public static void ConfigureNoValidation(CertificateValidationOptions validationOptions)
{
validationOptions.ValidateRevocationStatus = false;
validationOptions.ValidateIssuerSignature = false;
validationOptions.ValidateValidity = false;
validationOptions.ValidateRootTrust = false;
validationOptions.ValidateIssuer = false;
}
protected internal virtual X509Chain CreateChain(ICertificate certificate, CertificateValidationOptions options)
{
var chainPolicy = this.CreateChainPolicy(certificate, options);
var chain = this.CreateChain(options?.UseMachineContext);
chain.ChainPolicy = chainPolicy;
return(chain);
}
/// <summary>
/// Returns the certificate information for a trusted issuer certificate.
/// </summary>
private async Task <CertificateIdentifier> GetIssuer(
X509Certificate2 certificate,
CertificateIdentifierCollection explicitList,
CertificateStoreIdentifier certificateStore,
bool checkRecovationStatus)
{
string subjectName = certificate.IssuerName.Name;
string keyId = null;
string serialNumber = null;
// find the authority key identifier.
X509AuthorityKeyIdentifierExtension authority = FindAuthorityKeyIdentifier(certificate);
if (authority != null)
{
keyId = authority.KeyId;
serialNumber = authority.SerialNumber;
}
// check in explicit list.
if (explicitList != null)
{
for (int ii = 0; ii < explicitList.Count; ii++)
{
X509Certificate2 issuer = await explicitList[ii].Find(false);
if (issuer != null)
{
if (!IsIssuerAllowed(issuer))
{
continue;
}
if (Match(issuer, subjectName, serialNumber, keyId))
{
// can't check revocation.
return(new CertificateIdentifier(issuer, CertificateValidationOptions.SuppressRevocationStatusUnknown));
}
}
}
}
// check in certificate store.
if (certificateStore != null)
{
ICertificateStore store = certificateStore.OpenStore();
try
{
X509Certificate2Collection certificates = await store.Enumerate();
for (int ii = 0; ii < certificates.Count; ii++)
{
X509Certificate2 issuer = certificates[ii];
if (issuer != null)
{
if (!IsIssuerAllowed(issuer))
{
continue;
}
if (Match(issuer, subjectName, serialNumber, keyId))
{
CertificateValidationOptions options = certificateStore.ValidationOptions;
// already checked revocation for file based stores. windows based stores always suppress.
options |= CertificateValidationOptions.SuppressRevocationStatusUnknown;
if (checkRecovationStatus)
{
StatusCode status = store.IsRevoked(issuer, certificate);
if (StatusCode.IsBad(status))
{
if (status != StatusCodes.BadNotSupported && status != StatusCodes.BadCertificateRevocationUnknown)
{
throw new ServiceResultException(status);
}
}
}
return(new CertificateIdentifier(certificates[ii], options));
}
}
}
}
finally
{
store.Close();
}
}
// not a trusted issuer.
