C# Class Opc.Ua.Bindings.TcpChannel

Manages the server side of a UA TCP channel.

Afficher le fichier Open project: OPCFoundation/UA-.NETStandardLibrary

Private Properties

Свойство	Type	Description
GetMaxSenderCertificateSize	int
ReadAsymmetricMessageHeader	void
ReadSymmetricMessage	ArraySegment
RsaPkcs15_GetSignatureLength	int
RsaPkcs15_Sign	byte[]
RsaPkcs15_Verify	bool
Rsa_Decrypt	ArraySegment
Rsa_Encrypt	ArraySegment
SymmetricDecrypt	void
SymmetricEncrypt	void
SymmetricSign	byte[]
SymmetricVerify	bool

Méthodes protégées

Méthode	Description
ActivateToken ( TcpChannelToken token ) : void	Activates a new token.
CalculateSymmetricKeySizes ( ) : void	Calculates the symmetric key sizes based on the current security policy.
CompareCertificates ( X509Certificate2 expected, X509Certificate2 actual, bool allowNull ) : void	Compares two certificates.
ComputeKeys ( TcpChannelToken token ) : void	Computes the keys for a token.
CreateNonce ( ) : byte[]	Creates a new nonce.
CreateToken ( ) : TcpChannelToken	Creates a new token.
Decrypt ( ArraySegment dataToDecrypt, ArraySegment headerToCopy, X509Certificate2 receiverCertificate ) : ArraySegment	Decrypts the buffer using asymmetric encryption. Start and count specify the block of data to be decrypted. The header specifies unencrypted data that must be copied to the output.
Decrypt ( TcpChannelToken token, ArraySegment dataToDecrypt, bool useClientKeys ) : void	Decrypts the data in a buffer using symmetric encryption.
DiscardTokens ( ) : void	Discards the tokens.
Encrypt ( ArraySegment dataToEncrypt, ArraySegment headerToCopy, X509Certificate2 receiverCertificate ) : ArraySegment	Encrypts the buffer using asymmetric encryption. Start and count specify the block of data to be encrypted. The caller must ensure that count is a multiple of the input block size for the current cipher. The header specifies unencrypted data that must be copied to the output.
Encrypt ( TcpChannelToken token, ArraySegment dataToEncrypt, bool useClientKeys ) : void	Decrypts the data in a buffer using symmetric encryption.
GetAsymmetricHeaderSize ( string securityPolicyUri, X509Certificate2 senderCertificate ) : int	Calculates the size of the asymmetric security header.
GetAsymmetricHeaderSize ( string securityPolicyUri, X509Certificate2 senderCertificate, int senderCertificateSize ) : int
GetAsymmetricSignatureSize ( X509Certificate2 senderCertificate ) : int	Calculates the size of the footer with an asymmetric signature.
GetCipherTextBlockSize ( X509Certificate2 receiverCertificate ) : int	Returns the cipher text block size for key in the specified certificate.
GetNonceLength ( ) : uint	Returns the length of the symmetric encryption key.
GetPlainTextBlockSize ( X509Certificate2 receiverCertificate ) : int	Returns the plain text block size for key in the specified certificate.
GetThumbprintBytes ( string thumbprint ) : byte[]	Returns the thumbprint as a uppercase string.
GetThumbprintString ( byte thumbprint ) : string	Returns the thumbprint as a uppercase string.
ReadAsymmetricMessage ( ArraySegment buffer, X509Certificate2 receiverCertificate, uint &channelId, X509Certificate2 &senderCertificate, uint &requestId, uint &sequenceNumber ) : ArraySegment	Processes an OpenSecureChannel request message.
ReviseSecurityMode ( bool firstCall, MessageSecurityMode requestedMode ) : void	Checks if it is possible to revise the security mode.
Rsa_GetCipherTextBlockSize ( X509Certificate2 encryptingCertificate, bool useOaep ) : int	Return the ciphertext block size for RSA OAEP encryption.
Rsa_GetPlainTextBlockSize ( X509Certificate2 encryptingCertificate, bool useOaep ) : int	Return the plaintext block size for RSA OAEP encryption.
SetEndpointUrl ( string endpointUrl ) : bool	Sets to endpoint according to the endpoint url.
SetRenewedToken ( TcpChannelToken token ) : void	Sets the renewed token
Sign ( ArraySegment dataToSign, X509Certificate2 senderCertificate ) : byte[]	Adds an asymmetric signature to the end of the buffer. Start and count specify the block of data to be signed. The padding and signature must be written to the stream wrapped by the encoder.
Sign ( TcpChannelToken token, ArraySegment dataToSign, bool useClientKeys ) : byte[]	Returns the symmetric signature for the data.
ValidateNonce ( byte nonce ) : bool	Validates the nonce.
Verify ( ArraySegment dataToVerify, byte signature, X509Certificate2 senderCertificate ) : bool	Verifies an asymmetric signature at the end of the buffer. Start and count specify the block of data including the signature and padding. The current security policy uri and sender certificate specify the size of the signature. This call also verifies that the padding is correct.
Verify ( TcpChannelToken token, byte signature, ArraySegment dataToVerify, bool useClientKeys ) : bool	Returns the symmetric signature for the data.
WriteAsymmetricMessage ( uint messageType, uint requestId, X509Certificate2 senderCertificate, X509Certificate2 receiverCertificate, ArraySegment messageBody ) : BufferCollection	Sends a OpenSecureChannel response.
WriteAsymmetricMessageHeader ( BinaryEncoder encoder, uint messageType, uint secureChannelId, string securityPolicyUri, X509Certificate2 senderCertificate, X509Certificate2 receiverCertificate ) : void	Writes the asymmetric security header to the buffer.
WriteSymmetricMessage ( uint messageType, uint requestId, TcpChannelToken token, object messageBody, bool isRequest, bool &limitsExceeded ) : BufferCollection	Secures the message using the security token.

