Google Git
Sign in
coral / a71ch-crypto-support / 8dc1f1434da50a4b7361d651239c1f3f4f8cc25b / . / doc / demos / opc_ua / doc / readme.html
blob: 45f3532eff27e14464316d9f179f88ed7bd1d77e [file] [log] [blame]
<!DOCTYPE html>
<!--
Copyright 2019 NXP
This software is owned or controlled by NXP and may only be used
strictly in accordance with the applicable license terms. By expressly
accepting such terms or by downloading, installing, activating and/or
otherwise using the software, you are agreeing that you have read, and
that you agree to comply with and are bound by, such license terms. If
you do not agree to be bound by the applicable license terms, then you
may not retain, install, activate or otherwise use the software.
-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title>5.5.1. OPC UA (Open62541) Demo &#8212; Plug &amp; Trust MW v03.00.05 documentation</title>
<link rel="stylesheet" href="../../../_static/bootstrap-sphinx.css" type="text/css" />
<link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
<link rel="stylesheet" type="text/css" href="../../../_static/graphviz.css" />
<script id="documentation_options" data-url_root="../../../" src="../../../_static/documentation_options.js"></script>
<script src="../../../_static/jquery.js"></script>
<script src="../../../_static/underscore.js"></script>
<script src="../../../_static/doctools.js"></script>
<script src="../../../_static/language_data.js"></script>
<link rel="index" title="Index" href="../../../genindex.html" />
<link rel="search" title="Search" href="../../../search.html" />
<link rel="next" title="5.6.1. PSA Non Secure Example" href="../../se05x/psa_nonsecure/Readme.html" />
<link rel="prev" title="5.4.3. Access Manager: Manage access from multiple (Linux) processes to an SE05x IoT Applet" href="../../../hostlib/hostLib/accessManager/doc/accessManager.html" />
<meta charset='utf-8'>
<meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'>
<meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'>
<meta name="apple-mobile-web-app-capable" content="yes">
<script type="text/javascript" src="../../../_static/js/jquery-1.11.0.min.js "></script>
<script type="text/javascript" src="../../../_static/js/jquery-fix.js "></script>
<script type="text/javascript" src="../../../_static/bootstrap-3.3.7/js/bootstrap.min.js "></script>
<script type="text/javascript" src="../../../_static/bootstrap-sphinx.js "></script>
</head><body>
<div id="navbar" class="navbar navbar-inverse navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<!-- .btn-navbar is used as the toggle for collapsed navbar content -->
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../../../toc.html"><span><img src="../../../_static/NXP_logo_JPG.jpg"></span>
MW</a>
<span class="navbar-text navbar-version pull-left"><b>v03.00.05</b></span>
</div>
<div class="collapse navbar-collapse nav-collapse">
<ul class="nav navbar-nav">
<li class="dropdown globaltoc-container">
<a role="button"
id="dLabelGlobalToc"
data-toggle="dropdown"
data-target="#"
href="../../../toc.html">TOC <b class="caret"></b></a>
<ul class="dropdown-menu globaltoc"
role="menu"
aria-labelledby="dLabelGlobalToc"><ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../../index.html">1. NXP Plug &amp; Trust Middleware</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../organization-of-documentation.html">1.1. Organization of Documentation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../folder-structure.html">1.2. Folder Structure</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../sw-prerequisites.html">1.3. List of Platform Prerequisites</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../changes/index.html">2. Changes</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/pending.html">2.1. Pending Refactoring items</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/pending.html#known-limitations">2.2. Known limitations</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v03_00_05.html">2.3. Release <code class="docutils literal notranslate"><span class="pre">v03.00.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v03_00_04.html">2.4. Release <code class="docutils literal notranslate"><span class="pre">v03.00.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v03_00_03.html">2.5. Release <code class="docutils literal notranslate"><span class="pre">v03.00.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v03_00_02.html">2.6. Release <code class="docutils literal notranslate"><span class="pre">v03.00.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_16_01.html">2.7. Release <code class="docutils literal notranslate"><span class="pre">v02.16.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_16_00.html">2.8. Release <code class="docutils literal notranslate"><span class="pre">v02.16.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_15_00.html">2.9. Release <code class="docutils literal notranslate"><span class="pre">v02.15.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_14_00.html">2.10. Release <code class="docutils literal notranslate"><span class="pre">v02.14.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_12_00.html">2.11. Release <code class="docutils literal notranslate"><span class="pre">v02.12.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_12_00.html#release-v02-12-04">2.12. Release <code class="docutils literal notranslate"><span class="pre">v02.12.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_12_00.html#release-v02-12-03">2.13. Release <code class="docutils literal notranslate"><span class="pre">v02.12.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_12_00.html#release-v02-12-02">2.14. Release <code class="docutils literal notranslate"><span class="pre">v02.12.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_12_00.html#release-v02-12-01">2.15. Release <code class="docutils literal notranslate"><span class="pre">v02.12.