123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400 |
- package at.acdp.opcur;
- /*
- * ======================================================================== Copyright (c) 2005-2015
- * The OPC Foundation, Inc. All rights reserved.
- *
- * OPC Foundation MIT License 1.00
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
- * associated documentation files (the "Software"), to deal in the Software without restriction,
- * including without limitation the rights to use, copy, modify, merge, publish, distribute,
- * sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in all copies or
- * substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
- * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
- * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
- * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
- * IN THE SOFTWARE.
- *
- * The complete license agreement can be found here: http://opcfoundation.org/License/MIT/1.00/
- * ======================================================================
- */
- import java.io.ByteArrayOutputStream;
- import java.io.IOException;
- import java.security.KeyPairGenerator;
- import java.security.SecureRandom;
- import java.security.Security;
- import java.security.interfaces.RSAPrivateKey;
- import java.util.Random;
- import java.util.UUID;
- import org.apache.http.conn.ssl.SSLSocketFactory;
- import org.opcfoundation.ua.application.Application;
- import org.opcfoundation.ua.application.Server;
- import org.opcfoundation.ua.builtintypes.ByteString;
- import org.opcfoundation.ua.builtintypes.DataValue;
- import org.opcfoundation.ua.builtintypes.LocalizedText;
- import org.opcfoundation.ua.builtintypes.NodeId;
- import org.opcfoundation.ua.builtintypes.QualifiedName;
- import org.opcfoundation.ua.builtintypes.StatusCode;
- import org.opcfoundation.ua.builtintypes.UnsignedInteger;
- import org.opcfoundation.ua.builtintypes.Variant;
- import org.opcfoundation.ua.common.ServiceFaultException;
- import org.opcfoundation.ua.common.ServiceResultException;
- import org.opcfoundation.ua.core.ActivateSessionRequest;
- import org.opcfoundation.ua.core.ActivateSessionResponse;
- import org.opcfoundation.ua.core.AddNodesRequest;
- import org.opcfoundation.ua.core.AddNodesResponse;
- import org.opcfoundation.ua.core.AddReferencesRequest;
- import org.opcfoundation.ua.core.AddReferencesResponse;
- import org.opcfoundation.ua.core.AttributeServiceSetHandler;
- import org.opcfoundation.ua.core.Attributes;
- import org.opcfoundation.ua.core.BrowseNextRequest;
- import org.opcfoundation.ua.core.BrowseNextResponse;
- import org.opcfoundation.ua.core.BrowseRequest;
- import org.opcfoundation.ua.core.BrowseResponse;
- import org.opcfoundation.ua.core.BrowseResult;
- import org.opcfoundation.ua.core.CancelRequest;
- import org.opcfoundation.ua.core.CancelResponse;
- import org.opcfoundation.ua.core.CloseSessionRequest;
- import org.opcfoundation.ua.core.CloseSessionResponse;
- import org.opcfoundation.ua.core.CreateSessionRequest;
- import org.opcfoundation.ua.core.CreateSessionResponse;
- import org.opcfoundation.ua.core.DeleteNodesRequest;
- import org.opcfoundation.ua.core.DeleteNodesResponse;
- import org.opcfoundation.ua.core.DeleteReferencesRequest;
- import org.opcfoundation.ua.core.DeleteReferencesResponse;
- import org.opcfoundation.ua.core.EndpointConfiguration;
- import org.opcfoundation.ua.core.HistoryReadRequest;
- import org.opcfoundation.ua.core.HistoryReadResponse;
- import org.opcfoundation.ua.core.HistoryUpdateRequest;
- import org.opcfoundation.ua.core.HistoryUpdateResponse;
- import org.opcfoundation.ua.core.Identifiers;
- import org.opcfoundation.ua.core.NodeManagementServiceSetHandler;
- import org.opcfoundation.ua.core.QueryFirstRequest;
- import org.opcfoundation.ua.core.QueryFirstResponse;
- import org.opcfoundation.ua.core.QueryNextRequest;
- import org.opcfoundation.ua.core.QueryNextResponse;
