Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Basic256Sha256 (Sign and Sign&Encrypt)
October 29, 2015
12:58, EET
Avatar
cguerin
Vienna, Austria
Member
Members
Forum Posts: 20
Member Since:
April 9, 2013
sp_UserOfflineSmall Offline

I tried my OPC UA Server with those security Policies
However when I try to valid the first SecureMessage (CreateSession) after the OpenSecureChannel suceeded.
The HMAC SHA256 Verify failed.

With which Server have you tested your client against those Security Policies ?

October 29, 2015
15:29, EET
Avatar
Jouni Aro
Moderator
Moderators
Forum Posts: 833
Member Since:
December 21, 2011
sp_UserOfflineSmall Offline

There were interoperability issues against the C/.NET servers before Java SDK version 2.1.2, since the specification was different to those implementations. Which version of the SDK are you using?

The change was mentioned in the release notes as well: https://downloads.prosysopc.com/opcua/release_notes2.1.2-478.html

November 3, 2015
8:05, EET
Avatar
cguerin
Vienna, Austria
Member
Members
Forum Posts: 20
Member Since:
April 9, 2013
sp_UserOfflineSmall Offline

Hello,

I am using my own Server based on the 1.02 OPC UA Stack version.

November 10, 2015
13:55, EET
Avatar
Jouni Aro
Moderator
Moderators
Forum Posts: 833
Member Since:
December 21, 2011
sp_UserOfflineSmall Offline

Sorry for the late response.

A possible reason is that the specification is actually defining a wrong URL for the AsymmetricSignatureAlgorithm, ‘http://www.w3.org/2000/09/xmldsig#rsa-sha256’, whereas all the implementations actually use the correct one, ‘http://www.w3.org/2001/04/xmldsig-more#rsa-sha256’. This was fixed also for the Java stack in version 2.1.2, but the respective change was not taken to the specification version 1.03 either. Hopefully, there will be an errata that fixes it finally. The following Mantis issue can be used to track it:

https://opcfoundation-onlineapplications.org/mantis/view.php?id=3208

November 12, 2015
15:11, EET
Avatar
cguerin
Vienna, Austria
Member
Members
Forum Posts: 20
Member Since:
April 9, 2013
sp_UserOfflineSmall Offline

I don’t know.

Anyway, my Server is working with the latest UAExpert v1.4.0 which supports Basic256Sha256.
I will wait for the Prosys OPC UA Client to be support it as well.

Regards.
Camille Guérin.

November 12, 2015
16:10, EET
Avatar
Bjarne Boström
Moderator
Moderators
Forum Posts: 422
Member Since:
April 3, 2012
sp_UserOfflineSmall Offline

It technically supported it for a while now, but it is not visible in the UI because servers didn’t support it. Will show in the newest build (2.2.0-35). Will be shortly the release version.

November 13, 2015
8:15, EET
Avatar
cguerin
Vienna, Austria
Member
Members
Forum Posts: 20
Member Since:
April 9, 2013
sp_UserOfflineSmall Offline

My Server supports Basic256Sha256 and it works with the latest UAExpert client (which supports it as well)
However it does not work with Prosys OPC UA Client, the CreateSecureChannelRequest with Basic256Sha256 is not well signed, I guess it used the wrong algorithmus.

November 13, 2015
12:52, EET
Avatar
Jouni Aro
Moderator
Moderators
Forum Posts: 833
Member Since:
December 21, 2011
sp_UserOfflineSmall Offline

I discussed this with Unified Automation and heard that there were interoperability issues with the OPC Foundation stack implementations in last week’s Interoperability Workshop – and these issues were fixed in the OPC Foundation stacks.

Our Java and Unified Automation implementations should be interoperable.

But which stack implementation are you using? OPC Foundation’s .NET or C and which version?

November 13, 2015
12:53, EET
Avatar
Jouni Aro
Moderator
Moderators
Forum Posts: 833
Member Since:
December 21, 2011
sp_UserOfflineSmall Offline
Forum Timezone: Europe/Helsinki

Most Users Ever Online: 119

Currently Online:
16 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

hbrackel: 91

pramanj: 86

ibrahim: 68

kapsl: 57

gjevremovic: 49

TimK: 41

Fransua33: 39

fred: 36

Rainer Versteeg: 32

peterrob45: 25

Member Stats:

Guest Posters: 0

Members: 897

Moderators: 12

Admins: 1

Forum Stats:

Groups: 3

Forums: 14

Topics: 898

Posts: 3787

Newest Members:

thojermaine, Lukas, lbtsheldon, dpto.informatica, nolazky8119, peter.jakubik, amaralesbeltateresa@yahoo.com, amaralesbeltateresa@gmail.com, esbeltateresaamaral@yahoo.com.br, doanphan111

Moderators: Jouni Aro: 833, Otso Palonen: 32, Tuomas Hiltunen: 5, janimakela: 0, Pyry: 1, Terho: 0, Petri: 0, Bjarne Boström: 422, Heikki Tahvanainen: 402, Jukka Asikainen: 1, Teppo Uimonen: 16, Markus Johansson: 1

Administrators: admin: 0