ua_securitypolicy_basic128rsa15.c 42 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  4. *
  5. * Copyright 2018 (c) Mark Giraud, Fraunhofer IOSB
  6. */
  7. #include <mbedtls/aes.h>
  8. #include <mbedtls/md.h>
  9. #include <mbedtls/x509_crt.h>
  10. #include <mbedtls/ctr_drbg.h>
  11. #include <mbedtls/entropy.h>
  12. #include <mbedtls/entropy_poll.h>
  13. #include <mbedtls/error.h>
  14. #include <mbedtls/version.h>
  15. #include <mbedtls/sha1.h>
  16. #include "ua_types.h"
  17. #include "ua_plugin_pki.h"
  18. #include "ua_securitypolicies.h"
  19. #include "ua_types_generated_handling.h"
  20. /* Notes:
  21. * mbedTLS' AES allows in-place encryption and decryption. Sow we don't have to
  22. * allocate temp buffers.
  23. * https://tls.mbed.org/discussions/generic/in-place-decryption-with-aes256-same-input-output-buffer
  24. */
  25. #define UA_SECURITYPOLICY_BASIC128RSA15_RSAPADDING_LEN 11
  26. #define UA_SHA1_LENGTH 20
  27. #define UA_SECURITYPOLICY_BASIC128RSA15_SYM_KEY_LENGTH 16
  28. #define UA_BASIC128RSA15_SYM_SIGNING_KEY_LENGTH 16
  29. #define UA_SECURITYPOLICY_BASIC128RSA15_SYM_ENCRYPTION_BLOCK_SIZE 16
  30. #define UA_SECURITYPOLICY_BASIC128RSA15_SYM_PLAIN_TEXT_BLOCK_SIZE 16
  31. #define UA_SECURITYPOLICY_BASIC128RSA15_MINASYMKEYLENGTH 128
  32. #define UA_SECURITYPOLICY_BASIC128RSA15_MAXASYMKEYLENGTH 256
  33. #define UA_LOG_MBEDERR \
  34. char errBuff[300]; \
  35. mbedtls_strerror(mbedErr, errBuff, 300); \
  36. UA_LOG_WARNING(securityPolicy->logger, UA_LOGCATEGORY_SECURITYPOLICY, \
  37. "mbedTLS returned an error: %s", errBuff); \
  38. #define UA_MBEDTLS_ERRORHANDLING(errorcode) \
  39. if(mbedErr) { \
  40. UA_LOG_MBEDERR \
  41. retval = errorcode; \
  42. }
  43. #define UA_MBEDTLS_ERRORHANDLING_RETURN(errorcode) \
  44. if(mbedErr) { \
  45. UA_LOG_MBEDERR \
  46. return errorcode; \
  47. }
  48. typedef struct {
  49. const UA_SecurityPolicy *securityPolicy;
  50. UA_ByteString localCertThumbprint;
  51. mbedtls_ctr_drbg_context drbgContext;
  52. mbedtls_entropy_context entropyContext;
  53. mbedtls_md_context_t sha1MdContext;
  54. mbedtls_pk_context localPrivateKey;
  55. } Basic128Rsa15_PolicyContext;
  56. typedef struct {
  57. Basic128Rsa15_PolicyContext *policyContext;
  58. UA_ByteString localSymSigningKey;
  59. UA_ByteString localSymEncryptingKey;
  60. UA_ByteString localSymIv;
  61. UA_ByteString remoteSymSigningKey;
  62. UA_ByteString remoteSymEncryptingKey;
  63. UA_ByteString remoteSymIv;
  64. mbedtls_x509_crt remoteCertificate;
  65. } Basic128Rsa15_ChannelContext;
  66. /********************/
  67. /* AsymmetricModule */
  68. /********************/
  69. static UA_StatusCode
  70. asym_verify_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  71. Basic128Rsa15_ChannelContext *cc,
  72. const UA_ByteString *message,
  73. const UA_ByteString *signature) {
  74. if(securityPolicy == NULL || message == NULL || signature == NULL || cc == NULL)
  75. return UA_STATUSCODE_BADINTERNALERROR;
  76. /* Compute the sha1 hash */
  77. unsigned char hash[UA_SHA1_LENGTH];
  78. #if MBEDTLS_VERSION_NUMBER >= 0x02070000
  79. mbedtls_sha1_ret(message->data, message->length, hash);
  80. #else
  81. mbedtls_sha1(message->data, message->length, hash);
  82. #endif
  83. /* Set the RSA settings */
  84. mbedtls_rsa_context *rsaContext = mbedtls_pk_rsa(cc->remoteCertificate.pk);
  85. if (!rsaContext)
  86. return UA_STATUSCODE_BADINTERNALERROR;
  87. mbedtls_rsa_set_padding(rsaContext, MBEDTLS_RSA_PKCS_V15, 0);
  88. /* Verify */
  89. int mbedErr = mbedtls_pk_verify(&cc->remoteCertificate.pk,
  90. MBEDTLS_MD_SHA1, hash, UA_SHA1_LENGTH,
  91. signature->data, signature->length);
  92. UA_MBEDTLS_ERRORHANDLING_RETURN(UA_STATUSCODE_BADSECURITYCHECKSFAILED);
  93. return UA_STATUSCODE_GOOD;
  94. }
  95. static UA_StatusCode
  96. asym_sign_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  97. Basic128Rsa15_ChannelContext *cc,
  98. const UA_ByteString *message,
  99. UA_ByteString *signature) {
  100. if(securityPolicy == NULL || message == NULL || signature == NULL || cc == NULL)
  101. return UA_STATUSCODE_BADINTERNALERROR;
  102. unsigned char hash[UA_SHA1_LENGTH];
  103. #if MBEDTLS_VERSION_NUMBER >= 0x02070000
  104. mbedtls_sha1_ret(message->data, message->length, hash);
  105. #else
  106. mbedtls_sha1(message->data, message->length, hash);
  107. #endif
  108. Basic128Rsa15_PolicyContext *pc = cc->policyContext;
  109. mbedtls_rsa_context *rsaContext = mbedtls_pk_rsa(pc->localPrivateKey);
  110. mbedtls_rsa_set_padding(rsaContext, MBEDTLS_RSA_PKCS_V15, 0);
  111. size_t sigLen = 0;
  112. int mbedErr = mbedtls_pk_sign(&pc->localPrivateKey,
  113. MBEDTLS_MD_SHA1, hash,
  114. UA_SHA1_LENGTH, signature->data,
  115. &sigLen, mbedtls_ctr_drbg_random,
  116. &pc->drbgContext);
  117. UA_MBEDTLS_ERRORHANDLING_RETURN(UA_STATUSCODE_BADINTERNALERROR);
  118. return UA_STATUSCODE_GOOD;
  119. }
  120. static size_t
  121. asym_getLocalSignatureSize_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  122. const Basic128Rsa15_ChannelContext *cc) {
  123. if(securityPolicy == NULL || cc == NULL)
  124. return 0;
  125. return mbedtls_pk_rsa(cc->policyContext->localPrivateKey)->len;
  126. }
  127. static size_t
  128. asym_getRemoteSignatureSize_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  129. const Basic128Rsa15_ChannelContext *cc) {
  130. if(securityPolicy == NULL || cc == NULL)
  131. return 0;
  132. return mbedtls_pk_rsa(cc->remoteCertificate.pk)->len;
  133. }
  134. static UA_StatusCode
  135. asym_encrypt_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  136. Basic128Rsa15_ChannelContext *cc,
  137. UA_ByteString *data) {
  138. if(securityPolicy == NULL || cc == NULL || data == NULL)
  139. return UA_STATUSCODE_BADINTERNALERROR;
  140. const size_t plainTextBlockSize = securityPolicy->asymmetricModule.cryptoModule.encryptionAlgorithm.
