Merge pull request #2762 from OPCFoundation/master

mregen · web-flow · commit c4f0f735642a · 2024-09-13T08:27:53.000+02:00
Merge some fixes found during release testing
diff --git a/.azurepipelines/signlistDebug.txt b/.azurepipelines/signlistDebug.txt
@@ -4,7 +4,8 @@ Stack\Opc.Ua.Core\bin\Debug\net472\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Debug\net48\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Debug\net6.0\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Debug\net8.0\Opc.Ua.Core.dll
-Stack\Opc.Ua.Bindings.Https\bin\Debug\netcoreapp3.1\Opc.Ua.Bindings.Https.dll
+Stack\Opc.Ua.Bindings.Https\bin\Debug\netstandard2.0\Opc.Ua.Bindings.Https.dll
+Stack\Opc.Ua.Bindings.Https\bin\Debug\netstandard2.1\Opc.Ua.Bindings.Https.dll
 Stack\Opc.Ua.Bindings.Https\bin\Debug\net472\Opc.Ua.Bindings.Https.dll
 Stack\Opc.Ua.Bindings.Https\bin\Debug\net48\Opc.Ua.Bindings.Https.dll
 Stack\Opc.Ua.Bindings.Https\bin\Debug\net6.0\Opc.Ua.Bindings.Https.dll
@@ -22,6 +23,7 @@ Libraries\Opc.Ua.Client\bin\Debug\net48\Opc.Ua.Client.dll
 Libraries\Opc.Ua.Client\bin\Debug\net6.0\Opc.Ua.Client.dll
 Libraries\Opc.Ua.Client\bin\Debug\net8.0\Opc.Ua.Client.dll
 Libraries\Opc.Ua.Client.ComplexTypes\bin\Debug\netstandard2.1\Opc.Ua.Client.ComplexTypes.dll
+Libraries\Opc.Ua.Client.ComplexTypes\bin\Debug\net462\Opc.Ua.Client.ComplexTypes.dll
 Libraries\Opc.Ua.Client.ComplexTypes\bin\Debug\net472\Opc.Ua.Client.ComplexTypes.dll
 Libraries\Opc.Ua.Client.ComplexTypes\bin\Debug\net48\Opc.Ua.Client.ComplexTypes.dll
 Libraries\Opc.Ua.Client.ComplexTypes\bin\Debug\net6.0\Opc.Ua.Client.ComplexTypes.dll
diff --git a/.azurepipelines/signlistRelease.txt b/.azurepipelines/signlistRelease.txt
@@ -4,7 +4,8 @@ Stack\Opc.Ua.Core\bin\Release\net472\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Release\net48\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Release\net6.0\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Release\net8.0\Opc.Ua.Core.dll
-Stack\Opc.Ua.Bindings.Https\bin\Release\netcoreapp3.1\Opc.Ua.Bindings.Https.dll
+Stack\Opc.Ua.Bindings.Https\bin\Release\netstandard2.0\Opc.Ua.Bindings.Https.dll
+Stack\Opc.Ua.Bindings.Https\bin\Release\netstandard2.1\Opc.Ua.Bindings.Https.dll
 Stack\Opc.Ua.Bindings.Https\bin\Release\net472\Opc.Ua.Bindings.Https.dll
 Stack\Opc.Ua.Bindings.Https\bin\Release\net48\Opc.Ua.Bindings.Https.dll
 Stack\Opc.Ua.Bindings.Https\bin\Release\net6.0\Opc.Ua.Bindings.Https.dll
@@ -22,6 +23,7 @@ Libraries\Opc.Ua.Client\bin\Release\net48\Opc.Ua.Client.dll
 Libraries\Opc.Ua.Client\bin\Release\net6.0\Opc.Ua.Client.dll
 Libraries\Opc.Ua.Client\bin\Release\net8.0\Opc.Ua.Client.dll
 Libraries\Opc.Ua.Client.ComplexTypes\bin\Release\netstandard2.1\Opc.Ua.Client.ComplexTypes.dll
+Libraries\Opc.Ua.Client.ComplexTypes\bin\Release\net462\Opc.Ua.Client.ComplexTypes.dll
 Libraries\Opc.Ua.Client.ComplexTypes\bin\Release\net472\Opc.Ua.Client.ComplexTypes.dll
 Libraries\Opc.Ua.Client.ComplexTypes\bin\Release\net48\Opc.Ua.Client.ComplexTypes.dll
 Libraries\Opc.Ua.Client.ComplexTypes\bin\Release\net6.0\Opc.Ua.Client.ComplexTypes.dll
diff --git a/Fuzzing/Encoders/Fuzz.Tests/Opc.Ua.Encoders.Fuzz.Tests.csproj b/Fuzzing/Encoders/Fuzz.Tests/Opc.Ua.Encoders.Fuzz.Tests.csproj
@@ -18,7 +18,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit.Console" Version="3.18.1" />
diff --git a/Libraries/Opc.Ua.PubSub/Opc.Ua.PubSub.csproj b/Libraries/Opc.Ua.PubSub/Opc.Ua.PubSub.csproj
@@ -36,7 +36,7 @@
   </ItemGroup>
   
