opcuaviewer: Use PKI configuration and application identity

Change-Id: I18569214e066683f2d511641fef12b2c96e4f8cd Reviewed-by: Rainer Keller <Rainer.Keller@qt.io>
author: Gerhard Gappmeier <gerhard.gappmeier@ascolab.com> 2018-10-31 11:54:51 +0100
committer: Rainer Keller <Rainer.Keller@qt.io> 2019-01-11 13:45:57 +0000
commit: 68e7598fe810fb03590a08a9ee390d7f9714212f (patch)
tree: 53194d1a614f7837fda798af5d0eaa0cb80db6c0 /examples
parent: 7e84242bc09f8ab095108e4f1e77b3d188ad7bab (diff)
2 files changed, 72 insertions, 0 deletions
diff --git a/examples/opcua/opcuaviewer/mainwindow.cpp b/examples/opcua/opcuaviewer/mainwindow.cpp
index f99c9e1..c65f74e 100644
--- a/examples/opcua/opcuaviewer/mainwindow.cpp
+++ b/examples/opcua/opcuaviewer/mainwindow.cpp
@@ -51,6 +51,8 @@
 #include "mainwindow.h"
 #include "opcuamodel.h"
 
+#include <QCoreApplication>
+#include <QDir>
 #include <QLineEdit>
 #include <QComboBox>
 #include <QMessageBox>
@@ -64,6 +66,7 @@
 #include <QTreeView>
 #include <QHeaderView>
 #include <QOpcUaProvider>
+#include <QOpcUaAuthenticationInformation>
 
 QT_BEGIN_NAMESPACE
 
@@ -165,8 +168,29 @@ MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent)
     connect(mConnectButton, &QPushButton::clicked, this, &MainWindow::connectToServer);
     oldMessageHandler = qInstallMessageHandler(&messageHandler);
 
+    setupPkiConfiguration();
+
+    //! [Application Identity]
+    m_identity = m_pkiConfig.applicationIdentity();
+    //! [Application Identity]
 }
 
+//! [PKI Configuration]
+void MainWindow::setupPkiConfiguration()
+{
+    const QString pkidir = QCoreApplication::applicationDirPath() + "/pki";
+    m_pkiConfig.setClientCertificateLocation(pkidir + "/own/certs/opcuaviewer.der");
+    m_pkiConfig.setPrivateKeyLocation(pkidir + "/own/private/opcuaviewer.pem");
+    m_pkiConfig.setTrustListLocation(pkidir + "/trusted/certs");
+    m_pkiConfig.setRevocationListLocation(pkidir + "/trusted/crl");
+    m_pkiConfig.setIssuerListLocation(pkidir + "/issuers/certs");
+    m_pkiConfig.setIssuerRevocationListLocation(pkidir + "/issuers/crl");
+
+    // create the folders if they don't exist yet
+    createPkiFolders();
+}
+//! [PKI Configuration]
+
 void MainWindow::getEndpoints()
 {
     if (mOpcUaClient == nullptr) {
@@ -178,6 +202,13 @@ void MainWindow::getEndpoints()
             return;
         }
 
+        mOpcUaClient->setIdentity(m_identity);
+        mOpcUaClient->setPkiConfiguration(m_pkiConfig);
+
+        QOpcUaAuthenticationInformation authInfo;
+        authInfo.setCertificateAuthentication();
+        mOpcUaClient->setAuthenticationInformation(authInfo);
+
         connect(mOpcUaClient, &QOpcUaClient::connected, this, &MainWindow::clientConnected);
         connect(mOpcUaClient, &QOpcUaClient::disconnected, this, &MainWindow::clientDisconnected);
         connect(mOpcUaClient, &QOpcUaClient::errorChanged, this, &MainWindow::clientError);
@@ -287,4 +318,40 @@ void MainWindow::log(const QString &text, QColor color)
     log(text, QString(), color);
 }
 
+bool MainWindow::createPkiPath(const QString &path)
+{
+    const QString msg = tr("Creating PKI path '%1': %2");
+
+    QDir dir;
+    const bool ret = dir.mkpath(path);
+    if (ret) {
+        qDebug() << msg.arg(path).arg("SUCCESS.");
+    } else {
+        qCritical(msg.arg(path).arg("FAILED.").toLocal8Bit());
+    }
+
+    return ret;
+}
+
+bool MainWindow::createPkiFolders()
+{
+    bool result = createPkiPath(m_pkiConfig.trustListLocation());
+    if (!result)
+        return result;
+
+    result = createPkiPath(m_pkiConfig.revocationListLocation());
+    if (!result)
+        return result;
+
+    result = createPkiPath(m_pkiConfig.issuerListLocation());
+    if (!result)
+        return result;
+
+    result = createPkiPath(m_pkiConfig.issuerRevocationListLocation());
+    if (!result)
+        return result;
+
+    return result;
+}
+
 QT_END_NAMESPACE
diff --git a/examples/opcua/opcuaviewer/mainwindow.h b/examples/opcua/opcuaviewer/mainwindow.h
index a44fce7..804c59a 100644
--- a/examples/opcua/opcuaviewer/mainwindow.h
+++ b/examples/opcua/opcuaviewer/mainwindow.h
@@ -83,6 +83,9 @@ private slots:
 
 private:
     void updateUiState();
+    void setupPkiConfiguration();
+    bool createPkiFolders();
+    bool createPkiPath(const QString &path);
 
 private:
     QLineEdit *mServerUrl;
@@ -97,6 +100,8 @@ private:
     QOpcUaClient *mOpcUaClient;
     QVector<QOpcUa::QEndpointDescription> mEndpointList;
     bool mClientConnected;
+    QOpcUaApplicationIdentity m_identity;
+    QOpcUaPkiConfiguration m_pkiConfig;
 };
 
 QT_END_NAMESPACE
author	Gerhard Gappmeier <gerhard.gappmeier@ascolab.com>	2018-10-31 11:54:51 +0100
committer	Rainer Keller <Rainer.Keller@qt.io>	2019-01-11 13:45:57 +0000
commit	68e7598fe810fb03590a08a9ee390d7f9714212f (patch)
tree	53194d1a614f7837fda798af5d0eaa0cb80db6c0 /examples
parent	7e84242bc09f8ab095108e4f1e77b3d188ad7bab (diff)