  141. getRemotePlainTextBlockSize(securityPolicy, cc);
  142. if(data->length % plainTextBlockSize != 0)
  143. return UA_STATUSCODE_BADINTERNALERROR;
  144. mbedtls_rsa_context *remoteRsaContext = mbedtls_pk_rsa(cc->remoteCertificate.pk);
  145. mbedtls_rsa_set_padding(remoteRsaContext, MBEDTLS_RSA_PKCS_V15, 0);
  146. UA_ByteString encrypted;
  147. const size_t bufferOverhead =
  148. UA_SecurityPolicy_getRemoteAsymEncryptionBufferLengthOverhead(securityPolicy, cc, data->length);
  149. UA_StatusCode retval = UA_ByteString_allocBuffer(&encrypted, data->length + bufferOverhead);
  150. if(retval != UA_STATUSCODE_GOOD)
  151. return retval;
  152. size_t lenDataToEncrypt = data->length;
  153. size_t inOffset = 0;
  154. size_t offset = 0;
  155. size_t outLength = 0;
  156. Basic128Rsa15_PolicyContext *pc = cc->policyContext;
  157. while(lenDataToEncrypt >= plainTextBlockSize) {
  158. int mbedErr = mbedtls_pk_encrypt(&cc->remoteCertificate.pk,
  159. data->data + inOffset, plainTextBlockSize,
  160. encrypted.data + offset, &outLength,
  161. encrypted.length - offset,
  162. mbedtls_ctr_drbg_random,
  163. &pc->drbgContext);
  164. UA_MBEDTLS_ERRORHANDLING(UA_STATUSCODE_BADINTERNALERROR);
  165. if(retval != UA_STATUSCODE_GOOD) {
  166. UA_ByteString_deleteMembers(&encrypted);
  167. return retval;
  168. }
  169. inOffset += plainTextBlockSize;
  170. offset += outLength;
  171. lenDataToEncrypt -= plainTextBlockSize;
  172. }
  173. memcpy(data->data, encrypted.data, offset);
  174. UA_ByteString_deleteMembers(&encrypted);
  175. return UA_STATUSCODE_GOOD;
  176. }
  177. static UA_StatusCode
  178. asym_decrypt_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  179. Basic128Rsa15_ChannelContext *cc,
  180. UA_ByteString *data) {
  181. if(securityPolicy == NULL || cc == NULL || data == NULL)
  182. return UA_STATUSCODE_BADINTERNALERROR;
  183. mbedtls_rsa_context *rsaContext =
  184. mbedtls_pk_rsa(cc->policyContext->localPrivateKey);
  185. if(data->length % rsaContext->len != 0)
  186. return UA_STATUSCODE_BADINTERNALERROR;
  187. UA_ByteString decrypted;
  188. UA_StatusCode retval = UA_ByteString_allocBuffer(&decrypted, data->length);
  189. if(retval != UA_STATUSCODE_GOOD)
  190. return retval;
  191. size_t lenDataToDecrypt = data->length;
  192. size_t inOffset = 0;
  193. size_t offset = 0;
  194. size_t outLength = 0;
  195. while(lenDataToDecrypt >= rsaContext->len) {
  196. int mbedErr = mbedtls_pk_decrypt(&cc->policyContext->localPrivateKey,
  197. data->data + inOffset, rsaContext->len,
  198. decrypted.data + offset, &outLength,
  199. decrypted.length - offset, NULL, NULL);
  200. if(mbedErr)
