00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033 #include <assert.h>
00034 #include <stdio.h>
00035 #include <stdlib.h>
00036 #include <string.h>
00037 #include <time.h>
00038
00039 #include "ksm/database.h"
00040 #include "ksm/database_statement.h"
00041 #include "ksm/datetime.h"
00042 #include "ksm/db_fields.h"
00043 #include "ksm/debug.h"
00044 #include "ksm/ksmdef.h"
00045 #include "ksm/ksm.h"
00046 #include "ksm/ksm_internal.h"
00047 #include "ksm/message.h"
00048 #include "ksm/string_util.h"
00049 #include "ksm/string_util2.h"
00050
00051
00052
00053
00054
00055
00056
00057
00058
00059
00060
00061
00062
00063
00064
00065
00066
00067
00068
00069
00070
00071
00072 int KsmImportRepository(const char* repo_name, const char* repo_capacity, int require_backup)
00073 {
00074 char* sql = NULL;
00075 int status = 0;
00076 int count = 0;
00077
00078
00079 if (repo_name == NULL) {
00080 return MsgLog(KSM_INVARG, "NULL repository name");
00081 }
00082
00083
00084
00085
00086 sql = DqsCountInit(DB_SECURITY_MODULE_TABLE);
00087 DqsConditionString(&sql, "NAME", DQS_COMPARE_EQ, repo_name, 0);
00088 DqsEnd(&sql);
00089
00090
00091 status = DbIntQuery(DbHandle(), &count, sql);
00092 DqsFree(sql);
00093
00094 if (status != 0)
00095 {
00096 status = MsgLog(KSM_SQLFAIL, DbErrmsg(DbHandle()));
00097 return status;
00098 }
00099
00100
00101 if (count == 0)
00102 {
00103 sql = DisSpecifyInit(DB_SECURITY_MODULE_TABLE, "name, capacity, requirebackup");
00104 DisAppendString(&sql, repo_name);
00105 DisAppendString(&sql, repo_capacity);
00106 DisAppendInt(&sql, require_backup);
00107 DisEnd(&sql);
00108
00109 status = DbExecuteSqlNoResult(DbHandle(), sql);
00110 DisFree(sql);
00111 }
00112 else if (count == 1)
00113 {
00114 sql = DusInit(DB_SECURITY_MODULE_TABLE);
00115 DusSetString(&sql, "capacity", repo_capacity, 0);
00116 DusSetInt(&sql, "requirebackup", require_backup, 1);
00117 DusConditionString(&sql, "name", DQS_COMPARE_EQ, repo_name, 0);
00118 DusEnd(&sql);
00119
00120 status = DbExecuteSqlNoResult(DbHandle(), sql);
00121 DusFree(sql);
00122 }
00123 else
00124 {
00125 return -1;
00126 }
00127
00128 return status;
00129 }
00130
00131
00132
00133
00134
00135
00136
00137
00138
00139
00140
00141
00142
00143
00144
00145
00146
00147
00148
00149 int KsmImportPolicy(const char* policy_name, const char* policy_description)
00150 {
00151 char* sql = NULL;
00152 int status = 0;
00153
00154
00155 if (policy_name == NULL) {
00156 return MsgLog(KSM_INVARG, "NULL policy name");
00157 }
00158
00159
00160 sql = DisSpecifyInit("policies", "name, description");
00161 DisAppendString(&sql, policy_name);
00162 DisAppendString(&sql, policy_description);
00163 DisEnd(&sql);
00164
00165 status = DbExecuteSqlNoResult(DbHandle(), sql);
00166 DisFree(sql);
00167
00168 return status;
00169 }
00170
00171
00172
00173
00174
00175
00176
00177
00178
00179
00180
00181
00182
00183
00184
00185
00186
00187
00188
00189
00190
00191
00192
00193
00194
00195
00196
00197
00198
00199
00200
00201
00202
00203
00204
00205 int KsmImportZone(const char* zone_name, int policy_id, int fail_if_exists, int *new_zone, const char* signconf, const char* input, const char* output)
00206 {
00207 char* sql = NULL;
00208 int status = 0;
00209 int count = 0;
00210 char* zone_name_td = NULL;
00211 char in_clause[KSM_SQL_SIZE];
00212
00213
00214 if (zone_name == NULL || policy_id == 0) {
00215 return MsgLog(KSM_INVARG, "NULL zone name or policy");
00216 }
00217
00218
00219
00220 zone_name_td = StrStrdup(zone_name);
00221 if (strlen(zone_name_td) > 1 && zone_name_td[strlen(zone_name_td)-1] == '.') {
