Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
sp_Search Search
Advanced Search
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Search Search
Go to Bottom
No permission to create posts
sp_Feed Topic RSS sp_TopicIcon
Obtaining a list of all valid SecurityModes
June 13, 2022
18:35, EEST
Avatar
hbrackel
Member
Members
Forum Posts: 144
Member Since:
February 21, 2014
sp_UserOfflineSmall Offline
Go to Top
1sp_EditHistory sp_Permalink sp_Print

Hi there,

for validation purposes and also for providing the user with a drop down of all security modes to select from, I need to enumerate all possible securityModes, aka combinations of SecurityPolicies and MessageSecurityModes.
I tried 2 different approaches (code snippets are in Kotlin, but should be understandable by Java users as well):

val securityPolicies = SecurityPolicy.values()
val messageSecurityModes = MessageSecurityMode.values()

variant #1:

SecurityMode.combinations(messageSecurityModes.toSet(), securityPolicies.toSet())

resulting in:
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#None,None]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,SignAndEncrypt]

and variant 2#

securityPolicies.flatMap { policy -> messageSecurityModes.map { mode -> SecurityMode(policy, mode)}}

resulting in

[http://opcfoundation.org/UA/SecurityPolicy#None,None]
[http://opcfoundation.org/UA/SecurityPolicy#None,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#None,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,None]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,None]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,None]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,None]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep,SignAndEncrypt]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,None]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,Sign]
[http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss,SignAndEncrypt]

Obviously, not all results of the second variant make sense. Should the constructor

SecurityMode(policy, mode)

not throw an InvalidArgumentException (or similar) for any invalid combination of MessageSecurityMode and SecurityPolicy?

Thanks,
Hans-Uwe

June 14, 2022
9:52, EEST
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 346
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline
Go to Top
2sp_Permalink sp_Print

Hello,

As mentioned in the documentation of the SecurityMode(SecurityPolicy securityPolicy, MessageSecurityMode messageSecurityMode) constructor: “Note! it is recommended to use the existing constants or the combinations(Set modes, Set policies) methods using the constants of the given classes instead of calling this directly.”

It’s true that the method could verify that the entered combination makes sense, but in general using this method shouldn’t be necessary as combinations method provides a set of valid SecurityModes and the static constant SecurityModes can be used instead of constructing new ones.

No permission to create posts
sp_Feed All RSS
Go to top
Forum Timezone: Europe/Helsinki

Most Users Ever Online: 1919

Currently Online:
10 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Heikki Tahvanainen: 402

hbrackel: 144

rocket science: 88

pramanj: 86

Francesco Zambon: 83

Ibrahim: 78

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

Member Stats:

Guest Posters: 0

Members: 737

Moderators: 7

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1524

Posts: 6451

Newest Members:

jonathonmcintyre, fannielima, kristiewinkle8, rust, christamcdowall, redaahern07571, nigelbdhmp, travistimmons, AnnelCib, dalenegettinger

Moderators: Jouni Aro: 1026, Pyry: 1, Petri: 0, Bjarne Boström: 1026, Jimmy Ni: 26, Matti Siponen: 346, Lusetti: 0

Administrators: admin: 1