# BIR - OPC UA #### Autorzy: Michał Wawrzyńczak, Paweł Gryka # Konfiguracja (Zadania 1-4) ## Tworzenie kanału   ## Tworzenie urządzenia  ## Tworzenie urządzenia i funkcji  ## Sprawdzenie czy konfiguracja zadziałała  ## Konfiguracja UaExpert client  ## Dane device na UaExpert  ## Konfiguracja drutorekina (wiresharka)  ## Modyfikacja polityki bezpieczeństwa  # Zadania ## 5-10. **Wykonaliśmy polecenia i złapaliśmy pcap z wiresharka** ## 11. Znaleźć, (umieścić w protokole screeny) i zinterpretować pakiety z Usługami OPC UA: ### 11.1 Dla procedury Discovery: GetEndPointResponse: zidentyfikować i napisać w protokole jakie adresy EndPointów zostały przekazane przez serwer i jakie reguły bezpieczeństwa serwer udostępnia dla tych EndPointów  | Nr | EndpointUrl | Polisa | | --- | ------------------------- | --------------------------------------------------------- | | 0 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#None | | 1 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15 | | 2 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15 | | 3 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256 | | 4 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256 | | 5 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256 | | 6 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256 | ### 11.2 Dla procedury monitoringu zmian danych wartości zmiennej: #### a. OpenSecureChannelRequest, OpenSecureChannelResponse: zidentyfikować Id utworzonego kanału i wpisać do protokołu **ChannelId: 3632275430**  **OpenSecureChannelRequest:** ``` Frame 193: 177 bytes on wire (1416 bits), 177 bytes captured (1416 bits) on interface \Device\NPF_Loopback, id 0 Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49466, Dst Port: 49320, Seq: 58, Ack: 29, Len: 133 OpcUa Binary Protocol Message Type: OPN Chunk Type: F Message Size: 133 SecureChannelId: 0 SecurityPolicyUri: http://opcfoundation.org/UA/SecurityPolicy#None SenderCertificate: <MISSING>[OpcUa Null ByteString] ReceiverCertificateThumbprint: <MISSING>[OpcUa Null ByteString] SequenceNumber: 1 RequestId: 1 Message : Encodeable Object TypeId : ExpandedNodeId OpenSecureChannelRequest RequestHeader: RequestHeader AuthenticationToken: NodeId .... 0000 = EncodingMask: Two byte encoded Numeric (0x0) Identifier Numeric: 0 Timestamp: Dec 8, 2023 10:56:48.185642700 Central European Standard Time RequestHandle: 0 Return Diagnostics: 0x00000000 AuditEntryId: [OpcUa Null String] TimeoutHint: 0 AdditionalHeader: ExtensionObject ClientProtocolVersion: 0 SecurityTokenRequestType: Issue (0x00000000) MessageSecurityMode: None (0x00000001) ClientNonce: 00 RequestedLifetime: 300000 ``` **OpenSecureChannelResponse:** ``` Frame 195: 179 bytes on wire (1432 bits), 179 bytes captured (1432 bits) on interface \Device\NPF_Loopback, id 0 Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 49466, Seq: 29, Ack: 191, Len: 135 OpcUa Binary Protocol Message Type: OPN Chunk Type: F Message Size: 135 SecureChannelId: 2804327000 SecurityPolicyUri: http://opcfoundation.org/UA/SecurityPolicy#None SenderCertificate: <MISSING>[OpcUa Null ByteString] ReceiverCertificateThumbprint: <MISSING>[OpcUa Null ByteString] SequenceNumber: 512 RequestId: 1 Message : Encodeable Object TypeId : ExpandedNodeId OpenSecureChannelResponse ResponseHeader: ResponseHeader Timestamp: Dec 8, 2023 10:56:48.185642700 Central European Standard Time RequestHandle: 0 ServiceResult: 0x00000000 [Good] ServiceDiagnostics: DiagnosticInfo StringTable: Array of String AdditionalHeader: ExtensionObject ServerProtocolVersion: 0 SecurityToken: ChannelSecurityToken ChannelId: 2804327000 TokenId: 1 CreatedAt: Dec 8, 2023 10:56:48.185642700 Central European Standard Time RevisedLifetime: 600000 ServerNonce: <MISSING>[OpcUa Null ByteString] ``` #### b. CreateSessionRequest, CreateSessionResponse: zidentyfikować Id utworzonej sesji i wpisać do protokołu  **CreateSessionRequest:** ``` Frame 317: 130 bytes on wire (1040 bits), 130 bytes captured (1040 bits) on interface \Device\NPF_Loopback, id 0 Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49467, Dst Port: 49320, Seq: 1651, Ack: 164, Len: 86 [2 Reassembled TCP Segments (1546 bytes): #316(1460), #317(86)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 1546 SecureChannelId: 1286838553 Security Token Id: 1 Security Sequence Number: 2 Security RequestId: 2 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId CreateSessionRequest RequestHeader: RequestHeader AuthenticationToken: NodeId .... 