securitypolicy.h 18 KB


  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  4. *
  5. * Copyright 2017-2018 (c) Mark Giraud, Fraunhofer IOSB
  6. * Copyright 2017 (c) Fraunhofer IOSB (Author: Julius Pfrommer)
  7. * Copyright 2017 (c) Stefan Profanter, fortiss GmbH
  8. */
  9. #ifndef UA_PLUGIN_SECURITYPOLICY_H_
  10. #define UA_PLUGIN_SECURITYPOLICY_H_
  11. #include <open62541/plugin/log.h>
  12. #include <open62541/plugin/pki.h>
  13. #include <open62541/server.h>
  14. _UA_BEGIN_DECLS
  15. extern UA_EXPORT const UA_ByteString UA_SECURITY_POLICY_NONE_URI;
  16. struct UA_SecurityPolicy;
  17. typedef struct UA_SecurityPolicy UA_SecurityPolicy;
  18. /**
  19. * SecurityPolicy Interface Definition
  20. * ----------------------------------- */
  21. typedef struct {
  22. UA_String uri;
  23. /* Verifies the signature of the message using the provided keys in the context.
  24. *
  25. * @param securityPolicy the securityPolicy the function is invoked on.
  26. * @param channelContext the channelContext that contains the key to verify
  27. * the supplied message with.
  28. * @param message the message to which the signature is supposed to belong.
  29. * @param signature the signature of the message, that should be verified. */
  30. UA_StatusCode (*verify)(const UA_SecurityPolicy *securityPolicy,
  31. void *channelContext, const UA_ByteString *message,
  32. const UA_ByteString *signature) UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  33. /* Signs the given message using this policys signing algorithm and the
  34. * provided keys in the context.
  35. *
  36. * @param securityPolicy the securityPolicy the function is invoked on.
  37. * @param channelContext the channelContext that contains the key to sign
  38. * the supplied message with.
  39. * @param message the message to sign.
  40. * @param signature an output buffer to which the signature is written. The
  41. * buffer needs to be allocated by the caller. The
  42. * necessary size can be acquired with the signatureSize
  43. * attribute of this module. */
  44. UA_StatusCode (*sign)(const UA_SecurityPolicy *securityPolicy,
  45. void *channelContext, const UA_ByteString *message,
  46. UA_ByteString *signature) UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  47. /* Gets the signature size that depends on the local (private) key.
  48. *
  49. * @param securityPolicy the securityPolicy the function is invoked on.
  50. * @param channelContext the channelContext that contains the
  51. * certificate/key.
  52. * @return the size of the local signature. Returns 0 if no local
  53. * certificate was set. */
  54. size_t (*getLocalSignatureSize)(const UA_SecurityPolicy *securityPolicy,
  55. const void *channelContext);
  56. /* Gets the signature size that depends on the remote (public) key.
  57. *
  58. * @param securityPolicy the securityPolicy the function is invoked on.
  59. * @param channelContext the context to retrieve data from.
  60. * @return the size of the remote signature. Returns 0 if no
  61. * remote certificate was set previousely. */
  62. size_t (*getRemoteSignatureSize)(const UA_SecurityPolicy *securityPolicy,
  63. const void *channelContext);
  64. /* Gets the local signing key length.
  65. *
  66. * @param securityPolicy the securityPolicy the function is invoked on.
  67. * @param channelContext the context to retrieve data from.
  68. * @return the length of the signing key in bytes. Returns 0 if no length can be found.
  69. */
  70. size_t (*getLocalKeyLength)(const UA_SecurityPolicy *securityPolicy,
  71. const void *channelContext);
  72. /* Gets the local signing key length.
  73. *
  74. * @param securityPolicy the securityPolicy the function is invoked on.
  75. * @param channelContext the context to retrieve data from.
  76. * @return the length of the signing key in bytes. Returns 0 if no length can be found.
  77. */
  78. size_t (*getRemoteKeyLength)(const UA_SecurityPolicy *securityPolicy,
  79. const void *channelContext);
  80. } UA_SecurityPolicySignatureAlgorithm;
  81. typedef struct {
  82. UA_String uri;
  83. /* Encrypt the given data in place using an asymmetric algorithm and keys.
  84. *
  85. * @param securityPolicy the securityPolicy the function is invoked on.
