/src/S2OPC/src/Common/crypto/sopc_crypto_profiles.c

Source (jump to first uncovered line)
/*
 * Licensed to Systerel under one or more contributor license
 * agreements. See the NOTICE file distributed with this work
 * for additional information regarding copyright ownership.
 * Systerel licenses this file to you under the Apache
 * License, Version 2.0 (the "License"); you may not use this
 * file except in compliance with the License. You may obtain
 * a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

#include <string.h>

#include "sopc_assert.h"
#include "sopc_crypto_decl.h"
#include "sopc_crypto_profiles.h"
#include "sopc_crypto_profiles_lib_itf.h"
#include "sopc_helper_string.h"

const SOPC_SecurityPolicy_Config securityPolicy_cfg[SOPC_SecurityPolicy_Last_ID] = {
    // SOPC_SecurityPolicy_Invalid_ID
    {.uri = NULL,
     .name = "<Invalid>",
     .isInvalid = true,
     .profile = NULL,
     .psProfile = NULL,
     .secuPolicyWeight = 0,
     .symmLen_CryptoKey = 0,
     .symmLen_SignKey = 0,
     .symmLen_Signature = 0,
     .symmLen_Block = 0,
     .symmLen_KeyNonce = 0,
     .symmLen_MessageRandom = 0,
     .asymLen_OAEP_Hash = 0,
     .asymLen_KeyMinBits = 0,
     .asymLen_KeyMaxBits = 0,
     .secureChannelNonceLength = 0,
     .URI_SignAlgo = NULL,
     .certLen_Thumbprint = 0},
    // SOPC_SecurityPolicy_Basic256Sha256_ID
    {.uri = SOPC_SecurityPolicy_Basic256Sha256_URI,
     .name = "Basic256Sha256",
     .isInvalid = false,
     .profile = &sopc_g_cpBasic256Sha256,
     .psProfile = NULL,
     .secuPolicyWeight = 3,
     .symmLen_CryptoKey = 32,
     .symmLen_SignKey = 32,
     .symmLen_Signature = 32,
     .symmLen_Block = 16,
     .symmLen_KeyNonce = 0,
     .symmLen_MessageRandom = 0,
     .asymLen_OAEP_Hash = 20,
     .asymLen_KeyMinBits = 2048,
     .asymLen_KeyMaxBits = 4096,
     .secureChannelNonceLength = 32,
     .URI_SignAlgo = SOPC_SecurityPolicy_Basic256Sha256_URI_SignAlgo,
     .certLen_Thumbprint = 20},
    // SOPC_SecurityPolicy_Basic256_ID
    {.uri = SOPC_SecurityPolicy_Basic256_URI,
     .name = "Basic256",
     .isInvalid = false,
     .profile = &sopc_g_cpBasic256,
     .psProfile = NULL,
     .secuPolicyWeight = 2,
     .symmLen_CryptoKey = 32,
     .symmLen_SignKey = 24,
     .symmLen_Signature = 20,
     .symmLen_Block = 16,
     .symmLen_KeyNonce = 0,
     .symmLen_MessageRandom = 0,
     .asymLen_OAEP_Hash = 20,
     .asymLen_KeyMinBits = 1024,
     .asymLen_KeyMaxBits = 2048,
     .secureChannelNonceLength = 32,
     .URI_SignAlgo = SOPC_SecurityPolicy_Basic256_URI_SignAlgo,
     .certLen_Thumbprint = 20},
    // SOPC_SecurityPolicy_None_ID
    {.uri = SOPC_SecurityPolicy_None_URI,
     .name = "None",
     .isInvalid = false,
     .profile = &sopc_g_cpNone,
     .psProfile = &sopc_g_cppsNone,
     .secuPolicyWeight = 0,
     .symmLen_CryptoKey = 0,
     .symmLen_SignKey = 0,
     .symmLen_Signature = 0,
     .symmLen_Block = 0,
     .symmLen_KeyNonce = 0,
     .symmLen_MessageRandom = 0,
     .asymLen_OAEP_Hash = 0,
     .asymLen_KeyMinBits = 0,
     .asymLen_KeyMaxBits = 0,
     .secureChannelNonceLength = 0,
     .URI_SignAlgo = NULL,
     .certLen_Thumbprint = 0},
    // SOPC_SecurityPolicy_PubSub_Aes256_ID
    {.uri = SOPC_SecurityPolicy_PubSub_Aes256_URI,
     .name = "Aes256",
     .isInvalid = false,
     .profile = NULL,
     .psProfile = &sopc_g_cppsPubSubAes256,
     .secuPolicyWeight = 0,
     .symmLen_CryptoKey = 32,
     .symmLen_SignKey = 32,
     .symmLen_Signature = 32,
     .symmLen_Block = 0,
     .symmLen_KeyNonce = 4,
     .symmLen_MessageRandom = 4,
     .asymLen_OAEP_Hash = 0,
     .asymLen_KeyMinBits = 0,
     .asymLen_KeyMaxBits = 0,
     .secureChannelNonceLength = 0,
     .URI_SignAlgo = NULL,
     .certLen_Thumbprint = 0},
    // SOPC_SecurityPolicy_Aes128Sha256RsaOaep_ID
    {.uri = SOPC_SecurityPolicy_Aes128Sha256RsaOaep_URI,
     .name = "Aes128-Sha256-RsaOaep",
     .isInvalid = false,
     .profile = &sopc_g_cpAes128Sha256RsaOaep,
     .psProfile = NULL,
     .secuPolicyWeight = 1,
     .symmLen_CryptoKey = 16,
     .symmLen_SignKey = 32,
     .symmLen_Signature = 32,
     .symmLen_Block = 16,
     .symmLen_KeyNonce = 0,
     .symmLen_MessageRandom = 0,
     .asymLen_OAEP_Hash = 20,
     .asymLen_KeyMinBits = 2048,
     .asymLen_KeyMaxBits = 4096,
     .secureChannelNonceLength = 32,
     .URI_SignAlgo = SOPC_SecurityPolicy_Aes128Sha256RsaOaep_URI_SignAlgo,
     .certLen_Thumbprint = 20},
    // SOPC_SecurityPolicy_Aes256Sha256RsaPss_ID
    {.uri = SOPC_SecurityPolicy_Aes256Sha256RsaPss_URI,
     .name = "Aes256-Sha256-RsaPss",
     .isInvalid = false,
     .profile = &sopc_g_cpAes256Sha256RsaPss,
     .psProfile = NULL,
     .secuPolicyWeight = 4,
     .symmLen_CryptoKey = 32,
     .symmLen_SignKey = 32,
     .symmLen_Signature = 32,
     .symmLen_Block = 16,
     .symmLen_KeyNonce = 0,
     .symmLen_MessageRandom = 0,
     .asymLen_OAEP_Hash = 32,
     .asymLen_KeyMinBits = 2048,
     .asymLen_KeyMaxBits = 4096,
     .secureChannelNonceLength = 32,
     .URI_SignAlgo = SOPC_SecurityPolicy_Aes256Sha256RsaPss_URI_SignAlgo,
     .certLen_Thumbprint = 20},
};