  201. UA_ByteString_deleteMembers(&decrypted); // TODO: Maybe change error macro to jump to cleanup?
  202. UA_MBEDTLS_ERRORHANDLING_RETURN(UA_STATUSCODE_BADSECURITYCHECKSFAILED);
  203. inOffset += rsaContext->len;
  204. offset += outLength;
  205. lenDataToDecrypt -= rsaContext->len;
  206. }
  207. if(lenDataToDecrypt == 0) {
  208. memcpy(data->data, decrypted.data, offset);
  209. data->length = offset;
  210. } else {
  211. retval = UA_STATUSCODE_BADINTERNALERROR;
  212. }
  213. UA_ByteString_deleteMembers(&decrypted);
  214. return retval;
  215. }
  216. static size_t
  217. asym_getRemoteEncryptionKeyLength_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  218. const Basic128Rsa15_ChannelContext *cc) {
  219. return mbedtls_pk_get_len(&cc->remoteCertificate.pk) * 8;
  220. }
  221. static size_t
  222. asym_getRemoteBlockSize_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  223. const Basic128Rsa15_ChannelContext *cc) {
  224. mbedtls_rsa_context *const rsaContext = mbedtls_pk_rsa(cc->remoteCertificate.pk);
  225. return rsaContext->len;
  226. }
  227. static size_t
  228. asym_getRemotePlainTextBlockSize_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  229. const Basic128Rsa15_ChannelContext *cc) {
  230. mbedtls_rsa_context *const rsaContext = mbedtls_pk_rsa(cc->remoteCertificate.pk);
  231. return rsaContext->len - UA_SECURITYPOLICY_BASIC128RSA15_RSAPADDING_LEN;
  232. }
  233. static UA_StatusCode
  234. asym_makeThumbprint_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  235. const UA_ByteString *certificate,
  236. UA_ByteString *thumbprint) {
  237. if(securityPolicy == NULL || certificate == NULL || thumbprint == NULL)
  238. return UA_STATUSCODE_BADINTERNALERROR;
  239. if(UA_ByteString_equal(certificate, &UA_BYTESTRING_NULL))
  240. return UA_STATUSCODE_BADINTERNALERROR;
  241. if(thumbprint->length != UA_SHA1_LENGTH)
  242. return UA_STATUSCODE_BADINTERNALERROR;
  243. #if MBEDTLS_VERSION_NUMBER >= 0x02070000
  244. mbedtls_sha1_ret(certificate->data, certificate->length, thumbprint->data);
  245. #else
  246. mbedtls_sha1(certificate->data, certificate->length, thumbprint->data);
  247. #endif
  248. return UA_STATUSCODE_GOOD;
  249. }
  250. static UA_StatusCode
  251. asymmetricModule_compareCertificateThumbprint_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  252. const UA_ByteString *certificateThumbprint) {
  253. if(securityPolicy == NULL || certificateThumbprint == NULL)
  254. return UA_STATUSCODE_BADINTERNALERROR;
  255. Basic128Rsa15_PolicyContext *pc = (Basic128Rsa15_PolicyContext *)securityPolicy->policyContext;
  256. if(!UA_ByteString_equal(certificateThumbprint, &pc->localCertThumbprint))
  257. return UA_STATUSCODE_BADCERTIFICATEINVALID;
  258. return UA_STATUSCODE_GOOD;
  259. }
  260. /*******************/
  261. /* SymmetricModule */
  262. /*******************/
  263. static void
  264. md_hmac(mbedtls_md_context_t *context, const UA_ByteString *key,
  265. const UA_ByteString *in, unsigned char out[20]) {
  266. mbedtls_md_hmac_starts(context, key->data, key->length);
  267. mbedtls_md_hmac_update(context, in->data, in->length);
  268. mbedtls_md_hmac_finish(context, out);
  269. }
  270. static UA_StatusCode
  271. sym_verify_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  272. Basic128Rsa15_ChannelContext *cc,
  273. const UA_ByteString *message,
  274. const UA_ByteString *signature) {
  275. if(securityPolicy == NULL || cc == NULL || message == NULL || signature == NULL)
  276. return UA_STATUSCODE_BADINTERNALERROR;
  277. /* Compute MAC */
  278. if(signature->length != UA_SHA1_LENGTH) {
  279. UA_LOG_ERROR(securityPolicy->logger, UA_LOGCATEGORY_SECURITYPOLICY,
  280. "Signature size does not have the desired size defined by the security policy");
  281. return UA_STATUSCODE_BADSECURITYCHECKSFAILED;
  282. }
  283. Basic128Rsa15_PolicyContext *pc =
  284. (Basic128Rsa15_PolicyContext *)securityPolicy->policyContext;
  285. unsigned char mac[UA_SHA1_LENGTH];
  286. md_hmac(&pc->sha1MdContext, &cc->remoteSymSigningKey, message, mac);
  287. /* Compare with Signature */
  288. if(memcmp(signature->data, mac, UA_SHA1_LENGTH) != 0)
  289. return UA_STATUSCODE_BADSECURITYCHECKSFAILED;
  290. return UA_STATUSCODE_GOOD;
  291. }
  292. static UA_StatusCode
  293. sym_sign_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  294. const Basic128Rsa15_ChannelContext *cc,
  295. const UA_ByteString *message,
  296. UA_ByteString *signature) {
  297. if(signature->length != UA_SHA1_LENGTH)
  298. return UA_STATUSCODE_BADINTERNALERROR;
  299. md_hmac(&cc->policyContext->sha1MdContext, &cc->localSymSigningKey,
  300. message, signature->data);
  301. return UA_STATUSCODE_GOOD;
  302. }
  303. static size_t
  304. sym_getSignatureSize_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  305. const void *channelContext) {
  306. return UA_SHA1_LENGTH;
  307. }
  308. static size_t
  309. sym_getSigningKeyLength_sp_basic128rsa15(const UA_SecurityPolicy *const securityPolicy,
  310. const void *const channelContext) {
  311. return UA_BASIC128RSA15_SYM_SIGNING_KEY_LENGTH;
  312. }
  313. static size_t
  314. sym_getEncryptionKeyLength_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  315. const void *channelContext) {
  316. return UA_SECURITYPOLICY_BASIC128RSA15_SYM_KEY_LENGTH;
  317. }
  318. static size_t
  319. sym_getEncryptionBlockSize_sp_basic128rsa15(const UA_SecurityPolicy *const securityPolicy,
  320. const void *const channelContext) {
  321. return UA_SECURITYPOLICY_BASIC128RSA15_SYM_ENCRYPTION_BLOCK_SIZE;
  322. }
  323. static size_t
  324. sym_getPlainTextBlockSize_sp_basic128rsa15(const UA_SecurityPolicy *const securityPolicy,
  325. const void *const channelContext) {
  326. return UA_SECURITYPOLICY_BASIC128RSA15_SYM_PLAIN_TEXT_BLOCK_SIZE;
  327. }
  328. static UA_StatusCode
  329. sym_encrypt_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  330. const Basic128Rsa15_ChannelContext *cc,
  331. UA_ByteString *data) {
  332. if(securityPolicy == NULL || cc == NULL || data == NULL)
  333. return UA_STATUSCODE_BADINTERNALERROR;
  334. if(cc->localSymIv.length !=
  335. securityPolicy->symmetricModule.cryptoModule.encryptionAlgorithm.getLocalBlockSize(securityPolicy, cc))
  336. return UA_STATUSCODE_BADINTERNALERROR;
  337. size_t plainTextBlockSize =
  338. securityPolicy->symmetricModule.cryptoModule.encryptionAlgorithm.getLocalPlainTextBlockSize(securityPolicy, cc);
  339. if(data->length % plainTextBlockSize != 0) {
  340. UA_LOG_ERROR(securityPolicy->logger, UA_LOGCATEGORY_SECURITYPOLICY,
  341. "Length of data to encrypt is not a multiple of the plain text block size."
