ext/open62541/plugins/securityPolicies/ua_securitypolicy_none.c - a71ch-crypto-support - Git at Google

 /* This work is licensed under a Creative Commons CCZero 1.0 Universal License.
  * See http://creativecommons.org/publicdomain/zero/1.0/ for more information.
  *
  *    Copyright 2017-2018 (c) Mark Giraud, Fraunhofer IOSB
  *    Copyright 2017 (c) Stefan Profanter, fortiss GmbH
  */

 #include <open62541/plugin/securitypolicy_default.h>

 static UA_StatusCode
 verify_none(const UA_SecurityPolicy *securityPolicy,
             void *channelContext,
             const UA_ByteString *message,
             const UA_ByteString *signature) {
     return UA_STATUSCODE_GOOD;
 }

 static UA_StatusCode
 sign_none(const UA_SecurityPolicy *securityPolicy,
           void *channelContext,
           const UA_ByteString *message,
           UA_ByteString *signature) {
     return UA_STATUSCODE_GOOD;
 }

 static size_t
 length_none(const UA_SecurityPolicy *securityPolicy,
             const void *channelContext) {
     return 0;
 }

 static UA_StatusCode
 encrypt_none(const UA_SecurityPolicy *securityPolicy,
              void *channelContext,
              UA_ByteString *data) {
     return UA_STATUSCODE_GOOD;
 }

 static UA_StatusCode
 decrypt_none(const UA_SecurityPolicy *securityPolicy,
              void *channelContext,
              UA_ByteString *data) {
     return UA_STATUSCODE_GOOD;
 }

 static UA_StatusCode
 makeThumbprint_none(const UA_SecurityPolicy *securityPolicy,
                     const UA_ByteString *certificate,
                     UA_ByteString *thumbprint) {
     return UA_STATUSCODE_GOOD;
 }

 static UA_StatusCode
 compareThumbprint_none(const UA_SecurityPolicy *securityPolicy,
                        const UA_ByteString *certificateThumbprint) {
     return UA_STATUSCODE_GOOD;
 }

 static UA_StatusCode
 generateKey_none(const UA_SecurityPolicy *securityPolicy,
                  const UA_ByteString *secret,
                  const UA_ByteString *seed,
                  UA_ByteString *out) {
     return UA_STATUSCODE_GOOD;
 }

 /* Use the non-cryptographic RNG to set the nonce */
 static UA_StatusCode
 generateNonce_none(const UA_SecurityPolicy *securityPolicy, UA_ByteString *out) {
     if(securityPolicy == NULL || out == NULL)
         return UA_STATUSCODE_BADINTERNALERROR;

     if(out->length == 0)
         return UA_STATUSCODE_GOOD;

     /* Fill blocks of four byte */
     size_t i = 0;
     while(i + 3 < out->length) {
         UA_UInt32 rand = UA_UInt32_random();
         memcpy(&out->data[i], &rand, 4);
         i = i+4;
     }

     /* Fill the remaining byte */
     UA_UInt32 rand = UA_UInt32_random();
     memcpy(&out->data[i], &rand, out->length % 4);

     return UA_STATUSCODE_GOOD;
 }

 static UA_StatusCode
 newContext_none(const UA_SecurityPolicy *securityPolicy,
                 const UA_ByteString *remoteCertificate,
                 void **channelContext) {
     return UA_STATUSCODE_GOOD;
 }

 static void
 deleteContext_none(void *channelContext) {
 }

 static UA_StatusCode
 setContextValue_none(void *channelContext,
                      const UA_ByteString *key) {
     return UA_STATUSCODE_GOOD;
 }

 static UA_StatusCode
 compareCertificate_none(const void *channelContext,
                         const UA_ByteString *certificate) {
     return UA_STATUSCODE_GOOD;
 }

 static UA_StatusCode
 updateCertificateAndPrivateKey_none(UA_SecurityPolicy *policy,
                                     const UA_ByteString newCertificate,
                                     const UA_ByteString newPrivateKey) {
     UA_ByteString_deleteMembers(&policy->localCertificate);
     UA_ByteString_copy(&newCertificate, &policy->localCertificate);
     return UA_STATUSCODE_GOOD;
 }


 static void
 policy_deletemembers_none(UA_SecurityPolicy *policy) {
     UA_ByteString_deleteMembers(&policy->localCertificate);
 }

 UA_StatusCode
 UA_SecurityPolicy_None(UA_SecurityPolicy *policy,
                        UA_CertificateVerification *certificateVerification,
                        const UA_ByteString localCertificate, const UA_Logger *logger) {
     policy->policyContext = (void *)(uintptr_t)logger;
     policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#None");
     policy->logger = logger;
     UA_ByteString_copy(&localCertificate, &policy->localCertificate);

     policy->certificateVerification = certificateVerification;

     policy->symmetricModule.generateKey = generateKey_none;
     policy->symmetricModule.generateNonce = generateNonce_none;

