Crate opcua_crypto

Crate opcua_crypto 

Source
Expand description

Crypto related functionality. It is used for establishing trust between a client and server via certificate exchange and validation. It also used for encrypting / decrypting messages and signing messages.

Modules§

random
Module contains functions for creating cryptographically strong random bytes.

Structs§

AesKey
Wrapper around an AES key.
CertificateStore
The certificate store manages the storage of a server/client’s own certificate & private key and the trust / rejection of certificates from the other end.
HostnameError
Error resolving computer hostname.
LegacyEncryptedSecret
A generic legacy encrypted secret.
PKey
This is a wrapper around an asymmetric key pair. Since the PKey is either a public or private key so we have to differentiate that as well.
Thumbprint
The thumbprint holds a 20 byte representation of a certificate that can be used as a hash, handshake comparison, a filename hint or similar purpose where a shortened representation of a cert is required. Thumbprint size is dictated by the OPC UA spec
X509
Wrapper around an X509 certificate.
X509Data
Data for constructing an X509 certificate.
X509Error
Error returned when handling X509 certificates.

Enums§

SecurityPolicy
SecurityPolicy implies what encryption and signing algorithms and their relevant key strengths are used during an encrypted session.

Constants§

SHA1_SIZE
Size of a SHA1 hash value in bytes
SHA256_SIZE
Size of a SHA256 hash value bytes

Traits§

KeySize
Trait for computing the key size of a private key.
LegacySecret
Trait for a type with a secret encrypted with legacy secret encryption.

Functions§

create_signature_data
Creates a SignatureData object by signing the supplied certificate and nonce with a pkey
hostname
Returns this computer’s hostname
legacy_decrypt_secret
Decrypt a legacy secret using the server’s nonce and private key.
legacy_encrypt_secret
Encrypt a client side user’s password using the server nonce and cert. This is described in part 4, 7.41 of the OPC-UA standard.
verify_signature_data
Verifies that the supplied signature data was produced by the signing cert. The contained cert and nonce are supplied so the signature can be verified against the expected data.
verify_x509_identity_token
Verify that the X509 identity token supplied to a server contains a valid signature.

Type Aliases§

PrivateKey
A private key
PublicKey
A public key