- import org.opcfoundation.ua.core.ReadRequest;
- import org.opcfoundation.ua.core.ReadResponse;
- import org.opcfoundation.ua.core.ReadValueId;
- import org.opcfoundation.ua.core.RegisterNodesRequest;
- import org.opcfoundation.ua.core.RegisterNodesResponse;
- import org.opcfoundation.ua.core.ServiceFault;
- import org.opcfoundation.ua.core.SessionServiceSetHandler;
- import org.opcfoundation.ua.core.SignatureData;
- import org.opcfoundation.ua.core.StatusCodes;
- import org.opcfoundation.ua.core.TranslateBrowsePathsToNodeIdsRequest;
- import org.opcfoundation.ua.core.TranslateBrowsePathsToNodeIdsResponse;
- import org.opcfoundation.ua.core.UnregisterNodesRequest;
- import org.opcfoundation.ua.core.UnregisterNodesResponse;
- import org.opcfoundation.ua.core.UserTokenPolicy;
- import org.opcfoundation.ua.core.WriteRequest;
- import org.opcfoundation.ua.core.WriteResponse;
- import org.opcfoundation.ua.transport.endpoint.EndpointServiceRequest;
- import org.opcfoundation.ua.transport.security.CertificateValidator;
- import org.opcfoundation.ua.transport.security.HttpsSecurityPolicy;
- import org.opcfoundation.ua.transport.security.KeyPair;
- import org.opcfoundation.ua.transport.security.SecurityAlgorithm;
- import org.opcfoundation.ua.transport.security.SecurityMode;
- import org.opcfoundation.ua.transport.security.SecurityPolicy;
- import org.opcfoundation.ua.utils.CryptoUtil;
- import org.opcfoundation.ua.utils.EndpointUtil;
- /**
- * Simple Server example. This server responds to stack test and endpoint discover service requests.
- *
- */
- public class OPCTest {
- static class MyAttributeServiceHandler implements AttributeServiceSetHandler {
- @Override
- public void onHistoryRead(EndpointServiceRequest<HistoryReadRequest, HistoryReadResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onHistoryUpdate(EndpointServiceRequest<HistoryUpdateRequest, HistoryUpdateResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onRead(EndpointServiceRequest<ReadRequest, ReadResponse> req) throws ServiceFaultException {
- ReadRequest request = req.getRequest();
- ReadValueId[] nodesToRead = request.getNodesToRead();
- DataValue[] results = new DataValue[nodesToRead.length];
- for (int i = 0; i < nodesToRead.length; i++) {
- if (Identifiers.RootFolder.equals(nodesToRead[i].getNodeId())) {
- if (Attributes.BrowseName.equals(nodesToRead[i].getAttributeId())) {
- results[i] = new DataValue(new Variant(new QualifiedName("Root")));
- } else if (Attributes.DisplayName.equals(nodesToRead[i].getAttributeId())) {
- results[i] = new DataValue(new Variant(new LocalizedText("Root", LocalizedText.NO_LOCALE)));
- } else {
- results[i] = new DataValue(new StatusCode(StatusCodes.Bad_AttributeIdInvalid));
- }
- } else {
- results[i] = new DataValue(new StatusCode(StatusCodes.Bad_NodeIdUnknown));
- }
- }
- ReadResponse response = new ReadResponse(null, results, null);
- req.sendResponse(response);
- }
- @Override
- public void onWrite(EndpointServiceRequest<WriteRequest, WriteResponse> req) throws ServiceFaultException {
- }
- };
- static class MyNodeManagementServiceHandler implements NodeManagementServiceSetHandler {
- @Override
- public void onAddNodes(EndpointServiceRequest<AddNodesRequest, AddNodesResponse> req) throws ServiceFaultException {
- }
- @Override
- public void onAddReferences(EndpointServiceRequest<AddReferencesRequest, AddReferencesResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onBrowse(EndpointServiceRequest<BrowseRequest, BrowseResponse> req) throws ServiceFaultException {
- BrowseRequest request = req.getRequest();
- BrowseResult[] Results = new BrowseResult[request.getNodesToBrowse().length];
- for (int i = 0; i < request.getNodesToBrowse().length; i++) {
- StatusCode statusCode;
- if (Identifiers.RootFolder.equals(request.getNodesToBrowse()[i].getNodeId())) {
- statusCode = StatusCode.GOOD;
- } else {