0010 = EncodingMask: Numeric of arbitrary length (0x2) Namespace Index: 0 Identifier Numeric: 3508445853 Timestamp: Dec 8, 2023 10:56:48.285648400 Central European Standard Time RequestHandle: 1000001 Return Diagnostics: 0x00000000 AuditEntryId: [OpcUa Null String] TimeoutHint: 10000 AdditionalHeader: ExtensionObject ClientDescription: ApplicationDescription ServerUri: [OpcUa Null String] EndpointUrl: opc.tcp://localhost:49320 SessionName: qwerty ClientNonce: 0000000000000000000000000000000000000000000000000000000000000000 ClientCertificate: 308204f6308203dea0030201020204655f33c8300d06092a864886f70d01010b0500306d… RequestedSessionTimeout: 1200000 MaxResponseMessageSize: 16777216 ``` **CreateSessionResponse:** ``` Frame 427: 122 bytes on wire (976 bits), 122 bytes captured (976 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 49467, Seq: 13440, Ack: 1737, Len: 78 [55 Reassembled TCP Segments (13354 bytes): #319(12), #321(4), #323(255), #325(255), #327(255), #329(255), #331(255), #333(255), #335(255), #337(255), #339(255), #341(255), #343(255), #345(255), #347(255), #349(255), #351(255), #353(255), #] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 13354 SecureChannelId: 1286838553 Security Token Id: 1 Security Sequence Number: 513 Security RequestId: 2 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId CreateSessionResponse ResponseHeader: ResponseHeader Timestamp: Dec 8, 2023 10:56:48.295649000 Central European Standard Time RequestHandle: 1000001 ServiceResult: 0x00000000 [Good] ServiceDiagnostics: DiagnosticInfo StringTable: Array of String AdditionalHeader: ExtensionObject SessionId: NodeId .... 0100 = EncodingMask: GUID (0x4) Namespace Index: 1 Identifier Guid: 6a27a67e-ac3f-4e14-a683-584874ade865 AuthenticationToken: NodeId .... 0010 = EncodingMask: Numeric of arbitrary length (0x2) Namespace Index: 0 Identifier Numeric: 2468734789 RevisedSessionTimeout: 60000 ServerNonce: adf8cd34df43e8707ba74e01d8e4ce1cca2ad3c213b06e6271d9c55bc929d5ee ServerCertificate: 308204b23082039aa00302010202043aeb8f87300d06092a864886f70d01010b05003059… ServerEndpoints: Array of EndpointDescription ArraySize: 7 [0]: EndpointDescription [1]: EndpointDescription [2]: EndpointDescription [3]: EndpointDescription [4]: EndpointDescription [5]: EndpointDescription [6]: EndpointDescription ServerSoftwareCertificates: Array of SignedSoftwareCertificate ServerSignature: SignatureData MaxRequestMessageSize: 16777216 ``` #### c. ActivateSessionRequest, ActivateSessionResponse **ActivateSessionRequest:** ``` Frame 429: 161 bytes on wire (1288 bits), 161 bytes captured (1288 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49467, Dst Port: 49320, Seq: 1737, Ack: 13518, Len: 117 OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 117 SecureChannelId: 1286838553 Security Token Id: 1 Security Sequence Number: 3 Security RequestId: 3 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId ActivateSessionRequest RequestHeader: RequestHeader AuthenticationToken: NodeId .... 