S2OPC OPCUA Toolkit
sopc_crypto_profiles.h
Go to the documentation of this file.
1 /*
2  * Licensed to Systerel under one or more contributor license
3  * agreements. See the NOTICE file distributed with this work
4  * for additional information regarding copyright ownership.
5  * Systerel licenses this file to you under the Apache
6  * License, Version 2.0 (the "License"); you may not use this
7  * file except in compliance with the License. You may obtain
8  * a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing,
13  * software distributed under the License is distributed on an
14  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15  * KIND, either express or implied. See the License for the
16  * specific language governing permissions and limitations
17  * under the License.
18  */
19 
27 #ifndef SOPC_CRYPTO_PROFILES_H_
28 #define SOPC_CRYPTO_PROFILES_H_
29 
30 #include "sopc_crypto_decl.h"
31 #include "sopc_enums.h"
32 
33 // s2opc_common_export.h is generated by CMake, when not using CMake, copy and include
34 // "src/Common/helpers_platform_dep/<platform>/s2opc_common_export.h_"
35 #include "s2opc_common_export.h"
36 
37 // Client-server security policies
38 
39 // Crypto profiles uri and ID
41 {
51 
52 #define SOPC_SecurityPolicy_Basic256Sha256_URI "http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256"
53 #define SOPC_SecurityPolicy_Basic256_URI "http://opcfoundation.org/UA/SecurityPolicy#Basic256"
54 #define SOPC_SecurityPolicy_None_URI "http://opcfoundation.org/UA/SecurityPolicy#None"
55 #define SOPC_SecurityPolicy_PubSub_Aes256_URI "http://opcfoundation.org/UA/SecurityPolicy#PubSub-Aes256-CTR"
56 #define SOPC_SecurityPolicy_Aes128Sha256RsaOaep_URI "http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep"
57 #define SOPC_SecurityPolicy_Aes256Sha256RsaPss_URI "http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss"
58 
59 #define SOPC_SecurityPolicy_Basic256Sha256_URI_SignAlgo "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
60 #define SOPC_SecurityPolicy_Aes128Sha256RsaOaep_URI_SignAlgo "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
61 #define SOPC_SecurityPolicy_Aes256Sha256RsaPss_URI_SignAlgo "http://opcfoundation.org/UA/security/rsa-pss-sha2-256"
62 #define SOPC_SecurityPolicy_Basic256_URI_SignAlgo "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
63 
65 {
66  const char* uri;
67  const bool isInvalid;
68  const char* name;
71  uint8_t secuPolicyWeight;
72  uint32_t symmLen_CryptoKey;
73  uint32_t symmLen_SignKey;
74  uint32_t symmLen_Signature;
75  uint32_t symmLen_Block;
76  uint32_t symmLen_KeyNonce;
78  uint32_t asymLen_OAEP_Hash;
79  uint32_t asymLen_KeyMinBits;
80  uint32_t asymLen_KeyMaxBits;
82  uint32_t certLen_Thumbprint;
83  const char* URI_SignAlgo;
85 
90 
91 // API
94 
95 /* ------------------------------------------------------------------------------------------------
96  * Internal CryptoProfile function pointers.