return(null);
}
protected internal virtual X509ChainPolicy CreateChainPolicy(ICertificate certificate, CertificateValidationOptions options)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
var chainPolicy = new X509ChainPolicy();
foreach (var item in options.ApplicationPolicyObjectIdentifiers)
{
chainPolicy.ApplicationPolicy.Add(new Oid(item));
}
foreach (var item in options.CertificatePolicyObjectIdentifiers)
{
chainPolicy.CertificatePolicy.Add(new Oid(item));
}
if (options.RevocationFlag != null)
{
chainPolicy.RevocationFlag = options.RevocationFlag.Value;
}
if (options.RevocationMode != null)
{
chainPolicy.RevocationMode = options.RevocationMode.Value;
}
if (options.UrlRetrievalTimeout != null)
{
chainPolicy.UrlRetrievalTimeout = options.UrlRetrievalTimeout.Value;
}
foreach (var trustedIntermediateCertificate in options.TrustedIntermediateCertificates)
{
chainPolicy.ExtraStore.Add(this.UnwrapCertificate(trustedIntermediateCertificate));
}
foreach (var trustedRootCertificate in options.TrustedRootCertificates)
{
chainPolicy.ExtraStore.Add(this.UnwrapCertificate(trustedRootCertificate));
}
if (options.VerificationFlags != null)
{
chainPolicy.VerificationFlags = options.VerificationFlags.Value;
}
if (options.VerificationTime != null)
{
chainPolicy.VerificationTime = options.VerificationTime.Value;
}
return(chainPolicy);
}
protected internal virtual IValidationResult EvaluateMatching(ICertificate certificate, CertificateValidationOptions options)
{
var validationResult = new ValidationResult();
var matching = options?.Matching ?? new MatchingOptions();
// ReSharper disable InvertIf
if (matching.Criteria.Any())
{
var messagePrefix = $"Certificate {this.ValueAsFormatItem(certificate?.Subject)}: ";
var results = new List <KeyValuePair <string, bool> >();
foreach (var criterion in matching.Criteria)
{
var formattedPropertyName = this.ValueAsFormatItem(criterion.PropertyName);
var formattedValuePattern = this.ValueAsFormatItem(criterion.ValuePattern);
var canNotEvaluateMessagePrefix = $"{messagePrefix}Can not evaluate if certificate-property {formattedPropertyName} matches value {formattedValuePattern} because";
if (certificate == null)
{
results.Add(new KeyValuePair <string, bool>($"{canNotEvaluateMessagePrefix} because the certificate is NULL.", false));
continue;
}
if (!this.TryGetCertificatePropertyValue(certificate, criterion.PropertyName, out var propertyValue))
{
results.Add(new KeyValuePair <string, bool>($"{canNotEvaluateMessagePrefix} because the certificate-property does not exist.", false));
continue;
}
var evaluateMessagePrefix = $"{messagePrefix}The value {this.ValueAsFormatItem(propertyValue)}, for certificate-property {formattedPropertyName}";
if ((propertyValue == null && criterion.ValuePattern == null) || (propertyValue != null && propertyValue.Like(criterion.ValuePattern)))
{
if (!matching.AllCriteriaShouldMatch)
{
return(validationResult);
}
results.Add(new KeyValuePair <string, bool>($"{evaluateMessagePrefix}, matches value {formattedValuePattern}.", true));
continue;
}
results.Add(new KeyValuePair <string, bool>($"{evaluateMessagePrefix}, do not match value {formattedValuePattern}.", false));
}
if ((matching.AllCriteriaShouldMatch && results.Any(item => !item.Value)) || (!matching.AllCriteriaShouldMatch && !results.Any(item => item.Value)))
{
validationResult.Exceptions.Add(results.Where(item => !item.Value).Select(item => new EvaluateException(item.Key)));
}
}
// ReSharper restore InvertIf
return(validationResult);
}
static void callMethod()
{
EndpointConfiguration ec = new EndpointConfiguration();
