本文整理汇总了Java中org.eclipse.milo.opcua.stack.core.security.SecurityPolicy类的典型用法代码示例。如果您正苦于以下问题:Java SecurityPolicy类的具体用法?Java SecurityPolicy怎么用?Java SecurityPolicy使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
SecurityPolicy类属于org.eclipse.milo.opcua.stack.core.security包,在下文中一共展示了SecurityPolicy类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: ClientSecureChannel
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
public ClientSecureChannel(KeyPair keyPair,
X509Certificate localCertificate,
List<X509Certificate> localCertificateChain,
X509Certificate remoteCertificate,
List<X509Certificate> remoteCertificateChain,
SecurityPolicy securityPolicy,
MessageSecurityMode messageSecurityMode) {
this.keyPair = keyPair;
this.localCertificate = localCertificate;
this.localCertificateChain = localCertificateChain;
this.remoteCertificate = remoteCertificate;
this.remoteCertificateChain = remoteCertificateChain;
this.securityPolicy = securityPolicy;
this.messageSecurityMode = messageSecurityMode;
}
示例2: getSymmetricSecurityParameters
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
@DataProvider
public Object[][] getSymmetricSecurityParameters() {
return new Object[][]{
{SecurityPolicy.None, MessageSecurityMode.None},
{SecurityPolicy.Basic128Rsa15, MessageSecurityMode.Sign},
{SecurityPolicy.Basic128Rsa15, MessageSecurityMode.SignAndEncrypt},
{SecurityPolicy.Basic256, MessageSecurityMode.Sign},
{SecurityPolicy.Basic256, MessageSecurityMode.SignAndEncrypt},
{SecurityPolicy.Basic256Sha256, MessageSecurityMode.Sign},
{SecurityPolicy.Basic256Sha256, MessageSecurityMode.SignAndEncrypt},
{SecurityPolicy.Aes128_Sha256_RsaOaep, MessageSecurityMode.Sign},
{SecurityPolicy.Aes128_Sha256_RsaOaep, MessageSecurityMode.SignAndEncrypt},
{SecurityPolicy.Aes256_Sha256_RsaPss, MessageSecurityMode.Sign},
{SecurityPolicy.Aes256_Sha256_RsaPss, MessageSecurityMode.SignAndEncrypt}
};
}
示例3: Endpoint
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
public Endpoint(
@Nonnull URI endpointUri,
@Nullable String bindAddress,
@Nullable X509Certificate certificate,
@Nonnull SecurityPolicy securityPolicy,
@Nonnull MessageSecurityMode messageSecurity) {
checkNotNull(endpointUri);
checkNotNull(securityPolicy);
checkNotNull(messageSecurity);
this.endpointUri = endpointUri;
this.securityPolicy = securityPolicy;
this.messageSecurity = messageSecurity;
this.certificate = certificate;
this.bindAddress = bindAddress;
}
示例4: addEndpoint
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
@Override
public UaTcpStackServer addEndpoint(String endpointUri,
String bindAddress,
X509Certificate certificate,
SecurityPolicy securityPolicy,
MessageSecurityMode messageSecurity) {
boolean invalidConfiguration = messageSecurity == MessageSecurityMode.Invalid ||
(securityPolicy == SecurityPolicy.None && messageSecurity != MessageSecurityMode.None) ||
(securityPolicy != SecurityPolicy.None && messageSecurity == MessageSecurityMode.None);
if (invalidConfiguration) {
logger.warn("Invalid configuration, ignoring: {} + {}", securityPolicy, messageSecurity);
} else {
try {
URI uri = new URI(endpointUri);
endpoints.add(new Endpoint(uri, bindAddress, certificate, securityPolicy, messageSecurity));
} catch (Throwable e) {
logger.warn("Invalid endpoint URI, ignoring: {}", endpointUri);
}
}
return this;
}
示例5: startClient
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
private void startClient() throws Exception {
EndpointDescription[] endpoints = UaTcpStackClient
.getEndpoints("opc.tcp://localhost:12686/test-server").get();
EndpointDescription endpoint = Arrays.stream(endpoints)
.filter(e -> e.getSecurityPolicyUri().equals(SecurityPolicy.None.getSecurityPolicyUri()))
.findFirst().orElseThrow(() -> new Exception("no desired endpoints returned"));
KeyStoreLoader loader = new KeyStoreLoader().load();
OpcUaClientConfig clientConfig = OpcUaClientConfig.builder()
.setApplicationName(LocalizedText.english("Eclipse Milo Test Client"))
.setApplicationUri("urn:eclipse:milo:examples:client")
.setCertificate(loader.getClientCertificate())
.setKeyPair(loader.getClientKeyPair())
.setEndpoint(endpoint)
.setRequestTimeout(uint(60000))
.build();
client = new OpcUaClient(clientConfig);