     UA_SecurityPolicySignatureAlgorithm *sym_signatureAlgorithm =
         &policy->symmetricModule.cryptoModule.signatureAlgorithm;
     sym_signatureAlgorithm->uri = UA_STRING_NULL;
     sym_signatureAlgorithm->verify = verify_none;
     sym_signatureAlgorithm->sign = sign_none;
     sym_signatureAlgorithm->getLocalSignatureSize = length_none;
     sym_signatureAlgorithm->getRemoteSignatureSize = length_none;
     sym_signatureAlgorithm->getLocalKeyLength = length_none;
     sym_signatureAlgorithm->getRemoteKeyLength = length_none;

     UA_SecurityPolicyEncryptionAlgorithm *sym_encryptionAlgorithm =
         &policy->symmetricModule.cryptoModule.encryptionAlgorithm;
     sym_encryptionAlgorithm->encrypt = encrypt_none;
     sym_encryptionAlgorithm->decrypt = decrypt_none;
     sym_encryptionAlgorithm->getLocalKeyLength = length_none;
     sym_encryptionAlgorithm->getRemoteKeyLength = length_none;
     sym_encryptionAlgorithm->getLocalBlockSize = length_none;
     sym_encryptionAlgorithm->getRemoteBlockSize = length_none;
     sym_encryptionAlgorithm->getLocalPlainTextBlockSize = length_none;
     sym_encryptionAlgorithm->getRemotePlainTextBlockSize = length_none;
     policy->symmetricModule.secureChannelNonceLength = 0;

     policy->asymmetricModule.makeCertificateThumbprint = makeThumbprint_none;
     policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_none;

     // This only works for none since symmetric and asymmetric crypto modules do the same i.e. nothing
     policy->asymmetricModule.cryptoModule = policy->symmetricModule.cryptoModule;

     // Use the same signing algorithm as for asymmetric signing
     policy->certificateSigningAlgorithm = policy->asymmetricModule.cryptoModule.signatureAlgorithm;

     policy->channelModule.newContext = newContext_none;
     policy->channelModule.deleteContext = deleteContext_none;
     policy->channelModule.setLocalSymEncryptingKey = setContextValue_none;
     policy->channelModule.setLocalSymSigningKey = setContextValue_none;
     policy->channelModule.setLocalSymIv = setContextValue_none;
     policy->channelModule.setRemoteSymEncryptingKey = setContextValue_none;
     policy->channelModule.setRemoteSymSigningKey = setContextValue_none;
     policy->channelModule.setRemoteSymIv = setContextValue_none;
     policy->channelModule.compareCertificate = compareCertificate_none;
     policy->updateCertificateAndPrivateKey = updateCertificateAndPrivateKey_none;
     policy->deleteMembers = policy_deletemembers_none;

     return UA_STATUSCODE_GOOD;
 }
	/* This work is licensed under a Creative Commons CCZero 1.0 Universal License.
	* See http://creativecommons.org/publicdomain/zero/1.0/ for more information.
	*
	* Copyright 2017-2018 (c) Mark Giraud, Fraunhofer IOSB
	* Copyright 2017 (c) Stefan Profanter, fortiss GmbH
	*/

	#include <open62541/plugin/securitypolicy_default.h>

	static UA_StatusCode
	verify_none(const UA_SecurityPolicy *securityPolicy,
	void *channelContext,
	const UA_ByteString *message,
	const UA_ByteString *signature) {
	return UA_STATUSCODE_GOOD;
	}

	static UA_StatusCode
	sign_none(const UA_SecurityPolicy *securityPolicy,
	void *channelContext,
	const UA_ByteString *message,
	UA_ByteString *signature) {
	return UA_STATUSCODE_GOOD;
	}

	static size_t
	length_none(const UA_SecurityPolicy *securityPolicy,
	const void *channelContext) {
	return 0;
	}

	static UA_StatusCode
	encrypt_none(const UA_SecurityPolicy *securityPolicy,
	void *channelContext,
	UA_ByteString *data) {
	return UA_STATUSCODE_GOOD;
	}

	static UA_StatusCode
	decrypt_none(const UA_SecurityPolicy *securityPolicy,
	void *channelContext,
	UA_ByteString *data) {
	return UA_STATUSCODE_GOOD;
	}

	static UA_StatusCode
	makeThumbprint_none(const UA_SecurityPolicy *securityPolicy,
	const UA_ByteString *certificate,
	UA_ByteString *thumbprint) {
	return UA_STATUSCODE_GOOD;
	}

	static UA_StatusCode
	compareThumbprint_none(const UA_SecurityPolicy *securityPolicy,
	const UA_ByteString *certificateThumbprint) {
	return UA_STATUSCODE_GOOD;
	}

	static UA_StatusCode
	generateKey_none(const UA_SecurityPolicy *securityPolicy,
	const UA_ByteString *secret,
	const UA_ByteString *seed,
	UA_ByteString *out) {
	return UA_STATUSCODE_GOOD;
	}

	/* Use the non-cryptographic RNG to set the nonce */
	static UA_StatusCode
	generateNonce_none(const UA_SecurityPolicy securityPolicy, UA_ByteString out) {
	if(securityPolicy == NULL \|\| out == NULL)
	return UA_STATUSCODE_BADINTERNALERROR;

	if(out->length == 0)
	return UA_STATUSCODE_GOOD;

