset previous default Key
734  sqlite3_prepare_v2(m_database,
735  "UPDATE Certificate SET default_cert=0 \
736  WHERE default_cert=1 AND identity_name=? AND key_identifier=?",
737  -1, &statement, 0);
738 
739  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
740  sqlite3_bind_string(statement, 2, keyId, SQLITE_TRANSIENT);
741 
742  while (sqlite3_step(statement) == SQLITE_ROW)
743  ;
744 
745  sqlite3_finalize(statement);
746 
747  //Set current default Key
748  sqlite3_prepare_v2(m_database,
749  "UPDATE Certificate SET default_cert=1 \
750  WHERE identity_name=? AND key_identifier=? AND cert_name=?",
751  -1, &statement, 0);
752 
753  sqlite3_bind_string(statement, 1, identityName.toUri(), SQLITE_TRANSIENT);
754  sqlite3_bind_string(statement, 2, keyId, SQLITE_TRANSIENT);
755  sqlite3_bind_string(statement, 3, certificateName.toUri(), SQLITE_TRANSIENT);
756 
757  sqlite3_step(statement);
758 
759  sqlite3_finalize(statement);
760 }
761 
762 void
763 SecPublicInfoSqlite3::getAllIdentities(vector<Name>& nameList, bool isDefault)
764 {
765  sqlite3_stmt* stmt;
766  if (isDefault)
767  sqlite3_prepare_v2(m_database,
768  "SELECT identity_name FROM Identity WHERE default_identity=1",
769  -1, &stmt, 0);
770  else
771  sqlite3_prepare_v2(m_database,
772  "SELECT identity_name FROM Identity WHERE default_identity=0",
773  -1, &stmt, 0);
774 
775  while (sqlite3_step(stmt) == SQLITE_ROW)
776  nameList.push_back(Name(string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
777  sqlite3_column_bytes(stmt, 0))));
778 
779  sqlite3_finalize(stmt);
780 }
781 
782 void
783 SecPublicInfoSqlite3::getAllKeyNames(vector<Name>& nameList, bool isDefault)
784 {
785  sqlite3_stmt* stmt;
786 
787  if (isDefault)
788  sqlite3_prepare_v2(m_database,
789  "SELECT identity_name, key_identifier FROM Key WHERE default_key=1",
790  -1, &stmt, 0);
791  else
792  sqlite3_prepare_v2(m_database,
793  "SELECT identity_name, key_identifier FROM Key WHERE default_key=0",
794  -1, &stmt, 0);
795 
796  while (sqlite3_step(stmt) == SQLITE_ROW) {
797  Name keyName(string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
798  sqlite3_column_bytes(stmt, 0)));
799  keyName.append(string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 1)),
800  sqlite3_column_bytes(stmt, 1)));
801  nameList.push_back(keyName);
802  }
803  sqlite3_finalize(stmt);
804 }
805 
806 void
807 SecPublicInfoSqlite3::getAllKeyNamesOfIdentity(const Name& identity,
808  vector<Name>& nameList,
809  bool isDefault)
810 {
811  sqlite3_stmt* stmt;
812 
813  if (isDefault)
814  sqlite3_prepare_v2(m_database,
815  "SELECT key_identifier FROM Key WHERE default_key=1 and identity_name=?",
816  -1, &stmt, 0);
817  else
818  sqlite3_prepare_v2(m_database,
819  "SELECT key_identifier FROM Key WHERE default_key=0 and identity_name=?",
820  -1, &stmt, 0);
821 
822  sqlite3_bind_string(stmt, 1, identity.toUri(), SQLITE_TRANSIENT);
823 
824  while (sqlite3_step(stmt) == SQLITE_ROW) {
825  Name keyName(identity);
826  keyName.append(string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
827  sqlite3_column_bytes(stmt, 0)));
828  nameList.push_back(keyName);
829  }
830  sqlite3_finalize(stmt);
831 }
832 
833 void
834 SecPublicInfoSqlite3::getAllCertificateNames(vector<Name>& nameList, bool isDefault)
835 {
836  sqlite3_stmt* stmt;
837 
838  if (isDefault)
839  sqlite3_prepare_v2(m_database,
840  "SELECT cert_name FROM Certificate WHERE default_cert=1",
841  -1, &stmt, 0);
842  else
843  sqlite3_prepare_v2(m_database,
844  "SELECT cert_name FROM Certificate WHERE default_cert=0",
845  -1, &stmt, 0);
846 
847  while (sqlite3_step(stmt) == SQLITE_ROW)
848  nameList.push_back(string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