0010 = EncodingMask: Numeric of arbitrary length (0x2) Namespace Index: 0 Identifier Numeric: 2468734789 Timestamp: Dec 8, 2023 10:56:48.297649100 Central European Standard Time RequestHandle: 1000002 Return Diagnostics: 0x00000000 AuditEntryId: [OpcUa Null String] TimeoutHint: 10000 AdditionalHeader: ExtensionObject ClientSignature: SignatureData ClientSoftwareCertificates: Array of SignedSoftwareCertificate LocaleIds: Array of String UserIdentityToken: ExtensionObject UserTokenSignature: SignatureData ``` **ActivateSessionResponse:** ``` Frame 435: 124 bytes on wire (992 bits), 124 bytes captured (992 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 49467, Seq: 13534, Ack: 1854, Len: 80 [3 Reassembled TCP Segments (96 bytes): #431(12), #433(4), #435(80)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 96 SecureChannelId: 1286838553 Security Token Id: 1 Security Sequence Number: 514 Security RequestId: 3 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId ActivateSessionResponse ResponseHeader: ResponseHeader Timestamp: Dec 8, 2023 10:56:48.298649100 Central European Standard Time RequestHandle: 1000002 ServiceResult: 0x00000000 [Good] ServiceDiagnostics: DiagnosticInfo StringTable: Array of String AdditionalHeader: ExtensionObject ServerNonce: b75248686faa35804b8d3bcaeeff99098611296ce817c91fde54d779a6021186 Results: Array of StatusCode DiagnosticInfos: Array of DiagnosticInfo ``` #### d. CreateSubsciptionRequest, CreateSubsciptionResponse **CreateSubsciptionRequest:** ``` Frame 461: 128 bytes on wire (1024 bits), 128 bytes captured (1024 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49467, Dst Port: 49320, Seq: 2484, Ack: 14004, Len: 84 OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 84 SecureChannelId: 1286838553 Security Token Id: 1 Security Sequence Number: 7 Security RequestId: 7 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId CreateSubscriptionRequest RequestHeader: RequestHeader AuthenticationToken: NodeId .... 0010 = EncodingMask: Numeric of arbitrary length (0x2) Namespace Index: 0 Identifier Numeric: 2468734789 Timestamp: Dec 8, 2023 10:56:48.299649200 Central European Standard Time RequestHandle: 1000006 Return Diagnostics: 0x00000000 AuditEntryId: [OpcUa Null String] TimeoutHint: 10000 AdditionalHeader: ExtensionObject RequestedPublishingInterval: 100 RequestedLifetimeCount: 12000 RequestedMaxKeepAliveCount: 50 MaxNotificationsPerPublish: 65536 PublishingEnabled: True Priority: 0 ``` **CreateSubsciptionResponse:** ``` Frame 467: 100 bytes on wire (800 bits), 100 bytes captured (800 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 49467, Seq: 14020, Ack: 2568, Len: 56 [3 Reassembled TCP Segments (72 bytes): #463(12), #465(4), #467(56)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 72 SecureChannelId: 1286838553 Security Token Id: 1 Security Sequence Number: 518 Security RequestId: 7 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId CreateSubscriptionResponse ResponseHeader: ResponseHeader Timestamp: Dec 8, 2023 10:56:48.299649200 Central European Standard Time RequestHandle: 1000006 ServiceResult: 0x00000000 [Good] ServiceDiagnostics: DiagnosticInfo StringTable: Array of String AdditionalHeader: ExtensionObject SubscriptionId: 8 RevisedPublishingInterval: 100 RevisedLifetimeCount: 12000 RevisedMaxKeepAliveCount: 50 ``` #### e. CreateMonitoretItemRequest: zidentyfikować adres (nazwę NodeId) monitorowanej zmiennej i wpisać do protokołu CreateMonitoretItemResponse  **CreateMonitoredItemRequest:** ``` Frame 469: 288 bytes on wire (2304 bits), 288 bytes captured (2304 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49467, Dst Port: 49320, Seq: 2568, Ack: 14076, Len: 244 OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 244 SecureChannelId: 1286838553 Security Token Id: 1 Security Sequence Number: 8 Security RequestId: 8 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId NodeId EncodingMask: Four byte encoded Numeric (0x01) NodeId Namespace Index: 0 NodeId Identifier Numeric: CreateMonitoredItemsRequest (751) CreateMonitoredItemsRequest RequestHeader: RequestHeader SubscriptionId: 8 TimestampsToReturn: Neither (0x00000003) ItemsToCreate: Array of MonitoredItemCreateRequest ArraySize: 1 [0]: MonitoredItemCreateRequest ItemToMonitor: ReadValueId NodeId: NodeId .... 