- statusCode = new StatusCode(StatusCodes.Bad_NodeIdUnknown);
- }
- Results[i] = new BrowseResult(statusCode, null, null);
- }
- BrowseResponse response = new BrowseResponse(null, Results, null);
- req.sendResponse(response);
- }
- @Override
- public void onBrowseNext(EndpointServiceRequest<BrowseNextRequest, BrowseNextResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onDeleteNodes(EndpointServiceRequest<DeleteNodesRequest, DeleteNodesResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onDeleteReferences(EndpointServiceRequest<DeleteReferencesRequest, DeleteReferencesResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onQueryFirst(EndpointServiceRequest<QueryFirstRequest, QueryFirstResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onQueryNext(EndpointServiceRequest<QueryNextRequest, QueryNextResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onRegisterNodes(EndpointServiceRequest<RegisterNodesRequest, RegisterNodesResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onTranslateBrowsePathsToNodeIds(
- EndpointServiceRequest<TranslateBrowsePathsToNodeIdsRequest, TranslateBrowsePathsToNodeIdsResponse> req)
- throws ServiceFaultException {
- }
- @Override
- public void onUnregisterNodes(EndpointServiceRequest<UnregisterNodesRequest, UnregisterNodesResponse> req)
- throws ServiceFaultException {
- }
- }
- static class MyServerExample extends Server implements SessionServiceSetHandler {
- public MyServerExample(Application application) throws Exception {
- super(application);
- addServiceHandler(this);
- // Add Client Application Instance Certificate validator - Accept them all (for now)
- application.getOpctcpSettings().setCertificateValidator(CertificateValidator.ALLOW_ALL);
- application.getHttpsSettings().setCertificateValidator(CertificateValidator.ALLOW_ALL);
- // The HTTPS SecurityPolicies are defined separate from the endpoint securities
- application.getHttpsSettings().setHttpsSecurityPolicies(HttpsSecurityPolicy.ALL);
- // Peer verifier
- application.getHttpsSettings().setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
- // Load Servers's Application Instance Certificate...
- KeyPair myServerApplicationInstanceCertificate = ExampleKeys.getCert("ServerExample1");
- application.addApplicationInstanceCertificate(myServerApplicationInstanceCertificate);
- // ...and HTTPS certificate
- KeyPair myHttpsCertificate = ExampleKeys.getHttpsCert("ServerExample1");
- application.getHttpsSettings().setKeyPair(myHttpsCertificate);
- // Add User Token Policies
- addUserTokenPolicy(UserTokenPolicy.ANONYMOUS);
- addUserTokenPolicy(UserTokenPolicy.SECURE_USERNAME_PASSWORD);
- // Create an endpoint for each network interface
- String hostname = EndpointUtil.getHostname();
- String bindAddress, endpointAddress;
- for (String addr : EndpointUtil.getInetAddressNames()) {
- bindAddress = "https://" + addr + ":8443/UAExample";
- endpointAddress = "https://" + hostname + ":8443/UAExample";
- System.out.println(endpointAddress + " bound at " + bindAddress);
- // The HTTPS ports are using NONE OPC security
- bind(bindAddress, endpointAddress, SecurityMode.NONE);
- bindAddress = "opc.tcp://" + addr + ":8666/UAExample";
- endpointAddress = "opc.tcp://" + hostname + ":8666/UAExample";
- System.out.println(endpointAddress + " bound at " + bindAddress);
- bind(bindAddress, endpointAddress, SecurityMode.ALL);
- }
- //////////////////////////////////////
- }
- @Override
- public void onActivateSession(EndpointServiceRequest<ActivateSessionRequest, ActivateSessionResponse> msgExchange)
- throws ServiceFaultException {
- ActivateSessionResponse res = new ActivateSessionResponse();
- res.setServerNonce(CryptoUtil.createNonce(32));
- res.setResults(new StatusCode[] {StatusCode.GOOD});
- msgExchange.sendResponse(res);
- }
- @Override
- public void onCancel(EndpointServiceRequest<CancelRequest, CancelResponse> msgExchange)
