def get_request(client):
""" Assemble an OpenSecureChannelRequest for the specified client
:param client: client object containing the channel parameters
:return: binary OpenSecureChannelRequest
"""
params = ua.OpenSecureChannelParameters()
params.ClientProtocolVersion = 0
params.RequestType = ua.SecurityTokenRequestType.Issue
params.SecurityMode = client.security_policy.Mode
params.RequestedLifetime = client.secure_channel_timeout
nonce = utils.create_nonce(client.security_policy.symmetric_key_size)
params.ClientNonce = nonce
request = ua.OpenSecureChannelRequest()
request.Parameters = params
request.RequestHeader = client.uaclient._uasocket._create_request_header()
try:
binreq = struct_to_binary(request)
except Exception:
# reset request handle if any error
# see self._create_request_header
client.uaclient._uasocket._request_handle -= 1
raise
return binreq
def open_secure_channel(self, renew=False):
"""
Open secure channel, if renew is True, renew channel
"""
params = ua.OpenSecureChannelParameters()
params.ClientProtocolVersion = 0
params.RequestType = ua.SecurityTokenRequestType.Issue
if renew:
params.RequestType = ua.SecurityTokenRequestType.Renew
params.SecurityMode = self.security_policy.Mode
params.RequestedLifetime = self.secure_channel_timeout
nonce = utils.create_nonce(self.security_policy.symmetric_key_size) # length should be equal to the length of key of symmetric encryption
params.ClientNonce = nonce # this nonce is used to create a symmetric key
result = self.uaclient.open_secure_channel(params)
self.security_policy.make_symmetric_key(nonce, result.ServerNonce)
self.secure_channel_timeout = result.SecurityToken.RevisedLifetime
def open_secure_channel(self, renew=False):
"""
Open secure channel, if renew is True, renew channel
"""
params = ua.OpenSecureChannelParameters()
params.ClientProtocolVersion = 0
params.RequestType = ua.SecurityTokenRequestType.Issue
if renew:
params.RequestType = ua.SecurityTokenRequestType.Renew
params.SecurityMode = self.security_policy.Mode
params.RequestedLifetime = self.secure_channel_timeout
# length should be equal to the length of key of symmetric encryption
params.ClientNonce = utils.create_nonce(self.security_policy.symmetric_key_size) # this nonce is used to create a symmetric key
result = self.uaclient.open_secure_channel(params)
if self.secure_channel_timeout != result.SecurityToken.RevisedLifetime:
_logger.warning("Requested secure channel timeout to be %dms, got %dms instead",
self.secure_channel_timeout,
result.SecurityToken.RevisedLifetime)
self.secure_channel_timeout = result.SecurityToken.RevisedLifetime