Private Methods

Méthode	Description
GetMaxSenderCertificateSize ( X509Certificate2 senderCertificate, string securityPolicyUri ) : int
ReadAsymmetricMessageHeader ( BinaryDecoder decoder, X509Certificate2 receiverCertificate, uint &secureChannelId, X509Certificate2 &senderCertificate, string &securityPolicyUri ) : void
ReadSymmetricMessage ( ArraySegment buffer, bool isRequest, TcpChannelToken &token, uint &requestId, uint &sequenceNumber ) : ArraySegment
RsaPkcs15_GetSignatureLength ( X509Certificate2 signingCertificate ) : int	Returns the length of a RSA PKCS#1 v1.5 signature.
RsaPkcs15_Sign ( ArraySegment dataToSign, X509Certificate2 signingCertificate, HashAlgorithmName algorithm ) : byte[]	Creates an RSA PKCS#1 v1.5 signature of a hash algorithm for the stream.
RsaPkcs15_Verify ( ArraySegment dataToVerify, byte signature, X509Certificate2 signingCertificate, HashAlgorithmName algorithm ) : bool	Verifies an RSA PKCS#1 v1.5 signature of a hash algorithm for the stream.
Rsa_Decrypt ( ArraySegment dataToDecrypt, ArraySegment headerToCopy, X509Certificate2 encryptingCertificate, bool useOaep ) : ArraySegment	Decrypts the message using RSA PKCS#1 v1.5 encryption.
Rsa_Encrypt ( ArraySegment dataToEncrypt, ArraySegment headerToCopy, X509Certificate2 encryptingCertificate, bool useOaep ) : ArraySegment	Encrypts the message using RSA PKCS#1 v1.5 encryption.
SymmetricDecrypt ( TcpChannelToken token, ArraySegment dataToDecrypt, bool useClientKeys ) : void	Decrypts a message using a symmetric algorithm.
SymmetricEncrypt ( TcpChannelToken token, ArraySegment dataToEncrypt, bool useClientKeys ) : void	Encrypts a message using a symmetric algorithm.
SymmetricSign ( TcpChannelToken token, ArraySegment dataToSign, bool useClientKeys ) : byte[]	Signs the message using SHA1 HMAC
SymmetricVerify ( TcpChannelToken token, byte signature, ArraySegment dataToVerify, bool useClientKeys ) : bool	Verifies a HMAC for a message.