00222 zone_name_td[strlen(zone_name_td)-1] = '\0';
00223 }
00224 else if (strlen(zone_name_td) > 1) {
00225 StrAppend(&zone_name_td, ".");
00226 }
00227
00228 snprintf(in_clause, KSM_SQL_SIZE, "(\"%s\",\"%s\")", zone_name, zone_name_td);
00229
00230
00231
00232
00233 sql = DqsCountInit(DB_ZONE_TABLE);
00234 DqsConditionKeyword(&sql, "NAME", DQS_COMPARE_IN, in_clause, 0);
00235 DqsEnd(&sql);
00236
00237
00238 status = DbIntQuery(DbHandle(), &count, sql);
00239 DqsFree(sql);
00240
00241 if (status != 0)
00242 {
00243 status = MsgLog(KSM_SQLFAIL, DbErrmsg(DbHandle()));
00244 return status;
00245 }
00246
00247
00248 if (count == 0)
00249 {
00250 sql = DisSpecifyInit(DB_ZONE_TABLE, "name, policy_id, signconf, input, output");
00251 DisAppendString(&sql, zone_name);
00252 DisAppendInt(&sql, policy_id);
00253 DisAppendString(&sql, signconf);
00254 DisAppendString(&sql, input);
00255 DisAppendString(&sql, output);
00256 DisEnd(&sql);
00257
00258 status = DbExecuteSqlNoResult(DbHandle(), sql);
00259 DisFree(sql);
00260
00261 *new_zone = 1;
00262 }
00263 else if (count == 1)
00264 {
00265 if (fail_if_exists == 1) {
00266 return -2;
00267 }
00268 sql = DusInit(DB_ZONE_TABLE);
00269 DusSetInt(&sql, "policy_id", policy_id, 0);
00270 DusSetString(&sql, "signconf", signconf, 1);
00271 DusSetString(&sql, "input", input, 2);
00272 DusSetString(&sql, "output", output, 3);
00273 DusConditionString(&sql, "name", DQS_COMPARE_EQ, zone_name, 0);
00274 DusEnd(&sql);
00275
00276 status = DbExecuteSqlNoResult(DbHandle(), sql);
00277 DusFree(sql);
00278
00279 *new_zone = 0;
00280 }
00281 else if (count == 2)
00282 {
00283 return -3;
00284 }
00285 else
00286 {
00287 return -1;
00288 }
00289
00290 return status;
00291 }
00292
00293
00294
00295
00296
00297
00298
00299
00300
00301
00302
00303
00304
00305
00306
00307
00308
00309
00310
00311 int KsmImportAudit(int policy_id, const char* audit_contents)
00312 {
00313 char* sql = NULL;
00314 int status = 0;
00315
00316
00317 sql = DusInit("policies");
00318 DusSetString(&sql, "audit", audit_contents, 0);
00319 DusConditionInt(&sql, "id", DQS_COMPARE_EQ, policy_id, 0);
00320 DusEnd(&sql);
00321
00322 status = DbExecuteSqlNoResult(DbHandle(), sql);
00323 DusFree(sql);
00324
00325 return status;
00326 }
00327
00328
00329
00330
00331
00332
00333
00334
00335
00336
00337
00338
00339
00340
00341
00342
00343
00344
00345
00346
00347
00348
00349
00350
00351
00352
00353
00354
00355
00356
00357
00358 int KsmImportKeyPair(int policy_id, const char* HSMKeyID, int smID, int size, int alg, int state, const char* time, DB_ID* id)
00359 {
00360 unsigned long rowid;
00361 int status = 0;
00362 char* sql = NULL;
00363 char* columns = NULL;
00364
00365
00366 if (id == NULL) {
00367 return MsgLog(KSM_INVARG, "NULL id");
00368 }
00369
00370 StrAppend(&columns, "policy_id, HSMkey_id, securitymodule_id, size, algorithm");
00371 if (state == KSM_STATE_GENERATE) {
00372 StrAppend(&columns, ", ");
00373 StrAppend(&columns, KsmKeywordStateValueToName(state));
00374 }
00375
00376 sql = DisSpecifyInit("keypairs", columns);
00377 DisAppendInt(&sql, policy_id);
00378 DisAppendString(&sql, HSMKeyID);
00379 DisAppendInt(&sql, smID);
00380 DisAppendInt(&sql, size);
00381 DisAppendInt(&sql, alg);
00382 if (state == KSM_STATE_GENERATE) {
00383 DisAppendString(&sql, time);
00384 }
00385 DisEnd(&sql);
00386
00387
00388
00389 status = DbExecuteSqlNoResult(DbHandle(), sql);
00390 DisFree(sql);
00391 StrFree(columns);
00392
00393 if (status == 0) {
00394
00395
00396
00397 status = DbLastRowId(DbHandle(), &rowid);
00398 if (status == 0) {