0001 = EncodingMask: Four byte encoded Numeric (0x1) Namespace Index: 0 Identifier Numeric: 2253 AttributeId: EventNotifier (0x0000000c) IndexRange: [OpcUa Null String] DataEncoding: QualifiedName MonitoringMode: Reporting (0x00000002) RequestedParameters: MonitoringParameters ``` **CreateMonitoredItemResponse:** ``` Frame 475: 111 bytes on wire (888 bits), 111 bytes captured (888 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 49467, Seq: 14092, Ack: 2812, Len: 67 [3 Reassembled TCP Segments (83 bytes): #471(12), #473(4), #475(67)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 83 SecureChannelId: 1286838553 Security Token Id: 1 Security Sequence Number: 519 Security RequestId: 8 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId NodeId EncodingMask: Four byte encoded Numeric (0x01) NodeId Namespace Index: 0 NodeId Identifier Numeric: CreateMonitoredItemsResponse (754) CreateMonitoredItemsResponse ResponseHeader: ResponseHeader Results: Array of MonitoredItemCreateResult ArraySize: 1 [0]: MonitoredItemCreateResult StatusCode: 0x80440000 [BadMonitoredItemFilterUnsupported] MonitoredItemId: 0 RevisedSamplingInterval: 0 RevisedQueueSize: 0 FilterResult: ExtensionObject DiagnosticInfos: Array of DiagnosticInfo ``` #### f. PublishRequest, PublishResponse: zidentyfikować przekazywaną wartość monitorowanej zmiennej, czas źródła danych i czas serwera oraz wpisać je do protokołu  **PublishRequest:** ``` Frame 5648: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49482, Dst Port: 49320, Seq: 2244, Ack: 13835, Len: 50 [3 Reassembled TCP Segments (66 bytes): #5644(12), #5646(4), #5648(50)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 66 SecureChannelId: 3632275430 Security Token Id: 1 Security Sequence Number: 518 Security RequestId: 7 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId PublishRequest RequestHeader: RequestHeader AuthenticationToken: NodeId .... 0010 = EncodingMask: Numeric of arbitrary length (0x2) Namespace Index: 0 Identifier Numeric: 2263165913 Timestamp: Dec 8, 2023 10:57:37.982490900 Central European Standard Time RequestHandle: 7 Return Diagnostics: 0x00000000 AuditEntryId: [OpcUa Null String] TimeoutHint: 0 AdditionalHeader: ExtensionObject SubscriptionAcknowledgements: Array of SubscriptionAcknowledgement ArraySize: 0 ``` **PublishResponse:** ``` Frame 5963: 186 bytes on wire (1488 bits), 186 bytes captured (1488 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 49482, Seq: 14066, Ack: 2656, Len: 142 [3 Reassembled TCP Segments (158 bytes): #5959(12), #5961(4), #5963(142)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 158 SecureChannelId: 3632275430 Security Token Id: 1 Security Sequence Number: 520 Security RequestId: 8 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId NodeId EncodingMask: Four byte encoded Numeric (0x01) NodeId Namespace Index: 0 NodeId Identifier Numeric: PublishResponse (829) PublishResponse ResponseHeader: ResponseHeader SubscriptionId: 9 AvailableSequenceNumbers: Array of UInt32 ArraySize: 1 [0]: AvailableSequenceNumbers: 2 MoreNotifications: False NotificationMessage: NotificationMessage SequenceNumber: 2 PublishTime: Dec 8, 2023 10:57:39.954603700 Środkowoeuropejski czas stand. NotificationData: Array of ExtensionObject ArraySize: 1 [0]: ExtensionObject TypeId: ExpandedNodeId EncodingMask: 0x01, EncodingMask: Four byte encoded Numeric .... 0001 = EncodingMask: Four byte encoded Numeric (0x1) .0.. .... = has server index: False 0... .... = has namespace uri: False Namespace Index: 0 Identifier Numeric: 811 EncodingMask: 0x01, has binary body .... ...1 = has binary body: True .... ..0. = has xml body: False DataChangeNotification: DataChangeNotification MonitoredItems: Array of MonitoredItemNotification ArraySize: 2 [0]: MonitoredItemNotification ClientHandle: 46826104 Value: DataValue EncodingMask: 0x0d, has value, has source timestamp, has server timestamp Value: Variant Variant Type: Int32 (0x06) Int32: 149 SourceTimestamp: Dec 8, 2023 10:57:39.442574400 Środkowoeuropejski czas stand. ServerTimestamp: Dec 8, 2023 10:57:39.442574400 Środkowoeuropejski czas stand. [1]: MonitoredItemNotification ClientHandle: 