client.connect().get();
}
示例6: testUsernamePassword
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
@Test
public void testUsernamePassword() throws Exception {
logger.info("testUsernamePassword()");
EndpointDescription[] endpoints = UaTcpStackClient.getEndpoints("opc.tcp://localhost:12686/test-server").get();
EndpointDescription endpoint = Arrays.stream(endpoints)
.filter(e -> e.getSecurityPolicyUri().equals(SecurityPolicy.None.getSecurityPolicyUri()))
.findFirst().orElseThrow(() -> new Exception("no desired endpoints returned"));
KeyStoreLoader loader = new KeyStoreLoader().load();
OpcUaClientConfig clientConfig = OpcUaClientConfig.builder()
.setApplicationName(LocalizedText.english("Eclipse Milo Test Client"))
.setApplicationUri("urn:eclipse:milo:test:client")
.setCertificate(loader.getClientCertificate())
.setKeyPair(loader.getClientKeyPair())
.setEndpoint(endpoint)
.setRequestTimeout(uint(60000))
.setIdentityProvider(new UsernameProvider("user", "password"))
.build();
OpcUaClient client = new OpcUaClient(clientConfig);
client.connect().get();
}
示例7: testUsernamePassword_WithSecurity
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
@Test
public void testUsernamePassword_WithSecurity() throws Exception {
logger.info("testUsernamePassword_WithSecurity()");
EndpointDescription[] endpoints = UaTcpStackClient.getEndpoints("opc.tcp://localhost:12686/test-server").get();
EndpointDescription endpoint = Arrays.stream(endpoints)
.filter(e -> e.getSecurityPolicyUri().equals(SecurityPolicy.Aes256_Sha256_RsaPss.getSecurityPolicyUri()))
.findFirst().orElseThrow(() -> new Exception("no desired endpoints returned"));
KeyStoreLoader loader = new KeyStoreLoader().load();
OpcUaClientConfig clientConfig = OpcUaClientConfig.builder()
.setApplicationName(LocalizedText.english("Eclipse Milo Test Client"))
.setApplicationUri("urn:eclipse:milo:examples:client")
.setCertificate(loader.getClientCertificate())
.setKeyPair(loader.getClientKeyPair())
.setEndpoint(endpoint)
.setRequestTimeout(uint(60000))
.setIdentityProvider(new UsernameProvider("user", "password"))
.build();
OpcUaClient client = new OpcUaClient(clientConfig);
client.connect().get();
}
示例8: buildClientSignature
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
private static SignatureData buildClientSignature(
ClientSecureChannel secureChannel, ByteString serverNonce) throws Exception {
if (secureChannel.getSecurityPolicy() == SecurityPolicy.None) {
return new SignatureData();
} else {
SecurityAlgorithm signatureAlgorithm = secureChannel.getSecurityPolicy().getAsymmetricSignatureAlgorithm();
PrivateKey privateKey = secureChannel.getKeyPair().getPrivate();
ByteString serverCertificate = secureChannel.getRemoteCertificateBytes();
// Signature data is serverCert + serverNonce signed with our private key.
byte[] serverNonceBytes = serverNonce.bytesOrEmpty();
byte[] serverCertificateBytes = serverCertificate.bytesOrEmpty();
byte[] dataToSign = Bytes.concat(serverCertificateBytes, serverNonceBytes);
byte[] signature = SignatureUtil.sign(
signatureAlgorithm,
privateKey,
ByteBuffer.wrap(dataToSign)
);
return new SignatureData(signatureAlgorithm.getUri(), ByteString.of(signature));
}
}
示例9: verifyClientSignature
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
private void verifyClientSignature(
ActivateSessionRequest request,
ServerSecureChannel secureChannel,
Session session) throws UaException {
if (secureChannel.getSecurityPolicy() != SecurityPolicy.None) {
SignatureData clientSignature = request.getClientSignature();
byte[] dataBytes = Bytes.concat(
secureChannel.getLocalCertificateBytes().bytesOrEmpty(),
session.getLastNonce().bytesOrEmpty()
);
byte[] signatureBytes = clientSignature.getSignature().bytesOrEmpty();
SignatureUtil.verify(
SecurityAlgorithm.fromUri(clientSignature.getAlgorithm()),
secureChannel.getRemoteCertificate(),
dataBytes,
signatureBytes
);
}
}
示例10: getServerSignature
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
private SignatureData getServerSignature(ByteString clientNonce,
ByteString clientCertificate,
SecurityPolicy securityPolicy,
KeyPair keyPair) throws UaException {
if (clientNonce.isNull() || clientCertificate.isNull() || keyPair == null) {