	/* Fill blocks of four byte */
	size_t i = 0;
	while(i + 3 < out->length) {
	UA_UInt32 rand = UA_UInt32_random();
	memcpy(&out->data[i], &rand, 4);
	i = i+4;
	}

	/* Fill the remaining byte */
	UA_UInt32 rand = UA_UInt32_random();
	memcpy(&out->data[i], &rand, out->length % 4);

	return UA_STATUSCODE_GOOD;
	}

	static UA_StatusCode
	newContext_none(const UA_SecurityPolicy *securityPolicy,
	const UA_ByteString *remoteCertificate,
	void **channelContext) {
	return UA_STATUSCODE_GOOD;
	}

	static void
	deleteContext_none(void *channelContext) {
	}

	static UA_StatusCode
	setContextValue_none(void *channelContext,
	const UA_ByteString *key) {
	return UA_STATUSCODE_GOOD;
	}

	static UA_StatusCode
	compareCertificate_none(const void *channelContext,
	const UA_ByteString *certificate) {
	return UA_STATUSCODE_GOOD;
	}

	static UA_StatusCode
	updateCertificateAndPrivateKey_none(UA_SecurityPolicy *policy,
	const UA_ByteString newCertificate,
	const UA_ByteString newPrivateKey) {
	UA_ByteString_deleteMembers(&policy->localCertificate);
	UA_ByteString_copy(&newCertificate, &policy->localCertificate);
	return UA_STATUSCODE_GOOD;
	}


	static void
	policy_deletemembers_none(UA_SecurityPolicy *policy) {
	UA_ByteString_deleteMembers(&policy->localCertificate);
	}

	UA_StatusCode
	UA_SecurityPolicy_None(UA_SecurityPolicy *policy,
	UA_CertificateVerification *certificateVerification,
	const UA_ByteString localCertificate, const UA_Logger *logger) {
	policy->policyContext = (void *)(uintptr_t)logger;
	policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#None");
	policy->logger = logger;
	UA_ByteString_copy(&localCertificate, &policy->localCertificate);

	policy->certificateVerification = certificateVerification;

	policy->symmetricModule.generateKey = generateKey_none;
	policy->symmetricModule.generateNonce = generateNonce_none;

	UA_SecurityPolicySignatureAlgorithm *sym_signatureAlgorithm =
	&policy->symmetricModule.cryptoModule.signatureAlgorithm;
	sym_signatureAlgorithm->uri = UA_STRING_NULL;
	sym_signatureAlgorithm->verify = verify_none;
	sym_signatureAlgorithm->sign = sign_none;
	sym_signatureAlgorithm->getLocalSignatureSize = length_none;
	sym_signatureAlgorithm->getRemoteSignatureSize = length_none;
	sym_signatureAlgorithm->getLocalKeyLength = length_none;
	sym_signatureAlgorithm->getRemoteKeyLength = length_none;

	UA_SecurityPolicyEncryptionAlgorithm *sym_encryptionAlgorithm =
	&policy->symmetricModule.cryptoModule.encryptionAlgorithm;
	sym_encryptionAlgorithm->encrypt = encrypt_none;
	sym_encryptionAlgorithm->decrypt = decrypt_none;
	sym_encryptionAlgorithm->getLocalKeyLength = length_none;
	sym_encryptionAlgorithm->getRemoteKeyLength = length_none;
	sym_encryptionAlgorithm->getLocalBlockSize = length_none;
	sym_encryptionAlgorithm->getRemoteBlockSize = length_none;
	sym_encryptionAlgorithm->getLocalPlainTextBlockSize = length_none;
	sym_encryptionAlgorithm->getRemotePlainTextBlockSize = length_none;
	policy->symmetricModule.secureChannelNonceLength = 0;

	policy->asymmetricModule.makeCertificateThumbprint = makeThumbprint_none;
	policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_none;

	// This only works for none since symmetric and asymmetric crypto modules do the same i.e. nothing
	policy->asymmetricModule.cryptoModule = policy->symmetricModule.cryptoModule;

	// Use the same signing algorithm as for asymmetric signing
	policy->certificateSigningAlgorithm = policy->asymmetricModule.cryptoModule.signatureAlgorithm;

	policy->channelModule.newContext = newContext_none;
	policy->channelModule.deleteContext = deleteContext_none;
	policy->channelModule.setLocalSymEncryptingKey = setContextValue_none;
	policy->channelModule.setLocalSymSigningKey = setContextValue_none;
	policy->channelModule.setLocalSymIv = setContextValue_none;
	policy->channelModule.setRemoteSymEncryptingKey = setContextValue_none;
	policy->channelModule.setRemoteSymSigningKey = setContextValue_none;
	policy->channelModule.setRemoteSymIv = setContextValue_none;
	policy->channelModule.compareCertificate = compareCertificate_none;
	policy->updateCertificateAndPrivateKey = updateCertificateAndPrivateKey_none;
	policy->deleteMembers = policy_deletemembers_none;

	return UA_STATUSCODE_GOOD;
	}