123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157 |
- /* This work is licensed under a Creative Commons CCZero 1.0 Universal License.
- * See http://creativecommons.org/publicdomain/zero/1.0/ for more information. */
- #include <ua_server.h>
- #include <ua_config_default.h>
- #include <ua_log_stdout.h>
- #include <ua_securitypolicies.h>
- #include <ua_client_highlevel.h>
- #include "common.h"
- #include <signal.h>
- #define MIN_ARGS 3
- #define FAILURE 1
- #define CONNECTION_STRING "opc.tcp://localhost:4840"
- /* cleanupClient deletes the memory allocated for client configuration.
- *
- * @param client client configuration that need to be deleted
- * @param remoteCertificate server certificate */
- static void cleanupClient(UA_Client* client, UA_ByteString* remoteCertificate) {
- UA_ByteString_delete(remoteCertificate); /* Dereference the memory */
- UA_Client_delete(client); /* Disconnects the client internally */
- }
- /* main function for secure client implementation.
- *
- * @param argc count of command line variable provided
- * @param argv[] array of strings include certificate, private key,
- * trust list and revocation list
- * @return Return an integer representing success or failure of application */
- int main(int argc, char* argv[]) {
- UA_Client* client = NULL;
- UA_ByteString* remoteCertificate = NULL;
- UA_StatusCode retval = UA_STATUSCODE_GOOD;
- size_t trustListSize = 0;
- UA_ByteString* revocationList = NULL;
- size_t revocationListSize = 0;
- /* endpointArray is used to hold the available endpoints in the server
- * endpointArraySize is used to hold the number of endpoints available */
- UA_EndpointDescription* endpointArray = NULL;
- size_t endpointArraySize = 0;
- if(argc < MIN_ARGS) {
- UA_LOG_FATAL(UA_Log_Stdout, UA_LOGCATEGORY_USERLAND,
- "The Certificate and key is missing."
- "The required arguments are "
- "<client-certificate.der> <client-private-key.der> "
- "[<trustlist1.crl>, ...]");
- return FAILURE;
- }
- /* Load certificate and private key */
- UA_ByteString certificate = loadFile(argv[1]);
- UA_ByteString privateKey = loadFile(argv[2]);
- /* The Get endpoint (discovery service) is done with
- * security mode as none to see the server's capability
- * and certificate */
- client = UA_Client_new(UA_ClientConfig_default);
- remoteCertificate = UA_ByteString_new();
- retval = UA_Client_getEndpoints(client, CONNECTION_STRING,
- &endpointArraySize, &endpointArray);
- if(retval != UA_STATUSCODE_GOOD) {
- UA_Array_delete(endpointArray, endpointArraySize,
- &UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
- cleanupClient(client, remoteCertificate);
- return (int)retval;
- }
- UA_String securityPolicyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256");
- printf("%i endpoints found\n", (int)endpointArraySize);
- for(size_t endPointCount = 0; endPointCount < endpointArraySize; endPointCount++) {
- printf("URL of endpoint %i is %.*s / %.*s\n", (int)endPointCount,
- (int)endpointArray[endPointCount].endpointUrl.length,
- endpointArray[endPointCount].endpointUrl.data,
- (int)endpointArray[endPointCount].securityPolicyUri.length,
- endpointArray[endPointCount].securityPolicyUri.data);
- if(endpointArray[endPointCount].securityMode != UA_MESSAGESECURITYMODE_SIGNANDENCRYPT)
- continue;
- if(UA_String_equal(&endpointArray[endPointCount].securityPolicyUri, &securityPolicyUri)) {
- UA_ByteString_copy(&endpointArray[endPointCount].serverCertificate, remoteCertificate);
- break;
- }
- }
- if(UA_ByteString_equal(remoteCertificate, &UA_BYTESTRING_NULL)) {
- UA_LOG_FATAL(UA_Log_Stdout, UA_LOGCATEGORY_USERLAND,
- "Server does not support Security Basic256Sha256 Mode of"
- " UA_MESSAGESECURITYMODE_SIGNANDENCRYPT");
- cleanupClient(client, remoteCertificate);
- return FAILURE;
- }
- UA_Array_delete(endpointArray, endpointArraySize,
- &UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
- UA_Client_delete(client); /* Disconnects the client internally */
- /* Load the trustList. Load revocationList is not supported now */
- if(argc > MIN_ARGS)
- trustListSize = (size_t)argc-MIN_ARGS;
- UA_STACKARRAY(UA_ByteString, trustList, trustListSize);
- for(size_t trustListCount = 0; trustListCount < trustListSize; trustListCount++) {
- trustList[trustListCount] = loadFile(argv[trustListCount+3]);
- }
- /* Secure client initialization */
- client = UA_Client_secure_new(UA_ClientConfig_default,
- certificate, privateKey,
- remoteCertificate,
- trustList, trustListSize,
- revocationList, revocationListSize,
- UA_SecurityPolicy_Basic256Sha256);
- if(client == NULL) {
- UA_ByteString_delete(remoteCertificate); /* Dereference the memory */
- return FAILURE;
- }
- UA_ByteString_clear(&certificate);
- UA_ByteString_clear(&privateKey);
- for(size_t deleteCount = 0; deleteCount < trustListSize; deleteCount++) {
- UA_ByteString_clear(&trustList[deleteCount]);
- }
- /* Secure client connect */
- retval = UA_Client_connect(client, CONNECTION_STRING);
- if(retval != UA_STATUSCODE_GOOD) {
- cleanupClient(client, remoteCertificate);
- return (int)retval;
- }
- UA_Variant value;
- UA_Variant_init(&value);
- /* NodeId of the variable holding the current time */
- const UA_NodeId nodeId = UA_NODEID_NUMERIC(0, UA_NS0ID_SERVER_SERVERSTATUS_CURRENTTIME);
- retval = UA_Client_readValueAttribute(client, nodeId, &value);
- if(retval == UA_STATUSCODE_GOOD &&
- UA_Variant_hasScalarType(&value, &UA_TYPES[UA_TYPES_DATETIME])) {
- UA_DateTime raw_date = *(UA_DateTime *) value.data;
- UA_DateTimeStruct dts = UA_DateTime_toStruct(raw_date);
- UA_LOG_INFO(UA_Log_Stdout, UA_LOGCATEGORY_USERLAND, "date is: %u-%u-%u %u:%u:%u.%03u\n",
- dts.day, dts.month, dts.year, dts.hour, dts.min, dts.sec, dts.milliSec);
- }
- /* Clean up */
- UA_Variant_clear(&value);
- cleanupClient(client, remoteCertificate);
- return (int)retval;
- }
|