ua_securitypolicy_none.c 6.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190
  1. /* This work is licensed under a Creative Commons CCZero 1.0 Universal License.
  2. * See http://creativecommons.org/publicdomain/zero/1.0/ for more information.
  3. *
  4. * Copyright 2017-2018 (c) Mark Giraud, Fraunhofer IOSB
  5. * Copyright 2017 (c) Stefan Profanter, fortiss GmbH
  6. */
  7. #include "ua_types.h"
  8. #include "ua_securitypolicies.h"
  9. #include "ua_types_generated_handling.h"
  10. static UA_StatusCode
  11. verify_none(const UA_SecurityPolicy *securityPolicy,
  12. void *channelContext,
  13. const UA_ByteString *message,
  14. const UA_ByteString *signature) {
  15. return UA_STATUSCODE_GOOD;
  16. }
  17. static UA_StatusCode
  18. sign_none(const UA_SecurityPolicy *securityPolicy,
  19. void *channelContext,
  20. const UA_ByteString *message,
  21. UA_ByteString *signature) {
  22. return UA_STATUSCODE_GOOD;
  23. }
  24. static size_t
  25. length_none(const UA_SecurityPolicy *securityPolicy,
  26. const void *channelContext) {
  27. return 0;
  28. }
  29. static UA_StatusCode
  30. encrypt_none(const UA_SecurityPolicy *securityPolicy,
  31. void *channelContext,
  32. UA_ByteString *data) {
  33. return UA_STATUSCODE_GOOD;
  34. }
  35. static UA_StatusCode
  36. decrypt_none(const UA_SecurityPolicy *securityPolicy,
  37. void *channelContext,
  38. UA_ByteString *data) {
  39. return UA_STATUSCODE_GOOD;
  40. }
  41. static UA_StatusCode
  42. makeThumbprint_none(const UA_SecurityPolicy *securityPolicy,
  43. const UA_ByteString *certificate,
  44. UA_ByteString *thumbprint) {
  45. return UA_STATUSCODE_GOOD;
  46. }
  47. static UA_StatusCode
  48. compareThumbprint_none(const UA_SecurityPolicy *securityPolicy,
  49. const UA_ByteString *certificateThumbprint) {
  50. return UA_STATUSCODE_GOOD;
  51. }
  52. static UA_StatusCode
  53. generateKey_none(const UA_SecurityPolicy *securityPolicy,
  54. const UA_ByteString *secret,
  55. const UA_ByteString *seed,
  56. UA_ByteString *out) {
  57. return UA_STATUSCODE_GOOD;
  58. }
  59. /* Use the non-cryptographic RNG to set the nonce */
  60. static UA_StatusCode
  61. generateNonce_none(const UA_SecurityPolicy *securityPolicy, UA_ByteString *out) {
  62. if(securityPolicy == NULL || out == NULL)
  63. return UA_STATUSCODE_BADINTERNALERROR;
  64. if(out->length == 0)
  65. return UA_STATUSCODE_GOOD;
  66. /* Fill blocks of four byte */
  67. size_t i = 0;
  68. while(i + 3 < out->length) {
  69. UA_UInt32 rand = UA_UInt32_random();
  70. memcpy(&out->data[i], &rand, 4);
  71. i = i+4;
  72. }
  73. /* Fill the remaining byte */
  74. UA_UInt32 rand = UA_UInt32_random();
  75. memcpy(&out->data[i], &rand, out->length % 4);
  76. return UA_STATUSCODE_GOOD;
  77. }
  78. static UA_StatusCode
  79. newContext_none(const UA_SecurityPolicy *securityPolicy,
  80. const UA_ByteString *remoteCertificate,
  81. void **channelContext) {
  82. return UA_STATUSCODE_GOOD;
  83. }
  84. static void
  85. deleteContext_none(void *channelContext) {
  86. }
  87. static UA_StatusCode
  88. setContextValue_none(void *channelContext,
  89. const UA_ByteString *key) {
  90. return UA_STATUSCODE_GOOD;
  91. }
  92. static UA_StatusCode
  93. compareCertificate_none(const void *channelContext,
  94. const UA_ByteString *certificate) {
  95. return UA_STATUSCODE_GOOD;
  96. }
  97. static UA_StatusCode
  98. updateCertificateAndPrivateKey_none(UA_SecurityPolicy *policy,
  99. const UA_ByteString newCertificate,
  100. const UA_ByteString newPrivateKey) {