  342. "Padding might not have been calculated appropriately.");
  343. return UA_STATUSCODE_BADINTERNALERROR;
  344. }
  345. /* Keylength in bits */
  346. unsigned int keylength = (unsigned int)(cc->localSymEncryptingKey.length * 8);
  347. mbedtls_aes_context aesContext;
  348. int mbedErr = mbedtls_aes_setkey_enc(&aesContext, cc->localSymEncryptingKey.data, keylength);
  349. UA_MBEDTLS_ERRORHANDLING_RETURN(UA_STATUSCODE_BADINTERNALERROR);
  350. UA_ByteString ivCopy;
  351. UA_StatusCode retval = UA_ByteString_copy(&cc->localSymIv, &ivCopy);
  352. if(retval != UA_STATUSCODE_GOOD)
  353. return retval;
  354. mbedErr = mbedtls_aes_crypt_cbc(&aesContext, MBEDTLS_AES_ENCRYPT, data->length,
  355. ivCopy.data, data->data, data->data);
  356. UA_MBEDTLS_ERRORHANDLING(UA_STATUSCODE_BADINTERNALERROR);
  357. UA_ByteString_deleteMembers(&ivCopy);
  358. return retval;
  359. }
  360. static UA_StatusCode
  361. sym_decrypt_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  362. const Basic128Rsa15_ChannelContext *cc,
  363. UA_ByteString *data) {
  364. if(securityPolicy == NULL || cc == NULL || data == NULL)
  365. return UA_STATUSCODE_BADINTERNALERROR;
  366. size_t encryptionBlockSize =
  367. securityPolicy->symmetricModule.cryptoModule.encryptionAlgorithm.getLocalBlockSize(securityPolicy, cc);
  368. if(cc->remoteSymIv.length != encryptionBlockSize)
  369. return UA_STATUSCODE_BADINTERNALERROR;
  370. if(data->length % encryptionBlockSize != 0) {
  371. UA_LOG_ERROR(securityPolicy->logger, UA_LOGCATEGORY_SECURITYPOLICY,
  372. "Length of data to decrypt is not a multiple of the encryptingBlock size.");
  373. return UA_STATUSCODE_BADINTERNALERROR;
  374. }
  375. unsigned int keylength = (unsigned int)(cc->remoteSymEncryptingKey.length * 8);
  376. mbedtls_aes_context aesContext;
  377. int mbedErr = mbedtls_aes_setkey_dec(&aesContext, cc->remoteSymEncryptingKey.data, keylength);
  378. UA_MBEDTLS_ERRORHANDLING_RETURN(UA_STATUSCODE_BADINTERNALERROR);
  379. UA_ByteString ivCopy;
  380. UA_StatusCode retval = UA_ByteString_copy(&cc->remoteSymIv, &ivCopy);
  381. if(retval != UA_STATUSCODE_GOOD)
  382. return retval;
  383. mbedErr = mbedtls_aes_crypt_cbc(&aesContext, MBEDTLS_AES_DECRYPT, data->length,
  384. ivCopy.data, data->data, data->data);
  385. UA_MBEDTLS_ERRORHANDLING(UA_STATUSCODE_BADINTERNALERROR);
  386. UA_ByteString_deleteMembers(&ivCopy);
  387. return retval;
  388. }
  389. static void
  390. swapBuffers(UA_ByteString *const bufA, UA_ByteString *const bufB) {
  391. UA_ByteString tmp = *bufA;
  392. *bufA = *bufB;
  393. *bufB = tmp;
  394. }
  395. static UA_StatusCode
  396. sym_generateKey_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  397. const UA_ByteString *secret, const UA_ByteString *seed,
  398. UA_ByteString *out) {
  399. if(securityPolicy == NULL || secret == NULL || seed == NULL || out == NULL)
  400. return UA_STATUSCODE_BADINTERNALERROR;
  401. Basic128Rsa15_PolicyContext *pc =
  402. (Basic128Rsa15_PolicyContext *)securityPolicy->policyContext;
  403. size_t hashLen = 0;
  404. const mbedtls_md_info_t *mdInfo = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
  405. hashLen = (size_t)mbedtls_md_get_size(mdInfo);
  406. UA_ByteString A_and_seed;
  407. UA_ByteString_allocBuffer(&A_and_seed, hashLen + seed->length);
  408. memcpy(A_and_seed.data + hashLen, seed->data, seed->length);
  409. UA_ByteString ANext_and_seed;
  410. UA_ByteString_allocBuffer(&ANext_and_seed, hashLen + seed->length);
  411. memcpy(ANext_and_seed.data + hashLen, seed->data, seed->length);
  412. UA_ByteString A = {
  413. hashLen,
  414. A_and_seed.data
  415. };
  416. UA_ByteString ANext = {
  417. hashLen,
  418. ANext_and_seed.data
  419. };
  420. md_hmac(&pc->sha1MdContext, secret, seed, A.data);
  421. UA_StatusCode retval = 0;
  422. for(size_t offset = 0; offset < out->length; offset += hashLen) {
  423. UA_ByteString outSegment = {
  424. hashLen,
  425. out->data + offset
  426. };
  427. UA_Boolean bufferAllocated = UA_FALSE;
  428. // Not enough room in out buffer to write the hash.