   <ItemGroup>
-    <PackageReference Include="MQTTnet" Version="4.3.6.1152" />
+    <PackageReference Include="MQTTnet" Version="4.3.7.1207" />
     <PackageReference Include="System.Net.NetworkInformation" Version="4.3.0" />
   </ItemGroup>
 
diff --git a/Stack/Opc.Ua.Bindings.Https/Stack/Https/HttpsTransportListener.cs b/Stack/Opc.Ua.Bindings.Https/Stack/Https/HttpsTransportListener.cs
@@ -15,6 +15,7 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 using System.IO;
 using System.Net;
 using System.Security.Authentication;
+using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 using System.Threading;
 using System.Threading.Tasks;
@@ -262,17 +263,29 @@ public void Start()
         {
             Startup.Listener = this;
             m_hostBuilder = new WebHostBuilder();
+
+            // prepare the server TLS certificate
+            var serverCertificate = m_serverCertificate;
+#if NETCOREAPP3_1_OR_GREATER || NETSTANDARD2_1 || NET472_OR_GREATER || NET5_0_OR_GREATER
+            try
+            {
+                // Create a copy of the certificate with the private key on platforms
+                // which default to the ephemeral KeySet. Also a new certificate must be reloaded.
+                // If the key fails to copy, its probably a non exportable key from the X509Store.
+                // Then we can use the original certificate, the private key is already in the key store.
+                serverCertificate = X509Utils.CreateCopyWithPrivateKey(m_serverCertificate, false);
+            }
+            catch (CryptographicException ce)
+            {
+                Utils.LogTrace("Copy of the private key for https was denied: {0}", ce.Message);
+            }
+#endif
+
             var httpsOptions = new HttpsConnectionAdapterOptions() {
                 CheckCertificateRevocation = false,
                 ClientCertificateMode = ClientCertificateMode.NoCertificate,
                 // note: this is the TLS certificate!
-#if NETCOREAPP3_1_OR_GREATER || NETSTANDARD2_1 || NET472_OR_GREATER || NET5_0_OR_GREATER
-                // Create a copy of the certificate with the private key on platforms
-                // which default to the ephemeral KeySet.
-                ServerCertificate = X509Utils.CreateCopyWithPrivateKey(m_serverCertificate, false)
-#else
-                ServerCertificate = m_serverCertificate
-#endif
+                ServerCertificate = serverCertificate,
             };
 
 #if NET462
diff --git a/Stack/Opc.Ua.Core/Security/Certificates/CertificateIdentifier.cs b/Stack/Opc.Ua.Core/Security/Certificates/CertificateIdentifier.cs
@@ -170,13 +170,14 @@ public async Task<X509Certificate2> LoadPrivateKeyEx(ICertificatePasswordProvide
                 var certificateStoreIdentifier = new CertificateStoreIdentifier(this.StorePath, this.StoreType, false);
                 using (ICertificateStore store = certificateStoreIdentifier.OpenStore())
                 {
-                    if (store.SupportsLoadPrivateKey)
+                    if (store?.SupportsLoadPrivateKey == true)
                     {
                         string password = passwordProvider?.GetPassword(this);
                         m_certificate = await store.LoadPrivateKey(this.Thumbprint, this.SubjectName, password).ConfigureAwait(false);
                         return m_certificate;
                     }
                 }
+                return null;
             }
             return await Find(true).ConfigureAwait(false);
         }
@@ -202,6 +203,11 @@ public async Task<X509Certificate2> Find(bool needPrivateKey)
                 var certificateStoreIdentifier = new CertificateStoreIdentifier(StorePath, false);
                 using (ICertificateStore store = certificateStoreIdentifier.OpenStore())
                 {
+                    if (store == null)
+                    {
+                        return null;
+                    }
+
                     X509Certificate2Collection collection = await store.Enumerate().ConfigureAwait(false);
 