  101. UA_ByteString_deleteMembers(&policy->localCertificate);
  102. UA_ByteString_copy(&newCertificate, &policy->localCertificate);
  103. return UA_STATUSCODE_GOOD;
  104. }
  105. static void
  106. policy_deletemembers_none(UA_SecurityPolicy *policy) {
  107. UA_ByteString_deleteMembers(&policy->localCertificate);
  108. }
  109. UA_StatusCode
  110. UA_SecurityPolicy_None(UA_SecurityPolicy *policy,
  111. UA_CertificateVerification *certificateVerification,
  112. const UA_ByteString localCertificate, const UA_Logger *logger) {
  113. policy->policyContext = (void *)(uintptr_t)logger;
  114. policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#None");
  115. policy->logger = logger;
  116. UA_ByteString_copy(&localCertificate, &policy->localCertificate);
  117. policy->certificateVerification = certificateVerification;
  118. policy->symmetricModule.generateKey = generateKey_none;
  119. policy->symmetricModule.generateNonce = generateNonce_none;
  120. UA_SecurityPolicySignatureAlgorithm *sym_signatureAlgorithm =
  121. &policy->symmetricModule.cryptoModule.signatureAlgorithm;
  122. sym_signatureAlgorithm->uri = UA_STRING_NULL;
  123. sym_signatureAlgorithm->verify = verify_none;
  124. sym_signatureAlgorithm->sign = sign_none;
  125. sym_signatureAlgorithm->getLocalSignatureSize = length_none;
  126. sym_signatureAlgorithm->getRemoteSignatureSize = length_none;
  127. sym_signatureAlgorithm->getLocalKeyLength = length_none;
  128. sym_signatureAlgorithm->getRemoteKeyLength = length_none;
  129. UA_SecurityPolicyEncryptionAlgorithm *sym_encryptionAlgorithm =
  130. &policy->symmetricModule.cryptoModule.encryptionAlgorithm;
  131. sym_encryptionAlgorithm->encrypt = encrypt_none;
  132. sym_encryptionAlgorithm->decrypt = decrypt_none;
  133. sym_encryptionAlgorithm->getLocalKeyLength = length_none;
  134. sym_encryptionAlgorithm->getRemoteKeyLength = length_none;
  135. sym_encryptionAlgorithm->getLocalBlockSize = length_none;
  136. sym_encryptionAlgorithm->getRemoteBlockSize = length_none;
  137. sym_encryptionAlgorithm->getLocalPlainTextBlockSize = length_none;
  138. sym_encryptionAlgorithm->getRemotePlainTextBlockSize = length_none;
  139. policy->symmetricModule.secureChannelNonceLength = 0;
  140. policy->asymmetricModule.makeCertificateThumbprint = makeThumbprint_none;
  141. policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_none;
  142. // This only works for none since symmetric and asymmetric crypto modules do the same i.e. nothing
  143. policy->asymmetricModule.cryptoModule = policy->symmetricModule.cryptoModule;
  144. // Use the same signing algorithm as for asymmetric signing
  145. policy->certificateSigningAlgorithm = policy->asymmetricModule.cryptoModule.signatureAlgorithm;
  146. policy->channelModule.newContext = newContext_none;
  147. policy->channelModule.deleteContext = deleteContext_none;
  148. policy->channelModule.setLocalSymEncryptingKey = setContextValue_none;
  149. policy->channelModule.setLocalSymSigningKey = setContextValue_none;
  150. policy->channelModule.setLocalSymIv = setContextValue_none;
  151. policy->channelModule.setRemoteSymEncryptingKey = setContextValue_none;
  152. policy->channelModule.setRemoteSymSigningKey = setContextValue_none;
  153. policy->channelModule.setRemoteSymIv = setContextValue_none;
  154. policy->channelModule.compareCertificate = compareCertificate_none;
  155. policy->updateCertificateAndPrivateKey = updateCertificateAndPrivateKey_none;
  156. policy->deleteMembers = policy_deletemembers_none;
  157. return UA_STATUSCODE_GOOD;
  158. }