diff options
| author | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-18 15:39:29 +0100 |
|---|---|---|
| committer | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-18 15:39:29 +0100 |
| commit | 99b5b4416193fafaa815746ea756900d2ab26917 (patch) | |
| tree | 7d1ab48fcc2e8406df8d2606b691ee9e6911dcd0 /tests/secure_anonymous | |
| parent | 12989671c9f43707701a8cef8e77e34b1bf24a37 (diff) | |
| download | BobinkCOpcUa-99b5b4416193fafaa815746ea756900d2ab26917.tar.gz BobinkCOpcUa-99b5b4416193fafaa815746ea756900d2ab26917.zip | |
Make client/server encryption optional, rename tests to full names
Make encryption optional for both ServerRegister's LDS client
connection and the server side of ServerLDS/ServerRegister: when
certificate, privateKey, and trustStore are omitted the programs
run with SecurityPolicy#None only. Secure servers also add a
discovery-only None endpoint so unencrypted clients can still call
FindServers and GetEndpoints.
Consolidate tests from 5 policy-specific cases (nosec_anon,
none_user, basic256sha256_anon, aes256_anon, aes128_user) down to
3 that cover the important axes: unsecure_anonymous,
secure_anonymous, secure_user. Rename directories to use full
names. Auto-generate certificates and trust stores in run_test.sh.
Update readme and CLAUDE.md to reflect the current program
interface (unified Client binary, split ServerRegister configs)
and the new test names.
Diffstat (limited to 'tests/secure_anonymous')
| -rw-r--r-- | tests/secure_anonymous/client.conf | 12 | ||||
| -rw-r--r-- | tests/secure_anonymous/server_lds.conf | 13 | ||||
| -rw-r--r-- | tests/secure_anonymous/server_register.conf | 12 | ||||
| -rw-r--r-- | tests/secure_anonymous/server_register_client.conf | 13 |
4 files changed, 50 insertions, 0 deletions
diff --git a/tests/secure_anonymous/client.conf b/tests/secure_anonymous/client.conf new file mode 100644 index 0000000..755edec --- /dev/null +++ b/tests/secure_anonymous/client.conf @@ -0,0 +1,12 @@ +# Client — test: secure_anonymous + +applicationUri = urn:localhost:bobink:Client + +certificate = certs/Client_cert.der +privateKey = certs/Client_key.der +trustStore = certs/trust/client + +securityMode = SignAndEncrypt +securityPolicy = Basic256Sha256 + +authMode = anonymous diff --git a/tests/secure_anonymous/server_lds.conf b/tests/secure_anonymous/server_lds.conf new file mode 100644 index 0000000..f92b803 --- /dev/null +++ b/tests/secure_anonymous/server_lds.conf @@ -0,0 +1,13 @@ +# ServerLDS — test: secure_anonymous +# Secured LDS with discovery-only None endpoint. + +port = 14840 +applicationUri = urn:localhost:bobink:ServerLDS + +certificate = certs/ServerLDS_cert.der +privateKey = certs/ServerLDS_key.der +trustStore = certs/trust/server_lds + +authMode = anonymous + +cleanupTimeout = 60 diff --git a/tests/secure_anonymous/server_register.conf b/tests/secure_anonymous/server_register.conf new file mode 100644 index 0000000..31df277 --- /dev/null +++ b/tests/secure_anonymous/server_register.conf @@ -0,0 +1,12 @@ +# ServerRegister server config — test: secure_anonymous + +port = 14841 +applicationUri = urn:localhost:bobink:ServerRegister + +certificate = certs/ServerRegister_cert.der +privateKey = certs/ServerRegister_key.der +trustStore = certs/trust/server_register + +authMode = anonymous + +registerInterval = 10 diff --git a/tests/secure_anonymous/server_register_client.conf b/tests/secure_anonymous/server_register_client.conf new file mode 100644 index 0000000..a9c3419 --- /dev/null +++ b/tests/secure_anonymous/server_register_client.conf @@ -0,0 +1,13 @@ +# ServerRegister client config — test: secure_anonymous +# Registers with the secured LDS over an encrypted channel. + +applicationUri = urn:localhost:bobink:ServerRegister + +certificate = certs/ServerRegisterClient_cert.der +privateKey = certs/ServerRegisterClient_key.der +trustStore = certs/trust/server_register_client + +securityMode = SignAndEncrypt +securityPolicy = Basic256Sha256 + +authMode = anonymous |