                     certificate = Find(collection, m_thumbprint, m_subjectName, needPrivateKey);
diff --git a/Tests/Opc.Ua.Client.ComplexTypes.Tests/Opc.Ua.Client.ComplexTypes.Tests.csproj b/Tests/Opc.Ua.Client.ComplexTypes.Tests/Opc.Ua.Client.ComplexTypes.Tests.csproj
@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit.Console" Version="3.18.1" />
diff --git a/Tests/Opc.Ua.Client.Tests/Opc.Ua.Client.Tests.csproj b/Tests/Opc.Ua.Client.Tests/Opc.Ua.Client.Tests.csproj
@@ -9,7 +9,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit.Console" Version="3.18.1" />
diff --git a/Tests/Opc.Ua.Configuration.Tests/Opc.Ua.Configuration.Tests.csproj b/Tests/Opc.Ua.Configuration.Tests/Opc.Ua.Configuration.Tests.csproj
@@ -8,7 +8,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit.Console" Version="3.18.1" />
diff --git a/Tests/Opc.Ua.Core.Tests/Opc.Ua.Core.Tests.csproj b/Tests/Opc.Ua.Core.Tests/Opc.Ua.Core.Tests.csproj
@@ -10,8 +10,8 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.IO.RecyclableMemoryStream" Version="3.0.1" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.0" />
-    <PackageReference Include="Moq" Version="4.20.70" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
+    <PackageReference Include="Moq" Version="4.20.72" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit.Console" Version="3.18.1" />
diff --git a/Tests/Opc.Ua.Core.Tests/Security/Certificates/TemporaryCertValidator.cs b/Tests/Opc.Ua.Core.Tests/Security/Certificates/TemporaryCertValidator.cs
@@ -85,9 +85,21 @@ public void Dispose()
                 m_trustedStore = null;
                 m_rejectedStore = null;
                 var path = Utils.ReplaceSpecialFolderNames(m_pkiRoot);
-                if (Directory.Exists(path))
+                int retries = 5;
+                while (retries-- > 0)
                 {
-                    Directory.Delete(path, true);
+                    try
+                    {
+                        if (Directory.Exists(path))
+                        {
+                            Directory.Delete(path, true);
+                        }
+                        retries = 0;
+                    }
+                    catch (IOException)
+                    {
+                        Thread.Sleep(1000);
+                    }
                 }
             }
         }
diff --git a/Tests/Opc.Ua.Core.Tests/Stack/Client/ClientTests.cs b/Tests/Opc.Ua.Core.Tests/Stack/Client/ClientTests.cs
@@ -94,6 +94,19 @@ public void DiscoveryEndPointUrls(string urlString)
 