EndpointDescription endpointDescription = new EndpointDescription("opc.tcp://localhost:58710/PCoUaServer");
configuredEndpoint = new ConfiguredEndpoint(new ConfiguredEndpointCollection(), endpointDescription);
configuredEndpoint.Configuration.UseBinaryEncoding = true;
configuredEndpoint.Description.UserIdentityTokens.Add(new UserTokenPolicy(UserTokenType.Anonymous));
applicationConfiguration = new ApplicationConfiguration();
applicationConfiguration.ApplicationType = ApplicationType.Client;
applicationConfiguration.ApplicationName = "SAPClientSession";
applicationConfiguration.ApplicationUri = "SAPClientSession";
SecurityConfiguration secConfig = new SecurityConfiguration();
secConfig.ApplicationCertificate = GetPCoDefaultCertificate();
applicationConfiguration.SecurityConfiguration = secConfig;
TransportQuotas transportQuotas = new TransportQuotas();
applicationConfiguration.TransportQuotas = transportQuotas;
ClientConfiguration clientConfiguration = new ClientConfiguration();
applicationConfiguration.ClientConfiguration = clientConfiguration;
applicationConfiguration.Validate(ApplicationType.Client);
CertificateValidationOptions certOptions = applicationConfiguration.SecurityConfiguration.TrustedPeerCertificates.ValidationOptions;
certOptions |= CertificateValidationOptions.SuppressCertificateExpired;
certOptions |= CertificateValidationOptions.SuppressHostNameInvalid;
securelyUpdateEndpointConfiguration(configuredEndpoint, applicationConfiguration);
applicationConfiguration.CertificateValidator.CertificateValidation += CertificateValidator_CertificateValidation;
clientSession = Session.Create(
applicationConfiguration,
configuredEndpoint,
false, false,
sessionName,
sessionTimeout,
identity,
null, null);
clientSession.ReturnDiagnostics = DiagnosticsMasks.All;
clientSession.KeepAliveInterval = 2 * 1000;
try
{
int maxNodesPerReadRuntimeInformation = Convert.ToInt32(clientSession.ReadValue(Opc.Ua.VariableIds.Server_ServerCapabilities_OperationLimits_MaxNodesPerRead).Value);
//if (tracer.Switch.ShouldTrace(TraceEventType.Verbose))
{
String message = String.Format("Retrieved operation limits for reading ({0}) from server", maxNodesPerReadRuntimeInformation);
//TraceUtility.LogData(tracer, TraceUtility.EventId.E2718, TraceEventType.Verbose, message);
}
}
catch (Exception)
{
// the value is not supplied or an error occured.
{
String message = String.Format("Could not retrieve operation limits for reading from server");
}
}
//NodeId nodeiD = clientSession.ReadNode();
var v11 = clientSession.Call((NodeId)("ns=2;s=348259fa-527e-4d5e-bde1-f5e1ccf01d61"), (NodeId)("ns=2;s=aef01ad4-3fe3-4836-83d0-cc808735f530"), new object[] { });
//BrowseResultCollection browseResultCollection;
//DiagnosticInfoCollection diagnosticInfos;
//NodeId currentNode = FindCurrentNode(null, clientSession, configuredEndpoint);
//uint nodeClassMask = (uint)(NodeClass.Object | NodeClass.Method);
//BrowseDescriptionCollection nodesToBrowse = PrepareBrowseDescriptionCollection(currentNode, nodeClassMask);
//clientSession.Browse(
// null,
// null,
// 100,
// nodesToBrowse,
// out browseResultCollection,
// out diagnosticInfos);
//var app_Base_To_method = clientSession.ReadNode((NodeId)(browseResultCollection[0].References[1].NodeId.ToString()));
//ClientBase.ValidateResponse(browseResultCollection, nodesToBrowse);
//ClientBase.ValidateDiagnosticInfos(diagnosticInfos, nodesToBrowse);
//ReferenceDescriptionCollection references;
////int resultLength = 0;
//foreach (BrowseResult br in browseResultCollection)
//{
// /// TODO: Store the continuation point as member of UaBrowser (new class) and
// /// use it when we are called with BrowseNext mode.
