ua_securechannel.h 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  4. *
  5. * Copyright 2014-2018 (c) Fraunhofer IOSB (Author: Julius Pfrommer)
  6. * Copyright 2017 (c) Florian Palm
  7. * Copyright 2017 (c) Stefan Profanter, fortiss GmbH
  8. * Copyright 2017 (c) Mark Giraud, Fraunhofer IOSB
  9. */
  10. #ifndef UA_SECURECHANNEL_H_
  11. #define UA_SECURECHANNEL_H_
  12. #ifdef __cplusplus
  13. extern "C" {
  14. #endif
  15. #include "../deps/queue.h"
  16. #include "ua_types.h"
  17. #include "ua_transport_generated.h"
  18. #include "ua_connection_internal.h"
  19. #include "ua_plugin_securitypolicy.h"
  20. #include "ua_plugin_log.h"
  21. #define UA_SECURE_CONVERSATION_MESSAGE_HEADER_LENGTH 12
  22. #define UA_SECURE_MESSAGE_HEADER_LENGTH 24
  23. /* Thread-local variables to force failure modes during testing */
  24. #ifdef UA_ENABLE_UNIT_TEST_FAILURE_HOOKS
  25. extern UA_THREAD_LOCAL UA_StatusCode decrypt_verifySignatureFailure;
  26. extern UA_THREAD_LOCAL UA_StatusCode sendAsym_sendFailure;
  27. extern UA_THREAD_LOCAL UA_StatusCode processSym_seqNumberFailure;
  28. #endif
  29. /* The Session implementation differs between client and server. Still, it is
  30. * expected that the Session structure begins with the SessionHeader. This is
  31. * the interface that will be used by the SecureChannel. The lifecycle of
  32. * Sessions is independent of the underlying SecureChannel. But every Session
  33. * can be attached to only one SecureChannel. */
  34. typedef struct UA_SessionHeader {
  35. LIST_ENTRY(UA_SessionHeader) pointers;
  36. UA_NodeId authenticationToken;
  37. UA_SecureChannel *channel; /* The pointer back to the SecureChannel in the session. */
  38. } UA_SessionHeader;
  39. /* For chunked requests */
  40. struct ChunkEntry {
  41. LIST_ENTRY(ChunkEntry) pointers;
  42. UA_UInt32 requestId;
  43. UA_ByteString bytes;
  44. };
  45. typedef enum {
  46. UA_SECURECHANNELSTATE_FRESH,
  47. UA_SECURECHANNELSTATE_OPEN,
  48. UA_SECURECHANNELSTATE_CLOSED
  49. } UA_SecureChannelState;
  50. struct UA_SecureChannel {
  51. UA_SecureChannelState state;
  52. UA_MessageSecurityMode securityMode;
  53. UA_ChannelSecurityToken securityToken; /* the channelId is contained in the securityToken */
  54. UA_ChannelSecurityToken nextSecurityToken;
  55. /* The endpoint and context of the channel */
  56. const UA_SecurityPolicy *securityPolicy;
  57. void *channelContext; /* For interaction with the security policy */
  58. UA_Connection *connection;
  59. /* Asymmetric encryption info */
  60. UA_ByteString remoteCertificate;
  61. UA_Byte remoteCertificateThumbprint[20]; /* The thumbprint of the remote certificate */
  62. /* Symmetric encryption info */
  63. UA_ByteString remoteNonce;
  64. UA_ByteString localNonce;
  65. UA_UInt32 receiveSequenceNumber;
  66. UA_UInt32 sendSequenceNumber;
  67. LIST_HEAD(session_pointerlist, UA_SessionHeader) sessions;
  68. LIST_HEAD(chunk_pointerlist, ChunkEntry) chunks;
  69. };
  70. UA_StatusCode
  71. UA_SecureChannel_init(UA_SecureChannel *channel,
  72. const UA_SecurityPolicy *securityPolicy,
  73. const UA_ByteString *remoteCertificate);
  74. void UA_SecureChannel_deleteMembersCleanup(UA_SecureChannel *channel);
  75. /* Generates new keys and sets them in the channel context */
  76. UA_StatusCode
  77. UA_SecureChannel_generateNewKeys(UA_SecureChannel* channel);
  78. /* Wrapper function for generating a local nonce for the supplied channel. Uses
  79. * the random generator of the channels security policy to allocate and generate
  80. * a nonce with the specified length. */
  81. UA_StatusCode
  82. UA_SecureChannel_generateLocalNonce(UA_SecureChannel *channel);
  83. UA_SessionHeader *
  84. UA_SecureChannel_getSession(UA_SecureChannel *channel,
  85. const UA_NodeId *authenticationToken);
  86. UA_StatusCode
  87. UA_SecureChannel_revolveTokens(UA_SecureChannel *channel);
  88. /**
  89. * Sending Messages
  90. * ---------------- */
  91. UA_StatusCode
  92. UA_SecureChannel_sendAsymmetricOPNMessage(UA_SecureChannel *channel, UA_UInt32 requestId,
  93. const void *content, const UA_DataType *contentType);
  94. UA_StatusCode
  95. UA_SecureChannel_sendSymmetricMessage(UA_SecureChannel *channel, UA_UInt32 requestId,
  96. UA_MessageType messageType, void *payload,
  97. const UA_DataType *payloadType);
  98. /* The MessageContext is forwarded into the encoding layer so that we can send
  99. * chunks before continuing to encode. This lets us reuse a fixed chunk-sized
  100. * messages buffer. */
  101. typedef struct {
  102. UA_SecureChannel *channel;
  103. UA_UInt32 requestId;
  104. UA_UInt32 messageType;
  105. UA_UInt16 chunksSoFar;
  106. size_t messageSizeSoFar;
  107. UA_ByteString messageBuffer;
  108. UA_Byte *buf_pos;
  109. const UA_Byte *buf_end;
  110. UA_Boolean final;
  111. } UA_MessageContext;
  112. /* Start the context of a new symmetric message. */
  113. UA_StatusCode
  114. UA_MessageContext_begin(UA_MessageContext *mc, UA_SecureChannel *channel,
  115. UA_UInt32 requestId, UA_MessageType messageType);
  116. /* Encode the content and send out full chunks. If the return code is good, then
  117. * the ChunkInfo contains encoded content that has not been sent. If the return
  118. * code is bad, then the ChunkInfo has been cleaned up internally. */
