refactor(core): Remove unused transport datatypes

2025-06-03 04:00:21 +00:00 · 2020-01-11 20:47:14 +01:00 · 2020-01-11 20:47:14 +01:00 · 66f0897151
commit 66f0897151
parent 20179d6336
5 changed files with 46 additions and 74 deletions
--- a/src/ua_securechannel.c
+++ b/src/ua_securechannel.c
@ -282,37 +282,34 @@ encodeHeadersSym(UA_MessageContext *const messageContext, size_t totalLength) {
    UA_SecureChannel *channel = messageContext->channel;
    UA_Byte *header_pos = messageContext->messageBuffer.data;

-    UA_SecureConversationMessageHeader respHeader;
-    respHeader.secureChannelId = channel->securityToken.channelId;
-    respHeader.messageHeader.messageTypeAndChunkType = messageContext->messageType;
-    respHeader.messageHeader.messageSize = (UA_UInt32)totalLength;
+    UA_TcpMessageHeader header;
+    header.messageTypeAndChunkType = messageContext->messageType;
+    header.messageSize = (UA_UInt32)totalLength;
    if(messageContext->final)
-        respHeader.messageHeader.messageTypeAndChunkType += UA_CHUNKTYPE_FINAL;
+        header.messageTypeAndChunkType += UA_CHUNKTYPE_FINAL;
    else
-        respHeader.messageHeader.messageTypeAndChunkType += UA_CHUNKTYPE_INTERMEDIATE;
+        header.messageTypeAndChunkType += UA_CHUNKTYPE_INTERMEDIATE;

-    UA_StatusCode res =
-        UA_encodeBinary(&respHeader, &UA_TRANSPORT[UA_TRANSPORT_SECURECONVERSATIONMESSAGEHEADER],
-                        &header_pos, &messageContext->buf_end, NULL, NULL);
-
-    UA_SymmetricAlgorithmSecurityHeader symSecHeader;
-    symSecHeader.tokenId = channel->securityToken.tokenId;
+    UA_UInt32 tokenId = channel->securityToken.tokenId;
    /* This is a server SecureChannel and we have sent out the OPN response but
     * not gotten a request with the new token. So we want to send with
     * nextSecurityToken and still allow to receive with the old one. */
    if(channel->nextSecurityToken.tokenId != 0)
-        symSecHeader.tokenId = channel->nextSecurityToken.tokenId;
-
-    res |= UA_encodeBinary(&symSecHeader.tokenId,
-                           &UA_TRANSPORT[UA_TRANSPORT_SYMMETRICALGORITHMSECURITYHEADER],
-                           &header_pos, &messageContext->buf_end, NULL, NULL);
+        tokenId = channel->nextSecurityToken.tokenId;

    UA_SequenceHeader seqHeader;
    seqHeader.requestId = messageContext->requestId;
    seqHeader.sequenceNumber = UA_atomic_addUInt32(&channel->sendSequenceNumber, 1);
+
+    UA_StatusCode res = UA_STATUSCODE_GOOD;
+    res |= UA_encodeBinary(&header, &UA_TRANSPORT[UA_TRANSPORT_TCPMESSAGEHEADER],
+                           &header_pos, &messageContext->buf_end, NULL, NULL);
+    res |= UA_encodeBinary(&channel->securityToken.channelId, &UA_TYPES[UA_TYPES_UINT32],
+                           &header_pos, &messageContext->buf_end, NULL, NULL);
+    res |= UA_encodeBinary(&tokenId, &UA_TYPES[UA_TYPES_UINT32],
+                           &header_pos, &messageContext->buf_end, NULL, NULL);
    res |= UA_encodeBinary(&seqHeader, &UA_TRANSPORT[UA_TRANSPORT_SEQUENCEHEADER],
                           &header_pos, &messageContext->buf_end, NULL, NULL);
-
    return res;
 }

@ -640,24 +637,26 @@ decryptAddChunk(UA_SecureChannel *channel, UA_ByteString *chunk,
    const UA_SecurityPolicy *sp = channel->securityPolicy;