97  * ------------------------------------------------------------------------------------------------
98  */
100  const uint8_t* pInput,
101  uint32_t lenPlainText,
102  const SOPC_ExposedBuffer* pKey,
103  const SOPC_ExposedBuffer* pIV,
104  uint8_t* pOutput,
105  uint32_t lenOutput);
107  const uint8_t* pInput,
108  uint32_t lenCipherText,
109  const SOPC_ExposedBuffer* pKey,
110  const SOPC_ExposedBuffer* pIV,
111  uint8_t* pOutput,
112  uint32_t lenOutput);
114  const uint8_t* pInput,
115  uint32_t lenInput,
116  const SOPC_ExposedBuffer* pKey,
117  uint8_t* pOutput);
119  const uint8_t* pInput,
120  uint32_t lenInput,
121  const SOPC_ExposedBuffer* pKey,
122  const uint8_t* pSignature);
124  SOPC_ExposedBuffer* pData,
125  uint32_t lenData);
127  const SOPC_ExposedBuffer* pSecret,
128  uint32_t lenSecret,
129  const SOPC_ExposedBuffer* pSeed,
130  uint32_t lenSeed,
131  SOPC_ExposedBuffer* pOutput,
132  uint32_t lenOutput);
134  const uint8_t* pInput,
135  uint32_t lenPlainText,
136  const SOPC_AsymmetricKey* pKey,
137  uint8_t* pOutput);
139  const uint8_t* pInput,
140  uint32_t lenCipherText,
141  const SOPC_AsymmetricKey* pKey,
142  uint8_t* pOutput,
143  uint32_t* lenWritten);
145  const uint8_t* pInput,
146  uint32_t lenInput,
147  const SOPC_AsymmetricKey* pKey,
148  uint8_t* pSignature);
150  const uint8_t* pInput,
151  uint32_t lenInput,
152  const SOPC_AsymmetricKey* pKey,
153  const uint8_t* pSignature);
154 
156  const uint8_t* pInput,
157  uint32_t lenInput,
158  const SOPC_ExposedBuffer* pKey,
159  const SOPC_ExposedBuffer* pKeyNonce,
160  const SOPC_ExposedBuffer* pRandom,
161  uint32_t uSequenceNumber,
162  uint8_t* pOutput);
163 
164 /* ------------------------------------------------------------------------------------------------
165  * The CryptoProfile definitions
166  * ------------------------------------------------------------------------------------------------
167  */
168 
181 {
193 };
194 
205 {
206  const uint32_t SecurityPolicyID;
211 };
212 
213 #endif /* SOPC_CRYPTO_PROFILES_H_ */
SOPC_SecurityPolicy_Config::symmLen_MessageRandom
uint32_t symmLen_MessageRandom
Definition: sopc_crypto_profiles.h:77
FnSymmetricVerify
SOPC_ReturnStatus FnSymmetricVerify(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, const SOPC_ExposedBuffer *pKey, const uint8_t *pSignature)
Definition: sopc_crypto_profiles.h:118
SOPC_SecurityPolicy_Config
Definition: sopc_crypto_profiles.h:65
SOPC_CryptoProfile::pFnGenRnd
FnGenerateRandom *const pFnGenRnd
Definition: sopc_crypto_profiles.h:187
SOPC_SecurityPolicy_Config::symmLen_Signature
uint32_t symmLen_Signature
Definition: sopc_crypto_profiles.h:74
SOPC_SecurityPolicy_Last_ID
@ SOPC_SecurityPolicy_Last_ID
Definition: sopc_crypto_profiles.h:49
FnGenerateRandom
SOPC_ReturnStatus FnGenerateRandom(const SOPC_CryptoProvider *pProvider, SOPC_ExposedBuffer *pData, uint32_t lenData)
Definition: sopc_crypto_profiles.h:123
SOPC_SecurityPolicy_Config_Get
const SOPC_SecurityPolicy_Config * SOPC_SecurityPolicy_Config_Get(SOPC_SecurityPolicy_ID policyId)
SOPC_CryptoProfile::pFnAsymEncrypt
FnAsymmetricEncrypt *const pFnAsymEncrypt
Definition: sopc_crypto_profiles.h:189
SOPC_SecurityPolicy_Config::psProfile
const SOPC_CryptoProfile_PubSub * psProfile
Definition: sopc_crypto_profiles.h:70
SOPC_SecurityPolicy_Aes256Sha256RsaPss_ID
@ SOPC_SecurityPolicy_Aes256Sha256RsaPss_ID
Definition: sopc_crypto_profiles.h:48
SOPC_CryptoProfile_PubSub::SecurityPolicyID
const uint32_t SecurityPolicyID
Definition: sopc_crypto_profiles.h:206
SOPC_SecurityPolicy_Config
struct SOPC_SecurityPolicy_Config SOPC_SecurityPolicy_Config
SOPC_SecurityPolicy_Config::certLen_Thumbprint
uint32_t certLen_Thumbprint
Definition: sopc_crypto_profiles.h:82
SOPC_SecurityPolicy_None_ID
@ SOPC_SecurityPolicy_None_ID
Definition: sopc_crypto_profiles.h:45
SOPC_SecurityPolicy_Basic256_ID
@ SOPC_SecurityPolicy_Basic256_ID
Definition: sopc_crypto_profiles.h:44
SOPC_CryptoProfile_PubSub::pFnSymmSign
FnSymmetricSign *const pFnSymmSign
Definition: sopc_crypto_profiles.h:208
FnAsymmetricEncrypt
SOPC_ReturnStatus FnAsymmetricEncrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenPlainText, const SOPC_AsymmetricKey *pKey, uint8_t *pOutput)
Definition: sopc_crypto_profiles.h:133
SOPC_CryptoProfile::pFnDeriveData
FnDerivePseudoRandomData *const pFnDeriveData
Definition: sopc_crypto_profiles.h:188
FnSymmetricDecrypt
SOPC_ReturnStatus FnSymmetricDecrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenCipherText, const SOPC_ExposedBuffer *pKey, const SOPC_ExposedBuffer *pIV, uint8_t *pOutput, uint32_t lenOutput)
Definition: sopc_crypto_profiles.h:106
SOPC_CryptoProfile::pFnAsymVerify
FnAsymmetricVerify *const pFnAsymVerify
Definition: sopc_crypto_profiles.h:192
SOPC_CryptoProfile::pFnSymmEncrypt
FnSymmetricEncrypt *const pFnSymmEncrypt
Definition: sopc_crypto_profiles.h:183
sopc_crypto_decl.h
Defines the common declarations for the cryptographic objects. The structures and macros defined in t...
