Unified UserIdentityToken Encrypt/Decrypt

Libraries/Opc.Ua.Client/Session/Session.cs

@@ -2456,7 +2456,6 @@ public void Open(
                 SignatureData userTokenSignature = identityToken.Sign(dataToSign, securityPolicyUri);
 
                 // encrypt token.
-#if ECC_SUPPORT
                 identityToken.Encrypt(
                     serverCertificate,
                     serverNonce,
@@ -2465,9 +2464,7 @@ public void Open(
                     m_instanceCertificate,
                     m_instanceCertificateChain,
                     m_endpoint.Description.SecurityMode != MessageSecurityMode.None);
-#else
-                identityToken.Encrypt(serverCertificate, serverNonce, securityPolicyUri);
-#endif
+
                 // send the software certificates assigned to the client.
                 SignedSoftwareCertificateCollection clientSoftwareCertificates = GetSoftwareCertificates();
 
@@ -2641,8 +2638,6 @@ public void UpdateSession(IUserIdentity identity, StringCollection preferredLoca
             userTokenSignature = identityToken.Sign(dataToSign, securityPolicyUri);
 
             // encrypt token.
-#if ECC_SUPPORT
-            // TODO: build helper function
             identityToken.Encrypt(
                 m_serverCertificate,
                 serverNonce,
@@ -2651,9 +2646,7 @@ public void UpdateSession(IUserIdentity identity, StringCollection preferredLoca
                 m_instanceCertificate,
                 m_instanceCertificateChain,
                 m_endpoint.Description.SecurityMode != MessageSecurityMode.None);
-#else
-            identityToken.Encrypt(m_serverCertificate, serverNonce, securityPolicyUri);
-#endif
+
             // send the software certificates assigned to the client.
             SignedSoftwareCertificateCollection clientSoftwareCertificates = GetSoftwareCertificates();
 
@@ -5679,7 +5672,6 @@ ITransportChannel transportChannel
             SignatureData userTokenSignature = identityToken.Sign(dataToSign, securityPolicyUri);
 
             // encrypt token.
-#if ECC_SUPPORT
             identityToken.Encrypt(
                 m_serverCertificate,
                 m_serverNonce,
@@ -5688,9 +5680,6 @@ ITransportChannel transportChannel
                 m_instanceCertificate,
                 m_instanceCertificateChain,
                 m_endpoint.Description.SecurityMode != MessageSecurityMode.None);
-#else
-            identityToken.Encrypt(m_serverCertificate, m_serverNonce, securityPolicyUri);
-#endif
 
             // send the software certificates assigned to the client.
             SignedSoftwareCertificateCollection clientSoftwareCertificates = GetSoftwareCertificates();
@@ -6481,9 +6470,8 @@ protected virtual void ProcessResponseAdditionalHeader(ResponseHeader responseHe
                                 StatusCodes.BadDecodingError,
                                 "Could not verify signature on ECDHKey. User authentication not possible.");
                         }
-#if ECC_SUPPORT
+
                         m_eccServerEphemeralKey = Nonce.CreateNonce(m_userTokenSecurityPolicyUri, key.PublicKey);
-#endif
                     }
                 }
             }
@@ -6579,9 +6567,7 @@ protected virtual void ProcessResponseAdditionalHeader(ResponseHeader responseHe
         private int m_maxPublishRequestCount;
         private LinkedList<AsyncRequestState> m_outstandingRequests;
         private string m_userTokenSecurityPolicyUri;
-#if ECC_SUPPORT
         private Nonce m_eccServerEphemeralKey;
-#endif
         private readonly EndpointDescriptionCollection m_discoveryServerEndpoints;
         private readonly StringCollection m_discoveryProfileUris;
         private uint m_serverMaxContinuationPointsPerBrowse = 0;

Libraries/Opc.Ua.Client/Session/SessionAsync.cs

@@ -239,8 +239,6 @@ public async Task OpenAsync(
                 SignatureData userTokenSignature = identityToken.Sign(dataToSign, securityPolicyUri);
 
