certdb.cpp

完成数字证书加密

#include "CertDB.h"
#include "CAService.h"

CertDB::CertDB()
{
	m_sql = NULL;
	m_result=NULL;
	m_findNumber=0;
	m_swap = "";
}

CertDB::~CertDB()
{
}

bool CertDB::updateCRL(char* crl)
{
//	importCRLToDB(crl, "replace");
}

bool CertDB::importCRLToDB(char* crl, string action, string issuer)
{
	string sql="";
	sql.append("delete from ").
		append(readCAConfig("DB", "CRLList")).
		append(" where issuer=\"").
		append(issuer).
		append("\";");
	execute(sql, "del");
	
	sql = "";
	sql.append(action).
		append(" into ").
		append(readCAConfig("DB", "CRLList")).
		append(" (issuer, CRL) VALUES (\"").
		append(issuer).
		append("\", \"").
		append(crl).
		append("\");");
	
	return execute(sql);
}

char* CertDB::exportCRLFromDB(string type)
{
	string sql="";
	sql.append("select * from ").
		append(readCAConfig("DB", "CRLList")).
		append(" where type=\"").
		append(type).
		append("\";");
	if (!execute(sql)) {
		return NULL;
	}
	
	m_row = mysql_fetch_row(m_result);
	return m_row[1];
}

char* CertDB::exportCertToUser(string dn, string name, string action)
{
	string sql = "";
	sql.append("select Cert from ").
		append(readCAConfig("DB", "CertList")).
		append(" where ");
	if (dn=="") {
		sql.append("Username=").append(name);
	}
	else if (name=="") {
		sql.append("DN=").append(dn);
	}
	else {
		sql.append("Username=").append(name).append(" AND DN=").append(dn);
	}
	
	execute(sql, "read");
	int index=0;

	if (m_result == NULL) {
		writelog("in db , cert is not exist.");
		return NULL;
	}
	else {
		m_row = mysql_fetch_row(m_result);
	}
	return m_row[0];
}

void CertDB::showInformation()
{
	string sql = "select username, DN from cert_list;";
	execute(sql);

	map<string, string, less<string> > stack;
	int space = 0;
	int len = 0;
	while ((m_row=mysql_fetch_row(m_result))) {
		if (space < strlen(m_row[0])) {
			space = strlen(m_row[0]);
		}
		if (len < strlen(m_row[1])) {
			len = strlen(m_row[1]);
		}
		stack.insert(map<string, string, less<string> >::value_type(m_row[0], m_row[1]));
	}

	cout << "username";
	int size = 0;
	if (space > 8) {
		size = space+4-8;
	}
	else {
		size = 4;
	}
	for(int i=1;i<=size;i++) {
		cout << " ";
	}
	cout << "DN"<<endl;
	for(int k=1; k<=space+4+len; k++) {
		cout << "-";
	}
	cout << endl;

	for(map<string, string, less<string> >::iterator vi=stack.begin(); vi!=stack.end(); vi++) {
		cout << (*vi).first ;
		int length = strlen((*vi).first.c_str());
		for(int j=1; j<=space-length+4; j++) {
			cout << " ";
		}
		cout << (*vi).second<<endl;
	}
	
	long lines = mysql_num_rows(m_result);
	for(int k=1; k<=space+4+len; k++) {
		cout << "-";
	}
	cout <<"\n\nTotle lines : "<<lines<<endl;
}

bool CertDB::checkWhetherUserHaveExisted(const char* DN)	
{
	string sql = "";
	execute("use ca");
	sql = "select DN from cert_list Where DN=";
	sql.append("\"").append(DN).append("\" ");
	execute(sql);

	if (m_result != NULL) {
		int row = mysql_affected_rows(m_sql);
		if (row<=0) {
			return false;
		}
		cout << "in db , find "<<row<<" rows"<<endl;
		return true;
	}
	return false;
}

string CertDB::getIssuer(string dn)
{
	CAService ca;
	return ca.getIssuer(dn.c_str());
}

bool CertDB::importCertListToDB(string dn, string certlist, string serialNumber, string type, string priv, string action)
{
	string sql = "";
	sql.append(action).
		append(" into ").
		append(readCAConfig("DB", "CertList"));
	sql += " (SerialNumber, username, Type, DN, Cert,priv) VALUES ( \"" +
	   		serialNumber + "\",\""+getIssuer(dn)+"\", \""+type+"\", \""+dn+"\", \"";
	sql.append(certlist).append("\", \"").append(priv).append("\");");
	
	execute(sql);
	return true;
}

bool CertDB::importCertToDB(string dn, X509* cert, string serialNumber, string type, string priv, string action)
{
	char *x509=(char*)calloc(1, 10*K);
	assert(x509!=NULL);
	BIO* in = BIO_new(BIO_s_mem());
	assert(in!=NULL);
	assert(PEM_write_bio_X509(in, cert)!=0);
	assert(X509_print(in, cert)!=0);
	BIO_read(in, x509, 10*K);
	
	string sql = "";
	if (action=="insert") {
		sql.append("insert");
	}
	else if (action=="replace") {
		sql.append("replace");
	}
	sql.append(" into ").append(readCAConfig("DB", "CertList"));
	sql += " (SerialNumber, username, Type, DN, Cert, priv) VALUES ( \"" + 
		serialNumber + "\", \""+getIssuer(dn)+"\", \""+type+"\", \""+dn+"\", \"";
	sql.append(x509).append("\", \"").append(priv).append("\");");

	if (x509) free(x509), x509=NULL;
	BIO_free(in);

	execute(sql);
	return true;
}

bool CertDB::findCertInDB(string username, string dn)
{
	exportCertToUser(username, dn, "find");
	return m_findNumber;
}

