ua_securechannel.h 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  4. *
  5. * Copyright 2014-2018 (c) Julius Pfrommer, Fraunhofer IOSB
  6. * Copyright 2017 (c) Florian Palm
  7. * Copyright 2017 (c) Stefan Profanter, fortiss GmbH
  8. * Copyright 2017 (c) Mark Giraud, Fraunhofer IOSB
  9. */
  10. #ifndef UA_SECURECHANNEL_H_
  11. #define UA_SECURECHANNEL_H_
  12. #ifdef __cplusplus
  13. extern "C" {
  14. #endif
  15. #include "../deps/queue.h"
  16. #include "ua_types.h"
  17. #include "ua_transport_generated.h"
  18. #include "ua_connection_internal.h"
  19. #include "ua_plugin_securitypolicy.h"
  20. #include "ua_plugin_log.h"
  21. #define UA_SECURE_CONVERSATION_MESSAGE_HEADER_LENGTH 12
  22. #define UA_SECURE_MESSAGE_HEADER_LENGTH 24
  23. /* Thread-local variables to force failure modes during testing */
  24. #ifdef UA_ENABLE_UNIT_TEST_FAILURE_HOOKS
  25. extern UA_THREAD_LOCAL UA_StatusCode decrypt_verifySignatureFailure;
  26. extern UA_THREAD_LOCAL UA_StatusCode sendAsym_sendFailure;
  27. extern UA_THREAD_LOCAL UA_StatusCode processSym_seqNumberFailure;
  28. #endif
  29. /* The Session implementation differs between client and server. Still, it is
  30. * expected that the Session structure begins with the SessionHeader. This is
  31. * the interface that will be used by the SecureChannel. The lifecycle of
  32. * Sessions is independent of the underlying SecureChannel. But every Session
  33. * can be attached to only one SecureChannel. */
  34. struct UA_SessionHeader;
  35. typedef struct UA_SessionHeader UA_SessionHeader;
  36. struct UA_SessionHeader {
  37. LIST_ENTRY(UA_SessionHeader) pointers;
  38. UA_NodeId authenticationToken;
  39. UA_SecureChannel *channel; /* The pointer back to the SecureChannel in the session. */
  40. };
  41. /* For chunked requests */
  42. struct ChunkEntry {
  43. LIST_ENTRY(ChunkEntry) pointers;
  44. UA_UInt32 requestId;
  45. UA_ByteString bytes;
  46. };
  47. typedef enum {
  48. UA_SECURECHANNELSTATE_FRESH,
  49. UA_SECURECHANNELSTATE_OPEN,
  50. UA_SECURECHANNELSTATE_CLOSED
  51. } UA_SecureChannelState;
  52. struct UA_SecureChannel {
  53. UA_SecureChannelState state;
  54. UA_MessageSecurityMode securityMode;
  55. UA_ChannelSecurityToken securityToken; /* the channelId is contained in the securityToken */
  56. UA_ChannelSecurityToken nextSecurityToken;
  57. /* The endpoint and context of the channel */
  58. const UA_SecurityPolicy *securityPolicy;
  59. void *channelContext; /* For interaction with the security policy */
  60. UA_Connection *connection;
  61. /* Asymmetric encryption info */
  62. UA_ByteString remoteCertificate;
  63. UA_Byte remoteCertificateThumbprint[20]; /* The thumbprint of the remote certificate */
  64. /* Symmetric encryption info */
  65. UA_ByteString remoteNonce;
  66. UA_ByteString localNonce;
  67. UA_UInt32 receiveSequenceNumber;
  68. UA_UInt32 sendSequenceNumber;
  69. LIST_HEAD(session_pointerlist, UA_SessionHeader) sessions;
  70. LIST_HEAD(chunk_pointerlist, ChunkEntry) chunks;
  71. };
  72. UA_StatusCode
  73. UA_SecureChannel_init(UA_SecureChannel *channel,
  74. const UA_SecurityPolicy *securityPolicy,
  75. const UA_ByteString *remoteCertificate);
  76. void UA_SecureChannel_deleteMembersCleanup(UA_SecureChannel *channel);
  77. /* Generates new keys and sets them in the channel context */
  78. UA_StatusCode
  79. UA_SecureChannel_generateNewKeys(UA_SecureChannel* channel);
  80. /* Wrapper function for generating nonces for the supplied channel. Uses the
  81. * random generator of the channels security policy to allocate and generate a
  82. * nonce with the specified length.
  83. *
  84. * @param channel the channel to use.
  85. * @param nonceLength the length of the nonce to be generated.