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_12_00.html#release-v02-12-00">2.16. Release <code class="docutils literal notranslate"><span class="pre">v02.12.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_11_03.html">2.17. Release <code class="docutils literal notranslate"><span class="pre">v02.11.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_11_01.html">2.18. Internal Release <code class="docutils literal notranslate"><span class="pre">v02.11.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_11_00.html">2.19. Release <code class="docutils literal notranslate"><span class="pre">v02.11.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_10_00.html">2.20. Release <code class="docutils literal notranslate"><span class="pre">v02.10.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_09_00.html">2.21. Release <code class="docutils literal notranslate"><span class="pre">v02.09.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_07_00.html">2.22. Release <code class="docutils literal notranslate"><span class="pre">v02.07.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_06_00.html">2.23. Release <code class="docutils literal notranslate"><span class="pre">v02.06.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_05_00_to_v02_03_00.html">2.24. Release <code class="docutils literal notranslate"><span class="pre">v02.05.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_05_00_to_v02_03_00.html#release-v02-04-00">2.25. Release <code class="docutils literal notranslate"><span class="pre">v02.04.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../changes/v02_05_00_to_v02_03_00.html#release-02-03-00">2.26. Release <code class="docutils literal notranslate"><span class="pre">02.03.00</span></code></a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../stack/index.html">3. Plug &amp; Trust MW Stack</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/features.html">3.1. Features</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/features.html#plug-trust-mw-block-diagram">3.2. Plug &amp; Trust MW : Block Diagram</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../sss-apis.html">3.3. SSS APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/se05xfeatures.html">3.4. SSS APIs: SE051 vs SE050</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/param_checks.html">3.5. Parameter Check &amp; Conventions</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/i2cm.html">3.6. I2CM / Secure Sensor</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/logging.html">3.7. Logging</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/feature-file.html">3.8. Feature File - <code class="docutils literal notranslate"><span class="pre">fsl_sss_ftr.h</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/platf-scp-from-fs.html">3.9. Using Platform SCP Keys from File System</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/auth/auth-objects.html">3.10. Auth Objects</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/auth/auth-objects-userid.html">3.11. Auth Objects : UserID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/auth/auth-objects-aeskey.html">3.12. Auth Objects : AESKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/auth/auth-objects-eckey.html">3.13. Auth Objects : ECKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/key-id-range.html">3.14. Key Id Range and Purpose</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/key-id-range.html#authentication-keys">3.15. Authentication Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../stack/key-id-range.html#trust-provisioned-keyids">3.16. Trust provisioned KeyIDs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../sss/ex/doc/puf-scp03.html">3.17. SCP03 with PUF</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../sss/doc/sss_heap_management.html">3.18. SSS Heap Management</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../building/index.html">4. Building / Compiling</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../building/windows.html">4.1. Windows Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../building/frdm-k64f-sdk.html">4.2. Import MCUXPresso projects from SDK</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../building/frdm-k64f-cmake.html">4.3. Freedom K64F Build (CMake - Advanced)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../building/imx6.html">4.4. i.MX Linux Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../building/rpi3.html">4.5. Raspberry Pi Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../building/cmake.html">4.6. CMake</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../scripts/cmake_options.html">4.7. CMake Options</a></li>
</ul>
</li>
<li class="toctree-l1 current"><a class="reference internal" href="../../index.html">5. Demo and Examples</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../index.html#demo-list">5.1. Demo List</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#sss-api-examples">5.2. SSS API Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#cloud-demos">5.3. Cloud Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#linux-specific-demos">5.4. Linux Specific Demos</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../../index.html#opc-ua-example">5.5. OPC-UA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#arm-psa-example">5.6. ARM PSA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#se05x-examples">5.7. SE05X Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#openssl-examples">5.8. OpenSSL Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#tests-for-user-crypto">5.9. Tests for User Crypto</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#nxpnfcrdlib-examples">5.10. NXPNFCRDLIB examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#ease-of-use-examples">5.11. Ease-of-Use examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#semslite-examples">5.12. Semslite examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#puf-examples">5.13. PUF examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../nxp_iot_agent/doc/introduction.html">6.