Top 10 Examples of "node-opcua-service-secure-channel in functional component" in JavaScript
Dive into secure and efficient coding practices with our curated list of the top 10 examples showcasing 'node-opcua-service-secure-channel' in functional components in JavaScript. Our advanced machine learning engine meticulously scans each line of code, cross-referencing millions of open source libraries to ensure your implementation is not just functional, but also robust and secure. Elevate your React applications to new heights by mastering the art of handling side effects, API calls, and asynchronous operations with confidence and precision.
export function iterateOnSignedAndEncryptedMessageChunks(buffer: Buffer, callback: ChunkVisitorFunc) {
const params = {signatureLength: 128, algorithm: "RSA-SHA1", privateKey: senderPrivateKey};
const options = {
chunkSize: 2048,
cipherBlockSize: 128,
encryptBufferFunc: (chunk: Buffer) => publicEncrypt_long(chunk, receiverPublicKey, 128, 11, RSA_PKCS1_PADDING),
plainBlockSize: 128 - 11,
requestId: 10,
sequenceHeaderSize: 0, // ??
signBufferFunc: (chunk: Buffer) => makeMessageChunkSignature(chunk, params),
signatureLength: 128,
};
const securityHeader = new AsymmetricAlgorithmSecurityHeader({
receiverCertificateThumbprint,
securityPolicyUri: "http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15",
senderCertificate,
});
const msgChunkManager = new SecureMessageChunkManager("OPN", options, securityHeader, sequenceNumberGenerator);
msgChunkManager.on("chunk", (chunk: Buffer, final: boolean) => callback(null, chunk));
msgChunkManager.write(buffer, buffer.length);
msgChunkManager.end();
}function iterate_on_signed_message_chunks(buffer, callback) {
const params = {signatureLength: 128, algorithm: "RSA-SHA1", privateKey: senderPrivateKey};
const options = {
requestId: 10,
chunkSize: 2048,
signatureLength: 128,
signingFunc: function (chunk) {
return crypto_utils.makeMessageChunkSignature(chunk, params);
}
};
const securityHeader = new AsymmetricAlgorithmSecurityHeader({
securityPolicyUri: "http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15",
senderCertificate: senderCertificate,
receiverCertificateThumbprint: null // null === no encryption ...receiverCertificateThumbprint
});
const msgChunkManager = new SecureMessageChunkManager("OPN", options, securityHeader, sequenceNumberGenerator);
msgChunkManager.on("chunk", function (chunk, final) {
callback(null, chunk);
});
msgChunkManager.write(buffer, buffer.length);
msgChunkManager.end();
}
exports.iterate_on_signed_message_chunks = iterate_on_signed_message_chunks;algorithm: "RSA-SHA1",
privateKey: senderPrivateKey,
signatureLength: 128,
};
const options = {
chunkSize: 2048,
cipherBlockSize: 0,
plainBlockSize: 0,
requestId: 10,
sequenceHeaderSize: 0,
signBufferFunc: (chunk: Buffer) => makeMessageChunkSignature(chunk, params),
signatureLength: 128,
};
const securityHeader = new AsymmetricAlgorithmSecurityHeader({
receiverCertificateThumbprint: null, // null === no encryption ...receiverCertificateThumbprint
securityPolicyUri: "http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15",
senderCertificate,
});
const msgChunkManager = new SecureMessageChunkManager("OPN", options, securityHeader, sequenceNumberGenerator);
msgChunkManager.on("chunk", (chunk: Buffer, final: boolean) => callback(null, chunk));
msgChunkManager.write(buffer, buffer.length);
msgChunkManager.end();
}"use strict";
var should = require("should");
var assert = require("node-opcua-assert").assert;
var endpoints_service = require("node-opcua-service-endpoints");
var GetEndpointsResponse = endpoints_service.GetEndpointsResponse;
var EndpointDescription = require("node-opcua-service-endpoints").EndpointDescription;
var ApplicationType = require("node-opcua-service-endpoints").ApplicationType;
var UserTokenType = require("node-opcua-service-endpoints").UserTokenType;
var MessageSecurityMode = require("node-opcua-service-secure-channel").MessageSecurityMode;
exports.fixture1 = (function () {
// empty GetEndpointsResponse
return new GetEndpointsResponse();
})();
exports.makeEndPoint = function () {
var data = {
endpointUrl: "toto",
server: {
applicationUri: "OPCUA node-js",
productUri: "some product uri",export function performMessageChunkManagerTest(options: SecureMessageChunkManagerOptions) {
options = options || {};
const securityHeader = new SymmetricAlgorithmSecurityHeader();
const bodySize = 32;
const headerSize = 12 + securityHeader.binaryStoreSize();
options.signatureLength = options.signatureLength || 0; // 128 bytes for signature
options.chunkSize = bodySize + options.signatureLength + headerSize + 8; // bodySize useful bytes
options.requestId = 1;
const sequenceNumberGenerator = new SequenceNumberGenerator();
const msgChunkManager = new SecureMessageChunkManager(
"HEL", options, securityHeader, sequenceNumberGenerator
);
const chunks: Buffer[] = [];import { ActivateSessionResponse, CreateSessionResponse } from "node-opcua-service-session";
import { AcknowledgeMessage } from "node-opcua-transport";
import { DirectTransport } from "node-opcua-transport/dist/test_helpers";
import * as _ from "underscore";
const debugLog = make_debugLog(__filename);
export const fakeAcknowledgeMessage = new AcknowledgeMessage({
maxChunkCount: 600000,
maxMessageSize: 100000,
protocolVersion: 0,
receiveBufferSize: 8192,
sendBufferSize: 8192,
});
export const fakeCloseSecureChannelResponse = new CloseSecureChannelResponse({});
export const fakeOpenSecureChannelResponse = new OpenSecureChannelResponse({
serverProtocolVersion: 0,
securityToken: {
channelId: 23,
createdAt: new Date(), // now
revisedLifetime: 30000,
tokenId: 1,
},
serverNonce: Buffer.from("qwerty")
});
export const fakeGetEndpointsResponse = new GetEndpointsResponse({
endpoints: [
{const openSecureChannelResponse = response as OpenSecureChannelResponse;
// record channelId for future transactions
this.channelId = openSecureChannelResponse.securityToken.channelId;
// todo : verify that server certificate is valid
// A self-signed application instance certificate does not need to be verified with a CA.