return new SignatureData(null, null);
}
try {
SecurityAlgorithm algorithm = securityPolicy.getAsymmetricSignatureAlgorithm();
byte[] data = Bytes.concat(clientCertificate.bytes(), clientNonce.bytes());
byte[] signature = SignatureUtil.sign(
algorithm,
keyPair.getPrivate(),
ByteBuffer.wrap(data)
);
return new SignatureData(algorithm.getUri(), ByteString.of(signature));
} catch (UaRuntimeException e) {
throw new UaException(StatusCodes.Bad_SecurityChecksFailed);
}
}
示例11: OpcUaServerConfigImpl
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
public OpcUaServerConfigImpl(UaTcpStackServerConfig stackServerConfig,
int bindPort,
List<String> bindAddresses,
List<String> endpointAddresses,
EnumSet<SecurityPolicy> securityPolicies,
IdentityValidator identityValidator,
BuildInfo buildInfo,
OpcUaServerConfigLimits limits) {
this.stackServerConfig = stackServerConfig;
this.bindPort = bindPort;
this.bindAddresses = bindAddresses;
this.endpointAddresses = endpointAddresses;
this.securityPolicies = securityPolicies;
this.identityValidator = identityValidator;
this.buildInfo = buildInfo;
this.limits = limits;
}
示例12: testCopy
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
@Test
public void testCopy() {
OpcUaServerConfig original = OpcUaServerConfig.builder()
.setCertificateManager(new DefaultCertificateManager())
.setCertificateValidator(new DefaultCertificateValidator(Files.createTempDir()))
.setSecurityPolicies(EnumSet.of(SecurityPolicy.None, SecurityPolicy.Basic128Rsa15))
.setBindPort(12345)
.setBindAddresses(newArrayList("127.0.0.1", "0.0.0.0"))
.setEndpointAddresses(newArrayList("testHostname"))
.setIdentityValidator(AnonymousIdentityValidator.INSTANCE)
.setBuildInfo(new BuildInfo("a", "b", "c", "d", "e", DateTime.MIN_VALUE))
.setLimits(new OpcUaServerConfigLimits() {})
.build();
OpcUaServerConfig copy = OpcUaServerConfig.copy(original).build();
assertEquals(copy.getSecurityPolicies(), original.getSecurityPolicies());
assertEquals(copy.getBindPort(), original.getBindPort());
assertEquals(copy.getBindAddresses(), original.getBindAddresses());
assertEquals(copy.getEndpointAddresses(), original.getEndpointAddresses());
assertEquals(copy.getIdentityValidator(), original.getIdentityValidator());
assertEquals(copy.getBuildInfo(), original.getBuildInfo());
assertEquals(copy.getLimits(), original.getLimits());
}
示例13: setSecurityPolicies
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
/**
* Security policies
*/
public void setSecurityPolicies(final Set<SecurityPolicy> securityPolicies) {
if (securityPolicies == null || securityPolicies.isEmpty()) {
this.serverConfig.setSecurityPolicies(EnumSet.noneOf(SecurityPolicy.class));
} else {
this.serverConfig.setSecurityPolicies(EnumSet.copyOf(securityPolicies));
}
}
示例14: setSecurityPoliciesById
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
/**
* Security policies by URI or name
*/
public void setSecurityPoliciesById(final Collection<String> securityPolicies) {
final EnumSet<SecurityPolicy> policies = EnumSet.noneOf(SecurityPolicy.class);
if (securityPolicies != null) {
for (final String policyName : securityPolicies) {
final SecurityPolicy policy = SecurityPolicy.fromUriSafe(policyName)
.orElseGet(() -> SecurityPolicy.valueOf(policyName));
policies.add(policy);
}
}
this.serverConfig.setSecurityPolicies(policies);
}
示例15: getNonceLength
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy; //导入依赖的package包/类
/**
* Get the minimum nonce length for use with {@code securityPolicy}.
* <p>
* For an RSA-based {@link SecurityPolicy}, the nonce shall be a cryptographic random number with a length equal to
* the key length specified by policy's SymmetricEncryptionAlgorithm or the length of hash algorithm used by the
* policy's KeyDerivationAlgorithm, whichever is greater.
*
* @param securityPolicy the {@link SecurityPolicy} in use.
* @return the minimum nonce length for use with {@code securityPolicy}.
*/
public static int getNonceLength(SecurityPolicy securityPolicy) {
switch (securityPolicy) {
case Basic128Rsa15:
return 16;
case Basic256:
case Basic256Sha256:
case Aes128_Sha256_RsaOaep:
case Aes256_Sha256_RsaPss:
return 32;
case None:
default:
return 0;
}
}