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../nxp_iot_agent/doc/introduction.html#building-and-running-the-edgelock-2go-agent">6.2. Building and running the EdgeLock 2GO agent</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../nxp_iot_agent/doc/introduction.html#datastore-keystore">6.3. Datastore / Keystore</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../nxp_iot_agent/doc/introduction.html#connection-to-the-edgelock-2go-cloud-service">6.4. Connection to the EdgeLock 2GO cloud service</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../nxp_iot_agent/doc/introduction.html#claim-codes">6.5. Claim Codes</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../nxp_iot_agent/doc/edgelock2go_agent_apis.html">6.6. API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../nxp_iot_agent/doc/readme_usage_examples.html">6.7. Usage Examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../semslite/doc/index.html">7. SEMS Lite Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../semslite/doc/sems_lite_overview.html">7.1. SEMS Lite Overview (Only for SE051)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../semslite/doc/sems_lite_package.html">7.2. Update Package</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../semslite/doc/sems_lite_usage.html">7.3. SEMS Lite Agent Usage</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../semslite/doc/sems_lite_mgmt_api.html">7.4. SEMS Lite management APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../semslite/doc/sems_lite_process.html">7.5. SEMS Lite Agent Package Load Process</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../semslite/doc/sems_lite_api.html">7.6. APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../semslite/doc/sems_lite_known_issue.html">7.7. SEMS Lite Known Issue</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../semslite/doc/demo_update.html">7.8. SEMS Lite DEMOs</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../plugins/index.html">8. Plugins / Add-ins</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../sss/plugin/openssl/scripts/readme.html">8.1. Introduction on OpenSSL engine</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../sss/plugin/mbedtls/scripts/readme.html">8.2. Introduction on mbedTLS ALT Implementation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../sss/plugin/psa/Readme.html">8.3. Platform Security Architecture</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../plugins/akm.html">8.4. Android Key master</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../sss/plugin/open62541/readme.html">8.5. Introduction on Open62541 (OPC UA stack)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../plugins/wifiEAP/wifiEAP.html">8.6. WiFi EAP Demo with Raspberry Pi3</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../plugins/pkcs11.html">8.7. PKCS#11 Standalone Library</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../cli-tool.html">9. CLI Tool</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../pycli/doc/introduction.html">9.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../pycli/doc/block-diagram.html">9.2. Block Diagram</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../pycli/doc/pre-steps.html">9.3. Steps needed before running <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../pycli/doc/running.html">9.4. Running the <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool - Windows</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../pycli/Provisioning/readme.html">9.5. CLI Provisioning</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../pycli/doc/readme_usage_examples.html">9.6. Usage Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../pycli/doc/cli_commands_list.html">9.7. List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../pycli/doc/cli_data_format.html">9.8. CLI Data formats</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../pycli/doc/cli_object_policy.html">9.9. Object Policies Through ssscli</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/upload_se05x_using_pycli.html">9.10. Upload keys and certificates to SE05X using ssscli tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../a71ch.html">10. A71CH</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../a71ch/a71ch_sss.html">10.1. A71CH and SSS API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../a71ch/a71ch_miscellaneous.html">10.2. Miscellaneous</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../a71ch/a71ch_legacy_host_api.html">10.3. A71CH Legacy API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../a71ch/a71ch_legacy_hlse_api.html">10.4. A71CH Legacy HLSE (Generic) API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../a71ch/a71ch_configure_tool.html">10.5. A71CH Legacy Configure Tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../appendix.html">11. Appendix</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/glossary.html">11.1. Glossary</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/vcom.html">11.2. APDU Commands over VCOM</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/vs2019-setup.html">11.3. Visual Studio 2019 Setup</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/ide_mcux.html">11.4. Setting up MCUXPresso IDE</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../dev-platforms.html">11.5. Development Platforms</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/se_uid.html">11.6. How to get SE Platform Information and UID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/version_info.html">11.7. Version Information</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../Certificate_Chains/Readme.html">11.8. Certificate Chains</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/rjct_server.html">11.9. JRCP_v1 Server</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/platfscp.html">11.10. Using own Platform SCP03 Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../appendix/apdu_write_to_buffer.html">11.11. Write APDU to buffer</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../api/api_list.html">11.12. Plug &amp; Trust MW APIs</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li class="dropdown">
