aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CMakeLists.txt3
-rw-r--r--config/client.conf26
-rw-r--r--config/server_lds.conf25
-rw-r--r--config/server_register.conf25
-rw-r--r--config/server_register_client.conf27
-rw-r--r--readme.md26
-rw-r--r--tests/secure_anonymous/client.conf2
-rw-r--r--tests/secure_anonymous/server_register_client.conf2
-rw-r--r--tests/secure_cert/client.conf2
-rw-r--r--tests/secure_cert/server_register_client.conf2
-rw-r--r--tests/secure_user/client.conf2
-rw-r--r--tests/secure_user/server_register_client.conf2
12 files changed, 22 insertions, 122 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index b5da8b8..78b8711 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -69,7 +69,8 @@ set(_test_script "${CMAKE_SOURCE_DIR}/tests/run_test.sh")
set(_test_names unsecure_anonymous secure_anonymous secure_user secure_cert)
-set(_test_policies None Basic256Sha256 Basic256Sha256 Basic256Sha256)
+set(_test_policies None Aes256_Sha256_RsaPss Aes256_Sha256_RsaPss
+ Aes256_Sha256_RsaPss)
foreach(_name _policy IN ZIP_LISTS _test_names _test_policies)
add_test(NAME "${_name}" COMMAND bash "${_test_script}" "tests/${_name}"
diff --git a/config/client.conf b/config/client.conf
deleted file mode 100644
index 348bd6b..0000000
--- a/config/client.conf
+++ /dev/null
@@ -1,26 +0,0 @@
-# Client configuration
-#
-# Keys:
-# applicationUri OPC UA application URI
-# certificate Path to client certificate (.der)
-# privateKey Path to client private key (.der)
-# trustStore Directory containing trusted certificates (.der)
-# securityMode None, Sign, or SignAndEncrypt
-# securityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss,
-# Aes128_Sha256_RsaOaep, or ECC_nistP256
-# authMode "anonymous" or "user" (read-time only)
-# username Username (required when authMode = user)
-# password Password (required when authMode = user)
-
-applicationUri = urn:localhost:bobink:Client
-
-certificate = certs/Client_cert.der
-privateKey = certs/Client_key.der
-trustStore = certs/trust/client
-
-securityMode = SignAndEncrypt
-securityPolicy = Aes256_Sha256_RsaPss
-
-authMode = user
-username = user
-password = password
diff --git a/config/server_lds.conf b/config/server_lds.conf
deleted file mode 100644
index 54e0457..0000000
--- a/config/server_lds.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# ServerLDS configuration
-#
-# Keys:
-# port Server port number
-# applicationUri OPC UA application URI
-# certificate Path to server certificate (.der)
-# privateKey Path to server private key (.der)
-# trustStore Directory containing trusted certificates (.der)
-# authMode "anonymous" or "user"
-# username Username (required when authMode = user)
-# password Password (required when authMode = user)
-# cleanupTimeout Seconds before stale registrations are removed (must be > 10)
-
-port = 4840
-applicationUri = urn:localhost:bobink:ServerLDS
-
-certificate = certs/ServerLDS_cert.der
-privateKey = certs/ServerLDS_key.der
-trustStore = certs/trust/server_lds
-
-authMode = user
-username = user
-password = password
-
-cleanupTimeout = 60
diff --git a/config/server_register.conf b/config/server_register.conf
deleted file mode 100644
index b3f9290..0000000
--- a/config/server_register.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# ServerRegister — server configuration
-#
-# Keys:
-# port Server port number
-# applicationUri OPC UA application URI
-# certificate Path to server certificate (.der)
-# privateKey Path to server private key (.der)
-# trustStore Directory containing trusted certificates (.der)
-# authMode "anonymous" or "user"
-# username Username (required when authMode = user)
-# password Password (required when authMode = user)
-# registerInterval Seconds between re-registrations with the LDS
-
-port = 4841
-applicationUri = urn:localhost:bobink:ServerRegister
-
-certificate = certs/ServerRegister_cert.der
-privateKey = certs/ServerRegister_key.der
-trustStore = certs/trust/server_register
-
-authMode = user
-username = user
-password = password
-
-registerInterval = 10
diff --git a/config/server_register_client.conf b/config/server_register_client.conf
deleted file mode 100644
index f0cc0b8..0000000
--- a/config/server_register_client.conf
+++ /dev/null
@@ -1,27 +0,0 @@
-# ServerRegister — client configuration for LDS registration
-#
-# Keys:
-# applicationUri OPC UA application URI
-# certificate Path to client certificate (.der)
-# privateKey Path to client private key (.der)
-# trustStore Directory containing trusted certificates (.der)
-# securityMode None, Sign, or SignAndEncrypt
-# securityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss,
-# Aes128_Sha256_RsaOaep, or ECC_nistP256
-# authMode "anonymous" or "user"
-# username Username (required when authMode = user)
-# password Password (required when authMode = user)
-
-
-applicationUri = urn:localhost:bobink:ServerRegister
-
-certificate = certs/ServerRegisterClient_cert.der
-privateKey = certs/ServerRegisterClient_key.der
-trustStore = certs/trust/server_register_client
-
-securityMode = SignAndEncrypt
-securityPolicy = Aes256_Sha256_RsaPss
-
-authMode = user
-username = user
-password = password
diff --git a/readme.md b/readme.md
index dcdf8a1..f6a7916 100644
--- a/readme.md
+++ b/readme.md
@@ -82,24 +82,26 @@ build takes a bit longer.
## Running
-Start the programs in order, each in its own terminal, from the project root:
+Start the programs in order, each in its own terminal, from the project root.