  86. * @param channelContext the channelContext which contains information about
  87. * the keys to encrypt data.
  88. * @param data the data that is encrypted. The encrypted data will overwrite
  89. * the data that was supplied. */
  90. UA_StatusCode (*encrypt)(const UA_SecurityPolicy *securityPolicy,
  91. void *channelContext,
  92. UA_ByteString *data) UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  93. /* Decrypts the given ciphertext in place using an asymmetric algorithm and
  94. * key.
  95. *
  96. * @param securityPolicy the securityPolicy the function is invoked on.
  97. * @param channelContext the channelContext which contains information about
  98. * the keys needed to decrypt the message.
  99. * @param data the data to decrypt. The decryption is done in place. */
  100. UA_StatusCode (*decrypt)(const UA_SecurityPolicy *securityPolicy,
  101. void *channelContext,
  102. UA_ByteString *data) UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  103. /* Returns the length of the key used locally to encrypt messages in bits
  104. *
  105. * @param securityPolicy the securityPolicy the function is invoked on.
  106. * @param channelContext the context to retrieve data from.
  107. * @return the length of the local key. Returns 0 if no
  108. * key length is known. */
  109. size_t (*getLocalKeyLength)(const UA_SecurityPolicy *securityPolicy,
  110. const void *channelContext);
  111. /* Returns the length of the key used remotely to encrypt messages in bits
  112. *
  113. * @param securityPolicy the securityPolicy the function is invoked on.
  114. * @param channelContext the context to retrieve data from.
  115. * @return the length of the remote key. Returns 0 if no
  116. * key length is known. */
  117. size_t (*getRemoteKeyLength)(const UA_SecurityPolicy *securityPolicy,
  118. const void *channelContext);
  119. /* Returns the size of encrypted blocks used by the local encryption algorithm.
  120. *
  121. * @param securityPolicy the securityPolicy the function is invoked on.
  122. * @param channelContext the context to retrieve data from.
  123. * @return the size of encrypted blocks in bytes. Returns 0 if no key length is known.
  124. */
  125. size_t (*getLocalBlockSize)(const UA_SecurityPolicy *securityPolicy,
  126. const void *channelContext);
  127. /* Returns the size of encrypted blocks used by the remote encryption algorithm.
  128. *
  129. * @param securityPolicy the securityPolicy the function is invoked on.
  130. * @param channelContext the context to retrieve data from.
  131. * @return the size of encrypted blocks in bytes. Returns 0 if no key length is known.
  132. */
  133. size_t (*getRemoteBlockSize)(const UA_SecurityPolicy *securityPolicy,
  134. const void *channelContext);
  135. /* Returns the size of plaintext blocks used by the local encryption algorithm.
  136. *
  137. * @param securityPolicy the securityPolicy the function is invoked on.
  138. * @param channelContext the context to retrieve data from.
  139. * @return the size of plaintext blocks in bytes. Returns 0 if no key length is known.
  140. */
  141. size_t (*getLocalPlainTextBlockSize)(const UA_SecurityPolicy *securityPolicy,
  142. const void *channelContext);
  143. /* Returns the size of plaintext blocks used by the remote encryption algorithm.
  144. *
  145. * @param securityPolicy the securityPolicy the function is invoked on.
  146. * @param channelContext the context to retrieve data from.
  147. * @return the size of plaintext blocks in bytes. Returns 0 if no key length is known.
  148. */
  149. size_t (*getRemotePlainTextBlockSize)(const UA_SecurityPolicy *securityPolicy,
  150. const void *channelContext);
  151. } UA_SecurityPolicyEncryptionAlgorithm;
  152. typedef struct {
  153. /* The algorithm used to sign and verify certificates. */
  154. UA_SecurityPolicySignatureAlgorithm signatureAlgorithm;
  155. /* The algorithm used to encrypt and decrypt messages. */
  156. UA_SecurityPolicyEncryptionAlgorithm encryptionAlgorithm;
  157. } UA_SecurityPolicyCryptoModule;
  158. typedef struct {
  159. /* Generates a thumbprint for the specified certificate.
  160. *
  161. * @param securityPolicy the securityPolicy the function is invoked on.
  162. * @param certificate the certificate to make a thumbprint of.
