ua_securitypolicy_none.c 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186
  1. /* This work is licensed under a Creative Commons CCZero 1.0 Universal License.
  2. * See http://creativecommons.org/publicdomain/zero/1.0/ for more information.
  3. *
  4. * Copyright 2017-2018 (c) Mark Giraud, Fraunhofer IOSB
  5. * Copyright 2017 (c) Stefan Profanter, fortiss GmbH
  6. */
  7. #include "ua_types.h"
  8. #include "ua_securitypolicies.h"
  9. #include "ua_types_generated_handling.h"
  10. static UA_StatusCode
  11. verify_none(const UA_SecurityPolicy *securityPolicy,
  12. void *channelContext,
  13. const UA_ByteString *message,
  14. const UA_ByteString *signature) {
  15. return UA_STATUSCODE_GOOD;
  16. }
  17. static UA_StatusCode
  18. sign_none(const UA_SecurityPolicy *securityPolicy,
  19. void *channelContext,
  20. const UA_ByteString *message,
  21. UA_ByteString *signature) {
  22. return UA_STATUSCODE_GOOD;
  23. }
  24. static size_t
  25. length_none(const UA_SecurityPolicy *securityPolicy,
  26. const void *channelContext) {
  27. return 0;
  28. }
  29. static UA_StatusCode
  30. encrypt_none(const UA_SecurityPolicy *securityPolicy,
  31. void *channelContext,
  32. UA_ByteString *data) {
  33. return UA_STATUSCODE_GOOD;
  34. }
  35. static UA_StatusCode
  36. decrypt_none(const UA_SecurityPolicy *securityPolicy,
  37. void *channelContext,
  38. UA_ByteString *data) {
  39. return UA_STATUSCODE_GOOD;
  40. }
  41. static UA_StatusCode
  42. makeThumbprint_none(const UA_SecurityPolicy *securityPolicy,
  43. const UA_ByteString *certificate,
  44. UA_ByteString *thumbprint) {
  45. return UA_STATUSCODE_GOOD;
  46. }
  47. static UA_StatusCode
  48. compareThumbprint_none(const UA_SecurityPolicy *securityPolicy,
  49. const UA_ByteString *certificateThumbprint) {
  50. return UA_STATUSCODE_GOOD;
  51. }
  52. static UA_StatusCode
  53. generateKey_none(const UA_SecurityPolicy *securityPolicy,
  54. const UA_ByteString *secret,
  55. const UA_ByteString *seed,
  56. UA_ByteString *out) {
  57. return UA_STATUSCODE_GOOD;
  58. }
  59. /* Use the non-cryptographic RNG to set the nonce */
  60. static UA_StatusCode
  61. generateNonce_none(const UA_SecurityPolicy *securityPolicy, UA_ByteString *out) {
  62. if(securityPolicy == NULL || out == NULL)
  63. return UA_STATUSCODE_BADINTERNALERROR;
  64. /* Fill blocks of four byte */
  65. size_t i = 0;
  66. while(i + 3 < out->length) {
  67. UA_UInt32 rand = UA_UInt32_random();
  68. memcpy(&out->data[i], &rand, 4);
  69. i = i+4;
  70. }
  71. /* Fill the remaining byte */
  72. UA_UInt32 rand = UA_UInt32_random();
  73. memcpy(&out->data[i], &rand, out->length % 4);
  74. return UA_STATUSCODE_GOOD;
  75. }
  76. static UA_StatusCode
  77. newContext_none(const UA_SecurityPolicy *securityPolicy,
  78. const UA_ByteString *remoteCertificate,
  79. void **channelContext) {
  80. return UA_STATUSCODE_GOOD;
  81. }
  82. static void
  83. deleteContext_none(void *channelContext) {
  84. }
  85. static UA_StatusCode
  86. setContextValue_none(void *channelContext,
  87. const UA_ByteString *key) {
  88. return UA_STATUSCODE_GOOD;
  89. }
  90. static UA_StatusCode
  91. compareCertificate_none(const void *channelContext,
  92. const UA_ByteString *certificate) {
  93. return UA_STATUSCODE_GOOD;
  94. }
  95. static UA_StatusCode
  96. updateCertificateAndPrivateKey_none(UA_SecurityPolicy *policy,
  97. const UA_ByteString newCertificate,
  98. const UA_ByteString newPrivateKey) {
  99. UA_ByteString_deleteMembers(&policy->localCertificate);