             Assert.AreEqual(uri.OriginalString, uriBuilder.Uri.OriginalString);
         }
+
+        [Test]
+        public void ValidateAppConfigWithoutAppCert()
+        {
+            var appConfig = new ApplicationConfiguration() {
+                ApplicationName = "Test",
+                ClientConfiguration = new ClientConfiguration() {},
+                SecurityConfiguration = new SecurityConfiguration() {
+                    ApplicationCertificate = new CertificateIdentifier()
+                }
+            };
+            Assert.DoesNotThrow(() => appConfig.Validate(ApplicationType.Client).GetAwaiter().GetResult());
+        }
         #endregion
     }
 }
diff --git a/Tests/Opc.Ua.Gds.Tests/Opc.Ua.Gds.Tests.csproj b/Tests/Opc.Ua.Gds.Tests/Opc.Ua.Gds.Tests.csproj
@@ -12,7 +12,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit.Console" Version="3.18.1" />
diff --git a/Tests/Opc.Ua.PubSub.Tests/Opc.Ua.PubSub.Tests.csproj b/Tests/Opc.Ua.PubSub.Tests/Opc.Ua.PubSub.Tests.csproj
@@ -8,15 +8,15 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit.Console" Version="3.18.1" />
     <PackageReference Include="NUnit3TestAdapter" Version="4.6.0">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="Moq" Version="4.20.70" />
+    <PackageReference Include="Moq" Version="4.20.72" />
     <PackageReference Include="coverlet.collector" Version="6.0.2">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
diff --git a/Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj b/Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
@@ -23,7 +23,7 @@
   </Choose>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit.Console" Version="3.18.1" />
diff --git a/Tests/Opc.Ua.Server.Tests/Opc.Ua.Server.Tests.csproj b/Tests/Opc.Ua.Server.Tests/Opc.Ua.Server.Tests.csproj
@@ -8,8 +8,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.0" />
-    <PackageReference Include="Moq" Version="4.20.70" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
+    <PackageReference Include="Moq" Version="4.20.72" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="NUnit" Version="4.1.0" />
     <PackageReference Include="NUnit.Console" Version="3.18.1" />
diff --git a/targets.props b/targets.props
@@ -69,7 +69,7 @@
         <LibTargetFrameworks>netstandard2.1</LibTargetFrameworks>
         <LibCoreTargetFrameworks>netstandard2.1</LibCoreTargetFrameworks>
         <LibxTargetFrameworks>netstandard2.1</LibxTargetFrameworks>
-        <HttpsTargetFrameworks>netcoreapp3.1</HttpsTargetFrameworks>
+        <HttpsTargetFrameworks>netstandard2.1</HttpsTargetFrameworks>
       </PropertyGroup>
     </When>
     <When  Condition="'$(CustomTestTarget)' == 'net48'">
@@ -108,9 +108,9 @@
         <HttpsTargetFrameworks>net8.0</HttpsTargetFrameworks>
       </PropertyGroup>
     </When>
-    <!-- Note: .NET Core 2.x and 3.x is end of life, removed netcoreapp2.1/3.1 from any target except https. -->
-    <!-- Note: .NET Framework 4.6.2 deprecated for 1.4.372, removed net462 from any target. -->
-    <!-- Visual Studio 2022, supports .NET Framework 4.7.2/4.8, .NET Standard2.1, .NET 6 and .NET 8-->
+    <!-- Note: .NET Core 2.x and 3.x is end of life, removed netcoreapp2.1/3.1 from any target. -->
+    <!-- Note: .NET Framework 4.6.2 deprecated for 1.4.372, removed net462 from any target except complex types. -->
+    <!-- Visual Studio 2022, supports .NET Framework 4.7.2/4.8, .NET Standard2.0/2.1, .NET 6 and .NET 8-->
     <When  Condition="'$(VisualStudioVersion)' == '17.0'">
       <PropertyGroup>
         <AnalysisLevel>preview-all</AnalysisLevel>
@@ -119,8 +119,8 @@
         <TestsTargetFrameworks>net48;net8.0</TestsTargetFrameworks>
         <LibTargetFrameworks>net472;net48;netstandard2.0;netstandard2.1;net6.0;net8.0</LibTargetFrameworks>
         <LibCoreTargetFrameworks>net472;net48;netstandard2.0;netstandard2.1;net6.0;net8.0</LibCoreTargetFrameworks>
-        <LibxTargetFrameworks>net472;net48;netstandard2.1;net6.0;net8.0</LibxTargetFrameworks>
-        <HttpsTargetFrameworks>net472;net48;netcoreapp3.1;net6.0;net8.0</HttpsTargetFrameworks>
+        <LibxTargetFrameworks>net462;net472;net48;netstandard2.1;net6.0;net8.0</LibxTargetFrameworks>
+        <HttpsTargetFrameworks>net472;net48;netstandard2.0;netstandard2.1;net6.0;net8.0</HttpsTargetFrameworks>
       </PropertyGroup>
     </When>
     <!-- Visual Studio 2019, supports .NET Framework 4.8 and .NET Core 3.1 -->

Original file line number	Diff line number	Diff line change
`@@ -170,13 +170,14 @@ public async Task<X509Certificate2> LoadPrivateKeyEx(ICertificatePasswordProvide`
`170`	`170`	`var certificateStoreIdentifier = new CertificateStoreIdentifier(this.StorePath, this.StoreType, false);`
`171`	`171`	`using (ICertificateStore store = certificateStoreIdentifier.OpenStore())`
`172`	`172`	`{`
`173`		`- if (store.SupportsLoadPrivateKey)`
	`173`	`+ if (store?.SupportsLoadPrivateKey == true)`
`174`	`174`	`{`
`175`	`175`	`string password = passwordProvider?.GetPassword(this);`
`176`	`176`	`m_certificate = await store.LoadPrivateKey(this.Thumbprint, this.SubjectName, password).ConfigureAwait(false);`
`177`	`177`	`return m_certificate;`
`178`	`178`	`}`
`179`	`179`	`}`
	`180`	`+ return null;`
`180`	`181`	`}`
`181`	`182`	`return await Find(true).ConfigureAwait(false);`
`182`	`183`	`}`
`@@ -202,6 +203,11 @@ public async Task<X509Certificate2> Find(bool needPrivateKey)`
`202`	`203`	`var certificateStoreIdentifier = new CertificateStoreIdentifier(StorePath, false);`
`203`	`204`	`using (ICertificateStore store = certificateStoreIdentifier.OpenStore())`
`204`	`205`	`{`
	`206`	`+ if (store == null)`
	`207`	`+ {`
	`208`	`+ return null;`
	`209`	`+ }`
	`210`	`+`
`205`	`211`	`X509Certificate2Collection collection = await store.Enumerate().ConfigureAwait(false);`
`206`	`212`
`207`	`213`	`certificate = Find(collection, m_thumbprint, m_subjectName, needPrivateKey);`