    /* Decode the MessageHeader */
+    UA_StatusCode retval = UA_STATUSCODE_GOOD;
+    UA_TcpMessageHeader messageHeader;
+    UA_UInt32 secureChannelId;
    size_t offset = 0;
-    UA_SecureConversationMessageHeader messageHeader;
-    UA_StatusCode retval =
-        UA_SecureConversationMessageHeader_decodeBinary(chunk, &offset, &messageHeader);
+    retval |= UA_TcpMessageHeader_decodeBinary(chunk, &offset, &messageHeader);
+    retval |= UA_UInt32_decodeBinary(chunk, &offset, &secureChannelId);
    if(retval != UA_STATUSCODE_GOOD)
        return retval;

 #if !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
    /* The wrong ChannelId. Non-opened channels have the id zero. */
-    if(messageHeader.secureChannelId != channel->securityToken.channelId &&
+    if(secureChannelId != channel->securityToken.channelId &&
       channel->state != UA_SECURECHANNELSTATE_FRESH)
        return UA_STATUSCODE_BADSECURECHANNELIDINVALID;
 #endif

    UA_MessageType messageType = (UA_MessageType)
-        (messageHeader.messageHeader.messageTypeAndChunkType & UA_BITMASK_MESSAGETYPE);
+        (messageHeader.messageTypeAndChunkType & UA_BITMASK_MESSAGETYPE);
    UA_ChunkType chunkType = (UA_ChunkType)
-        (messageHeader.messageHeader.messageTypeAndChunkType & UA_BITMASK_CHUNKTYPE);
+        (messageHeader.messageTypeAndChunkType & UA_BITMASK_CHUNKTYPE);
    UA_ByteString chunkPayload;

    switch(messageType) {
@ -673,10 +672,8 @@ decryptAddChunk(UA_SecureChannel *channel, UA_ByteString *chunk,
    case UA_MESSAGETYPE_MSG:
    case UA_MESSAGETYPE_CLO: {
        /* Decode and check the symmetric security header (tokenId) */
-        UA_SymmetricAlgorithmSecurityHeader symmetricSecurityHeader;
-        UA_SymmetricAlgorithmSecurityHeader_init(&symmetricSecurityHeader);
-        retval = UA_SymmetricAlgorithmSecurityHeader_decodeBinary(chunk, &offset,
-                                                                  &symmetricSecurityHeader);
+        UA_UInt32 tokenId;
+        retval = UA_UInt32_decodeBinary(chunk, &offset, &tokenId);
        if(retval != UA_STATUSCODE_GOOD)
            return retval;

@ -685,7 +682,7 @@ decryptAddChunk(UA_SecureChannel *channel, UA_ByteString *chunk,
        symmetricSecurityHeader.tokenId = channel->securityToken.tokenId;
 #endif

-        retval = checkSymHeader(channel, symmetricSecurityHeader.tokenId, allowPreviousToken);
+        retval = checkSymHeader(channel, tokenId, allowPreviousToken);
        if(retval != UA_STATUSCODE_GOOD) {
            UA_LOG_WARNING_CHANNEL(sp->logger, channel, "Could not validate the chunk header");
            return retval;
--- a/src/ua_securechannel_crypto.c
+++ b/src/ua_securechannel_crypto.c
@ -179,16 +179,18 @@ prependHeadersAsym(UA_SecureChannel *const channel, UA_Byte *header_pos,
    size_t dataToEncryptLength =
        totalLength - (UA_SECURE_CONVERSATION_MESSAGE_HEADER_LENGTH + securityHeaderLength);

-    UA_SecureConversationMessageHeader respHeader;
-    respHeader.messageHeader.messageTypeAndChunkType = UA_MESSAGETYPE_OPN + UA_CHUNKTYPE_FINAL;
-    respHeader.messageHeader.messageSize = (UA_UInt32)
+    UA_TcpMessageHeader messageHeader;
+    messageHeader.messageTypeAndChunkType = UA_MESSAGETYPE_OPN + UA_CHUNKTYPE_FINAL;
+    messageHeader.messageSize = (UA_UInt32)
        (totalLength +
         UA_SecurityPolicy_getRemoteAsymEncryptionBufferLengthOverhead(sp, channel->channelContext,
                                                                       dataToEncryptLength));
-    respHeader.secureChannelId = channel->securityToken.channelId;
-    UA_StatusCode retval = UA_encodeBinary(&respHeader,
-                                           &UA_TRANSPORT[UA_TRANSPORT_SECURECONVERSATIONMESSAGEHEADER],
-                                           &header_pos, &buf_end, NULL, NULL);
+    UA_UInt32 secureChannelId = channel->securityToken.channelId;
+    UA_StatusCode retval = UA_STATUSCODE_GOOD;
+    retval |= UA_encodeBinary(&messageHeader, &UA_TRANSPORT[UA_TRANSPORT_TCPMESSAGEHEADER],
+                              &header_pos, &buf_end, NULL, NULL);
+    retval |= UA_encodeBinary(&secureChannelId, &UA_TYPES[UA_TYPES_UINT32],
+                              &header_pos, &buf_end, NULL, NULL);
    if(retval != UA_STATUSCODE_GOOD)
        return retval;