  429. if(offset + hashLen > out->length) {
  430. outSegment.data = NULL;
  431. outSegment.length = 0;
  432. retval = UA_ByteString_allocBuffer(&outSegment, hashLen);
  433. if(retval != UA_STATUSCODE_GOOD) {
  434. UA_ByteString_deleteMembers(&A_and_seed);
  435. UA_ByteString_deleteMembers(&ANext_and_seed);
  436. return retval;
  437. }
  438. bufferAllocated = UA_TRUE;
  439. }
  440. md_hmac(&pc->sha1MdContext, secret, &A_and_seed, outSegment.data);
  441. md_hmac(&pc->sha1MdContext, secret, &A, ANext.data);
  442. if(retval != UA_STATUSCODE_GOOD) {
  443. if(bufferAllocated)
  444. UA_ByteString_deleteMembers(&outSegment);
  445. UA_ByteString_deleteMembers(&A_and_seed);
  446. UA_ByteString_deleteMembers(&ANext_and_seed);
  447. return retval;
  448. }
  449. if(bufferAllocated) {
  450. memcpy(out->data + offset, outSegment.data, out->length - offset);
  451. UA_ByteString_deleteMembers(&outSegment);
  452. }
  453. swapBuffers(&ANext_and_seed, &A_and_seed);
  454. swapBuffers(&ANext, &A);
  455. }
  456. UA_ByteString_deleteMembers(&A_and_seed);
  457. UA_ByteString_deleteMembers(&ANext_and_seed);
  458. return UA_STATUSCODE_GOOD;
  459. }
  460. static UA_StatusCode
  461. sym_generateNonce_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  462. UA_ByteString *out) {
  463. if(securityPolicy == NULL || securityPolicy->policyContext == NULL || out == NULL)
  464. return UA_STATUSCODE_BADINTERNALERROR;
  465. Basic128Rsa15_PolicyContext *data =
  466. (Basic128Rsa15_PolicyContext *)securityPolicy->policyContext;
  467. int mbedErr = mbedtls_ctr_drbg_random(&data->drbgContext, out->data, out->length);
  468. UA_MBEDTLS_ERRORHANDLING_RETURN(UA_STATUSCODE_BADUNEXPECTEDERROR);
  469. return UA_STATUSCODE_GOOD;
  470. }
  471. /*****************/
  472. /* ChannelModule */
  473. /*****************/
  474. /* Assumes that the certificate has been verified externally */
  475. static UA_StatusCode
  476. parseRemoteCertificate_sp_basic128rsa15(Basic128Rsa15_ChannelContext *cc,
  477. const UA_ByteString *remoteCertificate) {
  478. if(remoteCertificate == NULL || cc == NULL)
  479. return UA_STATUSCODE_BADINTERNALERROR;
  480. const UA_SecurityPolicy *securityPolicy = cc->policyContext->securityPolicy;
  481. /* Parse the certificate */
  482. int mbedErr = mbedtls_x509_crt_parse(&cc->remoteCertificate, remoteCertificate->data,
  483. remoteCertificate->length);
  484. UA_MBEDTLS_ERRORHANDLING_RETURN(UA_STATUSCODE_BADSECURITYCHECKSFAILED);
  485. /* Check the key length */
  486. mbedtls_rsa_context *rsaContext = mbedtls_pk_rsa(cc->remoteCertificate.pk);
  487. if(rsaContext->len < UA_SECURITYPOLICY_BASIC128RSA15_MINASYMKEYLENGTH ||
  488. rsaContext->len > UA_SECURITYPOLICY_BASIC128RSA15_MAXASYMKEYLENGTH)
  489. return UA_STATUSCODE_BADCERTIFICATEUSENOTALLOWED;
  490. return UA_STATUSCODE_GOOD;
  491. }
  492. static void
  493. channelContext_deleteContext_sp_basic128rsa15(Basic128Rsa15_ChannelContext *cc) {
  494. UA_ByteString_deleteMembers(&cc->localSymSigningKey);
  495. UA_ByteString_deleteMembers(&cc->localSymEncryptingKey);
  496. UA_ByteString_deleteMembers(&cc->localSymIv);
  497. UA_ByteString_deleteMembers(&cc->remoteSymSigningKey);
  498. UA_ByteString_deleteMembers(&cc->remoteSymEncryptingKey);
  499. UA_ByteString_deleteMembers(&cc->remoteSymIv);
  500. mbedtls_x509_crt_free(&cc->remoteCertificate);
  501. UA_free(cc);
  502. }
  503. static UA_StatusCode
  504. channelContext_newContext_sp_basic128rsa15(const UA_SecurityPolicy *securityPolicy,
  505. const UA_ByteString *remoteCertificate,
  506. void **pp_contextData) {
  507. if(securityPolicy == NULL || remoteCertificate == NULL || pp_contextData == NULL)
  508. return UA_STATUSCODE_BADINTERNALERROR;
  509. /* Allocate the channel context */
  510. *pp_contextData = UA_malloc(sizeof(Basic128Rsa15_ChannelContext));
  511. if(*pp_contextData == NULL)
  512. return UA_STATUSCODE_BADOUTOFMEMORY;
  513. Basic128Rsa15_ChannelContext *cc = (Basic128Rsa15_ChannelContext *)*pp_contextData;
  514. /* Initialize the channel context */
  515. cc->policyContext = (Basic128Rsa15_PolicyContext *)securityPolicy->policyContext;
  516. UA_ByteString_init(&cc->localSymSigningKey);
  517. UA_ByteString_init(&cc->localSymEncryptingKey);
  518. UA_ByteString_init(&cc->localSymIv);
  519. UA_ByteString_init(&cc->remoteSymSigningKey);
  520. UA_ByteString_init(&cc->remoteSymEncryptingKey);
  521. UA_ByteString_init(&cc->remoteSymIv);
  522. mbedtls_x509_crt_init(&cc->remoteCertificate);
  523. // TODO: this can be optimized so that we dont allocate memory before parsing the certificate
  524. UA_StatusCode retval = parseRemoteCertificate_sp_basic128rsa15(cc, remoteCertificate);
  525. if(retval != UA_STATUSCODE_GOOD) {
  526. channelContext_deleteContext_sp_basic128rsa15(cc);
  527. *pp_contextData = NULL;
  528. }
  529. return retval;
  530. }
  531. static UA_StatusCode
  532. channelContext_setLocalSymEncryptingKey_sp_basic128rsa15(Basic128Rsa15_ChannelContext *cc,
  533. const UA_ByteString *key) {
  534. if(key == NULL || cc == NULL)
  535. return UA_STATUSCODE_BADINTERNALERROR;
  536. UA_ByteString_deleteMembers(&cc->localSymEncryptingKey);
  537. return UA_ByteString_copy(key, &cc->localSymEncryptingKey);
  538. }
  539. static UA_StatusCode
  540. channelContext_setLocalSymSigningKey_sp_basic128rsa15(Basic128Rsa15_ChannelContext *cc,
  541. const UA_ByteString *key) {
  542. if(key == NULL || cc == NULL)