849  sqlite3_column_bytes(stmt, 0)));
850 
851  sqlite3_finalize(stmt);
852 }
853 
854 void
855 SecPublicInfoSqlite3::getAllCertificateNamesOfKey(const Name& keyName,
856  vector<Name>& nameList,
857  bool isDefault)
858 {
859  if (keyName.empty())
860  return;
861 
862  sqlite3_stmt* stmt;
863  if (isDefault)
864  sqlite3_prepare_v2(m_database,
865  "SELECT cert_name FROM Certificate \
866  WHERE default_cert=1 and identity_name=? and key_identifier=?",
867  -1, &stmt, 0);
868  else
869  sqlite3_prepare_v2(m_database,
870  "SELECT cert_name FROM Certificate \
871  WHERE default_cert=0 and identity_name=? and key_identifier=?",
872  -1, &stmt, 0);
873 
874  Name identity = keyName.getPrefix(-1);
875  sqlite3_bind_string(stmt, 1, identity.toUri(), SQLITE_TRANSIENT);
876 
877  std::string baseKeyName = keyName.get(-1).toUri();
878  sqlite3_bind_string(stmt, 2, baseKeyName, SQLITE_TRANSIENT);
879 
880  while (sqlite3_step(stmt) == SQLITE_ROW)
881  nameList.push_back(string(reinterpret_cast<const char*>(sqlite3_column_text(stmt, 0)),
882  sqlite3_column_bytes(stmt, 0)));
883 
884  sqlite3_finalize(stmt);
885 }
886 
887 void
888 SecPublicInfoSqlite3::deleteCertificateInfo(const Name& certName)
889 {
890  if (certName.empty())
891  return;
892 
893  sqlite3_stmt* stmt;
894  sqlite3_prepare_v2(m_database, "DELETE FROM Certificate WHERE cert_name=?", -1, &stmt, 0);
895  sqlite3_bind_string(stmt, 1, certName.toUri(), SQLITE_TRANSIENT);
896  sqlite3_step(stmt);
897  sqlite3_finalize(stmt);
898 }
899 
900 void
901 SecPublicInfoSqlite3::deletePublicKeyInfo(const Name& keyName)
902 {
903  if (keyName.empty())
904  return;
905 
906  string identity = keyName.getPrefix(-1).toUri();
907  string keyId = keyName.get(-1).toUri();
908 
909  sqlite3_stmt* stmt;
910  sqlite3_prepare_v2(m_database,
911  "DELETE FROM Certificate WHERE identity_name=? and key_identifier=?",
912  -1, &stmt, 0);
913  sqlite3_bind_string(stmt, 1, identity, SQLITE_TRANSIENT);
914  sqlite3_bind_string(stmt, 2, keyId, SQLITE_TRANSIENT);
915  sqlite3_step(stmt);
916  sqlite3_finalize(stmt);
917 
918  sqlite3_prepare_v2(m_database,
919  "DELETE FROM Key WHERE identity_name=? and key_identifier=?",
920  -1, &stmt, 0);
921  sqlite3_bind_string(stmt, 1, identity, SQLITE_TRANSIENT);
922  sqlite3_bind_string(stmt, 2, keyId, SQLITE_TRANSIENT);
923  sqlite3_step(stmt);
924  sqlite3_finalize(stmt);
925 }
926 
927 void
928 SecPublicInfoSqlite3::deleteIdentityInfo(const Name& identityName)
929 {
930  string identity = identityName.toUri();
931 
932  sqlite3_stmt* stmt;
933  sqlite3_prepare_v2(m_database, "DELETE FROM Certificate WHERE identity_name=?", -1, &stmt, 0);
934  sqlite3_bind_string(stmt, 1, identity, SQLITE_TRANSIENT);
935  sqlite3_step(stmt);
936  sqlite3_finalize(stmt);
937 
938  sqlite3_prepare_v2(m_database, "DELETE FROM Key WHERE identity_name=?", -1, &stmt, 0);
939  sqlite3_bind_string(stmt, 1, identity, SQLITE_TRANSIENT);
940  sqlite3_step(stmt);
941  sqlite3_finalize(stmt);
942 
943  sqlite3_prepare_v2(m_database, "DELETE FROM Identity WHERE identity_name=?", -1, &stmt, 0);
944  sqlite3_bind_string(stmt, 1, identity, SQLITE_TRANSIENT);
945  sqlite3_step(stmt);
946  sqlite3_finalize(stmt);
947 }
948 
949 std::string
950 SecPublicInfoSqlite3::getScheme()
951 {
952  return SCHEME;
953 }
954 
955 } // namespace security
956 } // namespace ndn
ndn::Name::getPrefix
PartialName getPrefix(ssize_t nComponents) const
Extract a prefix (PartialName) of the name, containing first nComponents components.
Definition: name.hpp:241
ndn::security::v1::IdentityCertificate::certificateNameToPublicKeyName
static Name certificateNameToPublicKeyName(const Name &certificateName)
Get the public key name from the full certificate name.