@ -213,7 +215,7 @@ prependHeadersAsym(UA_SecureChannel *const channel, UA_Byte *header_pos,
    retval = UA_encodeBinary(&seqHeader, &UA_TRANSPORT[UA_TRANSPORT_SEQUENCEHEADER],
                             &header_pos, &buf_end, NULL, NULL);

-    *finalLength = respHeader.messageHeader.messageSize;
+    *finalLength = messageHeader.messageSize;

    return retval;
 }
--- a/tests/check_securechannel.c
+++ b/tests/check_securechannel.c
@ -270,8 +270,10 @@ START_TEST(SecureChannel_sendAsymmetricOPNMessage_sentDataIsValid) {
    ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");

    size_t offset = 0;
-    UA_SecureConversationMessageHeader header;
-    UA_SecureConversationMessageHeader_decodeBinary(&sentData, &offset, &header);
+    UA_TcpMessageHeader header;
+    UA_TcpMessageHeader_decodeBinary(&sentData, &offset, &header);
+    UA_UInt32 secureChannelId;
+    UA_UInt32_decodeBinary(&sentData, &offset, &secureChannelId);

    UA_AsymmetricAlgorithmSecurityHeader asymSecurityHeader;
    UA_AsymmetricAlgorithmSecurityHeader_decodeBinary(&sentData, &offset, &asymSecurityHeader);
@ -291,7 +293,7 @@ START_TEST(SecureChannel_sendAsymmetricOPNMessage_sentDataIsValid) {
                  "in the secureChannel");

    /* Dummy encryption */
-    for(size_t i = offset; i < header.messageHeader.messageSize; ++i) {
+    for(size_t i = offset; i < header.messageSize; ++i) {
        sentData.data[i] = (UA_Byte)((sentData.data[i] - 1) % (UA_BYTE_MAX + 1));
    }
 #endif
@ -327,7 +329,6 @@ START_TEST(SecureChannel_sendAsymmetricOPNMessage_sentDataIsValid) {
    ck_assert_msg(sentData.data[offset + paddingSize + 1] == '*', "Expected first byte of signature");
 #endif

-    UA_SecureConversationMessageHeader_deleteMembers(&header);
    UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&asymSecurityHeader);
    UA_SequenceHeader_deleteMembers(&sequenceHeader);
    UA_OpenSecureChannelResponse_deleteMembers(&sentResponse);
@ -352,8 +353,10 @@ START_TEST(Securechannel_sendAsymmetricOPNMessage_extraPaddingPresentWhenKeyLarg
    ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");

    size_t offset = 0;
-    UA_SecureConversationMessageHeader header;
-    UA_SecureConversationMessageHeader_decodeBinary(&sentData, &offset, &header);
+    UA_TcpMessageHeader header;
+    UA_TcpMessageHeader_decodeBinary(&sentData, &offset, &header);
+    UA_UInt32 secureChannelId;
+    UA_UInt32_decodeBinary(&sentData, &offset, &secureChannelId);

    UA_AsymmetricAlgorithmSecurityHeader asymSecurityHeader;
    UA_AsymmetricAlgorithmSecurityHeader_decodeBinary(&sentData, &offset, &asymSecurityHeader);
@ -368,7 +371,7 @@ START_TEST(Securechannel_sendAsymmetricOPNMessage_extraPaddingPresentWhenKeyLarg
                  "Expected receiverCertificateThumbprint to be equal to the one set "
                  "in the secureChannel");