                 // encrypt token.
-                //identityToken.Encrypt(serverCertificate, serverNonce, securityPolicyUri);
-#if ECC_SUPPORT 
                 identityToken.Encrypt(
                     serverCertificate,
                     serverNonce,
@@ -249,9 +247,6 @@ public async Task OpenAsync(
                     m_instanceCertificate,
                     m_instanceCertificateChain,
                     m_endpoint.Description.SecurityMode != MessageSecurityMode.None);
-#else
-                identityToken.Encrypt(serverCertificate, serverNonce, securityPolicyUri);
-#endif
 
                 // send the software certificates assigned to the client.
                 SignedSoftwareCertificateCollection clientSoftwareCertificates = GetSoftwareCertificates();

Stack/Opc.Ua.Core/Stack/Types/UserIdentityToken.cs

@@ -26,19 +26,15 @@ public partial class UserIdentityToken
         /// <summary>
         /// Encrypts the token (implemented by the subclass).
         /// </summary>
-#if ECC_SUPPORT
         [Obsolete("Use Encrypt(X509Certificate2, byte[], string securityPolicyUri, Nonce, X509Certificate2, X509Certificate2Collection, bool) ")]
-#endif
         public virtual void Encrypt(X509Certificate2 certificate, byte[] receiverNonce, string securityPolicyUri)
         {
         }
 
         /// <summary>
         /// Decrypts the token (implemented by the subclass).
         /// </summary>
-#if ECC_SUPPORT
         [Obsolete("Use Decrypt(X509Certificate2, Nonce, string, Nonce, X509Certificate2, X509Certificate2Collection, CertificateValidator) ")]
-#endif
         public virtual void Decrypt(X509Certificate2 certificate, byte[] receiverNonce, string securityPolicyUri)
         {
         }
@@ -109,9 +105,7 @@ public string DecryptedPassword
         /// <summary>
         /// Encrypts the DecryptedPassword using the EncryptionAlgorithm and places the result in Password
         /// </summary>
-#if ECC_SUPPORT
         [Obsolete("Use Encrypt(X509Certificate2, byte[], string securityPolicyUri, Nonce, X509Certificate2, X509Certificate2Collection, bool)")]
-#endif
         public override void Encrypt(X509Certificate2 certificate, byte[] senderNonce, string securityPolicyUri)
         {
             Encrypt(certificate, senderNonce, securityPolicyUri, null);
@@ -120,9 +114,7 @@ public override void Encrypt(X509Certificate2 certificate, byte[] senderNonce, s
         /// <summary>
         /// Decrypts the Password using the EncryptionAlgorithm and places the result in DecryptedPassword
         /// </summary>
-#if ECC_SUPPORT
         [Obsolete("Use Decrypt(X509Certificate2, Nonce, string, Nonce, X509Certificate2, X509Certificate2Collection, CertificateValidator) ")]
-#endif
         public override void Decrypt(X509Certificate2 certificate, byte[] senderNonce, string securityPolicyUri)
         {
             Decrypt(certificate, Nonce.CreateNonce(securityPolicyUri, senderNonce), securityPolicyUri);
@@ -428,9 +420,7 @@ public byte[] DecryptedTokenData
         /// <summary>
         /// Encrypts the DecryptedTokenData using the EncryptionAlgorithm and places the result in Password
         /// </summary>
-#if ECC_SUPPORT
         [Obsolete("Use Encrypt(X509Certificate2, byte[], string securityPolicyUri, Nonce, X509Certificate2, X509Certificate2Collection, bool)")]
-#endif
         public override void Encrypt(X509Certificate2 certificate, byte[] senderNonce, string securityPolicyUri)
         {
             Encrypt(certificate, senderNonce, securityPolicyUri, null);
@@ -439,9 +429,7 @@ public override void Encrypt(X509Certificate2 certificate, byte[] senderNonce, s
         /// <summary>
         /// Decrypts the Password using the EncryptionAlgorithm and places the result in DecryptedPassword
         /// </summary>
-#if ECC_SUPPORT
         [Obsolete("Use Decrypt(X509Certificate2, Nonce, string, Nonce, X509Certificate2, X509Certificate2Collection, CertificateValidator) ")]
-#endif
         public override void Decrypt(X509Certificate2 certificate, byte[] senderNonce, string securityPolicyUri)
         {
             Decrypt(certificate, Nonce.CreateNonce(securityPolicyUri, senderNonce), securityPolicyUri);