// byte[] continuationPoint = br.ContinuationPoint;
// while (continuationPoint != null)
// {
// byte[] revisedContinuationPoint;
// ResponseHeader rc = clientSession.BrowseNext(
// null,
// false,
// continuationPoint,
// out revisedContinuationPoint,
// out references);
// br.References.AddRange(references);
// //resultLength += br.References.Count;
// if (br.References.Count >= 100)
// {
// //int removeCount = br.References.Count - maxRows;
// br.References.RemoveRange((int)100, (int)br.References.Count - (int)100);
// continuationPoint = revisedContinuationPoint;
// if (continuationPoint != null)
// {
// // release continuation point on server
// rc = clientSession.BrowseNext(
// null,
// true, // <- release cp
// continuationPoint,
// out revisedContinuationPoint,
// out references);
// }
// break;
// }
// continuationPoint = revisedContinuationPoint;
// }
//}
////ns=2;s=a72e725d-6be7-4a17-bcd4-0be67b6cbfbe
////browseResultCollection[0].References[1].NodeId;
//var vrere = clientSession.ReadNode((NodeId)("ns=2;s=50bcabac-623b-43ea-8f69-17b12d533166"));
//nodesToBrowse = PrepareBrowseDescriptionCollection
// ((NodeId)(browseResultCollection[0].References[1].NodeId.ToString()), nodeClassMask);
//clientSession.Browse(
// null,
// null,
// 100,
// nodesToBrowse,
// out browseResultCollection,
// out diagnosticInfos);
//var application_method = clientSession.ReadNode((NodeId)(browseResultCollection[1].References[0].NodeId.ToString()));
//var v1 = clientSession.FetchReferences((NodeId)(browseResultCollection[1].References[0].NodeId.ToString()));
////var v2 = clientSession.ReadValue((NodeId)(browseResultCollection[1].References[0].NodeId.ToString()));
//nodesToBrowse = PrepareBrowseDescriptionCollection
// ((NodeId)(browseResultCollection[1].References[0].NodeId.ToString()), nodeClassMask);
//clientSession.Browse(null, null, 100, nodesToBrowse, out browseResultCollection, out diagnosticInfos);
//var v = clientSession.ReadNode((NodeId)(browseResultCollection[5].References[0].NodeId.ToString()));
//v1 = clientSession.FetchReferences((NodeId)(browseResultCollection[5].References[0].NodeId.ToString()));
////v2 = clientSession.ReadValue((NodeId)(browseResultCollection[5].References[0].NodeId.ToString()));
////TypeInfo.GetSystemType(dataType, clientSession.Factory);
//nodeClassMask = (uint)(NodeClass.Object | NodeClass.Method | NodeClass.View |
// NodeClass.VariableType | NodeClass.Variable | NodeClass.ObjectType);
//nodesToBrowse = PrepareBrowseDescriptionCollection
// ((NodeId)(browseResultCollection[5].References[0].NodeId.ToString()), nodeClassMask);
//var v5 = clientSession.ReadNode((NodeId)(browseResultCollection[5].References[0].NodeId.ToString()));
//clientSession.Browse(null, null, 100, nodesToBrowse, out browseResultCollection, out diagnosticInfos);
//BrowsePathCollection pathsToArgs = new BrowsePathCollection();
//BrowsePath pathToInputArgs = new BrowsePath();
//pathToInputArgs.StartingNode = application_method.NodeId;
//pathToInputArgs.RelativePath = new RelativePath(ReferenceTypeIds.HasProperty, false, true, new QualifiedName("InputArguments"));
//pathsToArgs.Add(pathToInputArgs);
//BrowsePath pathToOutputArgs = new BrowsePath();
//pathToOutputArgs.StartingNode = application_method.NodeId;
//pathToOutputArgs.RelativePath = new RelativePath(ReferenceTypeIds.HasProperty, false, true, new QualifiedName("OutputArguments"));
//pathsToArgs.Add(pathToOutputArgs);
//BrowsePathResultCollection results = null;
//// Get the nodeId of the input argument
//ResponseHeader responseHeader = clientSession.TranslateBrowsePathsToNodeIds(
// null,
// pathsToArgs,
// out results,
// out diagnosticInfos
// );
//ArgumentCollection[] arguments = new ArgumentCollection[2];
//for (int i = 0; i < 2; i++)
//{
// arguments[i] = new ArgumentCollection();
// foreach (BrowsePathTarget bptarget in results[i].Targets)
// {
// DataValueCollection readResults = null;