-    for(size_t i = offset; i < header.messageHeader.messageSize; ++i) {
+    for(size_t i = offset; i < header.messageSize; ++i) {
        sentData.data[i] = (UA_Byte)((sentData.data[i] - 1) % (UA_BYTE_MAX + 1));
    }

@ -409,7 +412,6 @@ START_TEST(Securechannel_sendAsymmetricOPNMessage_extraPaddingPresentWhenKeyLarg
                  "Expected first byte 42 of signature but got %i",
                  sentData.data[offset + paddingSize + 2]);

-    UA_SecureConversationMessageHeader_deleteMembers(&header);
    UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&asymSecurityHeader);
    UA_SequenceHeader_deleteMembers(&sequenceHeader);
    UA_OpenSecureChannelResponse_deleteMembers(&sentResponse);
--- a/tools/schema/Custom.Opc.Ua.Transport.bsd
+++ b/tools/schema/Custom.Opc.Ua.Transport.bsd
@ -26,7 +26,6 @@
    <opc:EnumeratedValue Name="FINAL" Value="0x46000000" />
    <opc:EnumeratedValue Name="INTERMEDIATE" Value="0x43000000" />
    <opc:EnumeratedValue Name="ABORT" Value="0x41000000" />
-
  </opc:EnumeratedType>

   <opc:StructuredType Name="TcpMessageHeader">
@ -60,12 +59,6 @@
    <opc:Field Name="Reason" TypeName="opc:String" />
  </opc:StructuredType>
  
-  <opc:StructuredType Name="SecureConversationMessageHeader">
-    <opc:Documentation>Secure Layer Sequence Header</opc:Documentation>
-    <opc:Field Name="MessageHeader" TypeName="opc:TcpMessageHeader" />
-    <opc:Field Name="SecureChannelId" TypeName="opc:UInt32" />
-  </opc:StructuredType>
-  
  <opc:StructuredType Name="AsymmetricAlgorithmSecurityHeader">
    <opc:Documentation>Security Header</opc:Documentation>
    <opc:Field Name="SecurityPolicyUri" TypeName="opc:ByteString" />
@ -73,30 +66,12 @@
    <opc:Field Name="ReceiverCertificateThumbprint" TypeName="opc:ByteString" />
  </opc:StructuredType>
  
-  <opc:StructuredType Name="SymmetricAlgorithmSecurityHeader">
-    <opc:Documentation>Secure Layer Symmetric Algorithm Header</opc:Documentation>
-    <opc:Field Name="TokenId" TypeName="opc:UInt32" />
-  </opc:StructuredType>
-  
  <opc:StructuredType Name="SequenceHeader">
    <opc:Documentation>Secure Layer Sequence Header</opc:Documentation>
    <opc:Field Name="SequenceNumber" TypeName="opc:UInt32" />
    <opc:Field Name="RequestId" TypeName="opc:UInt32"/>
  </opc:StructuredType>
  
-  <opc:StructuredType Name="SecureConversationMessageFooter">
-    <opc:Documentation>Secure Conversation Message Footer</opc:Documentation>
-    <opc:Field Name="PaddingSize" TypeName="opc:Byte" />
-    <opc:Field Name="Padding" TypeName="opc:Byte" LengthField="PaddingSize" />
-    <opc:Field Name="Signature" TypeName="opc:Byte"/>
-  </opc:StructuredType>
-  
-  <opc:StructuredType Name="SecureConversationMessageAbortBody">
-    <opc:Documentation>Secure Conversation Message Abort Body</opc:Documentation>
-    <opc:Field Name="Error" TypeName="opc:UInt32" />
-    <opc:Field Name="Reason" TypeName="opc:String" />
-  </opc:StructuredType>
- 
 <!-- Transport types end -->

 </opc:TypeDictionary>
--- a/tools/schema/datatypes_transport.txt
+++ b/tools/schema/datatypes_transport.txt
@ -4,9 +4,5 @@ TcpMessageHeader
 TcpHelloMessage
 TcpAcknowledgeMessage
 TcpErrorMessage
-SecureConversationMessageHeader
 AsymmetricAlgorithmSecurityHeader
-SymmetricAlgorithmSecurityHeader
 SequenceHeader
-SecureConversationMessageFooter
-SecureConversationMessageAbortBody