+Configuration files live in `tests/` (one directory per test scenario — see
+[Tests](#tests) below). The examples below use `tests/secure_user/`:
```sh
# 1. Local Discovery Server
-build/ServerLDS config/server_lds.conf
+build/ServerLDS tests/secure_user/server_lds.conf
-# 2. Register Server (connects to the LDS on port 4840)
-build/ServerRegister config/server_register.conf \
- config/server_register_client.conf opc.tcp://localhost:4840
+# 2. Register Server (connects to the LDS on port 14840)
+build/ServerRegister tests/secure_user/server_register.conf \
+ tests/secure_user/server_register_client.conf opc.tcp://localhost:14840
# 3. Find registered servers via the LDS
-build/Client config/client.conf find-servers opc.tcp://localhost:4840
+build/Client tests/secure_user/client.conf find-servers opc.tcp://localhost:14840
# 4. List endpoints on the registered server
-build/Client config/client.conf get-endpoints opc.tcp://localhost:4841
+build/Client tests/secure_user/client.conf get-endpoints opc.tcp://localhost:14841
# 5. Read the current time from the registered server
-build/Client config/client.conf read-time opc.tcp://localhost:4841
+build/Client tests/secure_user/client.conf read-time opc.tcp://localhost:14841
```
All three programs accept an optional log level as the last argument
@@ -112,9 +114,9 @@ Integration tests exercise four combinations of security and authentication:
| Test | Security | Auth |
|------|----------|------|
| `unsecure_anonymous` | None / None | anonymous |
-| `secure_anonymous` | SignAndEncrypt / Basic256Sha256 | anonymous |
-| `secure_user` | SignAndEncrypt / Basic256Sha256 | user/password |
-| `secure_cert` | SignAndEncrypt / Basic256Sha256 | X509 certificate |
+| `secure_anonymous` | SignAndEncrypt / Aes256_Sha256_RsaPss | anonymous |
+| `secure_user` | SignAndEncrypt / Aes256_Sha256_RsaPss | user/password |
+| `secure_cert` | SignAndEncrypt / Aes256_Sha256_RsaPss | X509 certificate |
Run all tests:
@@ -143,7 +145,7 @@ cmake --build build --parallel
## Configuration
Programs are configured through plain text files (`key = value`, one per line).
-Example configs are in `config/`.
+See the `tests/` directories for working examples.
Three authentication modes are supported via the `authMode` key:
diff --git a/tests/secure_anonymous/client.conf b/tests/secure_anonymous/client.conf
index 755edec..2a059fa 100644
--- a/tests/secure_anonymous/client.conf
+++ b/tests/secure_anonymous/client.conf
@@ -7,6 +7,6 @@ privateKey = certs/Client_key.der
trustStore = certs/trust/client
securityMode = SignAndEncrypt
-securityPolicy = Basic256Sha256
+securityPolicy = Aes256_Sha256_RsaPss
authMode = anonymous
diff --git a/tests/secure_anonymous/server_register_client.conf b/tests/secure_anonymous/server_register_client.conf
index a9c3419..e7c34c7 100644
--- a/tests/secure_anonymous/server_register_client.conf
+++ b/tests/secure_anonymous/server_register_client.conf
@@ -8,6 +8,6 @@ privateKey = certs/ServerRegisterClient_key.der
trustStore = certs/trust/server_register_client
securityMode = SignAndEncrypt
-securityPolicy = Basic256Sha256
+securityPolicy = Aes256_Sha256_RsaPss
authMode = anonymous
diff --git a/tests/secure_cert/client.conf b/tests/secure_cert/client.conf
index 0abd582..68a14aa 100644
--- a/tests/secure_cert/client.conf
+++ b/tests/secure_cert/client.conf
@@ -8,6 +8,6 @@ privateKey = certs/Client_key.der
trustStore = certs/trust/client
securityMode = SignAndEncrypt
-securityPolicy = Basic256Sha256
+securityPolicy = Aes256_Sha256_RsaPss
authMode = cert
diff --git a/tests/secure_cert/server_register_client.conf b/tests/secure_cert/server_register_client.conf
index 7542bdf..ddba01d 100644
--- a/tests/secure_cert/server_register_client.conf
+++ b/tests/secure_cert/server_register_client.conf
@@ -8,6 +8,6 @@ privateKey = certs/ServerRegisterClient_key.der
trustStore = certs/trust/server_register_client
securityMode = SignAndEncrypt
-securityPolicy = Basic256Sha256
+securityPolicy = Aes256_Sha256_RsaPss
authMode = anonymous
diff --git a/tests/secure_user/client.conf b/tests/secure_user/client.conf
index 85c12e9..5059ca9 100644
--- a/tests/secure_user/client.conf
+++ b/tests/secure_user/client.conf
@@ -7,7 +7,7 @@ privateKey = certs/Client_key.der
trustStore = certs/trust/client
securityMode = SignAndEncrypt
-securityPolicy = Basic256Sha256
+securityPolicy = Aes256_Sha256_RsaPss
authMode = user
username = user
diff --git a/tests/secure_user/server_register_client.conf b/tests/secure_user/server_register_client.conf
index c924d8d..b2edd24 100644
--- a/tests/secure_user/server_register_client.conf
+++ b/tests/secure_user/server_register_client.conf
@@ -8,6 +8,6 @@ privateKey = certs/ServerRegisterClient_key.der
trustStore = certs/trust/server_register_client
securityMode = SignAndEncrypt
-securityPolicy = Basic256Sha256
+securityPolicy = Aes256_Sha256_RsaPss
authMode = anonymous
generated by cgit v1.2.3 (git 2.46.0) at 2026-02-20 05:42:33 +0000