00399 *id = (DB_ID) rowid;
00400 }
00401 }
00402
00403
00404
00405 return status;
00406 }
00407
00408 int KsmSmIdFromName(const char* name, int *id)
00409 {
00410 char* sql = NULL;
00411 int status = 0;
00412
00413
00414 if (name == NULL) {
00415 return MsgLog(KSM_INVARG, "NULL name");
00416 }
00417
00418
00419
00420 sql = DqsSpecifyInit(DB_SECURITY_MODULE_TABLE,"id");
00421 DqsConditionString(&sql, "name", DQS_COMPARE_EQ, name, 0);
00422 DqsEnd(&sql);
00423
00424
00425 status = DbIntQuery(DbHandle(), id, sql);
00426 DqsFree(sql);
00427
00428 if (status != 0)
00429 {
00430 status = MsgLog(KSM_SQLFAIL, DbErrmsg(DbHandle()));
00431 return status;
00432 }
00433
00434 return status;
00435 }
00436
00437 int KsmSerialIdFromName(const char* name, int *id)
00438 {
00439 char* sql = NULL;
00440 int status = 0;
00441
00442
00443 if (name == NULL) {
00444 return MsgLog(KSM_INVARG, "NULL name");
00445 }
00446
00447
00448
00449 sql = DqsSpecifyInit("serialmodes","id");
00450 DqsConditionString(&sql, "name", DQS_COMPARE_EQ, name, 0);
00451 DqsEnd(&sql);
00452
00453
00454 status = DbIntQuery(DbHandle(), id, sql);
00455 DqsFree(sql);
00456
00457 if (status != 0)
00458 {
00459 status = MsgLog(KSM_SQLFAIL, DbErrmsg(DbHandle()));
00460 return status;
00461 }
00462
00463 return status;
00464 }
00465
00466
00467
00468
00469
00470
00471
00472
00473
00474
00475
00476
00477
00478
00479
00480 int KsmPolicyIdFromName(const char* name, int *id)
00481 {
00482 char* sql = NULL;
00483 int status = 0;
00484
00485
00486 if (name == NULL) {
00487 return MsgLog(KSM_INVARG, "NULL name");
00488 }
00489
00490
00491
00492 sql = DqsSpecifyInit("policies","id");
00493 DqsConditionString(&sql, "name", DQS_COMPARE_EQ, name, 0);
00494 DqsEnd(&sql);
00495
00496
00497 status = DbIntQuery(DbHandle(), id, sql);
00498 DqsFree(sql);
00499
00500 if (status != 0)
00501 {
00502 status = MsgLog(KSM_SQLFAIL, DbErrmsg(DbHandle()));
00503 return status;
00504 }
00505
00506 return status;
00507 }
00508
00509
00510
00511
00512
00513
00514
00515
00516
00517
00518
00519
00520
00521
00522
00523
00524
00525
00526
00527 int KsmMarkPreBackup(int repo_id, const char* datetime)
00528 {
00529 char* sql = NULL;
00530 int status = 0;
00531 int count = -1;
00532
00533
00534 sql = DqsCountInit("keypairs");
00535 if (repo_id != -1) {
00536 DqsConditionInt(&sql, "securitymodule_id", DQS_COMPARE_EQ, repo_id, 0);
00537 StrAppend(&sql, " and pre_backup is null");
00538 } else {
00539 StrAppend(&sql, " where pre_backup is null");
00540 }
00541 DqsEnd(&sql);
00542
00543
00544 status = DbIntQuery(DbHandle(), &count, sql);
00545 DqsFree(sql);
00546
00547 if (status != 0)
00548 {
00549 status = MsgLog(KSM_SQLFAIL, DbErrmsg(DbHandle()));
00550 return status;
00551 }
00552
00553 if (count == 0) {
00554
00555 return -1;
00556 }
00557
00558
00559 sql = DusInit("keypairs");
00560 DusSetString(&sql, "PRE_BACKUP", datetime, 0);
00561 if (repo_id != -1) {
00562 DusConditionInt(&sql, "securitymodule_id", DQS_COMPARE_EQ, repo_id, 0);
00563 StrAppend(&sql, " and pre_backup is null");
00564 } else {
00565 StrAppend(&sql, " where pre_backup is null");
00566 }
00567 DusEnd(&sql);
00568
00569 status = DbExecuteSqlNoResult(DbHandle(), sql);
00570 DusFree(sql);
00571
00572 return status;
00573 }
00574
00575
00576
00577
00578
00579
00580
00581
00582
00583
00584
00585
00586
00587
00588
00589
00590 int KsmRollbackMarkPreBackup(int repo_id)
00591 {
00592 char* sql = NULL;
00593 int status = 0;
00594 int count = -1;
00595
00596
00597 sql = DqsCountInit("keypairs");
00598 if (repo_id != -1) {