const SOPC_SecurityPolicy_Config* SOPC_SecurityPolicy_Config_Get(SOPC_SecurityPolicy_ID policyId)
{
    if (((uint32_t) policyId) >= SOPC_SecurityPolicy_Last_ID)
    {
        policyId = SOPC_SecurityPolicy_Invalid_ID;
    }
    return &securityPolicy_cfg[policyId];
}

const SOPC_SecurityPolicy_Config* SOPC_CryptoProfile_Get(const char* uri)
{
    if (NULL == uri)
    {
        return NULL;
    }

    /* Compares len+1 to include the trailing \0 of the zero-terminated URI.
     * This avoids false positives with strings prefixed by a valid security policy. */
    const size_t len = strlen(uri) + 1;
    for (size_t i = 0; i < SOPC_SecurityPolicy_Last_ID; i++)
    {
        const SOPC_SecurityPolicy_Config* policy = &securityPolicy_cfg[i];

        if (SOPC_strncmp_ignore_case(uri, policy->uri, len) == 0)
        {
            return policy;
        }
    }

    return NULL;
}

const SOPC_CryptoProfile_PubSub* SOPC_CryptoProfile_PubSub_Get(const char* uri)
{
    if (NULL == uri)
    {
        return NULL;
    }

    /* Compares len+1 to include the trailing \0 of the zero-terminated URI.
     * This avoids false positives with strings prefixed by a valid security policy. */
    const size_t len = strlen(uri) + 1;
    for (size_t i = 0; i < SOPC_SecurityPolicy_Last_ID; i++)
    {
        const SOPC_SecurityPolicy_Config* policy = &securityPolicy_cfg[i];

        if (SOPC_strncmp_ignore_case(uri, policy->uri, len) == 0)
        {
            return policy->psProfile;
        }
    }