Method Details

ActivateToken() protected méthode

Activates a new token.

protected ActivateToken ( TcpChannelToken token ) : void
token	TcpChannelToken
Résultat	void

CalculateSymmetricKeySizes() protected méthode

Calculates the symmetric key sizes based on the current security policy.

protected CalculateSymmetricKeySizes ( ) : void
Résultat	void

CompareCertificates() protected static méthode

Compares two certificates.

protected static CompareCertificates ( X509Certificate2 expected, X509Certificate2 actual, bool allowNull ) : void
expected	System.Security.Cryptography.X509Certificates.X509Certificate2
actual	System.Security.Cryptography.X509Certificates.X509Certificate2
allowNull	bool
Résultat	void

ComputeKeys() protected méthode

Computes the keys for a token.

protected ComputeKeys ( TcpChannelToken token ) : void
token	TcpChannelToken
Résultat	void

CreateNonce() protected méthode

Creates a new nonce.

protected CreateNonce ( ) : byte[]
Résultat	byte[]

CreateToken() protected méthode

Creates a new token.

protected CreateToken ( ) : TcpChannelToken
Résultat	TcpChannelToken

Decrypt() protected méthode

Decrypts the buffer using asymmetric encryption.

Start and count specify the block of data to be decrypted. The header specifies unencrypted data that must be copied to the output.

protected Decrypt ( ArraySegment dataToDecrypt, ArraySegment headerToCopy, X509Certificate2 receiverCertificate ) : ArraySegment
dataToDecrypt	ArraySegment
headerToCopy	ArraySegment
receiverCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
Résultat	ArraySegment

Decrypt() protected méthode

Decrypts the data in a buffer using symmetric encryption.

protected Decrypt ( TcpChannelToken token, ArraySegment dataToDecrypt, bool useClientKeys ) : void
token	TcpChannelToken
dataToDecrypt	ArraySegment
useClientKeys	bool
Résultat	void

DiscardTokens() protected méthode

Discards the tokens.

protected DiscardTokens ( ) : void
Résultat	void

Encrypt() protected méthode

Encrypts the buffer using asymmetric encryption.

Start and count specify the block of data to be encrypted. The caller must ensure that count is a multiple of the input block size for the current cipher. The header specifies unencrypted data that must be copied to the output.

protected Encrypt ( ArraySegment dataToEncrypt, ArraySegment headerToCopy, X509Certificate2 receiverCertificate ) : ArraySegment
dataToEncrypt	ArraySegment
headerToCopy	ArraySegment
receiverCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
Résultat	ArraySegment

Encrypt() protected méthode

Decrypts the data in a buffer using symmetric encryption.

protected Encrypt ( TcpChannelToken token, ArraySegment dataToEncrypt, bool useClientKeys ) : void
token	TcpChannelToken
dataToEncrypt	ArraySegment
useClientKeys	bool
Résultat	void

GetAsymmetricHeaderSize() protected méthode

Calculates the size of the asymmetric security header.

protected GetAsymmetricHeaderSize ( string securityPolicyUri, X509Certificate2 senderCertificate ) : int
securityPolicyUri	string
senderCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
Résultat	int

GetAsymmetricHeaderSize() protected méthode

protected GetAsymmetricHeaderSize ( string securityPolicyUri, X509Certificate2 senderCertificate, int senderCertificateSize ) : int
securityPolicyUri	string
senderCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
senderCertificateSize	int
Résultat	int

GetAsymmetricSignatureSize() protected méthode

Calculates the size of the footer with an asymmetric signature.

protected GetAsymmetricSignatureSize ( X509Certificate2 senderCertificate ) : int
senderCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
Résultat	int

GetCipherTextBlockSize() protected méthode

Returns the cipher text block size for key in the specified certificate.

protected GetCipherTextBlockSize ( X509Certificate2 receiverCertificate ) : int
receiverCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
Résultat	int

GetNonceLength() protected méthode

Returns the length of the symmetric encryption key.

protected GetNonceLength ( ) : uint
Résultat	uint

GetPlainTextBlockSize() protected méthode

Returns the plain text block size for key in the specified certificate.

protected GetPlainTextBlockSize ( X509Certificate2 receiverCertificate ) : int
receiverCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
Résultat	int

GetThumbprintBytes() protected static méthode

Returns the thumbprint as a uppercase string.

protected static GetThumbprintBytes ( string thumbprint ) : byte[]
thumbprint	string
Résultat	byte[]

GetThumbprintString() protected static méthode

Returns the thumbprint as a uppercase string.

protected static GetThumbprintString ( byte thumbprint ) : string
thumbprint	byte
Résultat	string

ReadAsymmetricMessage() protected méthode

Processes an OpenSecureChannel request message.