29686952 Value: DataValue EncodingMask: 0x0d, has value, has source timestamp, has server timestamp Value: Variant Variant Type: Int32 (0x06) Int32: 149 SourceTimestamp: Dec 8, 2023 10:57:39.502577800 Środkowoeuropejski czas stand. ServerTimestamp: Dec 8, 2023 10:57:39.502577800 Środkowoeuropejski czas stand. DiagnosticInfos: Array of DiagnosticInfo Results: Array of StatusCode ArraySize: 0 DiagnosticInfos: Array of DiagnosticInfo ``` ## 12 Włączyć politykę bezpieczeństwa w kliencie UaExpert jak w oknie: (dodatkowe informacje w instrukcji konfiguracji p. 6): **Włączone** ## 13. Znaleźć, (umieścić w protokole screeny) i zinterpretować pakiety z Usługami OPC UA: ### 13.1 Dla procedury Discovery: GetEndPointResponse: zidentyfikować i napisać w protokole jakie adresy EndPointów zostały przekazane przez serwer i jakie reguły bezpieczeństwa serwer udostępnia dla tych EndPointów  | Nr | EndpointUrl | Polisa | | -------- | -------- | -------- | | 0 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#None | | 1 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15| | 2 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15 | | 3 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256 | | 4 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256 | | 5 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256 | | 6 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256 | Konfuguracja endpointów wygląda identycznie jak w poprzednim przypadku gdy nie włączone były żadne zabezpieczenia. ### 13.2 Dla procedury monitoringu zmian danych wartości zmiennej: #### a. OpenSecureChannelRequest, OpenSecureChannelResponse: zidentyfikować Id utworzonego kanału i wpisać do protokołu **ChannelId: 2971627593**  **OpenSecureChannelRequest**: ``` Frame 1630: 176 bytes on wire (1408 bits), 176 bytes captured (1408 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 52352, Dst Port: 49320, Seq: 58, Ack: 29, Len: 132 OpcUa Binary Protocol Message Type: OPN Chunk Type: F Message Size: 132 SecureChannelId: 0 SecurityPolicyUri: http://opcfoundation.org/UA/SecurityPolicy#None SenderCertificate: <MISSING>[OpcUa Null ByteString] ReceiverCertificateThumbprint: <MISSING>[OpcUa Null ByteString] SequenceNumber: 512 RequestId: 1 Message : Encodeable Object TypeId : ExpandedNodeId OpenSecureChannelRequest RequestHeader: RequestHeader ClientProtocolVersion: 0 SecurityTokenRequestType: Issue (0x00000000) MessageSecurityMode: None (0x00000001) ClientNonce: <MISSING>[OpcUa Null ByteString] RequestedLifetime: 3600000 ``` **OpenSecureChannelResponse**: ``` Frame 1632: 179 bytes on wire (1432 bits), 179 bytes captured (1432 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 52352, Seq: 29, Ack: 190, Len: 135 OpcUa Binary Protocol Message Type: OPN Chunk Type: F Message Size: 135 SecureChannelId: 2971627593 SecurityPolicyUri: http://opcfoundation.org/UA/SecurityPolicy#None SenderCertificate: <MISSING>[OpcUa Null ByteString] ReceiverCertificateThumbprint: <MISSING>[OpcUa Null ByteString] SequenceNumber: 512 RequestId: 1 Message : Encodeable Object TypeId : ExpandedNodeId OpenSecureChannelResponse ResponseHeader: ResponseHeader ServerProtocolVersion: 0 SecurityToken: ChannelSecurityToken ChannelId: 2971627593 TokenId: 1 CreatedAt: Dec 8, 2023 10:30:55.993862400 Central European Standard Time RevisedLifetime: 3600000 ServerNonce: <MISSING>[OpcUa Null ByteString] ``` #### b. CreateSessionRequest, CreateSessionResponse: zidentyfikować Id utworzonej sesji i wpisać do protokołu **CreateSessionRequest**: ``` Frame 1777: 86 bytes on wire (688 bits), 86 bytes captured (688 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 52353, Dst Port: 49320, Seq: 1736, Ack: 164, Len: 42 [9 Reassembled TCP Segments (1588 bytes): #1761(12), #1763(4), #1765(255), #1767(255), #1769(255), #1771(255), #1773(255), #1775(255), #1777(42)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 1588 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 513 Security RequestId: 2 