bool CertDB::delCertFromDB(string type, string username, string dn)
{
	string sql = "";

	sql.append("select serialNumber from ").
		append(readCAConfig("DB", "CertList")).
		append(" where type=\"").
		append(type).
		append("\" and ");
	if (dn=="") {
		sql.append("username=\"").
			append(username).
			append("\";");
	}	
	else if (username=="") {
		sql.append("dn=\"").
			append(dn).
			append("\";");
	}
	if (execute(sql)) {
		int rows = mysql_num_rows(m_result);
		MYSQL_ROW row;
		while ((row=mysql_fetch_row(m_result)) && (rows>0)) {
			m_swap = row[0];
			rows--;
		}
	}	

	sql = "";
	sql.append("delete from ").
		append(readCAConfig("DB", "CertList")).
		append(" Where ");
	if (dn=="") {
		sql.append("Username=\"").
			append(username).
			append("\" and type=\"").
			append(type).
			append("\";");
	}
	else if (username=="") {
		sql.append("DN=\"").
			append(dn).
			append("\" and type=\"").
			append(type).
			append("\";");
	}
	
	if (!execute(sql, "del")) {
		writelog("delete fail.");
		return false;
	}
	return true;
}

bool CertDB::updateCertListToDB(string dn, string certlist, string type, string priv)
{
	return importCertListToDB(dn, certlist, type, priv, "replace");
}

bool CertDB::updateCertToDB(string dn, X509* cert, string type, string priv)
{
	return importCertToDB(dn, cert, type, priv, "replace");
}

void CertDB::closeConnection()
{
	mysql_close(m_sql);
	m_result = NULL;
}

void CertDB::closeDB()
{
	mysql_shutdown(m_sql);
}

bool CertDB::connectDBServer()
{
	m_sql = mysql_init(NULL);
    if (m_sql == NULL) {
        cout << "to initialize db fail ."<<endl;
        return false;
    }

	return true;
}

bool CertDB::initializeConnect()
{
	if (!connectDBServer()) {
		return false;
	}
	m_username = readCAConfig("DB", "Username");
	m_password = readCAConfig("DB", "Password");
	m_server   = readCAConfig("DB", "Server");
	
	assert(m_username!="");
	assert(m_password!="");
	assert(m_server!="");
	
	assert(mysql_real_connect(m_sql,m_server.c_str(),
				m_username.c_str(),
				m_password.c_str(),
			   	m_db.c_str(), 0, NULL, 0)!=NULL);

	if (readCAConfig("System", "Initial")=="yes") {
		execute("use ca");
	}

	return true;
}

bool CertDB::initCADB()
{
	initializeConnect();

	string sql = "delete from " + readCAConfig("DB", "CertList")+" ;";
	execute(sql, "del");
	sql = "delete from " + readCAConfig("DB", "CRLList")+" ;";
	execute(sql, "del");

	createDB();
	execute("use ca");
	createCRLChain();
	execute("use ca");
	createCertChain();

	return true;
}

void CertDB::createDB()
{
	string sql = "create database ";
	sql.append(readCAConfig("DB", "db")).append(" ;");
	execute(sql);
}

bool CertDB::handleShell(string shell)
{
	if (shell=="") {
		return false;
	}
	shell.append(" -p");
	system(shell.c_str());
	return true;
}

bool CertDB::createCRLChain()
{
	execute(readCAConfig("DB", "DB_CRL_Struct"));
	return true;
}

bool CertDB::createCertChain()
{
	execute(readCAConfig("DB", "DB_Cert_Struct"));
	return true;
}

string CertDB::readCAConfig(string keyword, string object)
{
	CAService ca;
	return ca.readCAconfig(keyword, object);
}

bool CertDB::execute(string sql, string type)
{
	assert( m_sql!=NULL );
	int err=mysql_real_query(m_sql, sql.c_str() ,sql.size());
	if (err!=0) {
		switch (err) {
			case CR_COMMANDS_OUT_OF_SYNC:
				writelog("sequence of commands is fault .");
				break;
			case CR_SERVER_GONE_ERROR:
				writelog("server has closed .");
				break;
			case CR_SERVER_LOST:
				writelog("query is out-to-date");
				break;
			case CR_UNKNOWN_ERROR:
				writelog("other errors, please tell admin");
			default :
				if (sql != "use ca") {
//					writelog("handling cert operation fail. ");
					cout<<"fault command : "<<sql<<endl;
				}
				else {
					writelog("unknown error");
				}
				break;
		}
		return false;
	}
	else {
		if (type=="write") {
			m_result = mysql_store_result(m_sql);	
		}
		else if (type=="read") {
			m_result = mysql_store_result(m_sql);	
		}
	}
	return true;
}

string CertDB::parseXML(string xml, string type, string keyword, string attr, string value)
{
	NggObject *object = NggObject::fromXML(xml);
	string result = locateInXML(object, type, keyword, value);
	if (object) delete object, object=NULL;
	return result;	
}

string CertDB::locateInXML(NggObject* object, string type, string keyword, 
						string attr, string value)
{
	assert( object!=NULL );
	string result="";

	int i=0;
	while(i) {
		unsigned int len = object->m_Contains.size();
		string name = object->m_Contains[i]->m_Name;
		
		if (len > 0) {
			NggObject* obj = object->m_Contains[i];
			if (locateInXML(obj) != "") {
				break;
			}
		}
		else {
			if (name == keyword) {
				if (type=="get") {
					result = object->m_Contains[i]->m_Value;
				}
				else if (type=="set") {
					object->m_Contains[i]->m_Value = value;
					result = object->m_Contains[i]->toXML();
				}
				break;
			}
		}
		i++;
	}

	return result;
}