  86. * @param nonce will contain the nonce after being successfully called. */
  87. UA_StatusCode
  88. UA_SecureChannel_generateNonce(const UA_SecureChannel *channel,
  89. size_t nonceLength, UA_ByteString *nonce);
  90. UA_SessionHeader *
  91. UA_SecureChannel_getSession(UA_SecureChannel *channel,
  92. const UA_NodeId *authenticationToken);
  93. UA_StatusCode
  94. UA_SecureChannel_revolveTokens(UA_SecureChannel *channel);
  95. /**
  96. * Sending Messages
  97. * ---------------- */
  98. UA_StatusCode
  99. UA_SecureChannel_sendAsymmetricOPNMessage(UA_SecureChannel *channel, UA_UInt32 requestId,
  100. const void *content, const UA_DataType *contentType);
  101. UA_StatusCode
  102. UA_SecureChannel_sendSymmetricMessage(UA_SecureChannel *channel, UA_UInt32 requestId,
  103. UA_MessageType messageType, void *payload,
  104. const UA_DataType *payloadType);
  105. /* The MessageContext is forwarded into the encoding layer so that we can send
  106. * chunks before continuing to encode. This lets us reuse a fixed chunk-sized
  107. * messages buffer. */
  108. typedef struct {
  109. UA_SecureChannel *channel;
  110. UA_UInt32 requestId;
  111. UA_UInt32 messageType;
  112. UA_UInt16 chunksSoFar;
  113. size_t messageSizeSoFar;
  114. UA_ByteString messageBuffer;
  115. UA_Byte *buf_pos;
  116. const UA_Byte *buf_end;
  117. UA_Boolean final;
  118. } UA_MessageContext;
  119. /* Start the context of a new symmetric message. */
  120. UA_StatusCode
  121. UA_MessageContext_begin(UA_MessageContext *mc, UA_SecureChannel *channel,
  122. UA_UInt32 requestId, UA_MessageType messageType);
  123. /* Encode the content and send out full chunks. If the return code is good, then
  124. * the ChunkInfo contains encoded content that has not been sent. If the return
  125. * code is bad, then the ChunkInfo has been cleaned up internally. */
  126. UA_StatusCode
  127. UA_MessageContext_encode(UA_MessageContext *mc, const void *content,
  128. const UA_DataType *contentType);
  129. /* Sends a symmetric message already encoded in the context. The context is
  130. * cleaned up, also in case of errors. */
  131. UA_StatusCode
  132. UA_MessageContext_finish(UA_MessageContext *mc);
  133. /* To be used when a failure occures when a MessageContext is open. Note that
  134. * the _encode and _finish methods will clean up internally. _abort can be run
  135. * on a MessageContext that has already been cleaned up before. */
  136. void
  137. UA_MessageContext_abort(UA_MessageContext *mc);
  138. /**
  139. * Process Received Chunks
  140. * ----------------------- */
  141. typedef UA_StatusCode
  142. (UA_ProcessMessageCallback)(void *application, UA_SecureChannel *channel,
  143. UA_MessageType messageType, UA_UInt32 requestId,
  144. const UA_ByteString *message);
  145. /* Process a single chunk. This also decrypts the chunk if required. The
  146. * callback function is called with the complete message body if the message is
  147. * complete.
  148. *
  149. * Symmetric callback is ERR, MSG, CLO only
  150. * Asymmetric callback is OPN only
  151. *
  152. * @param channel the channel the chunks were received on.
  153. * @param chunks the memory region where the chunks are stored.
  154. * @param callback the callback function that gets called with the complete
  155. * message body, once a final chunk is processed.
  156. * @param application data pointer to application specific data that gets passed
  157. * on to the callback function. */
  158. UA_StatusCode
  159. UA_SecureChannel_processChunk(UA_SecureChannel *channel, UA_ByteString *chunk,
  160. UA_ProcessMessageCallback callback,
  161. void *application);
  162. /**
  163. * Log Helper
  164. * ----------
  165. * C99 requires at least one element for the variadic argument. If the log
  166. * statement has no variable arguments, supply an additional NULL. It will be
  167. * ignored by printf.
  168. *
  169. * We have to jump through some hoops to enable the use of format strings
  170. * without arguments since (pedantic) C99 does not allow variadic macros with
  171. * zero arguments. So we add a dummy argument that is not printed (%.0s is
  172. * string of length zero). */
  173. #define UA_LOG_TRACE_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  174. UA_LOG_TRACE(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  175. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  176. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  177. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  178. #define UA_LOG_TRACE_CHANNEL(LOGGER, CHANNEL, ...) \
  179. UA_MACRO_EXPAND(UA_LOG_TRACE_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  180. #define UA_LOG_DEBUG_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  181. UA_LOG_DEBUG(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  182. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  183. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  184. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  185. #define UA_LOG_DEBUG_CHANNEL(LOGGER, CHANNEL, ...) \
  186. UA_MACRO_EXPAND(UA_LOG_DEBUG_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  187. #define UA_LOG_INFO_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  188. UA_LOG_INFO(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  189. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  190. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  191. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  192. #define UA_LOG_INFO_CHANNEL(LOGGER, CHANNEL, ...) \
  193. UA_MACRO_EXPAND(UA_LOG_INFO_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  194. #define UA_LOG_WARNING_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  195. UA_LOG_WARNING(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  196. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  197. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  198. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  199. #define UA_LOG_WARNING_CHANNEL(LOGGER, CHANNEL, ...) \
  200. UA_MACRO_EXPAND(UA_LOG_WARNING_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  201. #define UA_LOG_ERROR_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  202. UA_LOG_ERROR(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  203. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  204. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  205. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  206. #define UA_LOG_ERROR_CHANNEL(LOGGER, CHANNEL, ...) \
  207. UA_MACRO_EXPAND(UA_LOG_ERROR_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  208. #define UA_LOG_FATAL_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  209. UA_LOG_FATAL(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  210. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  211. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  212. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  213. #define UA_LOG_FATAL_CHANNEL(LOGGER, CHANNEL, ...) \
  214. UA_MACRO_EXPAND(UA_LOG_FATAL_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  215. #ifdef __cplusplus
  216. } // extern "C"
  217. #endif
  218. #endif /* UA_SECURECHANNEL_H_ */