// ReadValueId nodeToRead = new ReadValueId();
// nodeToRead.NodeId = (NodeId)bptarget.TargetId;
// nodeToRead.AttributeId = Attributes.Value;
// ReadValueIdCollection nodesToRead = new ReadValueIdCollection();
// nodesToRead.Add(nodeToRead);
// DiagnosticInfoCollection readDiagnoistcInfos = null;
// clientSession.Read(
// null,
// 0,
// TimestampsToReturn.Neither,
// nodesToRead,
// out readResults,
// out readDiagnoistcInfos
// );
// ExtensionObject[] exts = (ExtensionObject[])readResults[0].Value;
// for (int j = 0; j < exts.Length; ++j)
// {
// ExtensionObject ext = exts[j];
// arguments[i].Add((Argument)ext.Body);
// }
// }
//}
// establish keep-alive
//clientSession.KeepAlive += new KeepAliveEventHandler(clientSession_KeepAlive);
}
public static void connectToOPCUAServer(String opcuaServerUrl)
{
#region SessionConfiguration
EndpointConfiguration ec = new EndpointConfiguration();
EndpointDescription endpointDescription = new EndpointDescription(opcuaServerUrl);
configuredEndpoint = new ConfiguredEndpoint(new ConfiguredEndpointCollection(), endpointDescription);
configuredEndpoint.Configuration.UseBinaryEncoding = true;
configuredEndpoint.Description.UserIdentityTokens.Add(new UserTokenPolicy(UserTokenType.Anonymous));
applicationConfiguration = new ApplicationConfiguration();
applicationConfiguration.ApplicationType = ApplicationType.Client;
applicationConfiguration.ApplicationName = "SAPClientSession";
applicationConfiguration.ApplicationUri = "SAPClientSession";
SecurityConfiguration secConfig = new SecurityConfiguration();
secConfig.ApplicationCertificate = GetPCoDefaultCertificate();
applicationConfiguration.SecurityConfiguration = secConfig;
TransportQuotas transportQuotas = new TransportQuotas();
applicationConfiguration.TransportQuotas = transportQuotas;
ClientConfiguration clientConfiguration = new ClientConfiguration();
applicationConfiguration.ClientConfiguration = clientConfiguration;
applicationConfiguration.Validate(ApplicationType.Client);
CertificateValidationOptions certOptions = applicationConfiguration.SecurityConfiguration.TrustedPeerCertificates.ValidationOptions;
certOptions |= CertificateValidationOptions.SuppressCertificateExpired;
certOptions |= CertificateValidationOptions.SuppressHostNameInvalid;
securelyUpdateEndpointConfiguration(configuredEndpoint, applicationConfiguration);
applicationConfiguration.CertificateValidator.CertificateValidation += CertificateValidator_CertificateValidation;
clientSession = Session.Create(
applicationConfiguration,
configuredEndpoint,
false, false,
sessionName,
sessionTimeout,
identity,
null, null);
clientSession.ReturnDiagnostics = DiagnosticsMasks.All;
clientSession.KeepAliveInterval = 2 * 1000;
try
{
int maxNodesPerReadRuntimeInformation = Convert.ToInt32(clientSession.ReadValue(Opc.Ua.VariableIds.Server_ServerCapabilities_OperationLimits_MaxNodesPerRead).Value);
//if (tracer.Switch.ShouldTrace(TraceEventType.Verbose))
{
String message = String.Format("Retrieved operation limits for reading ({0}) from server", maxNodesPerReadRuntimeInformation);
//TraceUtility.LogData(tracer, TraceUtility.EventId.E2718, TraceEventType.Verbose, message);
}
}
catch (Exception)
{
// the value is not supplied or an error occured.
{
String message = String.Format("Could not retrieve operation limits for reading from server");
}
}
#endregion
opcuaNodeStructure.ChildrenNodes = new List <OpcuaNodeLink>();
//Add root node
OpcuaNodeLink opcuaNodeLink = new OpcuaNodeLink();
opcuaNodeLink.nodeID = FindCurrentNode(null, clientSession, configuredEndpoint).ToString();
opcuaNodeLink.browseName = "AddressRoot";
opcuaNodeLink.parentNodeId = String.Empty;
opcuaNodeLink.parentNodebrowseName = String.Empty;
opcuaNodeLink.isMethod = opcuaNodeLink.isArgument = false;
opcuaNodeStructure.ChildrenNodes.Add(opcuaNodeLink);
BrowseNode(FindCurrentNode(null, clientSession, configuredEndpoint).ToString(), opcuaNodeLink.browseName);
}
