Documentation
¶
Overview ¶
Package securitypolicy implements the encryption, decryption, signing, and signature verifying algorithms for Security Policy profiles as defined in Part 7 of the OPC-UA specifications (version 1.04)
Index ¶
- func SupportedPolicies() []string
- type EncryptionAlgorithm
- func (e *EncryptionAlgorithm) BlockSize() int
- func (e *EncryptionAlgorithm) Decrypt(ciphertext []byte) (cleartext []byte, err error)
- func (e *EncryptionAlgorithm) Encrypt(cleartext []byte) (ciphertext []byte, err error)
- func (e *EncryptionAlgorithm) EncryptionURI() string
- func (e *EncryptionAlgorithm) MinPadding() int
- func (e *EncryptionAlgorithm) Signature(message []byte) (signature []byte, err error)
- func (e *EncryptionAlgorithm) SignatureLength() int
- func (e *EncryptionAlgorithm) SignatureURI() string
- func (e *EncryptionAlgorithm) VerifySignature(message, signature []byte) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SupportedPolicies ¶
func SupportedPolicies() []string
SupportedPolicies returns all supported Security Policies (and therefore, valid inputs to Asymmetric(...) and Symmetric(...))
Types ¶
type EncryptionAlgorithm ¶
type EncryptionAlgorithm struct {
// contains filtered or unexported fields
}
EncryptionAlgorithm wraps the functions used to return the various methods required to implement the symmetric and asymmetric algorithms Function variables were used instead of an interface to make better use of policies which implement the same algorithms in different combinations
EncryptionAlgorithm should always be instantiated through calls to SecurityPolicy.Symmetric() and SecurityPolicy.Asymmetric() to ensure correct behavior. The zero value of this struct will use SecurityPolicy#None although using in this manner is discouraged for readability
func Asymmetric ¶
func Asymmetric(policyURI string, localKey *rsa.PrivateKey, remoteKey *rsa.PublicKey) (*EncryptionAlgorithm, error)
Asymmetric returns the EncryptionAlgorithm struct seeded with the required public and private RSA keys to fully implement. For Security Policy "None", both keys are ignored and may be nil
func Symmetric ¶
func Symmetric(policyURI string, localNonce []byte, remoteNonce []byte) (*EncryptionAlgorithm, error)
Symmetric returns the EncryptionAlgorithm struct seeded with the client and server nonces negotiated from the OpenSecureChannel service (encrypted by the Asymmetric algorithms) For Security Policy "None", both nonces are ignored and may be nil
func (*EncryptionAlgorithm) BlockSize ¶
func (e *EncryptionAlgorithm) BlockSize() int
BlockSize returns the underlying encryption algorithm's blocksize. Used to calculate the padding required to make the cleartext an even multiple of the blocksize
func (*EncryptionAlgorithm) Decrypt ¶
func (e *EncryptionAlgorithm) Decrypt(ciphertext []byte) (cleartext []byte, err error)
Decrypt decrypts the input ciphertext based on the algorithms and keys passed in
func (*EncryptionAlgorithm) Encrypt ¶
func (e *EncryptionAlgorithm) Encrypt(cleartext []byte) (ciphertext []byte, err error)
Encrypt encrypts the input cleartext based on the algorithms and keys passed in
func (*EncryptionAlgorithm) EncryptionURI ¶
func (e *EncryptionAlgorithm) EncryptionURI() string
EncryptionURI returns the URI for the encryption algorithm as defined by the OPC-UA profiles in Part 7
func (*EncryptionAlgorithm) MinPadding ¶
func (e *EncryptionAlgorithm) MinPadding() int
MinPadding returns the underlying encryption algorithm's minimum padding. Used to calculate the maximum plaintext blocksize that can be fed into the encryption algorithm.
func (*EncryptionAlgorithm) Signature ¶
func (e *EncryptionAlgorithm) Signature(message []byte) (signature []byte, err error)
Signature returns the cryptographic signature of message
func (*EncryptionAlgorithm) SignatureLength ¶
func (e *EncryptionAlgorithm) SignatureLength() int
SignatureLength returns the length in bytes for the signature algorithm
func (*EncryptionAlgorithm) SignatureURI ¶
func (e *EncryptionAlgorithm) SignatureURI() string
SignatureURI returns the URI for the signature algorithm as defined by the OPC-UA profiles in Part 7
func (*EncryptionAlgorithm) VerifySignature ¶
func (e *EncryptionAlgorithm) VerifySignature(message, signature []byte) error
VerifySignature validates that 'signature' is the correct cryptographic signature of 'message' or returns an error. A return value of nil means the signature is valid
Source Files
¶
- cryptoAesCbc.go
- cryptoHmac.go
- cryptoNone.go
- cryptoRsaOaep.go
- cryptoRsaPkc15.go
- cryptoRsaPss.go
- keyDerivation.go
- keysize.go
- policyAes128Sha256RsaOaep.go
- policyAes256Sha256RsaPss.go
- policyBasic128Rsa15.go
- policyBasic256.go
- policyBasic256Sha256.go
- policyNone.go
- policyPubSubAes128CTR.go
- policyPubSubAes256CTR.go
- securitypolicy.go
- supportedPolicies.go