check_encryption_basic256sha256.c 6.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
  4. #include <stdio.h>
  5. #include <stdlib.h>
  6. #include "ua_types.h"
  7. #include "ua_server.h"
  8. #include "ua_server_internal.h"
  9. #include "ua_client.h"
  10. #include "client/ua_client_internal.h"
  11. #include "ua_securitypolicy_basic256sha256.h"
  12. #include "ua_config_default.h"
  13. #include "ua_client_highlevel.h"
  14. #include "ua_network_tcp.h"
  15. #include "testing_clock.h"
  16. #include "testing_networklayers.h"
  17. #include "check.h"
  18. #include "thread_wrapper.h"
  19. #include "certificates.h"
  20. UA_Server *server;
  21. UA_ServerConfig *config;
  22. UA_Boolean *running;
  23. UA_ServerNetworkLayer nl;
  24. THREAD_HANDLE server_thread;
  25. THREAD_CALLBACK(serverloop) {
  26. while(*running)
  27. UA_Server_run_iterate(server, true);
  28. return 0;
  29. }
  30. static void setup(void) {
  31. running = UA_Boolean_new();
  32. *running = true;
  33. /* Load certificate and private key */
  34. UA_ByteString certificate;
  35. certificate.length = CERT_DER_LENGTH;
  36. certificate.data = CERT_DER_DATA;
  37. UA_ByteString privateKey;
  38. privateKey.length = KEY_DER_LENGTH;
  39. privateKey.data = KEY_DER_DATA;
  40. /* Load the trustlist */
  41. size_t trustListSize = 0;
  42. UA_ByteString *trustList = NULL;
  43. /* TODO test trustList
  44. if(argc > 3)
  45. trustListSize = (size_t)argc-3;
  46. UA_STACKARRAY(UA_ByteString, trustList, trustListSize);
  47. for(size_t i = 0; i < trustListSize; i++)
  48. trustList[i] = loadFile(argv[i+3]);
  49. */
  50. /* Loading of a revocation list currently unsupported */
  51. UA_ByteString *revocationList = NULL;
  52. size_t revocationListSize = 0;
  53. config = UA_ServerConfig_new_basic256sha256(4840, &certificate, &privateKey,
  54. trustList, trustListSize,
  55. revocationList, revocationListSize);
  56. for(size_t i = 0; i < trustListSize; i++)
  57. UA_ByteString_deleteMembers(&trustList[i]);
  58. server = UA_Server_new(config);
  59. UA_Server_run_startup(server);
  60. THREAD_CREATE(server_thread, serverloop);
  61. }
  62. static void teardown(void) {
  63. *running = false;
  64. THREAD_JOIN(server_thread);
  65. UA_Server_run_shutdown(server);
  66. UA_Boolean_delete(running);
  67. UA_Server_delete(server);
  68. UA_ServerConfig_delete(config);
  69. }
  70. START_TEST(encryption_connect) {
  71. UA_Client *client = NULL;
  72. UA_EndpointDescription* endpointArray = NULL;
  73. size_t endpointArraySize = 0;
  74. UA_ByteString *trustList = NULL;
  75. size_t trustListSize = 0;
  76. UA_ByteString *revocationList = NULL;
  77. size_t revocationListSize = 0;
  78. UA_ByteString *remoteCertificate = NULL;
  79. /* Load certificate and private key */
  80. UA_ByteString certificate;
  81. certificate.length = CERT_DER_LENGTH;
  82. certificate.data = CERT_DER_DATA;
  83. ck_assert_int_ne(certificate.length, 0);
  84. UA_ByteString privateKey;
  85. privateKey.length = KEY_DER_LENGTH;
  86. privateKey.data = KEY_DER_DATA;
  87. ck_assert_int_ne(privateKey.length, 0);
  88. /* The Get endpoint (discovery service) is done with
  89. * security mode as none to see the server's capability
  90. * and certificate */
  91. client = UA_Client_new(UA_ClientConfig_default);
