modules/vcore/src/vcore/CertificateCacheDAO.cpp

   1 /*
   2  * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *    Licensed under the Apache License, Version 2.0 (the "License");
   5  *    you may not use this file except in compliance with the License.
   6  *    You may obtain a copy of the License at
   7  *
   8  *        http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *    Unless required by applicable law or agreed to in writing, software
  11  *    distributed under the License is distributed on an "AS IS" BASIS,
  12  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *    See the License for the specific language governing permissions and
  14  *    limitations under the License.
  15  */
  16 /**
  17  *
  18  *
  19  * @file       CertificateCacheDAO.cpp
  20  * @author     Tomasz Swierczek (t.swierczek@samsung.com)
  21  * @version    0.1
  22  * @brief      CertificateCacheDAO implementation
  23  */
  24
  25 #include "CertificateCacheDAO.h"
  26 #include "VCorePrivate.h"
  27
  28 #include <dpl/foreach.h>
  29 #include <dpl/log/log.h>
  30 #include <dpl/db/orm.h>
  31 #include <orm_generator_vcore.h>
  32 #include <vcore/Database.h>
  33
  34 using namespace DPL::DB::ORM;
  35 using namespace DPL::DB::ORM::vcore;
  36
  37 namespace ValidationCore {
  38
  39 void CertificateCacheDAO::setOCSPStatus(const std::string& cert_chain,
  40                                         VerificationStatus ocsp_status,
  41                                         bool end_entity_check,
  42                                         time_t next_update_time)
  43 {
  44     Try {
  45         ScopedTransaction transaction(&ThreadInterface());
  46         OCSPCachedStatus status;
  47         status.cert_chain = cert_chain;
  48         status.end_entity_check = end_entity_check;
  49         if (getOCSPStatus(&status)) {
  50             // only need to update data in DB
  51             Equals<OCSPResponseStorage::cert_chain> e1(
  52                             DPL::FromUTF8String(cert_chain));
  53             Equals<OCSPResponseStorage::end_entity_check> e2(
  54                             end_entity_check ? 1 : 0);
  55
  56             OCSPResponseStorage::Row row;
  57
  58             row.Set_ocsp_status(ocsp_status);
  59             row.Set_next_update_time(next_update_time);
  60
  61             VCORE_DB_UPDATE(update, OCSPResponseStorage, &ThreadInterface())
  62             update->Where(And(e1,e2));
  63             update->Values(row);
  64             update->Execute();
  65         } else {
  66             // need to insert data
  67             OCSPResponseStorage::Row row;
  68
  69             row.Set_cert_chain(DPL::FromUTF8String(cert_chain));
  70             row.Set_ocsp_status(ocsp_status);
  71             row.Set_next_update_time(next_update_time);
  72             row.Set_end_entity_check(end_entity_check ? 1 : 0);
  73
  74             VCORE_DB_INSERT(insert, OCSPResponseStorage, &ThreadInterface())
  75             insert->Values(row);
  76             insert->Execute();
  77         }
  78         transaction.Commit();
  79     } Catch(DPL::DB::SqlConnection::Exception::Base) {
  80         ReThrowMsg(Exception::DatabaseError, "Failed to setOCSPStatus");
  81     }
  82 }
  83
  84 bool CertificateCacheDAO::getOCSPStatus(OCSPCachedStatus* cached_status)
  85 {
  86     if (NULL == cached_status) {
  87         LogError("NULL pointer");
  88         return false;
  89     }
  90     Try {
  91         Equals<OCSPResponseStorage::cert_chain> e1(
  92                 DPL::FromUTF8String(cached_status->cert_chain));
  93         Equals<OCSPResponseStorage::end_entity_check> e2(
  94                 cached_status->end_entity_check ? 1 : 0);
  95
  96         VCORE_DB_SELECT(select, OCSPResponseStorage, &ThreadInterface())
  97
  98         select->Where(And(e1,e2));
  99         std::list<OCSPResponseStorage::Row> rows = select->GetRowList();
 100         if (1 == rows.size()) {
 101             OCSPResponseStorage::Row row = rows.front();
 102             cached_status->ocsp_status = intToVerificationStatus(
 103                     *(row.Get_ocsp_status()));
 104             cached_status->next_update_time = *(row.Get_next_update_time());
 105             return true;
 106         }
 107
 108         LogDebug("Cached OCSP status not found");
 109         return false;
 110     }
 111     Catch(DPL::DB::SqlConnection::Exception::Base) {
 112         ReThrowMsg(Exception::DatabaseError, "Failed to getOCSPStatus");
 113     }
 114 }
 115
 116 void CertificateCacheDAO::getOCSPStatusList(
 117         OCSPCachedStatusList* cached_status_list)
 118 {
 119     if (NULL == cached_status_list) {
 120         LogError("NULL pointer");
 121         return;
 122     }
 123     Try {
 124         VCORE_DB_SELECT(select, OCSPResponseStorage, &ThreadInterface())
 125         typedef std::list<OCSPResponseStorage::Row> RowList;
 126         RowList list = select->GetRowList();
 127
 128         FOREACH(i, list) {
 129             OCSPCachedStatus status;
 130             status.cert_chain = DPL::ToUTF8String(i->Get_cert_chain());
 131             status.ocsp_status = intToVerificationStatus(
 132                     *(i->Get_ocsp_status()));
 133             status.end_entity_check =
 134                     *(i->Get_end_entity_check()) == 1 ? true : false;