  163. * @param thumbprint an output buffer for the resulting thumbprint. Always
  164. * has the length specified in the thumbprintLength in the
  165. * asymmetricModule. */
  166. UA_StatusCode (*makeCertificateThumbprint)(const UA_SecurityPolicy *securityPolicy,
  167. const UA_ByteString *certificate,
  168. UA_ByteString *thumbprint)
  169. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  170. /* Compares the supplied certificate with the certificate in the endpoit context.
  171. *
  172. * @param securityPolicy the policy data that contains the certificate
  173. * to compare to.
  174. * @param certificateThumbprint the certificate thumbprint to compare to the
  175. * one stored in the context.
  176. * @return if the thumbprints match UA_STATUSCODE_GOOD is returned. If they
  177. * don't match or an error occurred an error code is returned. */
  178. UA_StatusCode (*compareCertificateThumbprint)(const UA_SecurityPolicy *securityPolicy,
  179. const UA_ByteString *certificateThumbprint)
  180. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  181. UA_SecurityPolicyCryptoModule cryptoModule;
  182. } UA_SecurityPolicyAsymmetricModule;
  183. typedef struct {
  184. /* Pseudo random function that is used to generate the symmetric keys.
  185. *
  186. * For information on what parameters this function receives in what situation,
  187. * refer to the OPC UA specification 1.03 Part6 Table 33
  188. *
  189. * @param securityPolicy the securityPolicy the function is invoked on.
  190. * @param secret
  191. * @param seed
  192. * @param out an output to write the data to. The length defines the maximum
  193. * number of output bytes that are produced. */
  194. UA_StatusCode (*generateKey)(const UA_SecurityPolicy *securityPolicy,
  195. const UA_ByteString *secret,
  196. const UA_ByteString *seed, UA_ByteString *out)
  197. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  198. /* Random generator for generating nonces.
  199. *
  200. * @param securityPolicy the securityPolicy this function is invoked on.
  201. * Example: myPolicy->generateNonce(myPolicy,
  202. * &outBuff);
  203. * @param out pointer to a buffer to store the nonce in. Needs to be
  204. * allocated by the caller. The buffer is filled with random
  205. * data. */
  206. UA_StatusCode (*generateNonce)(const UA_SecurityPolicy *securityPolicy,
  207. UA_ByteString *out)
  208. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  209. /*
  210. * The length of the nonce used in the SecureChannel as specified in the standard.
  211. */
  212. size_t secureChannelNonceLength;
  213. UA_SecurityPolicyCryptoModule cryptoModule;
  214. } UA_SecurityPolicySymmetricModule;
  215. typedef struct {
  216. /* This method creates a new context data object.
  217. *
  218. * The caller needs to call delete on the received object to free allocated
  219. * memory. Memory is only allocated if the function succeeds so there is no
  220. * need to manually free the memory pointed to by *channelContext or to
  221. * call delete in case of failure.
  222. *
  223. * @param securityPolicy the policy context of the endpoint that is connected
  224. * to. It will be stored in the channelContext for
  225. * further access by the policy.
  226. * @param remoteCertificate the remote certificate contains the remote
  227. * asymmetric key. The certificate will be verified
  228. * and then stored in the context so that its
  229. * details may be accessed.
  230. * @param channelContext the initialized channelContext that is passed to
  231. * functions that work on a context. */
  232. UA_StatusCode (*newContext)(const UA_SecurityPolicy *securityPolicy,
  233. const UA_ByteString *remoteCertificate,
  234. void **channelContext)
  235. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  236. /* Deletes the the security context. */
  237. void (*deleteContext)(void *channelContext);
  238. /* Sets the local encrypting key in the supplied context.
  239. *
  240. * @param channelContext the context to work on.
  241. * @param key the local encrypting key to store in the context. */
  242. UA_StatusCode (*setLocalSymEncryptingKey)(void *channelContext,
  243. const UA_ByteString *key)
  244. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  245. /* Sets the local signing key in the supplied context.
  246. *
  247. * @param channelContext the context to work on.
  248. * @param key the local signing key to store in the context. */
  249. UA_StatusCode (*setLocalSymSigningKey)(void *channelContext,
  250. const UA_ByteString *key)
  251. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  252. /* Sets the local initialization vector in the supplied context.
  253. *
  254. * @param channelContext the context to work on.
