def open(self, params, server):
"""
called on server side to open secure channel
"""
self.local_nonce = ua.utils.create_nonce(self.security_policy.symmetric_key_size)
self.remote_nonce = params.ClientNonce
response = ua.OpenSecureChannelResult()
response.ServerNonce = self.local_nonce
if not self._open or params.RequestType == ua.SecurityTokenRequestType.Issue:
self._open = True
self.security_token.TokenId = 13 # random value
self.security_token.ChannelId = server.get_new_channel_id()
self.security_token.RevisedLifetime = params.RequestedLifetime
self.security_token.CreatedAt = datetime.utcnow()
response.SecurityToken = self.security_token
self.security_policy.make_local_symmetric_key(self.remote_nonce, self.local_nonce)
self.security_policy.make_remote_symmetric_key(self.local_nonce, self.remote_nonce)
else:
self.next_security_token = copy.deepcopy(self.security_token)
self.next_security_token.TokenId += 1
self.next_security_token.RevisedLifetime = params.RequestedLifetime
self.next_security_token.CreatedAt = datetime.utcnow()
response.SecurityToken = self.next_security_token
return response
def __init__(self, security_policy):
self._sequence_number = 0
self._peer_sequence_number = None
self._incoming_parts = []
self.security_policy = security_policy
self._policies = []
self.channel = ua.OpenSecureChannelResult()
self._old_tokens = []
self._open = False
self._max_chunk_size = 65536
def _open_secure_channel(self, params):
self.logger.info("open secure channel")
if not self.channel or params.RequestType == ua.SecurityTokenRequestType.Issue:
self.channel = ua.OpenSecureChannelResult()
self.channel.SecurityToken.TokenId = 13 # random value
self.channel.SecurityToken.ChannelId = self.iserver.get_new_channel_id()
self.channel.SecurityToken.RevisedLifetime = params.RequestedLifetime
self.channel.SecurityToken.TokenId += 1
self.channel.SecurityToken.CreatedAt = datetime.now()
self.channel.SecurityToken.RevisedLifetime = params.RequestedLifetime
self.channel.ServerNonce = utils.create_nonce()
return self.channel
def _open_secure_channel(self, params):
self.logger.info("open secure channel")
if not self.channel or params.RequestType == ua.SecurityTokenRequestType.Issue:
self.channel = ua.OpenSecureChannelResult()
self.channel.SecurityToken.TokenId = 13 # random value
self.channel.SecurityToken.ChannelId = self.iserver.get_new_channel_id(
)
self.channel.SecurityToken.RevisedLifetime = params.RequestedLifetime
self.channel.SecurityToken.TokenId += 1
self.channel.SecurityToken.CreatedAt = datetime.now()
self.channel.SecurityToken.RevisedLifetime = params.RequestedLifetime
self.channel.ServerNonce = utils.create_nonce(
self._connection._security_policy.symmetric_key_size)
self._connection.set_security_token(self.channel.SecurityToken)
self._connection._security_policy.make_symmetric_key(
self.channel.ServerNonce, params.ClientNonce)
return self.channel
def open(self, params, server):
"""
called on server side to open secure channel
"""
if not self._open or params.RequestType == ua.SecurityTokenRequestType.Issue:
self._open = True
self.channel = ua.OpenSecureChannelResult()
self.channel.SecurityToken.TokenId = 13 # random value
self.channel.SecurityToken.ChannelId = server.get_new_channel_id()
self.channel.SecurityToken.RevisedLifetime = params.RequestedLifetime
else:
self._old_tokens.append(self.channel.SecurityToken.TokenId)
self.channel.SecurityToken.TokenId += 1
self.channel.SecurityToken.CreatedAt = datetime.utcnow()
self.channel.SecurityToken.RevisedLifetime = params.RequestedLifetime
self.channel.ServerNonce = ua.utils.create_nonce(self.security_policy.symmetric_key_size)
self.security_policy.make_symmetric_key(self.channel.ServerNonce, params.ClientNonce)
return self.channel