 135             status.next_update_time = *(i->Get_next_update_time());
 136             cached_status_list->push_back(status);
 137         }
 138
 139     }
 140     Catch(DPL::DB::SqlConnection::Exception::Base) {
 141         ReThrowMsg(Exception::DatabaseError, "Failed to getOCSPStatusList");
 142     }
 143 }
 144
 145
 146 void CertificateCacheDAO::setCRLResponse(const std::string& distribution_point,
 147                                          const std::string& crl_body,
 148                                          time_t next_update_time)
 149 {
 150     Try {
 151         ScopedTransaction transaction(&ThreadInterface());
 152         CRLCachedData data;
 153         data.distribution_point = distribution_point;
 154         if (getCRLResponse(&data)) {
 155             // only need to update data in DB
 156             VCORE_DB_UPDATE(update, CRLResponseStorage, &ThreadInterface())
 157             Equals<CRLResponseStorage::distribution_point> e1(
 158                             DPL::FromUTF8String(distribution_point));
 159             CRLResponseStorage::Row row;
 160
 161             update->Where(e1);
 162             row.Set_crl_body(DPL::FromUTF8String(crl_body));
 163             row.Set_next_update_time(next_update_time);
 164             update->Values(row);
 165             update->Execute();
 166         } else {
 167             // need to insert data
 168             VCORE_DB_INSERT(insert, CRLResponseStorage, &ThreadInterface())
 169             CRLResponseStorage::Row row;
 170
 171             row.Set_distribution_point(DPL::FromUTF8String(distribution_point));
 172             row.Set_crl_body(DPL::FromUTF8String(crl_body));
 173             row.Set_next_update_time(next_update_time);
 174             insert->Values(row);
 175             insert->Execute();
 176         }
 177         transaction.Commit();
 178     } Catch(DPL::DB::SqlConnection::Exception::Base) {
 179         ReThrowMsg(Exception::DatabaseError, "Failed to setOCSPStatus");
 180     }
 181 }
 182
 183 bool CertificateCacheDAO::getCRLResponse(CRLCachedData* cached_data)
 184 {
 185     if (NULL == cached_data) {
 186         LogError("NULL pointer");
 187         return false;
 188     }
 189     Try {
 190         VCORE_DB_SELECT(select, CRLResponseStorage, &ThreadInterface())
 191         Equals<CRLResponseStorage::distribution_point> e1(
 192                 DPL::FromUTF8String(cached_data->distribution_point));
 193
 194         select->Where(e1);
 195         std::list<CRLResponseStorage::Row> rows = select->GetRowList();
 196         if (1 == rows.size()) {
 197             CRLResponseStorage::Row row = rows.front();
 198             cached_data->crl_body = DPL::ToUTF8String(row.Get_crl_body());
 199             cached_data->next_update_time = *(row.Get_next_update_time());
 200             return true;
 201         }
 202
 203         LogDebug("Cached CRL not found");
 204         return false;
 205     }
 206     Catch(DPL::DB::SqlConnection::Exception::Base) {
 207         ReThrowMsg(Exception::DatabaseError, "Failed to getCRLResponse");
 208     }
 209 }
 210
 211 void CertificateCacheDAO::getCRLResponseList(
 212         CRLCachedDataList* cached_data_list)
 213 {
 214     if (NULL == cached_data_list) {
 215         LogError("NULL pointer");
 216         return;
 217     }
 218     Try {
 219         VCORE_DB_SELECT(select, CRLResponseStorage, &ThreadInterface())
 220         typedef std::list<CRLResponseStorage::Row> RowList;
 221         RowList list = select->GetRowList();
 222
 223         FOREACH(i, list) {
 224             CRLCachedData response;
 225             response.distribution_point = DPL::ToUTF8String(
 226                     i->Get_distribution_point());
 227             response.crl_body = DPL::ToUTF8String(i->Get_crl_body());
 228             response.next_update_time = *(i->Get_next_update_time());
 229             cached_data_list->push_back(response);
 230         }
 231
 232     }
 233     Catch(DPL::DB::SqlConnection::Exception::Base) {
 234         ReThrowMsg(Exception::DatabaseError, "Failed to getCRLResponses");
 235     }
 236 }
 237
 238 void CertificateCacheDAO::clearCertificateCache()
 239 {
 240     Try {
 241         ScopedTransaction transaction(&ThreadInterface());
 242         VCORE_DB_DELETE(del1, OCSPResponseStorage, &ThreadInterface())
 243         del1->Execute();
 244         VCORE_DB_DELETE(del2, CRLResponseStorage, &ThreadInterface())
 245         del2->Execute();
 246         transaction.Commit();
 247     }
 248     Catch(DPL::DB::SqlConnection::Exception::Base) {
 249         ReThrowMsg(Exception::DatabaseError, "Failed to clearUserSettings");
 250     }
 251 }
 252
 253 VerificationStatus CertificateCacheDAO::intToVerificationStatus(int p)
 254 {
 255     switch (p) {
 256     case 1:
 257         return VERIFICATION_STATUS_GOOD;
 258     case 1 << 1:
 259         return VERIFICATION_STATUS_REVOKED;
 260     case 1 << 2:
 261         return VERIFICATION_STATUS_UNKNOWN;
 262     case 1 << 3:
 263         return VERIFICATION_STATUS_VERIFICATION_ERROR;
 264     case 1 << 4:
 265         return VERIFICATION_STATUS_NOT_SUPPORT;
 266     case 1 << 5:
 267         return VERIFICATION_STATUS_CONNECTION_FAILED;
 268     case 1 << 6:
 269         return VERIFICATION_STATUS_ERROR;
 270     default:
 271         return VERIFICATION_STATUS_ERROR;
 272     }
 273 }
 274
 275 } // namespace ValidationCore