  255. * @param iv the local initialization vector to store in the context. */
  256. UA_StatusCode (*setLocalSymIv)(void *channelContext,
  257. const UA_ByteString *iv)
  258. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  259. /* Sets the remote encrypting key in the supplied context.
  260. *
  261. * @param channelContext the context to work on.
  262. * @param key the remote encrypting key to store in the context. */
  263. UA_StatusCode (*setRemoteSymEncryptingKey)(void *channelContext,
  264. const UA_ByteString *key)
  265. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  266. /* Sets the remote signing key in the supplied context.
  267. *
  268. * @param channelContext the context to work on.
  269. * @param key the remote signing key to store in the context. */
  270. UA_StatusCode (*setRemoteSymSigningKey)(void *channelContext,
  271. const UA_ByteString *key)
  272. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  273. /* Sets the remote initialization vector in the supplied context.
  274. *
  275. * @param channelContext the context to work on.
  276. * @param iv the remote initialization vector to store in the context. */
  277. UA_StatusCode (*setRemoteSymIv)(void *channelContext,
  278. const UA_ByteString *iv)
  279. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  280. /* Compares the supplied certificate with the certificate in the channel
  281. * context.
  282. *
  283. * @param channelContext the channel context data that contains the
  284. * certificate to compare to.
  285. * @param certificate the certificate to compare to the one stored in the context.
  286. * @return if the certificates match UA_STATUSCODE_GOOD is returned. If they
  287. * don't match or an errror occurred an error code is returned. */
  288. UA_StatusCode (*compareCertificate)(const void *channelContext,
  289. const UA_ByteString *certificate)
  290. UA_FUNC_ATTR_WARN_UNUSED_RESULT;
  291. } UA_SecurityPolicyChannelModule;
  292. struct UA_SecurityPolicy {
  293. /* Additional data */
  294. void *policyContext;
  295. /* The policy uri that identifies the implemented algorithms */
  296. UA_ByteString policyUri;
  297. /* The local certificate is specific for each SecurityPolicy since it
  298. * depends on the used key length. */
  299. UA_ByteString localCertificate;
  300. /* Function pointers grouped into modules */
  301. UA_SecurityPolicyAsymmetricModule asymmetricModule;
  302. UA_SecurityPolicySymmetricModule symmetricModule;
  303. UA_SecurityPolicySignatureAlgorithm certificateSigningAlgorithm;
  304. UA_SecurityPolicyChannelModule channelModule;
  305. UA_CertificateVerification *certificateVerification;
  306. const UA_Logger *logger;
  307. /* Updates the ApplicationInstanceCertificate and the corresponding private
  308. * key at runtime. */
  309. UA_StatusCode (*updateCertificateAndPrivateKey)(UA_SecurityPolicy *policy,
  310. const UA_ByteString newCertificate,
  311. const UA_ByteString newPrivateKey);
  312. /* Deletes the dynamic content of the policy */
  313. void (*clear)(UA_SecurityPolicy *policy);
  314. };
  315. /* Gets the number of bytes that are needed by the encryption function in
  316. * addition to the length of the plaintext message. This is needed, since
  317. * most RSA encryption methods have their own padding mechanism included.
  318. * This makes the encrypted message larger than the plainText, so we need to
  319. * have enough room in the buffer for the overhead.
  320. *
  321. * @param securityPolicy the algorithms to use.
  322. * @param channelContext the retrieve data from.
  323. * @param maxEncryptionLength the maximum number of bytes that the data to
  324. * encrypt can be. */
  325. size_t
  326. UA_SecurityPolicy_getRemoteAsymEncryptionBufferLengthOverhead(const UA_SecurityPolicy *securityPolicy,
  327. const void *channelContext,
  328. size_t maxEncryptionLength);
  329. /* Gets the a pointer to the context of a security policy supported by the
  330. * server matched by the security policy uri.
  331. *
  332. * @param server the server context.
  333. * @param securityPolicyUri the security policy to get the context of. */
  334. UA_SecurityPolicy *
  335. UA_SecurityPolicy_getSecurityPolicyByUri(const UA_Server *server,
  336. const UA_ByteString *securityPolicyUri);
  337. _UA_END_DECLS
  338. #endif /* UA_PLUGIN_SECURITYPOLICY_H_ */