inline void
CommandInterestValidator::addInterestRule(const std::string& regex,
const IdentityCertificate& certificate)
{
Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certificate.getName());
addInterestRule(regex, keyName, certificate.getPublicKeyInfo());
}
inline void
SecPublicInfo::addCertificateAsKeyDefault(const IdentityCertificate& certificate)
{
addCertificate(certificate);
setDefaultCertificateNameForKeyInternal(certificate.getName());
refreshDefaultCertificate();
}
void
SecPublicInfo::addCertificateAsIdentityDefault(const IdentityCertificate& certificate)
{
addCertificate(certificate);
Name certName = certificate.getName();
setDefaultKeyNameForIdentityInternal(IdentityCertificate::certificateNameToPublicKeyName(certName));
setDefaultCertificateNameForKeyInternal(certName);
refreshDefaultCertificate();
}
void
IdentityManager::setDefaultCertificateForKey(const IdentityCertificate& certificate)
{
Name keyName = certificate.getPublicKeyName();
if(!identityStorage_->doesKeyExist(keyName))
throw SecurityException("No corresponding Key record for certificate!");
identityStorage_->setDefaultCertificateNameForKey(keyName, certificate.getName());
}
inline void
SecPublicInfo::addCertificateAsSystemDefault(const IdentityCertificate& certificate)
{
addCertificate(certificate);
Name certName = certificate.getName();
Name keyName = IdentityCertificate::certificateNameToPublicKeyName(certName);
setDefaultIdentityInternal(keyName.getPrefix(-1));
setDefaultKeyNameForIdentityInternal(keyName);
setDefaultCertificateNameForKeyInternal(certName);
refreshDefaultCertificate();
}
void
SecPublicInfoMemory::addCertificate(const IdentityCertificate& certificate)
{
const Name& certificateName = certificate.getName();
const Name& keyName = certificate.getPublicKeyName();
const Name& identity = keyName.getPrefix(-1);
addIdentity(identity);
addPublicKey(keyName, KEY_TYPE_RSA, certificate.getPublicKeyInfo());
m_certificateStore[certificateName.toUri()] = make_shared<IdentityCertificate>(certificate);
}
void
SecPublicInfoMemory::addCertificate(const IdentityCertificate& certificate)
{
const Name& certificateName = certificate.getName();
const Name& keyName = certificate.getPublicKeyName();
if (!doesPublicKeyExist(keyName))
throw Error("No corresponding Key record for certificate! " + keyName.toUri() + " " + certificateName.toUri());
// Check if certificate has already existed!
if (doesCertificateExist(certificateName))
throw Error("Certificate has already been installed!");
// Check if the public key of certificate is the same as the key record.
ptr_lib::shared_ptr<PublicKey> pubKey = getPublicKey(keyName);
if (!pubKey || (*pubKey) != certificate.getPublicKeyInfo())
throw Error("Certificate does not match the public key!");
// Insert the certificate.
certificateStore_[certificateName.toUri()] = ptr_lib::make_shared<IdentityCertificate> (certificate);
}
void
MemoryIdentityStorage::addCertificate(const IdentityCertificate& certificate)
{
const Name& certificateName = certificate.getName();
Name keyName = certificate.getPublicKeyName();
if (!doesKeyExist(keyName))
throw SecurityException("No corresponding Key record for certificate! " + keyName.toUri() + " " + certificateName.toUri());
// Check if certificate already exists.
if (doesCertificateExist(certificateName))
throw SecurityException("Certificate has already been installed!");
// Check if the public key of certificate is the same as the key record.
Blob keyBlob = getKey(keyName);
if (!keyBlob || (*keyBlob) != *(certificate.getPublicKeyInfo().getKeyDer()))
throw SecurityException("Certificate does not match the public key!");
// Insert the certificate.
// wireEncode returns the cached encoding if available.
certificateStore_[certificateName.toUri()] = certificate.wireEncode();
}
int64_t
PibDb::addCertificate(const IdentityCertificate& certificate)
{
const Name& certName = certificate.getName();
const Name& keyName = certificate.getPublicKeyName();
if (!hasKey(keyName))
addKey(keyName, certificate.getPublicKeyInfo());
sqlite3_stmt* statement;
sqlite3_prepare_v2(m_database,
"INSERT INTO certificates \
(key_id, certificate_name, certificate_data) \
values ((SELECT id FROM keys WHERE key_name=?), ?, ?)",
-1, &statement, nullptr);
sqlite3_bind_block(statement, 1, keyName.wireEncode(), SQLITE_TRANSIENT);
sqlite3_bind_block(statement, 2, certName.wireEncode(), SQLITE_TRANSIENT);
sqlite3_bind_block(statement, 3, certificate.wireEncode(), SQLITE_STATIC);
sqlite3_step(statement);
sqlite3_finalize(statement);
return sqlite3_last_insert_rowid(m_database);
}
void
InMemoryPibImpl::addCertificate(const IdentityCertificate& certificate)
{
m_certs[certificate.getName()] = certificate;
}