<a role="button"
id="dLabelLocalToc"
data-toggle="dropdown"
data-target="#"
href="#">Page <b class="caret"></b></a>
<ul class="dropdown-menu localtoc"
role="menu"
aria-labelledby="dLabelLocalToc"><ul>
<li><a class="reference internal" href="#">5.5.1. OPC UA (Open62541) Demo</a><ul>
<li><a class="reference internal" href="#supported-platforms">5.5.1.1. Supported Platforms</a></li>
<li><a class="reference internal" href="#introduction">5.5.1.2. Introduction</a></li>
<li><a class="reference internal" href="#build-open62541-server-and-client-examples">5.5.1.3. Build Open62541 server and client examples</a></li>
<li><a class="reference internal" href="#test-open62541-server-and-client-examples">5.5.1.4. Test Open62541 server and client examples</a></li>
<li><a class="reference internal" href="#known-limitations">5.5.1.5. Known Limitations</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li>
<a href="../../../hostlib/hostLib/accessManager/doc/accessManager.html" title="Previous Chapter: 5.4.3. Access Manager: Manage access from multiple (Linux) processes to an SE05x IoT Applet"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">&laquo; 5.4.3. Access...</span>
</a>
</li>
<li>
<a href="../../se05x/psa_nonsecure/Readme.html" title="Next Chapter: 5.6.1. PSA Non Secure Example"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">5.6.1. PSA No... &raquo;</span>
</a>
</li>
</ul>
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-3">
<div id="sidebar" class="bs-sidenav" role="complementary">
<div class="sidebar-header">
<h3>Plug &amp; Trust MW</h3>
</div>
<div class="row">
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../../index.html">1. NXP Plug &amp; Trust Middleware</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../changes/index.html">2. Changes</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../stack/index.html">3. Plug &amp; Trust MW Stack</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../building/index.html">4. Building / Compiling</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../../index.html">5. Demo and Examples</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../index.html#demo-list">5.1. Demo List</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#sss-api-examples">5.2. SSS API Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#cloud-demos">5.3. Cloud Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#linux-specific-demos">5.4. Linux Specific Demos</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../../index.html#opc-ua-example">5.5. OPC-UA Example</a><ul class="current">
<li class="toctree-l3 current"><a class="current reference internal" href="#">5.5.1. OPC UA (Open62541) Demo</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#arm-psa-example">5.6. ARM PSA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#se05x-examples">5.7. SE05X Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#openssl-examples">5.8. OpenSSL Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#tests-for-user-crypto">5.9. Tests for User Crypto</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#nxpnfcrdlib-examples">5.10. NXPNFCRDLIB examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#ease-of-use-examples">5.11. Ease-of-Use examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#semslite-examples">5.12. Semslite examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../index.html#puf-examples">5.13. PUF examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../semslite/doc/index.html">7. SEMS Lite Agent</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../plugins/index.html">8. Plugins / Add-ins</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../cli-tool.html">9. CLI Tool</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../a71ch.html">10. A71CH</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../appendix.html">11. Appendix</a></li>
</ul>
</div>
<div class="row">
<form class="form" action="../../../search.html" method="get">
<div class="form-group">
<label for="Search">Search:</label>
<input type="text" name="q" class="form-control" placeholder="Search" />
</div>
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
</div>
<div class="body col-md-9 content" role="main">
<div class="section" id="opc-ua-open62541-demo">
<span id="id1"></span><h1><span class="section-number">5.5.1. </span>OPC UA (Open62541) Demo<a class="headerlink" href="#opc-ua-open62541-demo" title="Permalink to this headline"></a></h1>
<div class="section" id="supported-platforms">
<h2><span class="section-number">5.5.1.1. </span>Supported Platforms<a class="headerlink" href="#supported-platforms" title="Permalink to this headline"></a></h2>
<ul class="simple">
<li><p>Server Platform</p>
<ul>
<li><p>Windows – JRCPv2 – SE050</p></li>
<li><p>iMX6 / RaspberryPi - t1oi2c – SE050</p></li>
</ul>
</li>
<li><p>Client Platform</p>
<ul>
<li><p>UaExpert on Windows</p></li>
<li><p>Open62541 client on Windows</p></li>
<li><p>Open62541 client on iMX6 / RaspberryPi</p></li>
</ul>
</li>
</ul>
</div>
<div class="section" id="introduction">
<h2><span class="section-number">5.5.1.2. </span>Introduction<a class="headerlink" href="#introduction" title="Permalink to this headline"></a></h2>
<p>OPC UA (Open Platform Communications Unified Architecture) is an application layer protocol specific to Industrial IoT.