    return NULL;
}

Coverage Report

Created: 2025-07-18 06:54

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Licensed to Systerel under one or more contributor license
3		* agreements. See the NOTICE file distributed with this work
4		* for additional information regarding copyright ownership.
5		* Systerel licenses this file to you under the Apache
6		* License, Version 2.0 (the "License"); you may not use this
7		* file except in compliance with the License. You may obtain
8		* a copy of the License at
9		*
10		* http://www.apache.org/licenses/LICENSE-2.0
11		*
12		* Unless required by applicable law or agreed to in writing,
13		* software distributed under the License is distributed on an
14		* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15		* KIND, either express or implied. See the License for the
16		* specific language governing permissions and limitations
17		* under the License.
18		*/
19
20		#include <string.h>
21
22		#include "sopc_assert.h"
23		#include "sopc_crypto_decl.h"
24		#include "sopc_crypto_profiles.h"
25		#include "sopc_crypto_profiles_lib_itf.h"
26		#include "sopc_helper_string.h"
27
28		const SOPC_SecurityPolicy_Config securityPolicy_cfg[SOPC_SecurityPolicy_Last_ID] = {
29		// SOPC_SecurityPolicy_Invalid_ID
30		{.uri = NULL,
31		.name = "<Invalid>",
32		.isInvalid = true,
33		.profile = NULL,
34		.psProfile = NULL,
35		.secuPolicyWeight = 0,
36		.symmLen_CryptoKey = 0,
37		.symmLen_SignKey = 0,
38		.symmLen_Signature = 0,
39		.symmLen_Block = 0,
40		.symmLen_KeyNonce = 0,
41		.symmLen_MessageRandom = 0,
42		.asymLen_OAEP_Hash = 0,
43		.asymLen_KeyMinBits = 0,
44		.asymLen_KeyMaxBits = 0,
45		.secureChannelNonceLength = 0,
46		.URI_SignAlgo = NULL,
47		.certLen_Thumbprint = 0},
48		// SOPC_SecurityPolicy_Basic256Sha256_ID
49		{.uri = SOPC_SecurityPolicy_Basic256Sha256_URI,
50		.name = "Basic256Sha256",
51		.isInvalid = false,
52		.profile = &sopc_g_cpBasic256Sha256,
53		.psProfile = NULL,
54		.secuPolicyWeight = 3,
55		.symmLen_CryptoKey = 32,
56		.symmLen_SignKey = 32,
57		.symmLen_Signature = 32,
58		.symmLen_Block = 16,
59		.symmLen_KeyNonce = 0,
60		.symmLen_MessageRandom = 0,
61		.asymLen_OAEP_Hash = 20,
62		.asymLen_KeyMinBits = 2048,
63		.asymLen_KeyMaxBits = 4096,
64		.secureChannelNonceLength = 32,
65		.URI_SignAlgo = SOPC_SecurityPolicy_Basic256Sha256_URI_SignAlgo,
66		.certLen_Thumbprint = 20},
67		// SOPC_SecurityPolicy_Basic256_ID
68		{.uri = SOPC_SecurityPolicy_Basic256_URI,
69		.name = "Basic256",
70		.isInvalid = false,
71		.profile = &sopc_g_cpBasic256,
72		.psProfile = NULL,
73		.secuPolicyWeight = 2,
74		.symmLen_CryptoKey = 32,
75		.symmLen_SignKey = 24,
76		.symmLen_Signature = 20,
77		.symmLen_Block = 16,
78		.symmLen_KeyNonce = 0,
79		.symmLen_MessageRandom = 0,
80		.asymLen_OAEP_Hash = 20,
81		.asymLen_KeyMinBits = 1024,
82		.asymLen_KeyMaxBits = 2048,
83		.secureChannelNonceLength = 32,
84		.URI_SignAlgo = SOPC_SecurityPolicy_Basic256_URI_SignAlgo,
85		.certLen_Thumbprint = 20},
86		// SOPC_SecurityPolicy_None_ID
87		{.uri = SOPC_SecurityPolicy_None_URI,
88		.name = "None",
89		.isInvalid = false,
90		.profile = &sopc_g_cpNone,
91		.psProfile = &sopc_g_cppsNone,
92		.secuPolicyWeight = 0,
93		.symmLen_CryptoKey = 0,
94		.symmLen_SignKey = 0,
95		.symmLen_Signature = 0,
96		.symmLen_Block = 0,
97		.symmLen_KeyNonce = 0,
98		.symmLen_MessageRandom = 0,
99		.asymLen_OAEP_Hash = 0,
100		.asymLen_KeyMinBits = 0,
101		.asymLen_KeyMaxBits = 0,
102		.secureChannelNonceLength = 0,
103		.URI_SignAlgo = NULL,
104		.certLen_Thumbprint = 0},