- throws ServiceFaultException {
- }
- @Override
- public void onCloseSession(EndpointServiceRequest<CloseSessionRequest, CloseSessionResponse> msgExchange)
- throws ServiceFaultException {
- CloseSessionResponse res = new CloseSessionResponse();
- msgExchange.sendResponse(res);
- }
- @Override
- public void onCreateSession(EndpointServiceRequest<CreateSessionRequest, CreateSessionResponse> msgExchange)
- throws ServiceFaultException {
- CreateSessionRequest req = msgExchange.getRequest();
- CreateSessionResponse res = new CreateSessionResponse();
- byte[] token = new byte[32];
- byte[] nonce = new byte[32];
- Random r = new Random();
- r.nextBytes(nonce);
- r.nextBytes(token);
- res.setAuthenticationToken(new NodeId(0, token));
- EndpointConfiguration endpointConfiguration = EndpointConfiguration.defaults();
- res.setMaxRequestMessageSize(UnsignedInteger
- .valueOf(Math.max(endpointConfiguration.getMaxMessageSize(), req.getMaxResponseMessageSize().longValue())));
- res.setRevisedSessionTimeout(Math.max(req.getRequestedSessionTimeout(), 60 * 1000));
- KeyPair cert = getApplication().getApplicationInstanceCertificates()[0];
- res.setServerCertificate(ByteString.valueOf(cert.getCertificate().getEncoded()));
- res.setServerEndpoints(this.getEndpointDescriptions());
- res.setServerNonce(ByteString.valueOf(nonce));
- ByteString clientCertificate = req.getClientCertificate();
- ByteString clientNonce = req.getClientNonce();
- SecurityPolicy securityPolicy = msgExchange.getChannel().getSecurityPolicy();
- res.setServerSignature(
- getServerSignature(clientCertificate, clientNonce, securityPolicy, cert.getPrivateKey().getPrivateKey()));
- res.setServerSoftwareCertificates(getApplication().getSoftwareCertificates());
- res.setSessionId(new NodeId(0, "Session-" + UUID.randomUUID()));
- msgExchange.sendResponse(res);
- }
- private SignatureData getServerSignature(ByteString clientCertificate, ByteString clientNonce,
- SecurityPolicy securityPolicy, final RSAPrivateKey privateKey) throws ServiceFaultException {
- if (clientCertificate != null) {
- ByteArrayOutputStream s = new ByteArrayOutputStream();
- try {
- s.write(clientCertificate.getValue());
- } catch (IOException e) {
- throw new ServiceFaultException(ServiceFault.createServiceFault(StatusCodes.Bad_SecurityChecksFailed));
- } catch (Exception e) {
- throw new ServiceFaultException(ServiceFault.createServiceFault(StatusCodes.Bad_NonceInvalid));
- }
- try {
- s.write(clientNonce.getValue());
- } catch (IOException e) {
- throw new ServiceFaultException(ServiceFault.createServiceFault(StatusCodes.Bad_NonceInvalid));
- } catch (Exception e) {
- throw new ServiceFaultException(ServiceFault.createServiceFault(StatusCodes.Bad_NonceInvalid));
- }
- try {
- SecurityAlgorithm algorithm = securityPolicy.getAsymmetricSignatureAlgorithm();
- return new SignatureData(algorithm.getUri(),
- ByteString.valueOf(CryptoUtil.getCryptoProvider().signAsymm(privateKey, algorithm, s.toByteArray())));
- } catch (ServiceResultException e) {
- throw new ServiceFaultException(e);
- }
- }
- return null;
- }
- }
- public static void main(String[] args) throws Exception {
- CryptoUtil.setSecurityProviderName("SunJCE");
- ////////////// SERVER //////////////
- // Create UA Server Application
- // Create UA Service Server
- Application myServerApplication = new Application();
- MyServerExample myServer = new MyServerExample(myServerApplication);
- myServer.addServiceHandler(new MyNodeManagementServiceHandler());
- myServer.addServiceHandler(new MyAttributeServiceHandler());
- //////////////////////////////////////
- // Press enter to shutdown
- System.out.println("Press enter to shutdown");
- System.in.read();
- //////////////////////////////////////
- ///////////// SHUTDOWN /////////////
- // Close the server by unbinding all endpoints
- myServer.getApplication().close();
- //////////////////////////////////////
- }
- }
|