Support PubSub Security Policy
Description
The PubSub security policies are slightly different from the OPC Services security policies. The goal is to modify S2OPC's crytpographic library to handle all of the security policies.
Analysis
The requirements for the PubSub security policies are different.
They don't require asymmetric encryption nor signature.
They work with symmetric encryption, but use another mode of operation (CTR instead of CBC).
This means that the function pointers FnSymmetricEncrypt
cannot be reused.
Hence, a new type of CryptoProfile
must be created.
The differences for the symmetric requirements are as follows:
- there is no Initialization Vector with PubSub
- there are additional required data:
- the key nonce, a random block renewed with symmetric keys,
- a random nonce changed with each published message,
- the sequence number, incremented with each new published message.
With CTR mode of operation, the encryption process is rigorously identical to the decryption process. Hence it is not required to keep two separate functions.
The symmetric sign and verify operations, as well as the random generators, are similar to the ones used in OPC Services.
It should be possible to re-use the SOPC_CryptoProvider
for both security policy types.
Changes
- Add a
SOPC_CryptoProfile_PubSub
, - modify
SOPC_CryptoProvider
to include both security policies, - add getters to retrieve each of them from a
CryptoProvider
, - modify existing code to use these getters for the UA Services part,
- add a new API for the
CryptoProvider
:- PubSub encryption and decryption can be factorized as it is the same operation in CTR mod,
- PubSub signature and random generations can be reused,
- PubSub
CryptoProvider
shall be created from a different API, such that the SecurityPolicy None, which is common to Services and PubSub, may be used to createCryptoProvider
with either a service profile or a PubSub profile.
- add tests:
- test that PubSub
CryptoProvider
cannot be used to perform UA Services cryptography, - test that Services
CryptoProvider
cannot be used to perform UA PubSub cryptography, - test the AES-CTR encryption, decryption, signature, verify signature, for all 3 currently existing PubSub security policies.
- test that PubSub