00599 DqsConditionInt(&sql, "securitymodule_id", DQS_COMPARE_EQ, repo_id, 0);
00600 StrAppend(&sql, " and pre_backup is not null");
00601 StrAppend(&sql, " and backup is null");
00602 } else {
00603 StrAppend(&sql, " where pre_backup is not null");
00604 StrAppend(&sql, " and backup is null");
00605 }
00606 DqsEnd(&sql);
00607
00608
00609 status = DbIntQuery(DbHandle(), &count, sql);
00610 DqsFree(sql);
00611
00612 if (status != 0)
00613 {
00614 status = MsgLog(KSM_SQLFAIL, DbErrmsg(DbHandle()));
00615 return status;
00616 }
00617
00618 if (count == 0) {
00619
00620 return -1;
00621 }
00622
00623
00624 sql = DusInit("keypairs");
00625 DusSetString(&sql, "PRE_BACKUP", NULL, 0);
00626 if (repo_id != -1) {
00627 DusConditionInt(&sql, "securitymodule_id", DQS_COMPARE_EQ, repo_id, 0);
00628 StrAppend(&sql, " and pre_backup is not null");
00629 StrAppend(&sql, " and backup is null");
00630 } else {
00631 StrAppend(&sql, " where pre_backup is null");
00632 StrAppend(&sql, " and backup is null");
00633 }
00634 DusEnd(&sql);
00635
00636 status = DbExecuteSqlNoResult(DbHandle(), sql);
00637 DusFree(sql);
00638
00639 return status;
00640 }
00641
00642
00643
00644
00645
00646
00647
00648
00649
00650
00651
00652
00653
00654
00655
00656
00657
00658
00659
00660 int KsmMarkBackup(int repo_id, const char* datetime)
00661 {
00662 char* sql = NULL;
00663 int status = 0;
00664 int count = -1;
00665
00666
00667 sql = DqsCountInit("keypairs");
00668 if (repo_id != -1) {
00669 DqsConditionInt(&sql, "securitymodule_id", DQS_COMPARE_EQ, repo_id, 0);
00670 StrAppend(&sql, " and pre_backup is not null");
00671 StrAppend(&sql, " and backup is null");
00672 } else {
00673 StrAppend(&sql, " where pre_backup is not null");
00674 StrAppend(&sql, " and backup is null");
00675 }
00676 DqsEnd(&sql);
00677
00678
00679 status = DbIntQuery(DbHandle(), &count, sql);
00680 DqsFree(sql);
00681
00682 if (status != 0)
00683 {
00684 status = MsgLog(KSM_SQLFAIL, DbErrmsg(DbHandle()));
00685 return status;
00686 }
00687
00688 if (count == 0) {
00689
00690 return -1;
00691 }
00692
00693
00694 sql = DusInit("keypairs");
00695 DusSetString(&sql, "BACKUP", datetime, 0);
00696 if (repo_id != -1) {
00697 DusConditionInt(&sql, "securitymodule_id", DQS_COMPARE_EQ, repo_id, 0);
00698 StrAppend(&sql, " and backup is null");
00699 StrAppend(&sql, " and pre_backup is not null");
00700 } else {
00701 StrAppend(&sql, " where backup is null");
00702 StrAppend(&sql, " and pre_backup is not null");
00703 }
00704 DusEnd(&sql);
00705
00706 status = DbExecuteSqlNoResult(DbHandle(), sql);
00707 DusFree(sql);
00708
00709 return status;
00710 }
00711
00712
00713
00714
00715
00716
00717
00718
00719
00720
00721
00722
00723
00724
00725
00726
00727
00728
00729
00730
00731
00732
00733 int KsmCheckHSMkeyID(int repo_id, const char* cka_id, int *exists)
00734 {
00735 char* sql = NULL;
00736 int status = 0;
00737 int count = 0;
00738
00739
00740 if (cka_id == NULL) {
00741 return MsgLog(KSM_INVARG, "NULL cka_id");
00742 }
00743
00744
00745
00746
00747 sql = DqsCountInit("keypairs");
00748 DqsConditionString(&sql, "HSMkey_id", DQS_COMPARE_EQ, cka_id, 0);
00749 if (repo_id != -1) {
00750 DqsConditionInt(&sql, "securitymodule_id", DQS_COMPARE_EQ, repo_id, 1);
00751 }
00752 DqsEnd(&sql);
00753
00754
00755 status = DbIntQuery(DbHandle(), &count, sql);
00756 DqsFree(sql);
00757
00758 if (status != 0)
00759 {
00760 status = MsgLog(KSM_SQLFAIL, DbErrmsg(DbHandle()));
00761 return status;
00762 }
00763
00764 if (count > 0) {
00765 *exists = 1;
00766 }
00767 else {
00768 *exists = 0;
00769 }
00770
00771 return 0;
00772 }
00773