Definition: identity-certificate.cpp:109
ndn
Copyright (c) 2011-2015 Regents of the University of California.
Definition: ndn-strategy-choice-helper.hpp:34
ndn::Name::toUri
std::string toUri() const
Encode this name as a URI.
Definition: name.cpp:171
ndn::security::v1::PublicKey::get
const Buffer & get() const
Definition: public-key.hpp:72
ndn::Name::get
const Component & get(ssize_t i) const
Get the component at the given index.
Definition: name.hpp:411
ndn::Data::getName
const Name & getName() const
Get name of the Data packet.
Definition: data.hpp:318
ndn::security::SecPublicInfoSqlite3::addCertificate
virtual void addCertificate(const v1::IdentityCertificate &certificate)
Add a certificate to the identity storage.
Definition: sec-public-info-sqlite3.cpp:487
ndn::KeyLocator::getName
const Name & getName() const
get Name element
Definition: key-locator.cpp:138
ndn::security::SecPublicInfoSqlite3::getTpmLocator
virtual std::string getTpmLocator()
Get TPM Locator.
Definition: sec-public-info-sqlite3.cpp:231
ndn::security::SecPublicInfoSqlite3::getDefaultCertificateNameForKey
virtual Name getDefaultCertificateNameForKey(const Name &keyName)
Get name of the default certificate name for the specified key.
Definition: sec-public-info-sqlite3.cpp:690
ndn::security::SecPublicInfoSqlite3::getAllIdentities
virtual void getAllIdentities(std::vector< Name > &nameList, bool isDefault)
Get all the identities from public info.
Definition: sec-public-info-sqlite3.cpp:763
ndn::security::SecPublicInfoSqlite3::deleteIdentityInfo
virtual void deleteIdentityInfo(const Name &identity)
Delete an identity and related public keys and certificates.
Definition: sec-public-info-sqlite3.cpp:928
ndn::Block
Class representing a wire element of NDN-TLV packet format.
Definition: block.hpp:43
ndn::security::sqlite3_bind_string
static int sqlite3_bind_string(sqlite3_stmt *statement, int index, const string &value, void(*destructor)(void *))
A utility function to call the normal sqlite3_bind_text where the value and length are value...
Definition: sec-public-info-sqlite3.cpp:98
ndn::security::SecPublicInfoSqlite3::setTpmLocator
virtual void setTpmLocator(const std::string &tpmLocator)
Set the corresponding TPM information to tpmLocator.
Definition: sec-public-info-sqlite3.cpp:213
ndn::security::SecPublicInfoSqlite3::getPublicKeyType
virtual KeyType getPublicKeyType(const Name &keyName)
Get the type of the queried public key.
Definition: sec-public-info-sqlite3.cpp:433
ndn::Buffer::buf
uint8_t * buf()
Definition: buffer.hpp:87
ndn::security::SecPublicInfoSqlite3::SecPublicInfoSqlite3
SecPublicInfoSqlite3(const std::string &dir="")
Definition: sec-public-info-sqlite3.cpp:113
ndn::name::Component::toUri
void toUri(std::ostream &os) const
Write *this to the output stream, escaping characters according to the NDN URI Scheme.
Definition: name-component.cpp:131
ndn::security::SecPublicInfoSqlite3::doesPublicKeyExist
virtual bool doesPublicKeyExist(const Name &keyName)
Check if the specified key already exists.
Definition: sec-public-info-sqlite3.cpp:335
ndn::security::SecPublicInfoSqlite3::getAllCertificateNames
virtual void getAllCertificateNames(std::vector< Name > &nameList, bool isDefault)
Get all the certificate name in public info.
Definition: sec-public-info-sqlite3.cpp:834
ndn::security::SecPublicInfoSqlite3::getAllKeyNamesOfIdentity
virtual void getAllKeyNamesOfIdentity(const Name &identity, std::vector< Name > &nameList, bool isDefault)
Get all the key names of a particular identity.
Definition: sec-public-info-sqlite3.cpp:807
ndn::security::SecPublicInfoSqlite3::deletePublicKeyInfo
virtual void deletePublicKeyInfo(const Name &keyName)
Delete a public key and related certificates.
Definition: sec-public-info-sqlite3.cpp:901
ndn::Name
Name abstraction to represent an absolute name.
Definition: name.hpp:46
ndn::security::SecPublicInfoSqlite3::getCertificate
virtual shared_ptr< v1::IdentityCertificate > getCertificate(const Name &certificateName)
Get a shared pointer to identity certificate object from the identity storage.
Definition: sec-public-info-sqlite3.cpp:542
ndn::security::v1::Certificate::getNotAfter
time::system_clock::TimePoint & getNotAfter()
Definition: certificate.hpp:155
ndn::security::SecPublicInfoSqlite3::doesIdentityExist
virtual bool doesIdentityExist(const Name &identityName)
Check if the specified identity already exists.