  543. return UA_STATUSCODE_BADINTERNALERROR;
  544. UA_ByteString_deleteMembers(&cc->localSymSigningKey);
  545. return UA_ByteString_copy(key, &cc->localSymSigningKey);
  546. }
  547. static UA_StatusCode
  548. channelContext_setLocalSymIv_sp_basic128rsa15(Basic128Rsa15_ChannelContext *cc,
  549. const UA_ByteString *iv) {
  550. if(iv == NULL || cc == NULL)
  551. return UA_STATUSCODE_BADINTERNALERROR;
  552. UA_ByteString_deleteMembers(&cc->localSymIv);
  553. return UA_ByteString_copy(iv, &cc->localSymIv);
  554. }
  555. static UA_StatusCode
  556. channelContext_setRemoteSymEncryptingKey_sp_basic128rsa15(Basic128Rsa15_ChannelContext *cc,
  557. const UA_ByteString *key) {
  558. if(key == NULL || cc == NULL)
  559. return UA_STATUSCODE_BADINTERNALERROR;
  560. UA_ByteString_deleteMembers(&cc->remoteSymEncryptingKey);
  561. return UA_ByteString_copy(key, &cc->remoteSymEncryptingKey);
  562. }
  563. static UA_StatusCode
  564. channelContext_setRemoteSymSigningKey_sp_basic128rsa15(Basic128Rsa15_ChannelContext *cc,
  565. const UA_ByteString *key) {
  566. if(key == NULL || cc == NULL)
  567. return UA_STATUSCODE_BADINTERNALERROR;
  568. UA_ByteString_deleteMembers(&cc->remoteSymSigningKey);
  569. return UA_ByteString_copy(key, &cc->remoteSymSigningKey);
  570. }
  571. static UA_StatusCode
  572. channelContext_setRemoteSymIv_sp_basic128rsa15(Basic128Rsa15_ChannelContext *cc,
  573. const UA_ByteString *iv) {
  574. if(iv == NULL || cc == NULL)
  575. return UA_STATUSCODE_BADINTERNALERROR;
  576. UA_ByteString_deleteMembers(&cc->remoteSymIv);
  577. return UA_ByteString_copy(iv, &cc->remoteSymIv);
  578. }
  579. static UA_StatusCode
  580. channelContext_compareCertificate_sp_basic128rsa15(const Basic128Rsa15_ChannelContext *cc,
  581. const UA_ByteString *certificate) {
  582. if(cc == NULL || certificate == NULL)
  583. return UA_STATUSCODE_BADINTERNALERROR;
  584. const UA_SecurityPolicy *securityPolicy = cc->policyContext->securityPolicy;
  585. mbedtls_x509_crt cert;
  586. int mbedErr = mbedtls_x509_crt_parse(&cert, certificate->data, certificate->length);
  587. UA_MBEDTLS_ERRORHANDLING_RETURN(UA_STATUSCODE_BADSECURITYCHECKSFAILED);
  588. if(cert.raw.len != cc->remoteCertificate.raw.len)
  589. return UA_STATUSCODE_BADSECURITYCHECKSFAILED;
  590. if(memcmp(cert.raw.p, cc->remoteCertificate.raw.p, cert.raw.len) != 0)
  591. return UA_STATUSCODE_BADSECURITYCHECKSFAILED;
  592. return UA_STATUSCODE_GOOD;
  593. }
  594. static void
  595. deleteMembers_sp_basic128rsa15(UA_SecurityPolicy *securityPolicy) {
  596. if(securityPolicy == NULL)
  597. return;
  598. if(securityPolicy->policyContext == NULL)
  599. return;
  600. UA_ByteString_deleteMembers(&securityPolicy->localCertificate);
  601. /* delete all allocated members in the context */
  602. Basic128Rsa15_PolicyContext *pc = (Basic128Rsa15_PolicyContext *)
  603. securityPolicy->policyContext;
  604. mbedtls_ctr_drbg_free(&pc->drbgContext);
  605. mbedtls_entropy_free(&pc->entropyContext);
  606. mbedtls_pk_free(&pc->localPrivateKey);
  607. mbedtls_md_free(&pc->sha1MdContext);
  608. UA_ByteString_deleteMembers(&pc->localCertThumbprint);
  609. UA_LOG_DEBUG(securityPolicy->logger, UA_LOGCATEGORY_SECURITYPOLICY,
  610. "Deleted members of EndpointContext for sp_basic128rsa15");
  611. UA_free(pc);
  612. securityPolicy->policyContext = NULL;
  613. }
  614. static UA_StatusCode
  615. updateCertificateAndPrivateKey_sp_basic128rsa15(UA_SecurityPolicy *securityPolicy,
  616. const UA_ByteString newCertificate,
  617. const UA_ByteString newPrivateKey) {
  618. if(securityPolicy == NULL)
  619. return UA_STATUSCODE_BADINTERNALERROR;
  620. if(securityPolicy->policyContext == NULL)
  621. return UA_STATUSCODE_BADINTERNALERROR;
  622. Basic128Rsa15_PolicyContext *pc = (Basic128Rsa15_PolicyContext *)securityPolicy->policyContext;
  623. UA_ByteString_deleteMembers(&securityPolicy->localCertificate);
  624. UA_StatusCode retval = UA_ByteString_allocBuffer(&securityPolicy->localCertificate, newCertificate.length + 1);
  625. if(retval != UA_STATUSCODE_GOOD)
  626. return retval;
  627. memcpy(securityPolicy->localCertificate.data, newCertificate.data, newCertificate.length);
  628. securityPolicy->localCertificate.data[newCertificate.length] = '\0';
  629. securityPolicy->localCertificate.length--;
  630. /* Set the new private key */
  631. mbedtls_pk_free(&pc->localPrivateKey);
  632. mbedtls_pk_init(&pc->localPrivateKey);
  633. int mbedErr = mbedtls_pk_parse_key(&pc->localPrivateKey,
  634. newPrivateKey.data, newPrivateKey.length,
  635. NULL, 0);
  636. UA_MBEDTLS_ERRORHANDLING(UA_STATUSCODE_BADSECURITYCHECKSFAILED);
  637. if(retval != UA_STATUSCODE_GOOD)
  638. goto error;
  639. retval = asym_makeThumbprint_sp_basic128rsa15(pc->securityPolicy,
  640. &securityPolicy->localCertificate,
  641. &pc->localCertThumbprint);
  642. if(retval != UA_STATUSCODE_GOOD)
  643. goto error;
  644. return retval;
  645. error:
  646. UA_LOG_ERROR(securityPolicy->logger, UA_LOGCATEGORY_SECURITYPOLICY,
  647. "Could not update certificate and private key");
  648. if(securityPolicy->policyContext != NULL)
  649. deleteMembers_sp_basic128rsa15(securityPolicy);
  650. return retval;
  651. }
  652. static UA_StatusCode
  653. policyContext_newContext_sp_basic128rsa15(UA_SecurityPolicy *securityPolicy,
  654. const UA_ByteString localPrivateKey) {
  655. UA_StatusCode retval = UA_STATUSCODE_GOOD;
  656. if(securityPolicy == NULL)