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId CreateSessionRequest RequestHeader: RequestHeader ClientDescription: ApplicationDescription ServerUri: [OpcUa Null String] EndpointUrl: opc.tcp://localhost:49320 SessionName: Kepware_KEPServerEX_UA_Client_Driver:Channel3 ClientNonce: 91f9c0d54d77ac90718d457e7cb0ec8252f7e45ff59ac491f4fc310147cb7e65 ClientCertificate: 308204d0308203b8a003020102020491301093300d06092a864886f70d01010b05003060… RequestedSessionTimeout: 1200000 MaxResponseMessageSize: 0 ``` **CreateSessionResponse**: ``` Frame 1887: 122 bytes on wire (976 bits), 122 bytes captured (976 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 52353, Seq: 13440, Ack: 1778, Len: 78 [55 Reassembled TCP Segments (13354 bytes): #1779(12), #1781(4), #1783(255), #1785(255), #1787(255), #1789(255), #1791(255), #1793(255), #1795(255), #1797(255), #1799(255), #1801(255), #1803(255), #1805(255), #1807(255), #1809(255), #1811(2] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 13354 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 513 Security RequestId: 2 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId CreateSessionResponse ResponseHeader: ResponseHeader SessionId: NodeId AuthenticationToken: NodeId RevisedSessionTimeout: 60000 ServerNonce: 8fe03145377f5289100551f663458f34dc6e34b91bd8211a71ccc4b4872b5665 ServerCertificate: 308204b23082039aa00302010202043aeb8f87300d06092a864886f70d01010b05003059… ServerEndpoints: Array of EndpointDescription ServerSoftwareCertificates: Array of SignedSoftwareCertificate ServerSignature: SignatureData MaxRequestMessageSize: 16777216 ``` #### c. ActivateSessionRequest, ActivateSessionResponse **ActivateSessionRequest**: ``` Frame 1893: 142 bytes on wire (1136 bits), 142 bytes captured (1136 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 52353, Dst Port: 49320, Seq: 1794, Ack: 13518, Len: 98 [3 Reassembled TCP Segments (114 bytes): #1889(12), #1891(4), #1893(98)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 114 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 514 Security RequestId: 3 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId ActivateSessionRequest RequestHeader: RequestHeader ClientSignature: SignatureData ClientSoftwareCertificates: Array of SignedSoftwareCertificate LocaleIds: Array of String UserIdentityToken: ExtensionObject UserTokenSignature: SignatureData ``` **ActivateSessionResponse**: ``` Frame 1899: 124 bytes on wire (992 bits), 124 bytes captured (992 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 52353, Seq: 13534, Ack: 1892, Len: 80 [3 Reassembled TCP Segments (96 bytes): #1895(12), #1897(4), #1899(80)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 96 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 514 Security RequestId: 3 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId ActivateSessionResponse ResponseHeader: ResponseHeader ServerNonce: 47599de1bbb4f1953e2db7794fb19f0ac99709008956fe27b7ca3b4ad1cf21d2 Results: Array of StatusCode DiagnosticInfos: Array of DiagnosticInfo ``` #### d. CreateSubsciptionRequest, CreateSubsciptionResponse **CreateSubsciptionRequest** ``` Frame 1929: 112 bytes on wire (896 bits), 112 bytes captured (896 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 52353, Dst Port: 49320, Seq: 2004, Ack: 13614, Len: 68 [3 Reassembled TCP Segments (84 bytes): #1925(12), #1927(4), #1929(68)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 84 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 516 Security RequestId: 5 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId CreateSubscriptionRequest RequestHeader: RequestHeader RequestedPublishingInterval: 1000 RequestedLifetimeCount: 60 RequestedMaxKeepAliveCount: 5 MaxNotificationsPerPublish: 0 PublishingEnabled: True Priority: 0 ``` **CreateSubsciptionResponse** ``` Frame 1941: 100 bytes on wire (800 bits), 100 bytes captured (800 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 52353, Seq: 13696, Ack: 2072, Len: 56 [3 Reassembled TCP