Added SQLiteKeyInfoManager Storage & Retrieval Functionality.

This commit adds basic storage and retrieval mechanisms into the SQLiteKeyInfoManager. These mechanism satisfy our current unit tests which have been copied from the OnDiskKeyInfoManager for now. Additional unit tests need adding to affirm the key_name, application_name, authenticator namespace we defined during design. Furthermore, the kim_metadata table does not currently exist and will need adding. Closes #503 Signed-off-by: Matt Davis <matt.davis@arm.com>
parallaxsecond · Aug 31, 2021 · 388d533 · 388d533
1 parent 6110c1c
commit 388d533
Show file tree

Hide file tree

Showing 7 changed files with 698 additions and 11 deletions.
diff --git a/.gitignore b/.gitignore
@@ -19,8 +19,9 @@ tags
 # Git patch files
 *.patch
 
-# Parsec key info mappings directory
+# Parsec key info mappings directories
 mappings/
+kim-mappings/
 
 # TPM simulator state file
 NVChip
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -44,6 +44,8 @@ anyhow = "1.0.38"
 rust-cryptoauthlib = { version = "0.4.0", optional = true }
 spiffe = { version = "0.1.1", optional = true }
 prost = { version = "0.7.0", optional = true }
+rusqlite = { version = "0.25.3", features = ["bundled"] }
+num-traits = "0.2.14"
 
 [dev-dependencies]
 rand = { version = "0.8.3", features = ["small_rng"] }

diff --git a/src/key_info_managers/mod.rs b/src/key_info_managers/mod.rs
@@ -23,6 +23,7 @@ use std::sync::{Arc, RwLock};
 use zeroize::Zeroize;
 
 pub mod on_disk_manager;
+pub mod sqlite_manager;
 
 /// This structure corresponds to a unique identifier of the key. It is used internally by the Key
 /// ID manager to refer to a key.
@@ -71,8 +72,9 @@ impl KeyIdentity {
     }
 
     /// Checks if this key belongs to a specific provider.
-    pub fn belongs_to_provider(&self, provider_name: String) -> bool {
-        *self.provider().name() == provider_name
+    pub fn belongs_to_provider(&self, provider_identity: &ProviderIdentity) -> bool {
+        self.provider().name() == provider_identity.name()
+            && self.provider().uuid() == provider_identity.uuid()
     }
 
     /// Get the key name
@@ -396,20 +398,31 @@ pub struct KeyInfoManagerFactory {
 impl KeyInfoManagerFactory {
     /// Create a KeyInfoManagerFactory
     pub fn new(config: &KeyInfoManagerConfig, default_auth_type: AuthType) -> Result<Self> {
-        let manager = match config.manager_type {
+        let factory = match config.manager_type {
             KeyInfoManagerType::OnDisk => {
                 let mut builder = on_disk_manager::OnDiskKeyInfoManagerBuilder::new();
                 if let Some(store_path) = &config.store_path {
                     builder = builder.with_mappings_dir_path(store_path.into());
                 }
                 builder = builder.with_auth_type(default_auth_type);
-                builder.build()?
+                let manager = builder.build()?;
+                KeyInfoManagerFactory {
+                    key_info_manager_impl: Arc::new(RwLock::new(manager)),
+                }
+            }
+            KeyInfoManagerType::SQLite => {
+                let mut builder = sqlite_manager::SQLiteKeyInfoManagerBuilder::new();
+                if let Some(sqlite_db_path) = &config.sqlite_db_path {
+                    builder = builder.with_db_path(sqlite_db_path.into());
+                }
+                let manager = builder.build()?;
+                KeyInfoManagerFactory {
+                    key_info_manager_impl: Arc::new(RwLock::new(manager)),
+                }
             }
         };
 
-        Ok(KeyInfoManagerFactory {
-            key_info_manager_impl: Arc::new(RwLock::new(manager)),
-        })
+        Ok(factory)
     }
 
     /// Build a KeyInfoManagerClient