  657. return UA_STATUSCODE_BADINTERNALERROR;
  658. Basic128Rsa15_PolicyContext *pc = (Basic128Rsa15_PolicyContext *)
  659. UA_malloc(sizeof(Basic128Rsa15_PolicyContext));
  660. securityPolicy->policyContext = (void *)pc;
  661. if(!pc) {
  662. retval = UA_STATUSCODE_BADOUTOFMEMORY;
  663. goto error;
  664. }
  665. /* Initialize the PolicyContext */
  666. memset(pc, 0, sizeof(Basic128Rsa15_PolicyContext));
  667. mbedtls_ctr_drbg_init(&pc->drbgContext);
  668. mbedtls_entropy_init(&pc->entropyContext);
  669. mbedtls_pk_init(&pc->localPrivateKey);
  670. mbedtls_md_init(&pc->sha1MdContext);
  671. pc->securityPolicy = securityPolicy;
  672. /* Initialized the message digest */
  673. const mbedtls_md_info_t *const mdInfo = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
  674. int mbedErr = mbedtls_md_setup(&pc->sha1MdContext, mdInfo, MBEDTLS_MD_SHA1);
  675. UA_MBEDTLS_ERRORHANDLING(UA_STATUSCODE_BADOUTOFMEMORY);
  676. if(retval != UA_STATUSCODE_GOOD)
  677. goto error;
  678. /* Add the system entropy source */
  679. mbedErr = mbedtls_entropy_add_source(&pc->entropyContext,
  680. mbedtls_platform_entropy_poll, NULL, 0,
  681. MBEDTLS_ENTROPY_SOURCE_STRONG);
  682. UA_MBEDTLS_ERRORHANDLING(UA_STATUSCODE_BADSECURITYCHECKSFAILED);
  683. if(retval != UA_STATUSCODE_GOOD)
  684. goto error;
  685. /* Seed the RNG */
  686. char *personalization = "open62541-drbg";
  687. mbedErr = mbedtls_ctr_drbg_seed(&pc->drbgContext, mbedtls_entropy_func,
  688. &pc->entropyContext,
  689. (const unsigned char *)personalization, 14);
  690. UA_MBEDTLS_ERRORHANDLING(UA_STATUSCODE_BADSECURITYCHECKSFAILED);
  691. if(retval != UA_STATUSCODE_GOOD)
  692. goto error;
  693. /* Set the private key */
  694. mbedErr = mbedtls_pk_parse_key(&pc->localPrivateKey,
  695. localPrivateKey.data, localPrivateKey.length,
  696. NULL, 0);
  697. UA_MBEDTLS_ERRORHANDLING(UA_STATUSCODE_BADSECURITYCHECKSFAILED);
  698. if(retval != UA_STATUSCODE_GOOD)
  699. goto error;
  700. /* Set the local certificate thumbprint */
  701. retval = UA_ByteString_allocBuffer(&pc->localCertThumbprint, UA_SHA1_LENGTH);
  702. if(retval != UA_STATUSCODE_GOOD)
  703. goto error;
  704. retval = asym_makeThumbprint_sp_basic128rsa15(pc->securityPolicy,
  705. &securityPolicy->localCertificate,
  706. &pc->localCertThumbprint);
  707. if(retval != UA_STATUSCODE_GOOD)
  708. goto error;
  709. return UA_STATUSCODE_GOOD;
  710. error:
  711. UA_LOG_ERROR(securityPolicy->logger, UA_LOGCATEGORY_SECURITYPOLICY,
  712. "Could not create securityContext");
  713. if(securityPolicy->policyContext != NULL)
  714. deleteMembers_sp_basic128rsa15(securityPolicy);
  715. return retval;
  716. }
  717. UA_StatusCode
  718. UA_SecurityPolicy_Basic128Rsa15(UA_SecurityPolicy *policy, UA_CertificateVerification *certificateVerification,
  719. const UA_ByteString localCertificate, const UA_ByteString localPrivateKey,
  720. UA_Logger logger) {
  721. memset(policy, 0, sizeof(UA_SecurityPolicy));
  722. policy->logger = logger;
  723. policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15");
  724. UA_SecurityPolicyAsymmetricModule *const asymmetricModule = &policy->asymmetricModule;
  725. UA_SecurityPolicySymmetricModule *const symmetricModule = &policy->symmetricModule;
  726. UA_SecurityPolicyChannelModule *const channelModule = &policy->channelModule;
  727. /* Copy the certificate and add a NULL to the end */
  728. UA_StatusCode retval =
  729. UA_ByteString_allocBuffer(&policy->localCertificate, localCertificate.length + 1);
  730. if(retval != UA_STATUSCODE_GOOD)
  731. return retval;
  732. memcpy(policy->localCertificate.data, localCertificate.data, localCertificate.length);
  733. policy->localCertificate.data[localCertificate.length] = '\0';
  734. policy->localCertificate.length--;
  735. policy->certificateVerification = certificateVerification;
  736. /* AsymmetricModule */
  737. UA_SecurityPolicySignatureAlgorithm *asym_signatureAlgorithm =
  738. &asymmetricModule->cryptoModule.signatureAlgorithm;
  739. asym_signatureAlgorithm->uri =
  740. UA_STRING("http://www.w3.org/2000/09/xmldsig#rsa-sha1\0");
  741. asym_signatureAlgorithm->verify =
  742. (UA_StatusCode (*)(const UA_SecurityPolicy *, void *,
  743. const UA_ByteString *, const UA_ByteString *))asym_verify_sp_basic128rsa15;
  744. asym_signatureAlgorithm->sign =
  745. (UA_StatusCode (*)(const UA_SecurityPolicy *, void *,
  746. const UA_ByteString *, UA_ByteString *))asym_sign_sp_basic128rsa15;
  747. asym_signatureAlgorithm->getLocalSignatureSize =
  748. (size_t (*)(const UA_SecurityPolicy *, const void *))asym_getLocalSignatureSize_sp_basic128rsa15;
  749. asym_signatureAlgorithm->getRemoteSignatureSize =
  750. (size_t (*)(const UA_SecurityPolicy *, const void *))asym_getRemoteSignatureSize_sp_basic128rsa15;
  751. asym_signatureAlgorithm->getLocalKeyLength = NULL; // TODO: Write function
  752. asym_signatureAlgorithm->getRemoteKeyLength = NULL; // TODO: Write function
  753. UA_SecurityPolicyEncryptionAlgorithm *asym_encryptionAlgorithm =
  754. &asymmetricModule->cryptoModule.encryptionAlgorithm;
  755. asym_encryptionAlgorithm->uri = UA_STRING("TODO: ALG URI");
  756. asym_encryptionAlgorithm->encrypt =
  757. (UA_StatusCode(*)(const UA_SecurityPolicy *, void *, UA_ByteString *))asym_encrypt_sp_basic128rsa15;
  758. asym_encryptionAlgorithm->decrypt =
  759. (UA_StatusCode(*)(const UA_SecurityPolicy *, void *, UA_ByteString *))
