Avatar
Please consider registering
guest
sp_LogInOut Log Insp_Registration Register
Register | Lost password?
sp_Search Search
Advanced Search
Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
sp_Search Search
Go to Bottom
sp_Feed Topic RSSsp_TopicIcon
Obtaining a list of all valid SecurityModes
June 13, 2022
18:35, EEST
Avatar
hbrackel
Member
Members
Forum Posts: 144
Member Since:
February 21, 2014
sp_UserOfflineSmall Offline
Go to Top
1sp_EditHistory sp_Permalink sp_Print

Hi there,

for validation purposes and also for providing the user with a drop down of all security modes to select from, I need to enumerate all possible securityModes, aka combinations of SecurityPolicies and MessageSecurityModes.
I tried 2 different approaches (code snippets are in Kotlin, but should be understandable by Java users as well):

val securityPolicies = SecurityPolicy.values()
val messageSecurityModes = MessageSecurityMode.values()

variant #1:

SecurityMode.combinations(messageSecurityModes.toSet(), securityPolicies.toSet())

resulting in:
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#None,None]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,SignAndEncrypt]

and variant 2#

securityPolicies.flatMap { policy -> messageSecurityModes.map { mode -> SecurityMode(policy, mode)}}

resulting in

[http://opcfoundation.org/UA/SecurityPolicy#None,None]
[http://opcfoundation.org/UA/SecurityPolicy#None,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#None,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,None]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,None]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,None]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,None]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,None]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,SignAndEncrypt]

Obviously, not all results of the second variant make sense. Should the constructor

SecurityMode(policy, mode)

not throw an InvalidArgumentException (or similar) for any invalid combination of MessageSecurityMode and SecurityPolicy?

Thanks,
Hans-Uwe

June 14, 2022
9:52, EEST
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 353
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline
Go to Top
2sp_Permalink sp_Print

Hello,

As mentioned in the documentation of the SecurityMode(SecurityPolicy securityPolicy, MessageSecurityMode messageSecurityMode) constructor: “Note! it is recommended to use the existing constants or the combinations(Set modes, Set policies) methods using the constants of the given classes instead of calling this directly.”

It’s true that the method could verify that the entered combination makes sense, but in general using this method shouldn’t be necessary as combinations method provides a set of valid SecurityModes and the static constant SecurityModes can be used instead of constructing new ones.

sp_Feed All RSS
Go to top
Forum Timezone: Europe/Helsinki
Most Users Ever Online: 1919
Currently Online:
Guest(s) 15
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Heikki Tahvanainen: 402
hbrackel: 144
rocket science: 90
pramanj: 86
Francesco Zambon: 83
Ibrahim: 78
Sabari: 62
kapsl: 57
gjevremovic: 49
Xavier: 43
Member Stats:
Guest Posters: 0
Members: 733
Moderators: 8
Admins: 1
Forum Stats:
Groups: 3
Forums: 15
Topics: 1545
Posts: 6516
Newest Members:
basilpullman, Richardmip, mood edibles, LouieWreve, daniellabdx, janessan21, sammiebeak359, gena7127517, thorstenbouldin, Brett.Rollason
Moderators: Jouni Aro: 1029, Pyry: 1, Petri: 1, Bjarne Boström: 1045, Jimmy Ni: 26, Matti Siponen: 353, Lusetti: 0, Elias: 0
Administrators: admin: 1