Definition: sec-public-info-sqlite3.cpp:285
ndn::security::INIT_TPM_INFO_TABLE
static const string INIT_TPM_INFO_TABLE
Definition: sec-public-info-sqlite3.cpp:46
ndn::time::toUnixTimestamp
milliseconds toUnixTimestamp(const system_clock::TimePoint &point)
Convert system_clock::TimePoint to UNIX timestamp.
Definition: time.cpp:118
ndn::security::INIT_CERT_TABLE
static const string INIT_CERT_TABLE
Definition: sec-public-info-sqlite3.cpp:76
ndn::security::SecPublicInfoSqlite3::addIdentity
virtual void addIdentity(const Name &identityName)
Add a new identity.
Definition: sec-public-info-sqlite3.cpp:309
ndn::security::SecPublicInfoSqlite3::revokeIdentity
virtual bool revokeIdentity()
Revoke the identity.
Definition: sec-public-info-sqlite3.cpp:328
ndn::security::SecPublicInfo
SecPublicInfo is a base class for the storage of public information.
Definition: sec-public-info.hpp:39
ndn::Name::append
Name & append(const uint8_t *value, size_t valueLength)
Append a new component, copying from value of length valueLength.
Definition: name.hpp:140
ndn::security::SecPublicInfoSqlite3::getAllKeyNames
virtual void getAllKeyNames(std::vector< Name > &nameList, bool isDefault)
Get all the key names from public info.
Definition: sec-public-info-sqlite3.cpp:783
ndn::Data::wireEncode
size_t wireEncode(EncodingImpl< TAG > &encoder, bool wantUnsignedPortionOnly=false) const
Fast encoding or block size estimation.
Definition: data.cpp:52
ndn::security::sqlite3_column_string
static string sqlite3_column_string(sqlite3_stmt *statement, int column)
Definition: sec-public-info-sqlite3.cpp:107
ndn::security::SecPublicInfoSqlite3::deleteCertificateInfo
virtual void deleteCertificateInfo(const Name &certificateName)
Delete a certificate.
Definition: sec-public-info-sqlite3.cpp:888
ndn::Name::empty
bool empty() const
Check if name is emtpy.
Definition: name.hpp:390
ndn::security::SecPublicInfoSqlite3::getDefaultIdentity
virtual Name getDefaultIdentity()
Get name of the default identity.
Definition: sec-public-info-sqlite3.cpp:578
ndn::security::INIT_ID_TABLE
static const string INIT_ID_TABLE
Definition: sec-public-info-sqlite3.cpp:53
ndn::security::SecPublicInfoSqlite3::addKey
virtual void addKey(const Name &keyName, const v1::PublicKey &publicKeyDer)
Add a public key to the identity storage.
Definition: sec-public-info-sqlite3.cpp:366
ndn::Data::getSignature
const Signature & getSignature() const
Definition: data.hpp:348
ndn::Signature::getKeyLocator
const KeyLocator & getKeyLocator() const
Get KeyLocator.
Definition: signature.hpp:143
ndn::security::v1::PublicKey::getKeyType
KeyType getKeyType() const
Definition: public-key.hpp:85
ndn::security::SecPublicInfoSqlite3::doesCertificateExist
virtual bool doesCertificateExist(const Name &certificateName)
Check if the specified certificate already exists.
Definition: sec-public-info-sqlite3.cpp:463
ndn::security::SecPublicInfoSqlite3::getAllCertificateNamesOfKey
virtual void getAllCertificateNamesOfKey(const Name &keyName, std::vector< Name > &nameList, bool isDefault)
Get all the certificate name of a particular key name.
Definition: sec-public-info-sqlite3.cpp:855
ndn::security::SecPublicInfoSqlite3::getPublicKey
virtual shared_ptr< v1::PublicKey > getPublicKey(const Name &keyName)
Get shared pointer to PublicKey object from the identity storage.
Definition: sec-public-info-sqlite3.cpp:401
ndn::tlv::Error
represents an error in TLV encoding or decoding
Definition: tlv.hpp:50
ndn::security::INIT_KEY_TABLE
static const string INIT_KEY_TABLE
Definition: sec-public-info-sqlite3.cpp:62
ndn::security::SecPublicInfoSqlite3::getDefaultKeyNameForIdentity
virtual Name getDefaultKeyNameForIdentity(const Name &identityName)
Get name of the default key name for the specified identity.
Definition: sec-public-info-sqlite3.cpp:628
ndn::security::v1::Certificate::getNotBefore
time::system_clock::TimePoint & getNotBefore()
Definition: certificate.hpp:137