void IdentityManager::setDefaultCertificateForKey(const IdentityCertificate& certificate) { Name keyName = certificate.getPublicKeyName(); if(!identityStorage_->doesKeyExist(keyName)) throw SecurityException("No corresponding Key record for certificate!"); identityStorage_->setDefaultCertificateNameForKey(keyName, certificate.getName()); }
void SecPublicInfoMemory::addCertificate(const IdentityCertificate& certificate) { const Name& certificateName = certificate.getName(); const Name& keyName = certificate.getPublicKeyName(); const Name& identity = keyName.getPrefix(-1); addIdentity(identity); addPublicKey(keyName, KEY_TYPE_RSA, certificate.getPublicKeyInfo()); m_certificateStore[certificateName.toUri()] = make_shared<IdentityCertificate>(certificate); }
void IdentityManager::addCertificateAsIdentityDefault(const IdentityCertificate& certificate) { identityStorage_->addCertificate(certificate); Name keyName = certificate.getPublicKeyName(); setDefaultKeyForIdentity(keyName); setDefaultCertificateForKey(certificate); }
void SecPublicInfoMemory::addCertificate(const IdentityCertificate& certificate) { const Name& certificateName = certificate.getName(); const Name& keyName = certificate.getPublicKeyName(); if (!doesPublicKeyExist(keyName)) throw Error("No corresponding Key record for certificate! " + keyName.toUri() + " " + certificateName.toUri()); // Check if certificate has already existed! if (doesCertificateExist(certificateName)) throw Error("Certificate has already been installed!"); // Check if the public key of certificate is the same as the key record. ptr_lib::shared_ptr<PublicKey> pubKey = getPublicKey(keyName); if (!pubKey || (*pubKey) != certificate.getPublicKeyInfo()) throw Error("Certificate does not match the public key!"); // Insert the certificate. certificateStore_[certificateName.toUri()] = ptr_lib::make_shared<IdentityCertificate> (certificate); }
void MemoryIdentityStorage::addCertificate(const IdentityCertificate& certificate) { const Name& certificateName = certificate.getName(); Name keyName = certificate.getPublicKeyName(); if (!doesKeyExist(keyName)) throw SecurityException("No corresponding Key record for certificate! " + keyName.toUri() + " " + certificateName.toUri()); // Check if certificate already exists. if (doesCertificateExist(certificateName)) throw SecurityException("Certificate has already been installed!"); // Check if the public key of certificate is the same as the key record. Blob keyBlob = getKey(keyName); if (!keyBlob || (*keyBlob) != *(certificate.getPublicKeyInfo().getKeyDer())) throw SecurityException("Certificate does not match the public key!"); // Insert the certificate. // wireEncode returns the cached encoding if available. certificateStore_[certificateName.toUri()] = certificate.wireEncode(); }
int64_t PibDb::addCertificate(const IdentityCertificate& certificate) { const Name& certName = certificate.getName(); const Name& keyName = certificate.getPublicKeyName(); if (!hasKey(keyName)) addKey(keyName, certificate.getPublicKeyInfo()); sqlite3_stmt* statement; sqlite3_prepare_v2(m_database, "INSERT INTO certificates \ (key_id, certificate_name, certificate_data) \ values ((SELECT id FROM keys WHERE key_name=?), ?, ?)", -1, &statement, nullptr); sqlite3_bind_block(statement, 1, keyName.wireEncode(), SQLITE_TRANSIENT); sqlite3_bind_block(statement, 2, certName.wireEncode(), SQLITE_TRANSIENT); sqlite3_bind_block(statement, 3, certificate.wireEncode(), SQLITE_STATIC); sqlite3_step(statement); sqlite3_finalize(statement); return sqlite3_last_insert_rowid(m_database); }
void PibDb::updateMgmtCertificate(const IdentityCertificate& certificate) { const Name& keyName = certificate.getPublicKeyName(); // Name of mgmt key should be "/localhost/pib/[UserName]/mgmt/[KeyID]" if (keyName.size() != 5 || keyName.compare(0, 2, LOCALHOST_PIB) || keyName.get(3) != MGMT_LABEL) throw Error("PibDb::updateMgmtCertificate: certificate does not follow the naming convention"); string owner = keyName.get(2).toUri(); sqlite3_stmt* statement; if (!m_owner.empty()) { if (m_owner != owner) throw Error("PibDb::updateMgmtCertificate: owner name does not match"); else { sqlite3_prepare_v2(m_database, "UPDATE mgmt SET local_management_cert=? WHERE owner=?", -1, &statement, nullptr); } } else { sqlite3_prepare_v2(m_database, "INSERT INTO mgmt (local_management_cert, owner) VALUES (?, ?)", -1, &statement, nullptr); } sqlite3_bind_block(statement, 1, certificate.wireEncode(), SQLITE_TRANSIENT); sqlite3_bind_string(statement, 2, owner, SQLITE_TRANSIENT); sqlite3_step(statement); sqlite3_finalize(statement); m_owner = owner; mgmtCertificateChanged(); }