SOPC_SecurityPolicy_Config::asymLen_KeyMinBits
uint32_t asymLen_KeyMinBits
Definition: sopc_crypto_profiles.h:79
s2opc_common_export.h
SOPC_SecurityPolicy_Config::name
const char * name
Definition: sopc_crypto_profiles.h:68
FnSymmetricEncrypt
SOPC_ReturnStatus FnSymmetricEncrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenPlainText, const SOPC_ExposedBuffer *pKey, const SOPC_ExposedBuffer *pIV, uint8_t *pOutput, uint32_t lenOutput)
Definition: sopc_crypto_profiles.h:99
sopc_enums.h
SOPC_CryptoProfile::pFnSymmDecrypt
FnSymmetricDecrypt *const pFnSymmDecrypt
Definition: sopc_crypto_profiles.h:184
FnPubSubCrypt
SOPC_ReturnStatus FnPubSubCrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, const SOPC_ExposedBuffer *pKey, const SOPC_ExposedBuffer *pKeyNonce, const SOPC_ExposedBuffer *pRandom, uint32_t uSequenceNumber, uint8_t *pOutput)
Definition: sopc_crypto_profiles.h:155
SOPC_CryptoProvider
The SOPC_CryptoProvider context.
Definition: sopc_crypto_provider.h:43
SOPC_CryptoProfile_PubSub::pFnGenRnd
FnGenerateRandom *const pFnGenRnd
Definition: sopc_crypto_profiles.h:210
SOPC_CryptoProfile::pFnAsymDecrypt
FnAsymmetricDecrypt *const pFnAsymDecrypt
Definition: sopc_crypto_profiles.h:190
SOPC_CryptoProfile_PubSub::pFnCrypt
FnPubSubCrypt *const pFnCrypt
Definition: sopc_crypto_profiles.h:207
SOPC_SecurityPolicy_Invalid_ID
@ SOPC_SecurityPolicy_Invalid_ID
Definition: sopc_crypto_profiles.h:42
SOPC_SecurityPolicy_Config::secuPolicyWeight
uint8_t secuPolicyWeight
Definition: sopc_crypto_profiles.h:71
FnAsymmetricDecrypt
SOPC_ReturnStatus FnAsymmetricDecrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenCipherText, const SOPC_AsymmetricKey *pKey, uint8_t *pOutput, uint32_t *lenWritten)
Definition: sopc_crypto_profiles.h:138
SOPC_CryptoProfile::pFnAsymSign
FnAsymmetricSign *const pFnAsymSign
Definition: sopc_crypto_profiles.h:191
SOPC_CryptoProfile_Get
const SOPC_SecurityPolicy_Config * SOPC_CryptoProfile_Get(const char *uri)
SOPC_SecurityPolicy_Config::symmLen_KeyNonce
uint32_t symmLen_KeyNonce
Definition: sopc_crypto_profiles.h:76
SOPC_CryptoProfile_PubSub_Get
const SOPC_CryptoProfile_PubSub * SOPC_CryptoProfile_PubSub_Get(const char *uri)
SOPC_SecurityPolicy_PubSub_Aes256_ID
@ SOPC_SecurityPolicy_PubSub_Aes256_ID
Definition: sopc_crypto_profiles.h:46
FnAsymmetricVerify
SOPC_ReturnStatus FnAsymmetricVerify(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, const SOPC_AsymmetricKey *pKey, const uint8_t *pSignature)
Definition: sopc_crypto_profiles.h:149
FnSymmetricSign
SOPC_ReturnStatus FnSymmetricSign(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, const SOPC_ExposedBuffer *pKey, uint8_t *pOutput)
Definition: sopc_crypto_profiles.h:113
SOPC_SecurityPolicy_Config::asymLen_KeyMaxBits
uint32_t asymLen_KeyMaxBits
Definition: sopc_crypto_profiles.h:80
SOPC_CryptoProfile_PubSub::pFnSymmVerif
FnSymmetricVerify *const pFnSymmVerif
Definition: sopc_crypto_profiles.h:209
SOPC_SecurityPolicy_Config::profile
const SOPC_CryptoProfile * profile
Definition: sopc_crypto_profiles.h:69
SOPC_AsymmetricKey
The asymmetric key representation.