Segments (72 bytes): #1937(12), #1939(4), #1941(56)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 72 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 516 Security RequestId: 5 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId CreateSubscriptionResponse ResponseHeader: ResponseHeader SubscriptionId: 5 RevisedPublishingInterval: 1000 RevisedLifetimeCount: 60 RevisedMaxKeepAliveCount: 5 ``` #### e. CreateMonitoretItemRequest: zidentyfikować adres (nazwę NodeId) monitorowanej zmiennej i wpisać do protokołu CreateMonitoretItemResponse  CreateMonitoretItemRequest: ``` Frame 1947: 184 bytes on wire (1472 bits), 184 bytes captured (1472 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 52353, Dst Port: 49320, Seq: 2088, Ack: 13752, Len: 140 [3 Reassembled TCP Segments (156 bytes): #1943(12), #1945(4), #1947(140)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 156 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 517 Security RequestId: 6 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId CreateMonitoredItemsRequest RequestHeader: RequestHeader AuthenticationToken: NodeId .... 0010 = EncodingMask: Numeric of arbitrary length (0x2) Namespace Index: 0 Identifier Numeric: 3992951489 Timestamp: Dec 8, 2023 10:30:56.075867100 Central European Standard Time RequestHandle: 6 Return Diagnostics: 0x00000000 AuditEntryId: [OpcUa Null String] TimeoutHint: 10000 AdditionalHeader: ExtensionObject SubscriptionId: 5 TimestampsToReturn: Both (0x00000002) ItemsToCreate: Array of MonitoredItemCreateRequest ``` CreateMonitoretItemResponse: ``` Frame 1953: 111 bytes on wire (888 bits), 111 bytes captured (888 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 52353, Seq: 13768, Ack: 2228, Len: 67 [3 Reassembled TCP Segments (83 bytes): #1949(12), #1951(4), #1953(67)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 83 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 517 Security RequestId: 6 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId NodeId EncodingMask: Four byte encoded Numeric (0x01) NodeId Namespace Index: 0 NodeId Identifier Numeric: CreateMonitoredItemsResponse (754) CreateMonitoredItemsResponse ResponseHeader: ResponseHeader Timestamp: Dec 8, 2023 10:30:56.076867100 Środkowoeuropejski czas stand. RequestHandle: 6 ServiceResult: 0x00000000 [Good] ServiceDiagnostics: DiagnosticInfo StringTable: Array of String AdditionalHeader: ExtensionObject TypeId: ExpandedNodeId EncodingMask: 0x00 Results: Array of MonitoredItemCreateResult ArraySize: 1 [0]: MonitoredItemCreateResult StatusCode: 0x00000000 [Good] MonitoredItemId: 1 RevisedSamplingInterval: 500 RevisedQueueSize: 1 FilterResult: ExtensionObject DiagnosticInfos: Array of DiagnosticInfo ``` #### f. PublishRequest, PublishResponse: zidentyfikować przekazywaną wartość monitorowanej zmiennej, czas źródła danych i czas serwera oraz wpisać je do protokołu **Int32: 294** **SourceTimestamp: Dec 8, 2023 10:30:57.088925000 Środkowoeuropejski czas stand.** **ServerTimestamp: Dec 8, 2023 10:30:57.088925000 Środkowoeuropejski czas stand.**  **PublishRequest** ``` Frame 1971: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 52353, Dst Port: 49320, Seq: 2376, Ack: 13835, Len: 50 [3 Reassembled TCP Segments (66 bytes): #1967(12), #1969(4), #1971(50)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 66 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 520 Security RequestId: 9 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId NodeId EncodingMask: Four byte encoded Numeric (0x01) NodeId Namespace Index: 0 NodeId Identifier Numeric: PublishRequest (826) PublishRequest RequestHeader: RequestHeader AuthenticationToken: NodeId .... 