protected ReadAsymmetricMessage ( ArraySegment buffer, X509Certificate2 receiverCertificate, uint &channelId, X509Certificate2 &senderCertificate, uint &requestId, uint &sequenceNumber ) : ArraySegment
buffer	ArraySegment
receiverCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
channelId	uint
senderCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
requestId	uint
sequenceNumber	uint
Résultat	ArraySegment

ReviseSecurityMode() protected méthode

Checks if it is possible to revise the security mode.

protected ReviseSecurityMode ( bool firstCall, MessageSecurityMode requestedMode ) : void
firstCall	bool
requestedMode	MessageSecurityMode
Résultat	void

Rsa_GetCipherTextBlockSize() protected static méthode

Return the ciphertext block size for RSA OAEP encryption.

protected static Rsa_GetCipherTextBlockSize ( X509Certificate2 encryptingCertificate, bool useOaep ) : int
encryptingCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
useOaep	bool
Résultat	int

Rsa_GetPlainTextBlockSize() protected static méthode

Return the plaintext block size for RSA OAEP encryption.

protected static Rsa_GetPlainTextBlockSize ( X509Certificate2 encryptingCertificate, bool useOaep ) : int
encryptingCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
useOaep	bool
Résultat	int

SetEndpointUrl() protected méthode

Sets to endpoint according to the endpoint url.

protected SetEndpointUrl ( string endpointUrl ) : bool
endpointUrl	string
Résultat	bool

SetRenewedToken() protected méthode

Sets the renewed token

protected SetRenewedToken ( TcpChannelToken token ) : void
token	TcpChannelToken
Résultat	void

Sign() protected méthode

Adds an asymmetric signature to the end of the buffer.

Start and count specify the block of data to be signed. The padding and signature must be written to the stream wrapped by the encoder.

protected Sign ( ArraySegment dataToSign, X509Certificate2 senderCertificate ) : byte[]
dataToSign	ArraySegment
senderCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
Résultat	byte[]

Sign() protected méthode

Returns the symmetric signature for the data.

protected Sign ( TcpChannelToken token, ArraySegment dataToSign, bool useClientKeys ) : byte[]
token	TcpChannelToken
dataToSign	ArraySegment
useClientKeys	bool
Résultat	byte[]

ValidateNonce() protected méthode

Validates the nonce.

protected ValidateNonce ( byte nonce ) : bool
nonce	byte
Résultat	bool

Verify() protected méthode

Verifies an asymmetric signature at the end of the buffer.

Start and count specify the block of data including the signature and padding. The current security policy uri and sender certificate specify the size of the signature. This call also verifies that the padding is correct.

protected Verify ( ArraySegment dataToVerify, byte signature, X509Certificate2 senderCertificate ) : bool
dataToVerify	ArraySegment
signature	byte
senderCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
Résultat	bool

Verify() protected méthode

Returns the symmetric signature for the data.

protected Verify ( TcpChannelToken token, byte signature, ArraySegment dataToVerify, bool useClientKeys ) : bool
token	TcpChannelToken
signature	byte
dataToVerify	ArraySegment
useClientKeys	bool
Résultat	bool

WriteAsymmetricMessage() protected méthode

Sends a OpenSecureChannel response.

protected WriteAsymmetricMessage ( uint messageType, uint requestId, X509Certificate2 senderCertificate, X509Certificate2 receiverCertificate, ArraySegment messageBody ) : BufferCollection
messageType	uint
requestId	uint
senderCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
receiverCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
messageBody	ArraySegment
Résultat	BufferCollection

WriteAsymmetricMessageHeader() protected méthode

Writes the asymmetric security header to the buffer.

protected WriteAsymmetricMessageHeader ( BinaryEncoder encoder, uint messageType, uint secureChannelId, string securityPolicyUri, X509Certificate2 senderCertificate, X509Certificate2 receiverCertificate ) : void
encoder	BinaryEncoder
messageType	uint
secureChannelId	uint
securityPolicyUri	string
senderCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
receiverCertificate	System.Security.Cryptography.X509Certificates.X509Certificate2
Résultat	void

WriteSymmetricMessage() protected méthode

Secures the message using the security token.

protected WriteSymmetricMessage ( uint messageType, uint requestId, TcpChannelToken token, object messageBody, bool isRequest, bool &limitsExceeded ) : BufferCollection
messageType	uint
requestId	uint
token	TcpChannelToken
messageBody	object
isRequest	bool
limitsExceeded	bool
Résultat	BufferCollection