  100. UA_ByteString_copy(&newCertificate, &policy->localCertificate);
  101. return UA_STATUSCODE_GOOD;
  102. }
  103. static void
  104. policy_deletemembers_none(UA_SecurityPolicy *policy) {
  105. UA_ByteString_deleteMembers(&policy->localCertificate);
  106. }
  107. UA_StatusCode
  108. UA_SecurityPolicy_None(UA_SecurityPolicy *policy, UA_CertificateVerification *certificateVerification,
  109. const UA_ByteString localCertificate, UA_Logger logger) {
  110. policy->policyContext = (void *)(uintptr_t)logger;
  111. policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#None");
  112. policy->logger = logger;
  113. UA_ByteString_copy(&localCertificate, &policy->localCertificate);
  114. policy->certificateVerification = certificateVerification;
  115. policy->symmetricModule.generateKey = generateKey_none;
  116. policy->symmetricModule.generateNonce = generateNonce_none;
  117. UA_SecurityPolicySignatureAlgorithm *sym_signatureAlgorithm =
  118. &policy->symmetricModule.cryptoModule.signatureAlgorithm;
  119. sym_signatureAlgorithm->uri = UA_STRING_NULL;
  120. sym_signatureAlgorithm->verify = verify_none;
  121. sym_signatureAlgorithm->sign = sign_none;
  122. sym_signatureAlgorithm->getLocalSignatureSize = length_none;
  123. sym_signatureAlgorithm->getRemoteSignatureSize = length_none;
  124. sym_signatureAlgorithm->getLocalKeyLength = length_none;
  125. sym_signatureAlgorithm->getRemoteKeyLength = length_none;
  126. UA_SecurityPolicyEncryptionAlgorithm *sym_encryptionAlgorithm =
  127. &policy->symmetricModule.cryptoModule.encryptionAlgorithm;
  128. sym_encryptionAlgorithm->encrypt = encrypt_none;
  129. sym_encryptionAlgorithm->decrypt = decrypt_none;
  130. sym_encryptionAlgorithm->getLocalKeyLength = length_none;
  131. sym_encryptionAlgorithm->getRemoteKeyLength = length_none;
  132. sym_encryptionAlgorithm->getLocalBlockSize = length_none;
  133. sym_encryptionAlgorithm->getRemoteBlockSize = length_none;
  134. sym_encryptionAlgorithm->getLocalPlainTextBlockSize = length_none;
  135. sym_encryptionAlgorithm->getRemotePlainTextBlockSize = length_none;
  136. policy->symmetricModule.secureChannelNonceLength = 0;
  137. policy->asymmetricModule.makeCertificateThumbprint = makeThumbprint_none;
  138. policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_none;
  139. // This only works for none since symmetric and asymmetric crypto modules do the same i.e. nothing
  140. policy->asymmetricModule.cryptoModule = policy->symmetricModule.cryptoModule;
  141. // Use the same signing algorithm as for asymmetric signing
  142. policy->certificateSigningAlgorithm = policy->asymmetricModule.cryptoModule.signatureAlgorithm;
  143. policy->channelModule.newContext = newContext_none;
  144. policy->channelModule.deleteContext = deleteContext_none;
  145. policy->channelModule.setLocalSymEncryptingKey = setContextValue_none;
  146. policy->channelModule.setLocalSymSigningKey = setContextValue_none;
  147. policy->channelModule.setLocalSymIv = setContextValue_none;
  148. policy->channelModule.setRemoteSymEncryptingKey = setContextValue_none;
  149. policy->channelModule.setRemoteSymSigningKey = setContextValue_none;
  150. policy->channelModule.setRemoteSymIv = setContextValue_none;
  151. policy->channelModule.compareCertificate = compareCertificate_none;
  152. policy->updateCertificateAndPrivateKey = updateCertificateAndPrivateKey_none;
  153. policy->deleteMembers = policy_deletemembers_none;
  154. return UA_STATUSCODE_GOOD;
  155. }