Module opcua_crypto::user_identity

Functions related to encrypting / decrypting passwords in a UserNameIdentityToken.

The code here determines how or if to encrypt the password depending on the security policy and user token policy.

Functions

decrypt_user_identity_token_password

Decrypt the password inside of a user identity token.

legacy_password_decrypt

Decrypt the client’s password using the server’s nonce and private key. This function is prefixed “legacy” because 1.04 describes another way of encrypting passwords.

legacy_password_encrypt

Encrypt a client side user’s password using the server nonce and cert. This is described in table 176 OPC UA part 4. This function is prefixed “legacy” because 1.04 describes another way of encrypting passwords.

make_user_name_identity_token

Create a filled in UserNameIdentityToken by using the supplied channel security policy, user token policy, nonce, cert, user name and password.

verify_x509_identity_token

Verify that the X509 identity token supplied to a server contains a valid signature.