client_basic256sha256.c 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160
  1. /* This work is licensed under a Creative Commons CCZero 1.0 Universal License.
  2. * See http://creativecommons.org/publicdomain/zero/1.0/ for more information. */
  3. #include <stdio.h>
  4. #include <errno.h>
  5. #include "open62541.h"
  6. #include "common.h"
  7. #define MIN_ARGS 3
  8. #define FAILURE 1
  9. #define CONNECTION_STRING "opc.tcp://localhost:4840"
  10. /* cleanupClient deletes the memory allocated for client configuration.
  11. *
  12. * @param client client configuration that need to be deleted
  13. * @param remoteCertificate server certificate */
  14. static void cleanupClient(UA_Client* client, UA_ByteString* remoteCertificate) {
  15. UA_ByteString_delete(remoteCertificate); /* Dereference the memory */
  16. UA_Client_delete(client); /* Disconnects the client internally */
  17. }
  18. /* main function for secure client implementation.
  19. *
  20. * @param argc count of command line variable provided
  21. * @param argv[] array of strings include certificate, private key,
  22. * trust list and revocation list
  23. * @return Return an integer representing success or failure of application */
  24. int main(int argc, char* argv[]) {
  25. UA_Client* client = NULL;
  26. UA_ByteString* remoteCertificate = NULL;
  27. UA_StatusCode retval = UA_STATUSCODE_GOOD;
  28. UA_ByteString* trustList = NULL;
  29. size_t trustListSize = 0;
  30. UA_ByteString* revocationList = NULL;
  31. size_t revocationListSize = 0;
  32. /* endpointArray is used to hold the available endpoints in the server
  33. * endpointArraySize is used to hold the number of endpoints available */
  34. UA_EndpointDescription* endpointArray = NULL;
  35. size_t endpointArraySize = 0;
  36. if(argc < MIN_ARGS) {
  37. UA_LOG_FATAL(UA_Log_Stdout, UA_LOGCATEGORY_USERLAND,
  38. "The Certificate and key is missing."
  39. "The required arguments are "
  40. "<client-certificate.der> <client-private-key.der> "
  41. "[<trustlist1.crl>, ...]");
  42. return FAILURE;
  43. }
  44. /* Load certificate and private key */
  45. UA_ByteString certificate = loadFile(argv[1]);
  46. UA_ByteString privateKey = loadFile(argv[2]);
  47. /* The Get endpoint (discovery service) is done with
  48. * security mode as none to see the server's capability
  49. * and certificate */
  50. client = UA_Client_new(UA_ClientConfig_default);
  51. remoteCertificate = UA_ByteString_new();
  52. retval = UA_Client_getEndpoints(client, CONNECTION_STRING,
  53. &endpointArraySize, &endpointArray);
  54. if(retval != UA_STATUSCODE_GOOD) {
  55. UA_Array_delete(endpointArray, endpointArraySize,
  56. &UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
  57. cleanupClient(client, remoteCertificate);
  58. return (int)retval;
  59. }
  60. UA_String securityPolicyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256");
  61. printf("%i endpoints found\n", (int)endpointArraySize);
  62. for(size_t endPointCount = 0; endPointCount < endpointArraySize; endPointCount++) {
  63. printf("URL of endpoint %i is %.*s / %.*s\n", (int)endPointCount,
  64. (int)endpointArray[endPointCount].endpointUrl.length,
  65. endpointArray[endPointCount].endpointUrl.data,
  66. (int)endpointArray[endPointCount].securityPolicyUri.length,
  67. endpointArray[endPointCount].securityPolicyUri.data);
  68. if(endpointArray[endPointCount].securityMode != UA_MESSAGESECURITYMODE_SIGNANDENCRYPT)
  69. continue;
  70. if(UA_String_equal(&endpointArray[endPointCount].securityPolicyUri, &securityPolicyUri)) {
  71. UA_ByteString_copy(&endpointArray[endPointCount].serverCertificate, remoteCertificate);
  72. break;
  73. }
  74. }
  75. if(UA_ByteString_equal(remoteCertificate, &UA_BYTESTRING_NULL)) {
  76. UA_LOG_FATAL(UA_Log_Stdout, UA_LOGCATEGORY_USERLAND,
  77. "Server does not support Security Basic256Sha256 Mode of"
  78. " UA_MESSAGESECURITYMODE_SIGNANDENCRYPT");
  79. cleanupClient(client, remoteCertificate);
  80. return FAILURE;
  81. }
  82. UA_Array_delete(endpointArray, endpointArraySize,
  83. &UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
  84. UA_Client_delete(client); /* Disconnects the client internally */
  85. /* Load the trustList. Load revocationList is not supported now */
  86. if(argc > MIN_ARGS) {
  87. trustListSize = (size_t)argc-MIN_ARGS;
  88. retval = UA_ByteString_allocBuffer(trustList, trustListSize);
  89. if(retval != UA_STATUSCODE_GOOD) {
  90. cleanupClient(client, remoteCertificate);
  91. return (int)retval;
  92. }
  93. for(size_t trustListCount = 0; trustListCount < trustListSize; trustListCount++) {
  94. trustList[trustListCount] = loadFile(argv[trustListCount+3]);
  95. }
  96. }
  97. /* Secure client initialization */
  98. client = UA_Client_secure_new(UA_ClientConfig_default,
  99. certificate, privateKey,
  100. remoteCertificate,
  101. trustList, trustListSize,
  102. revocationList, revocationListSize,
  103. UA_SecurityPolicy_Basic256Sha256);
  104. if(client == NULL) {
  105. UA_ByteString_delete(remoteCertificate); /* Dereference the memory */
  106. return FAILURE;
  107. }
  108. UA_ByteString_deleteMembers(&certificate);
  109. UA_ByteString_deleteMembers(&privateKey);
  110. for(size_t deleteCount = 0; deleteCount < trustListSize; deleteCount++) {
  111. UA_ByteString_deleteMembers(&trustList[deleteCount]);
  112. }
  113. /* Secure client connect */
  114. retval = UA_Client_connect(client, CONNECTION_STRING);
  115. if(retval != UA_STATUSCODE_GOOD) {
  116. cleanupClient(client, remoteCertificate);
  117. return (int)retval;
  118. }
  119. UA_Variant value;
  120. UA_Variant_init(&value);
  121. /* NodeId of the variable holding the current time */
  122. const UA_NodeId nodeId = UA_NODEID_NUMERIC(0, UA_NS0ID_SERVER_SERVERSTATUS_CURRENTTIME);
  123. retval = UA_Client_readValueAttribute(client, nodeId, &value);
  124. if(retval == UA_STATUSCODE_GOOD &&
  125. UA_Variant_hasScalarType(&value, &UA_TYPES[UA_TYPES_DATETIME])) {
  126. UA_DateTime raw_date = *(UA_DateTime *) value.data;
  127. UA_DateTimeStruct dts = UA_DateTime_toStruct(raw_date);
  128. UA_LOG_INFO(UA_Log_Stdout, UA_LOGCATEGORY_USERLAND, "date is: %u-%u-%u %u:%u:%u.%03u\n",
  129. dts.day, dts.month, dts.year, dts.hour, dts.min, dts.sec, dts.milliSec);
  130. }
  131. /* Clean up */
  132. UA_Variant_deleteMembers(&value);
  133. cleanupClient(client, remoteCertificate);
  134. return (int)retval;
  135. }