// todo : verify that Certificate URI matches the ApplicationURI of the server
assert(openSecureChannelResponse.securityToken.tokenId > 0 || msgType === "OPN",
"_sendSecureOpcUARequest: invalid token Id ");
assert(openSecureChannelResponse.hasOwnProperty("serverNonce"));
this.securityToken = openSecureChannelResponse.securityToken;
this.serverNonce = openSecureChannelResponse.serverNonce;
if (this.securityMode !== MessageSecurityMode.None) {
// verify that server nonce if provided is at least 32 bytes long
/* istanbul ignore next */
if (!openSecureChannelResponse.serverNonce) {
console.log(" client : server nonce is invalid !");
return callback(new Error(" Invalid server nonce"));
}
// This parameter shall have a length equal to key size used for the symmetric
// encryption algorithm that is identified by the securityPolicyUri.
if (openSecureChannelResponse.serverNonce.length !== this.clientNonce.length) {
console.log(" client : server nonce is invalid !");
return callback(new Error(" Invalid server nonce length"));
}
}
const cryptoFactory = this.messageBuilder.cryptoFactory;serviceResult: serviceResult
},
serverProtocolVersion: self.protocolVersion,
securityToken: self.securityToken,
serverNonce: self.serverNonce
});
// get the clientCertificate from message securityHeader
// for convenience
self.clientCertificate = message.securityHeader ? message.securityHeader.senderCertificate : null;
let description;
// If the SecurityMode is not None then the Server shall verify that a SenderCertificate and a
// ReceiverCertificateThumbprint were specified in the SecurityHeader.
if (self.securityMode.value !== MessageSecurityMode.NONE.value) {
if (!_check_receiverCertificateThumbprint.call(self, self.clientSecurityHeader)) {
description =
"Server#OpenSecureChannelRequest : Invalid receiver certificate thumbprint : the thumbprint doesn't match server certificate !";
console.log(description.cyan);
response.responseHeader.serviceResult = StatusCodes.BadCertificateInvalid;
}
}
if (self.clientCertificate) {
const certificate_status = _check_certificate_validity(self.clientCertificate);
if (StatusCodes.Good !== certificate_status) {
description = "Sender Certificate Error";
console.log(description.cyan, certificate_status.toString().bgRed.yellow);
// OPCUA specification v1.02 part 6 page 42 $6.7.4
// If an error occurs after the Server has verified Message security it shall return a ServiceFault instead
// of a OpenSecureChannel response. The ServiceFault Message is described in Part 4, 7.28.// which are two different nonce, with different size (although they share the same name )
self.clientNonce = crypto.randomBytes(32);
const request = new CreateSessionRequest({
clientDescription: applicationDescription,
serverUri: self.serverUri,
endpointUrl: self.endpointUrl,
sessionName: self._nextSessionName(),
clientNonce: self.clientNonce,
clientCertificate: self.getCertificate(),
requestedSessionTimeout: self.requestedSessionTimeout,
maxResponseMessageSize: 800000
});
/* a client Nonce must be provided if security mode is set*/
assert(self._secureChannel.securityMode === MessageSecurityMode.NONE || request.clientNonce !== null);
self.performMessageTransaction(request, function (err, response) {
if (!err) {
//xx console.log("xxxxx response",response.toString());
//xx console.log("xxxxx response",response.responseHeader.serviceResult);
if (response.responseHeader.serviceResult === StatusCodes.BadTooManySessions) {
err = new Error("Too Many Sessions : " + response.responseHeader.serviceResult.toString());
} else if (response.responseHeader.serviceResult === StatusCodes.Good) {
assert(response instanceof CreateSessionResponse);
// istanbul ignore next
if (!validateServerNonce(request.serverNonce)) {
return callback(new Error("invalid server Nonce"));}
// We shall decrypt it with the receiver private key.
const buf = binaryStream.buffer.slice(binaryStream.length);
if (!securityTokenData.derivedKeys) {
console.log("xxxxxxx NO DERIVED KEYX");
return false;
}
const derivedKeys: DerivedKeys = securityTokenData.derivedKeys;
assert(derivedKeys !== null);
assert(derivedKeys.signatureLength > 0, " must provide a signature length");
if (this.securityMode === MessageSecurityMode.SignAndEncrypt) {
const decryptedBuffer = decryptBufferWithDerivedKeys(buf, derivedKeys);
// replace decrypted buffer in initial buffer
decryptedBuffer.copy(binaryStream.buffer, binaryStream.length);
// adjust length
binaryStream.buffer = binaryStream.buffer.slice(0, binaryStream.length + decryptedBuffer.length);
/* istanbul ignore next */
if (doDebug) {
debugLog(chalk.cyan("DE-----------------------------"));
debugLog(hexDump(binaryStream.buffer));
debugLog(chalk.cyan("-------------------------------"));
}
}