105		// SOPC_SecurityPolicy_PubSub_Aes256_ID
106		{.uri = SOPC_SecurityPolicy_PubSub_Aes256_URI,
107		.name = "Aes256",
108		.isInvalid = false,
109		.profile = NULL,
110		.psProfile = &sopc_g_cppsPubSubAes256,
111		.secuPolicyWeight = 0,
112		.symmLen_CryptoKey = 32,
113		.symmLen_SignKey = 32,
114		.symmLen_Signature = 32,
115		.symmLen_Block = 0,
116		.symmLen_KeyNonce = 4,
117		.symmLen_MessageRandom = 4,
118		.asymLen_OAEP_Hash = 0,
119		.asymLen_KeyMinBits = 0,
120		.asymLen_KeyMaxBits = 0,
121		.secureChannelNonceLength = 0,
122		.URI_SignAlgo = NULL,
123		.certLen_Thumbprint = 0},
124		// SOPC_SecurityPolicy_Aes128Sha256RsaOaep_ID
125		{.uri = SOPC_SecurityPolicy_Aes128Sha256RsaOaep_URI,
126		.name = "Aes128-Sha256-RsaOaep",
127		.isInvalid = false,
128		.profile = &sopc_g_cpAes128Sha256RsaOaep,
129		.psProfile = NULL,
130		.secuPolicyWeight = 1,
131		.symmLen_CryptoKey = 16,
132		.symmLen_SignKey = 32,
133		.symmLen_Signature = 32,
134		.symmLen_Block = 16,
135		.symmLen_KeyNonce = 0,
136		.symmLen_MessageRandom = 0,
137		.asymLen_OAEP_Hash = 20,
138		.asymLen_KeyMinBits = 2048,
139		.asymLen_KeyMaxBits = 4096,
140		.secureChannelNonceLength = 32,
141		.URI_SignAlgo = SOPC_SecurityPolicy_Aes128Sha256RsaOaep_URI_SignAlgo,
142		.certLen_Thumbprint = 20},
143		// SOPC_SecurityPolicy_Aes256Sha256RsaPss_ID
144		{.uri = SOPC_SecurityPolicy_Aes256Sha256RsaPss_URI,
145		.name = "Aes256-Sha256-RsaPss",
146		.isInvalid = false,
147		.profile = &sopc_g_cpAes256Sha256RsaPss,
148		.psProfile = NULL,
149		.secuPolicyWeight = 4,
150		.symmLen_CryptoKey = 32,
151		.symmLen_SignKey = 32,
152		.symmLen_Signature = 32,
153		.symmLen_Block = 16,
154		.symmLen_KeyNonce = 0,
155		.symmLen_MessageRandom = 0,
156		.asymLen_OAEP_Hash = 32,
157		.asymLen_KeyMinBits = 2048,
158		.asymLen_KeyMaxBits = 4096,
159		.secureChannelNonceLength = 32,
160		.URI_SignAlgo = SOPC_SecurityPolicy_Aes256Sha256RsaPss_URI_SignAlgo,
161		.certLen_Thumbprint = 20},
162		};
163
164		const SOPC_SecurityPolicy_Config* SOPC_SecurityPolicy_Config_Get(SOPC_SecurityPolicy_ID policyId)
165	0	{
166	0	if (((uint32_t) policyId) >= SOPC_SecurityPolicy_Last_ID)
167	0	{
168	0	policyId = SOPC_SecurityPolicy_Invalid_ID;
169	0	}
170	0	return &securityPolicy_cfg[policyId];
171	0	}
172
173		const SOPC_SecurityPolicy_Config* SOPC_CryptoProfile_Get(const char* uri)
174	0	{
175	0	if (NULL == uri)
176	0	{
177	0	return NULL;
178	0	}
179
180		/* Compares len+1 to include the trailing \0 of the zero-terminated URI.
181		* This avoids false positives with strings prefixed by a valid security policy. */
182	0	const size_t len = strlen(uri) + 1;
183	0	for (size_t i = 0; i < SOPC_SecurityPolicy_Last_ID; i++)
184	0	{
185	0	const SOPC_SecurityPolicy_Config* policy = &securityPolicy_cfg[i];
186
187	0	if (SOPC_strncmp_ignore_case(uri, policy->uri, len) == 0)
188	0	{
189	0	return policy;
190	0	}
191	0	}
192
193	0	return NULL;
194	0	}
195
196		const SOPC_CryptoProfile_PubSub* SOPC_CryptoProfile_PubSub_Get(const char* uri)
197	0	{
198	0	if (NULL == uri)
199	0	{
200	0	return NULL;
201	0	}
202
203		/* Compares len+1 to include the trailing \0 of the zero-terminated URI.
204		* This avoids false positives with strings prefixed by a valid security policy. */
205	0	const size_t len = strlen(uri) + 1;
206	0	for (size_t i = 0; i < SOPC_SecurityPolicy_Last_ID; i++)
207	0	{
208	0	const SOPC_SecurityPolicy_Config* policy = &securityPolicy_cfg[i];
209
210	0	if (SOPC_strncmp_ignore_case(uri, policy->uri, len) == 0)
211	0	{
212	0	return policy->psProfile;
213	0	}
214	0	}
215
216	0	return NULL;
217	0	}