It can run on top of TCP, TCP + Web services or TCP + HTTPS.
In this client - server demo, the Open62541 open source OPC UA stack is used for integration with SE050.
The server certificate and key are provisioned inside the SE050, the access to the SE050 is is performed using the SSS APIs.
The OPC UA server example source code is available in directory <code class="docutils literal notranslate"><span class="pre">demos\opc_ua\opc_ua_server</span></code>.
The Open62541 specific adaptation layer to the SE050 is available in directory <code class="docutils literal notranslate"><span class="pre">sss\plugin\open62541</span></code>.
The source code of the Open62541 stack is available in directory <code class="docutils literal notranslate"><span class="pre">ext\open62541</span></code>.</p>
<p>OPC UA stack:</p>
<img alt="../../../_images/security.jpg" src="../../../_images/security.jpg" />
<p>In reference to the above image the demo matches the left arrow:</p>
<ul class="simple">
<li><p>UA binary encoding is used</p></li>
<li><p>UA Secure conversation with security policy <code class="docutils literal notranslate"><span class="pre">Basic256Sha256</span></code> and <code class="docutils literal notranslate"><span class="pre">Sign</span> <span class="pre">and</span> <span class="pre">Encrypt</span> <span class="pre">mode</span></code></p></li>
<li><p>on top of TCP</p></li>
</ul>
<img alt="../../../_images/open62541_sss.jpg" src="../../../_images/open62541_sss.jpg" />
<p>The crypto functionality (as defined by <code class="docutils literal notranslate"><span class="pre">Basic256Sha256</span></code>) is handled as follows:</p>
<ul class="simple">
<li><p>AsymmetricSignatureAlgorithm_RSA-PKCS15-SHA2-256: RSA Sign operation done by SE050</p></li>
<li><p>AsymmetricEncryptionAlgorithm_RSA-OAEP-SHA: RSA Decrypt operation done by SE050</p></li>
<li><p>Symmetric crypto operations are handled by the OPC UA stack on the host micro</p></li>
</ul>
</div>
<div class="section" id="build-open62541-server-and-client-examples">
<h2><span class="section-number">5.5.1.3. </span>Build Open62541 server and client examples<a class="headerlink" href="#build-open62541-server-and-client-examples" title="Permalink to this headline"></a></h2>
<ol class="arabic">
<li><p>Build server and client example</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>cd simw-top
python3 scripts/create_cmake_projects.py
cd ../simw-top_build/imx_native_se050_t1oi2c
cmake -DWithOPCUA_open62541:BOOL=ON -DHostCrypto:STRING=MBEDTLS -DWithSharedLIB:BOOL=OFF .
cmake --build .
make install
ldconfig /usr/local/lib
</pre></div>
</div>
</li>
</ol>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Replace <code class="docutils literal notranslate"><span class="pre">imx_native_se050_t1oi2c</span></code> with <code class="docutils literal notranslate"><span class="pre">raspbian_native_se050_t1oi2c</span></code>
when building for Raspberry Pi.</p>
</div>
<ol class="arabic simple">
<li><p>Server and client binaries are copied to the simw-top/tools folder</p></li>
</ol>
</div>
<div class="section" id="test-open62541-server-and-client-examples">
<h2><span class="section-number">5.5.1.4. </span>Test Open62541 server and client examples<a class="headerlink" href="#test-open62541-server-and-client-examples" title="Permalink to this headline"></a></h2>
<ol class="arabic">
<li><p>Client/Server keys are available in <code class="docutils literal notranslate"><span class="pre">simw-top\demos\opc_ua\credentials\</span></code>. Optionally you can regenerate the client/server keys
with the following command</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>cd simw-top/demos/opc_ua/scripts
python3 createOPCUACredentials_Optional.py
OPU UA mandates the host name to be part of the subjectAltName in the server certificate.
The default server certificate provided with the package uses hostname &#39;localhost&#39;.