  92. ck_assert_msg(client != NULL);
  93. remoteCertificate = UA_ByteString_new();
  94. UA_StatusCode retval = UA_Client_getEndpoints(client, "opc.tcp://localhost:4840",
  95. &endpointArraySize, &endpointArray);
  96. ck_assert_uint_eq(retval, UA_STATUSCODE_GOOD);
  97. for(size_t endPointCount = 0; endPointCount < endpointArraySize; endPointCount++) {
  98. if(endpointArray[endPointCount].securityMode == UA_MESSAGESECURITYMODE_SIGNANDENCRYPT)
  99. UA_ByteString_copy(&endpointArray[endPointCount].serverCertificate, remoteCertificate);
  100. }
  101. if(UA_ByteString_equal(remoteCertificate, &UA_BYTESTRING_NULL)) {
  102. ck_abort_msg("Server does not support Security Mode of UA_MESSAGESECURITYMODE_SIGNANDENCRYPT");
  103. }
  104. UA_Array_delete(endpointArray, endpointArraySize,
  105. &UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
  106. /* TODO test trustList Load revocationList is not supported now
  107. if(argc > MIN_ARGS) {
  108. trustListSize = (size_t)argc-MIN_ARGS;
  109. retval = UA_ByteString_allocBuffer(trustList, trustListSize);
  110. if(retval != UA_STATUSCODE_GOOD) {
  111. cleanupClient(client, remoteCertificate);
  112. return (int)retval;
  113. }
  114. for(size_t trustListCount = 0; trustListCount < trustListSize; trustListCount++) {
  115. trustList[trustListCount] = loadFile(argv[trustListCount+3]);
  116. }
  117. }
  118. */
  119. UA_Client_delete(client);
  120. /* Secure client initialization */
  121. client = UA_Client_secure_new(UA_ClientConfig_default,
  122. certificate, privateKey,
  123. remoteCertificate,
  124. trustList, trustListSize,
  125. revocationList, revocationListSize,
  126. UA_SecurityPolicy_Basic256Sha256);
  127. ck_assert_msg(client != NULL);
  128. for(size_t deleteCount = 0; deleteCount < trustListSize; deleteCount++) {
  129. UA_ByteString_deleteMembers(&trustList[deleteCount]);
  130. }
  131. /* Secure client connect */
  132. retval = UA_Client_connect(client, "opc.tcp://localhost:4840");
  133. ck_assert_uint_eq(retval, UA_STATUSCODE_GOOD);
  134. UA_Variant val;
  135. UA_Variant_init(&val);
  136. UA_NodeId nodeId = UA_NODEID_NUMERIC(0, UA_NS0ID_SERVER_SERVERSTATUS_STATE);
  137. retval = UA_Client_readValueAttribute(client, nodeId, &val);
  138. ck_assert_uint_eq(retval, UA_STATUSCODE_GOOD);
  139. UA_Variant_deleteMembers(&val);
  140. UA_ByteString_delete(remoteCertificate);
  141. UA_Client_disconnect(client);
  142. UA_Client_delete(client);
  143. }
  144. END_TEST
  145. static Suite* testSuite_encryption(void) {
  146. Suite *s = suite_create("Encryption");
  147. TCase *tc_encryption = tcase_create("Encryption basic256sha256");
  148. tcase_add_checked_fixture(tc_encryption, setup, teardown);
  149. #ifdef UA_ENABLE_ENCRYPTION
  150. tcase_add_test(tc_encryption, encryption_connect);
  151. #endif /* UA_ENABLE_ENCRYPTION */
  152. suite_add_tcase(s,tc_encryption);
  153. return s;
  154. }
  155. int main(void) {
  156. Suite *s = testSuite_encryption();
  157. SRunner *sr = srunner_create(s);
  158. srunner_set_fork_status(sr, CK_NOFORK);
  159. srunner_run_all(sr,CK_NORMAL);
  160. int number_failed = srunner_ntests_failed(sr);
  161. srunner_free(sr);
  162. return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
  163. }