  760. asym_decrypt_sp_basic128rsa15;
  761. asym_encryptionAlgorithm->getLocalKeyLength = NULL; // TODO: Write function
  762. asym_encryptionAlgorithm->getRemoteKeyLength =
  763. (size_t (*)(const UA_SecurityPolicy *, const void *))asym_getRemoteEncryptionKeyLength_sp_basic128rsa15;
  764. asym_encryptionAlgorithm->getLocalBlockSize = NULL; // TODO: Write function
  765. asym_encryptionAlgorithm->getRemoteBlockSize = (size_t (*)(const UA_SecurityPolicy *,
  766. const void *))asym_getRemoteBlockSize_sp_basic128rsa15;
  767. asym_encryptionAlgorithm->getLocalPlainTextBlockSize = NULL; // TODO: Write function
  768. asym_encryptionAlgorithm->getRemotePlainTextBlockSize =
  769. (size_t (*)(const UA_SecurityPolicy *, const void *))asym_getRemotePlainTextBlockSize_sp_basic128rsa15;
  770. asymmetricModule->makeCertificateThumbprint = asym_makeThumbprint_sp_basic128rsa15;
  771. asymmetricModule->compareCertificateThumbprint =
  772. asymmetricModule_compareCertificateThumbprint_sp_basic128rsa15;
  773. /* SymmetricModule */
  774. symmetricModule->generateKey = sym_generateKey_sp_basic128rsa15;
  775. symmetricModule->generateNonce = sym_generateNonce_sp_basic128rsa15;
  776. UA_SecurityPolicySignatureAlgorithm *sym_signatureAlgorithm =
  777. &symmetricModule->cryptoModule.signatureAlgorithm;
  778. sym_signatureAlgorithm->uri =
  779. UA_STRING("http://www.w3.org/2000/09/xmldsig#hmac-sha1\0");
  780. sym_signatureAlgorithm->verify =
  781. (UA_StatusCode (*)(const UA_SecurityPolicy *, void *, const UA_ByteString *,
  782. const UA_ByteString *))sym_verify_sp_basic128rsa15;
  783. sym_signatureAlgorithm->sign =
  784. (UA_StatusCode (*)(const UA_SecurityPolicy *, void *,
  785. const UA_ByteString *, UA_ByteString *))sym_sign_sp_basic128rsa15;
  786. sym_signatureAlgorithm->getLocalSignatureSize = sym_getSignatureSize_sp_basic128rsa15;
  787. sym_signatureAlgorithm->getRemoteSignatureSize = sym_getSignatureSize_sp_basic128rsa15;
  788. sym_signatureAlgorithm->getLocalKeyLength =
  789. (size_t (*)(const UA_SecurityPolicy *,
  790. const void *))sym_getSigningKeyLength_sp_basic128rsa15;
  791. sym_signatureAlgorithm->getRemoteKeyLength =
  792. (size_t (*)(const UA_SecurityPolicy *,
  793. const void *))sym_getSigningKeyLength_sp_basic128rsa15;
  794. UA_SecurityPolicyEncryptionAlgorithm *sym_encryptionAlgorithm =
  795. &symmetricModule->cryptoModule.encryptionAlgorithm;
  796. sym_encryptionAlgorithm->uri = UA_STRING("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
  797. sym_encryptionAlgorithm->encrypt =
  798. (UA_StatusCode(*)(const UA_SecurityPolicy *, void *, UA_ByteString *))sym_encrypt_sp_basic128rsa15;
  799. sym_encryptionAlgorithm->decrypt =
  800. (UA_StatusCode(*)(const UA_SecurityPolicy *, void *, UA_ByteString *))sym_decrypt_sp_basic128rsa15;
  801. sym_encryptionAlgorithm->getLocalKeyLength = sym_getEncryptionKeyLength_sp_basic128rsa15;
  802. sym_encryptionAlgorithm->getRemoteKeyLength = sym_getEncryptionKeyLength_sp_basic128rsa15;
  803. sym_encryptionAlgorithm->getLocalBlockSize =
  804. (size_t (*)(const UA_SecurityPolicy *, const void *))sym_getEncryptionBlockSize_sp_basic128rsa15;
  805. sym_encryptionAlgorithm->getRemoteBlockSize =
  806. (size_t (*)(const UA_SecurityPolicy *, const void *))sym_getEncryptionBlockSize_sp_basic128rsa15;
  807. sym_encryptionAlgorithm->getLocalPlainTextBlockSize =
  808. (size_t (*)(const UA_SecurityPolicy *, const void *))sym_getPlainTextBlockSize_sp_basic128rsa15;
  809. sym_encryptionAlgorithm->getRemotePlainTextBlockSize =
  810. (size_t (*)(const UA_SecurityPolicy *, const void *))sym_getPlainTextBlockSize_sp_basic128rsa15;
  811. symmetricModule->secureChannelNonceLength = 16;
  812. // Use the same signature algorithm as the asymmetric component for certificate signing (see standard)
  813. policy->certificateSigningAlgorithm = policy->asymmetricModule.cryptoModule.signatureAlgorithm;
  814. /* ChannelModule */
  815. channelModule->newContext = channelContext_newContext_sp_basic128rsa15;
  816. channelModule->deleteContext = (void (*)(void *))
  817. channelContext_deleteContext_sp_basic128rsa15;
  818. channelModule->setLocalSymEncryptingKey = (UA_StatusCode (*)(void *, const UA_ByteString *))
  819. channelContext_setLocalSymEncryptingKey_sp_basic128rsa15;
  820. channelModule->setLocalSymSigningKey = (UA_StatusCode (*)(void *, const UA_ByteString *))
  821. channelContext_setLocalSymSigningKey_sp_basic128rsa15;
  822. channelModule->setLocalSymIv = (UA_StatusCode (*)(void *, const UA_ByteString *))
  823. channelContext_setLocalSymIv_sp_basic128rsa15;
  824. channelModule->setRemoteSymEncryptingKey = (UA_StatusCode (*)(void *, const UA_ByteString *))
  825. channelContext_setRemoteSymEncryptingKey_sp_basic128rsa15;
  826. channelModule->setRemoteSymSigningKey = (UA_StatusCode (*)(void *, const UA_ByteString *))
  827. channelContext_setRemoteSymSigningKey_sp_basic128rsa15;
  828. channelModule->setRemoteSymIv = (UA_StatusCode (*)(void *, const UA_ByteString *))
  829. channelContext_setRemoteSymIv_sp_basic128rsa15;
  830. channelModule->compareCertificate = (UA_StatusCode (*)(const void *, const UA_ByteString *))
  831. channelContext_compareCertificate_sp_basic128rsa15;
  832. policy->updateCertificateAndPrivateKey = updateCertificateAndPrivateKey_sp_basic128rsa15;
  833. policy->deleteMembers = deleteMembers_sp_basic128rsa15;
  834. return policyContext_newContext_sp_basic128rsa15(policy, localPrivateKey);
  835. }