  119. UA_StatusCode
  120. UA_MessageContext_encode(UA_MessageContext *mc, const void *content,
  121. const UA_DataType *contentType);
  122. /* Sends a symmetric message already encoded in the context. The context is
  123. * cleaned up, also in case of errors. */
  124. UA_StatusCode
  125. UA_MessageContext_finish(UA_MessageContext *mc);
  126. /* To be used when a failure occures when a MessageContext is open. Note that
  127. * the _encode and _finish methods will clean up internally. _abort can be run
  128. * on a MessageContext that has already been cleaned up before. */
  129. void
  130. UA_MessageContext_abort(UA_MessageContext *mc);
  131. /**
  132. * Process Received Chunks
  133. * ----------------------- */
  134. typedef UA_StatusCode
  135. (UA_ProcessMessageCallback)(void *application, UA_SecureChannel *channel,
  136. UA_MessageType messageType, UA_UInt32 requestId,
  137. const UA_ByteString *message);
  138. /* Process a single chunk. This also decrypts the chunk if required. The
  139. * callback function is called with the complete message body if the message is
  140. * complete.
  141. *
  142. * Symmetric callback is ERR, MSG, CLO only
  143. * Asymmetric callback is OPN only
  144. *
  145. * @param channel the channel the chunks were received on.
  146. * @param chunks the memory region where the chunks are stored.
  147. * @param callback the callback function that gets called with the complete
  148. * message body, once a final chunk is processed.
  149. * @param application data pointer to application specific data that gets passed
  150. * on to the callback function. */
  151. UA_StatusCode
  152. UA_SecureChannel_processChunk(UA_SecureChannel *channel, UA_ByteString *chunk,
  153. UA_ProcessMessageCallback callback,
  154. void *application);
  155. /**
  156. * Log Helper
  157. * ----------
  158. * C99 requires at least one element for the variadic argument. If the log
  159. * statement has no variable arguments, supply an additional NULL. It will be
  160. * ignored by printf.
  161. *
  162. * We have to jump through some hoops to enable the use of format strings
  163. * without arguments since (pedantic) C99 does not allow variadic macros with
  164. * zero arguments. So we add a dummy argument that is not printed (%.0s is
  165. * string of length zero). */
  166. #define UA_LOG_TRACE_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  167. UA_LOG_TRACE(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  168. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  169. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  170. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  171. #define UA_LOG_TRACE_CHANNEL(LOGGER, CHANNEL, ...) \
  172. UA_MACRO_EXPAND(UA_LOG_TRACE_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  173. #define UA_LOG_DEBUG_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  174. UA_LOG_DEBUG(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  175. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  176. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  177. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  178. #define UA_LOG_DEBUG_CHANNEL(LOGGER, CHANNEL, ...) \
  179. UA_MACRO_EXPAND(UA_LOG_DEBUG_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  180. #define UA_LOG_INFO_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  181. UA_LOG_INFO(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  182. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  183. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  184. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  185. #define UA_LOG_INFO_CHANNEL(LOGGER, CHANNEL, ...) \
  186. UA_MACRO_EXPAND(UA_LOG_INFO_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  187. #define UA_LOG_WARNING_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  188. UA_LOG_WARNING(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  189. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  190. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  191. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  192. #define UA_LOG_WARNING_CHANNEL(LOGGER, CHANNEL, ...) \
  193. UA_MACRO_EXPAND(UA_LOG_WARNING_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  194. #define UA_LOG_ERROR_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  195. UA_LOG_ERROR(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  196. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  197. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  198. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  199. #define UA_LOG_ERROR_CHANNEL(LOGGER, CHANNEL, ...) \
  200. UA_MACRO_EXPAND(UA_LOG_ERROR_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  201. #define UA_LOG_FATAL_CHANNEL_INTERNAL(LOGGER, CHANNEL, MSG, ...) \
  202. UA_LOG_FATAL(LOGGER, UA_LOGCATEGORY_SECURECHANNEL, \
  203. "Connection %i | SecureChannel %i | " MSG "%.0s", \
  204. ((CHANNEL)->connection ? (CHANNEL)->connection->sockfd : 0), \
  205. (CHANNEL)->securityToken.channelId, __VA_ARGS__)
  206. #define UA_LOG_FATAL_CHANNEL(LOGGER, CHANNEL, ...) \
  207. UA_MACRO_EXPAND(UA_LOG_FATAL_CHANNEL_INTERNAL(LOGGER, CHANNEL, __VA_ARGS__, ""))
  208. #ifdef __cplusplus
  209. } // extern "C"
  210. #endif
  211. #endif /* UA_SECURECHANNEL_H_ */