0010 = EncodingMask: Numeric of arbitrary length (0x2) Namespace Index: 0 Identifier Numeric: 3992951489 Timestamp: Dec 8, 2023 10:30:56.127870100 Środkowoeuropejski czas stand. RequestHandle: 9 Return Diagnostics: 0x00000000 AuditEntryId: [OpcUa Null String] TimeoutHint: 0 AdditionalHeader: ExtensionObject TypeId: ExpandedNodeId EncodingMask: 0x00 SubscriptionAcknowledgements: Array of SubscriptionAcknowledgement ``` **PublishResponse** ``` Frame 2072: 186 bytes on wire (1488 bits), 186 bytes captured (1488 bits) Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49320, Dst Port: 52353, Seq: 13934, Ack: 2582, Len: 142 [3 Reassembled TCP Segments (158 bytes): #2068(12), #2070(4), #2072(142)] OpcUa Binary Protocol Message Type: MSG Chunk Type: F Message Size: 158 SecureChannelId: 2001557704 Security Token Id: 1 Security Sequence Number: 519 Security RequestId: 7 OpcUa Service : Encodeable Object TypeId : ExpandedNodeId NodeId EncodingMask: Four byte encoded Numeric (0x01) NodeId Namespace Index: 0 NodeId Identifier Numeric: PublishResponse (829) PublishResponse ResponseHeader: ResponseHeader Timestamp: Dec 8, 2023 10:30:57.095925400 Środkowoeuropejski czas stand. RequestHandle: 7 ServiceResult: 0x00000000 [Good] ServiceDiagnostics: DiagnosticInfo StringTable: Array of String AdditionalHeader: ExtensionObject TypeId: ExpandedNodeId EncodingMask: 0x00 SubscriptionId: 5 AvailableSequenceNumbers: Array of UInt32 MoreNotifications: False NotificationMessage: NotificationMessage SequenceNumber: 1 PublishTime: Dec 8, 2023 10:30:57.095925400 Środkowoeuropejski czas stand. NotificationData: Array of ExtensionObject ArraySize: 1 [0]: ExtensionObject TypeId: ExpandedNodeId EncodingMask: 0x01, has binary body DataChangeNotification: DataChangeNotification MonitoredItems: Array of MonitoredItemNotification ArraySize: 2 [0]: MonitoredItemNotification ClientHandle: 46826104 Value: DataValue EncodingMask: 0x0d, has value, has source timestamp, has server timestamp Value: Variant Variant Type: Int32 (0x06) Int32: 294 SourceTimestamp: Dec 8, 2023 10:30:57.088925000 Środkowoeuropejski czas stand. ServerTimestamp: Dec 8, 2023 10:30:57.088925000 Środkowoeuropejski czas stand. [1]: MonitoredItemNotification DiagnosticInfos: Array of DiagnosticInfo Results: Array of StatusCode DiagnosticInfos: Array of DiagnosticInfo ``` ## 14. Dlaczego po włączeniu polityki bezpieczeństwa część pakietów może być dalej odczytywana przez Wiresharka? Gdy polityki bezpieczeństwa są włączone, część pakietów może być zaszyfrowana, co sprawia, że są one niewidoczne w czytelnej formie w programie Wireshark. Włączenie polityki bezpieczeństwa na kliencie i nie na serwerze może prowadzić do zastosowania szyfrowania dla części pakietów, szczególnie tych, które przenoszą ważne dane, takie jak dane procesowe, identyfikatory użytkowników itp. Natomiast niektóre pakiety kontrolne mogą być nadal widoczne w czytelnej formie. To zjawisko jest zgodne z oczekiwanym zachowaniem w kontekście korzystania z protokołów bezpieczeństwa. W skrócie, część pakietów jest niewidoczna, ponieważ jest zaszyfrowana w celu zabezpieczenia danych przed nieautoryzowanym dostępem lub przechwyceniem. ## 15. Włączyć politykę bezpieczeństwa dla utworzonego na początku zajęć kanału (zgodnie z p. 7 w instrukcji konfiguracji) **Włączone** ## 16. Powtórzyć punkty od 5 do 11 (dla p. 11 tylko p.1 i ogólny widok pokazujący sekwencję komunikatów od początku połączenia do kilku komunikatów po żądaniu utworzenia bezpiecznego kanału) ### 16.1 Dla procedury Discovery: GetEndPointResponse: zidentyfikować i napisać w protokole jakie adresy EndPointów zostały przekazane przez serwer i jakie reguły bezpieczeństwa serwer udostępnia dla tych EndPointów  | Nr | EndpointUrl | Polisa | | -------- | -------- | -------- | | 0 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#None | | 1 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15| | 2 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15 | | 3 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256 | | 4 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256 | | 5 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256 | | 6 | opc.tcp://127.0.0.1:49320 | http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256 | ## 16.2 Sekwencję komunikatów na początku połączenia