To create a completely new set of credentials with a specific server hostname / ip-address run
createOPCUACredentials_Optional.py script as
python3 createOPCUACredentials_Optional.py &lt;server_hostname&gt; # Default &lt;server_hostname&gt; = localhost
</pre></div>
</div>
</li>
<li><p>Refer to <a class="reference internal" href="../../../cli-tool.html#cli-tool"><span class="std std-ref">CLI Tool</span></a> for ssscli tool setup. Using ssscli tool, provision server certificate and key into SE050 and create a reference pem file for server key</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>cd simw-top/demos/opc_ua/scripts
python3 provisionOPCUAServer.py 127.0.0.1:8050 jrcpv2 #On Windows
OR
python3 provisionOPCUAServer.py #On iMX6 / RaspberryPi
</pre></div>
</div>
</li>
<li><p>Start opc ua server</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>cd simw-top/demos/opc_ua/scripts
python3 open62541Server.py jrcpv2 127.0.0.1:8050 &lt;certificate&gt; #On Windows
OR
python3 open62541Server.py &lt;certificate&gt; #On iMX6 / RaspberryPi
When using Open62541 client:
&lt;certificate&gt; is located at simw-top\demos\opc_ua\credentials\open62541_client_cert.der
When using UAexpert client:
&lt;certificate&gt; is located at uaexpert\PKI\own\certs\uaexpert.der
Passing &quot;none&quot; for &lt;certificate&gt;, will make the server accept all client certificates.
</pre></div>
</div>
</li>
<li><p>Start opc ua client</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>cd simw-top/demos/opc_ua/scripts
python3 open62541Client.py opc.tcp://127.0.0.1:4840
On successful connection, value of the object &quot;Sensor1&quot; is read from server and displayed.
</pre></div>
</div>
</li>
<li><p>UaExpert client can also be used to test the Open62541 server.</p></li>
</ol>
<ul class="simple">
<li><p>For testing with UaExpert client, root certificate needs to be copied to UaExpert trusted list of certificates,</p></li>
<li><p>Go to UaExpert -&gt; Settings -&gt; Manage Certificates -&gt; Trusted (Tab) -&gt; Open Certificate Location and copy the file <code class="docutils literal notranslate"><span class="pre">simw-top\demos\opc_ua\credentials\open62541_rootCA_cert.der</span></code></p></li>
<li><dl class="simple">
<dt>Also disable following errors in UaExpert configurations.</dt><dd><ol class="lowerroman simple">
<li><p>UaExpert -&gt; Settings -&gt; Configure UaExpert -&gt; General.DisableError.CertificateIssuerRevocationUnknown -&gt; true</p></li>
<li><p>UaExpert -&gt; Settings -&gt; Configure UaExpert -&gt; General.DisableError.CertificateRevocationUnknown -&gt; true</p></li>
</ol>
</dd>
</dl>
</li>
<li><dl class="simple">
<dt>Add the server details to connect. UaExpert -&gt; Server -&gt; Add -&gt; Advanced (Tab). Add details in</dt><dd><ol class="lowerroman simple">
<li><p>EndPoint Url (opc.tcp://&lt;SERVER_IP&gt;:4840/)</p></li>
<li><p>Security Policy as Basic256Sha256</p></li>
<li><p>Message Security Mode as Sign &amp; Encrypt</p></li>
</ol>
</dd>
</dl>
</li>
<li><p>Added server will appear in project tab. Right click on server -&gt; Connect.</p></li>
<li><p>On successful connection, the client objects should appear in UaExpert address space.</p></li>
<li><p>To change the value of object “Sensor1”, select the object “Sensor1” in address space. In the Attribute section, select “value” attribute and enter the new value.</p></li>
</ul>
</div>
<div class="section" id="known-limitations">
<h2><span class="section-number">5.5.1.5. </span>Known Limitations<a class="headerlink" href="#known-limitations" title="Permalink to this headline"></a></h2>
<ol class="arabic simple">
<li><p>Client certificates are self signed certificates. Not tested with root ca signed.</p></li>
<li><p>No root certificate can be given as input to command line Open62541 client. So any server certificate is accepted.</p></li>
</ol>
</div>
</div>
</div>
</div>
</div>
<footer class="footer">
<div class="container">
<p class="pull-right">
<a href="#">Back to top</a>
</p>
<p>
&copy; Copyright 2018-2020, NXP.<br/>
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 2.4.1.<br/>
</p>
</div>
</footer>
</body>
</html>