123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194 |
- /* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
- #include <stdio.h>
- #include <stdlib.h>
- #include "check.h"
- #include "ua_types.h"
- #include "ua_server.h"
- #include "ua_server_internal.h"
- #include "ua_client.h"
- #include "client/ua_client_internal.h"
- #include "ua_securitypolicies.h"
- #include "ua_config_default.h"
- #include "ua_client_highlevel.h"
- #include "ua_network_tcp.h"
- #include "testing_clock.h"
- #include "testing_networklayers.h"
- #include "thread_wrapper.h"
- #include "certificates.h"
- UA_Server *server;
- UA_ServerConfig *config;
- UA_Boolean running;
- UA_ServerNetworkLayer nl;
- THREAD_HANDLE server_thread;
- THREAD_CALLBACK(serverloop) {
- while(running)
- UA_Server_run_iterate(server, true);
- return 0;
- }
- static void setup(void) {
- running = true;
- /* Load certificate and private key */
- UA_ByteString certificate;
- certificate.length = CERT_DER_LENGTH;
- certificate.data = CERT_DER_DATA;
- UA_ByteString privateKey;
- privateKey.length = KEY_DER_LENGTH;
- privateKey.data = KEY_DER_DATA;
- /* Load the trustlist */
- size_t trustListSize = 0;
- UA_ByteString *trustList = NULL;
- /* TODO test trustList
- if(argc > 3)
- trustListSize = (size_t)argc-3;
- UA_STACKARRAY(UA_ByteString, trustList, trustListSize);
- for(size_t i = 0; i < trustListSize; i++)
- trustList[i] = loadFile(argv[i+3]);
- */
- /* Loading of a revocation list currently unsupported */
- UA_ByteString *revocationList = NULL;
- size_t revocationListSize = 0;
- config = UA_ServerConfig_new_basic128rsa15(4840, &certificate, &privateKey,
- trustList, trustListSize,
- revocationList, revocationListSize);
- for(size_t i = 0; i < trustListSize; i++)
- UA_ByteString_deleteMembers(&trustList[i]);
- server = UA_Server_new(config);
- UA_Server_run_startup(server);
- THREAD_CREATE(server_thread, serverloop);
- }
- static void teardown(void) {
- running = false;
- THREAD_JOIN(server_thread);
- UA_Server_run_shutdown(server);
- UA_Server_delete(server);
- UA_ServerConfig_delete(config);
- }
- START_TEST(encryption_connect) {
- UA_Client *client = NULL;
- UA_EndpointDescription* endpointArray = NULL;
- size_t endpointArraySize = 0;
- UA_ByteString *trustList = NULL;
- size_t trustListSize = 0;
- /* UA_ByteString *revocationList = NULL; */
- /* size_t revocationListSize = 0; */
- UA_ByteString *remoteCertificate = NULL;
- /* Load certificate and private key */
- UA_ByteString certificate;
- certificate.length = CERT_DER_LENGTH;
- certificate.data = CERT_DER_DATA;
- ck_assert_int_ne(certificate.length, 0);
- UA_ByteString privateKey;
- privateKey.length = KEY_DER_LENGTH;
- privateKey.data = KEY_DER_DATA;
- ck_assert_int_ne(privateKey.length, 0);
- /* The Get endpoint (discovery service) is done with
- * security mode as none to see the server's capability
- * and certificate */
- client = UA_Client_new();
- UA_ClientConfig_setDefault(UA_Client_getConfig(client));
- ck_assert_msg(client != NULL);
- remoteCertificate = UA_ByteString_new();
- UA_StatusCode retval = UA_Client_getEndpoints(client, "opc.tcp://localhost:4840",
- &endpointArraySize, &endpointArray);
- ck_assert_uint_eq(retval, UA_STATUSCODE_GOOD);
- for(size_t endPointCount = 0; endPointCount < endpointArraySize; endPointCount++) {
- if(endpointArray[endPointCount].securityMode == UA_MESSAGESECURITYMODE_SIGNANDENCRYPT)
- UA_ByteString_copy(&endpointArray[endPointCount].serverCertificate, remoteCertificate);
- }
- if(UA_ByteString_equal(remoteCertificate, &UA_BYTESTRING_NULL)) {
- ck_abort_msg("Server does not support Security Mode of UA_MESSAGESECURITYMODE_SIGNANDENCRYPT");
- }
- UA_Array_delete(endpointArray, endpointArraySize,
- &UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
- /* TODO test trustList Load revocationList is not supported now
- if(argc > MIN_ARGS) {
- trustListSize = (size_t)argc-MIN_ARGS;
- retval = UA_ByteString_allocBuffer(trustList, trustListSize);
- if(retval != UA_STATUSCODE_GOOD) {
- cleanupClient(client, remoteCertificate);
- return (int)retval;
- }
- for(size_t trustListCount = 0; trustListCount < trustListSize; trustListCount++) {
- trustList[trustListCount] = loadFile(argv[trustListCount+3]);
- }
- }
- */
- UA_Client_delete(client);
- /* Secure client initialization */
- client = UA_Client_new();
- /* UA_ClientConfig *cc = UA_Client_getConfig(client); */
- /* UA_ClientConfig_setDefaultEncryption(cc, certificate, privateKey, */
- /* trustList, trustListSize, */
- /* revocationList, revocationListSize); */
- ck_assert_msg(client != NULL);
- for(size_t deleteCount = 0; deleteCount < trustListSize; deleteCount++) {
- UA_ByteString_deleteMembers(&trustList[deleteCount]);
- }
- /* Secure client connect */
- retval = UA_Client_connect(client, "opc.tcp://localhost:4840");
- ck_assert_uint_eq(retval, UA_STATUSCODE_GOOD);
- UA_Variant val;
- UA_Variant_init(&val);
- UA_NodeId nodeId = UA_NODEID_NUMERIC(0, UA_NS0ID_SERVER_SERVERSTATUS_STATE);
- retval = UA_Client_readValueAttribute(client, nodeId, &val);
- ck_assert_uint_eq(retval, UA_STATUSCODE_GOOD);
- UA_Variant_deleteMembers(&val);
- UA_ByteString_delete(remoteCertificate);
- UA_Client_disconnect(client);
- UA_Client_delete(client);
- }
- END_TEST
- static Suite* testSuite_encryption(void) {
- Suite *s = suite_create("Encryption");
- TCase *tc_encryption = tcase_create("Encryption basic128rsa15");
- tcase_add_checked_fixture(tc_encryption, setup, teardown);
- #ifdef UA_ENABLE_ENCRYPTION
- tcase_add_test(tc_encryption, encryption_connect);
- #endif /* UA_ENABLE_ENCRYPTION */
- suite_add_tcase(s,tc_encryption);
- return s;
- }
- int main(void) {
- Suite *s = testSuite_encryption();
- SRunner *sr = srunner_create(s);
- srunner_set_fork_status(sr, CK_NOFORK);
- srunner_run_all(sr,CK_NORMAL);
- int number_failed = srunner_ntests_failed(sr);
- srunner_free(sr);
- return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
- }
|