mirror of
https://github.com/mainflux/mainflux.git
synced 2025-05-14 19:29:11 +08:00
e16a025fba
* NOISSUE- Add OPC-UA adapter Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add opc-adapter PoC, docker and vendor Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Convert OPC messages to SenML Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add gopcua package Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * lora-adapter typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add OPC Reader Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Typo fix Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Typo fix Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Update copyright headers Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add opc config Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add all opc envars in the config Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Config typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add route map Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use opcua package instead of opc Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix OPCUA typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm MQTT sub Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Move interefaces to root Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix revieews and typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Update Gopkg.toml Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add all envars into .env Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
61 lines
2.3 KiB
Go
61 lines
2.3 KiB
Go
// Copyright 2018-2019 opcua authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
package uapolicy
|
|
|
|
/*
|
|
Byte[] PRF(
|
|
Byte[] secret,
|
|
Byte[] seed,
|
|
Int32 length,
|
|
Int32 offset
|
|
)
|
|
Where length is the number of bytes to return and offset is a number of bytes from the beginning
|
|
of the sequence.
|
|
|
|
Where length is the number of bytes to return and offset is a number of bytes from the beginning
|
|
of the sequence.
|
|
The lengths of the keys that need to be generated depend on the SecurityPolicy used for the
|
|
channel. The following information is specified by the SecurityPolicy:
|
|
a) SigningKeyLength (from the DerivedSignatureKeyLength);
|
|
b) EncryptingKeyLength (implied by the SymmetricEncryptionAlgorithm);
|
|
c) EncryptingBlockSize (implied by the SymmetricEncryptionAlgorithm).
|
|
|
|
Name Derivation
|
|
ClientSecret The value of the ClientNonce provided in the OpenSecureChannel request.
|
|
ClientSeed The value of the ClientNonce provided in the OpenSecureChannel request.
|
|
ServerSecret The value of the ServerNonce provided in the OpenSecureChannel response.
|
|
ServerSeed The value of the ServerNonce provided in the OpenSecureChannel response.
|
|
|
|
Key Secret Seed Length Offset
|
|
ClientSigningKey ServerSecret ClientSeed SigningKeyLength 0
|
|
ClientEncryptingKey ServerSecret ClientSeed EncryptingKeyLength SigningKeyLength
|
|
ClientInitializationVector ServerSecret ClientSeed EncryptingBlockSize SigningKeyLength+ EncryptingKeyLength
|
|
ServerSigningKey ClientSecret ServerSeed SigningKeyLength 0
|
|
ServerEncryptingKey ClientSecret ServerSeed EncryptingKeyLength SigningKeyLength
|
|
ServerInitializationVector ClientSecret ServerSeed EncryptingBlockSize SigningKeyLength+ EncryptingKeyLength
|
|
|
|
*/
|
|
|
|
type derivedKeys struct {
|
|
signing, encryption, iv []byte
|
|
}
|
|
|
|
func generateKeys(hmac *HMAC, seed []byte, signingLength, encryptingLength, encryptingBlockSize int) *derivedKeys {
|
|
var p []byte
|
|
a, _ := hmac.Signature(seed)
|
|
for len(p) < signingLength+encryptingLength+encryptingBlockSize {
|
|
input := append(a, seed...)
|
|
h, _ := hmac.Signature(input)
|
|
p = append(p, h...)
|
|
a, _ = hmac.Signature(a)
|
|
}
|
|
|
|
return &derivedKeys{
|
|
signing: p[:signingLength],
|
|
encryption: p[signingLength : signingLength+encryptingLength],
|
|
iv: p[signingLength+encryptingLength : signingLength+encryptingLength+encryptingBlockSize],
|
|
}
|
|
}
|