Definition: key_manager_cyclone.h:42
SOPC_CryptoProfile
SOPC_CryptoProfiles gather pointers to cryptographic functions of the security policies of OPC UA Ser...
Definition: sopc_crypto_profiles.h:181
SOPC_SecurityPolicy_Basic256Sha256_ID
@ SOPC_SecurityPolicy_Basic256Sha256_ID
Definition: sopc_crypto_profiles.h:43
SOPC_CryptoProfile_PubSub
SOPC_CryptoProfiles_PubSub gather pointers to cryptographic functions of the security policies of OPC...
Definition: sopc_crypto_profiles.h:205
SOPC_SecurityPolicy_Config::symmLen_Block
uint32_t symmLen_Block
Definition: sopc_crypto_profiles.h:75
SOPC_ExposedBuffer
uint8_t SOPC_ExposedBuffer
Definition: sopc_secret_buffer.h:36
FnDerivePseudoRandomData
SOPC_ReturnStatus FnDerivePseudoRandomData(const SOPC_CryptoProvider *pProvider, const SOPC_ExposedBuffer *pSecret, uint32_t lenSecret, const SOPC_ExposedBuffer *pSeed, uint32_t lenSeed, SOPC_ExposedBuffer *pOutput, uint32_t lenOutput)
Definition: sopc_crypto_profiles.h:126
SOPC_SecurityPolicy_Config::symmLen_SignKey
uint32_t symmLen_SignKey
Definition: sopc_crypto_profiles.h:73
SOPC_SecurityPolicy_Aes128Sha256RsaOaep_ID
@ SOPC_SecurityPolicy_Aes128Sha256RsaOaep_ID
Definition: sopc_crypto_profiles.h:47
FnAsymmetricSign
SOPC_ReturnStatus FnAsymmetricSign(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, const SOPC_AsymmetricKey *pKey, uint8_t *pSignature)
Definition: sopc_crypto_profiles.h:144
SOPC_CryptoProfile::pFnSymmVerif
FnSymmetricVerify *const pFnSymmVerif
Definition: sopc_crypto_profiles.h:186
SOPC_SecurityPolicy_Config::secureChannelNonceLength
uint32_t secureChannelNonceLength
Definition: sopc_crypto_profiles.h:81
SOPC_SecurityPolicy_Config::symmLen_CryptoKey
uint32_t symmLen_CryptoKey
Definition: sopc_crypto_profiles.h:72
SOPC_SecurityPolicy_ID
SOPC_SecurityPolicy_ID
Definition: sopc_crypto_profiles.h:41
SOPC_SecurityPolicy_Config::isInvalid
const bool isInvalid
Definition: sopc_crypto_profiles.h:67
SOPC_CryptoProfile::pFnSymmSign
FnSymmetricSign *const pFnSymmSign
Definition: sopc_crypto_profiles.h:185
SOPC_SecurityPolicy_Config::URI_SignAlgo
const char * URI_SignAlgo
Definition: sopc_crypto_profiles.h:83
SOPC_SecurityPolicy_Config::uri
const char * uri
Definition: sopc_crypto_profiles.h:66
SOPC_SecurityPolicy_Config::asymLen_OAEP_Hash
uint32_t asymLen_OAEP_Hash
Definition: sopc_crypto_profiles.h:78
SOPC_ReturnStatus
SOPC_ReturnStatus
Definition: libs2opc_client.h:64
SOPC_CryptoProfile::SecurityPolicyID
const SOPC_SecurityPolicy_ID SecurityPolicyID
Definition: sopc_crypto_profiles.h:182