Basic256 Sign & Encrypt | OPC UA SDK for JavaProsys Forum | Prosys OPC & OPC UA related discussion

Please consider registering
guest

Forum

OPC UA SDK for Java
sp_ArrowRight

Basic256 Sign & Encrypt

Topic RSS

Basic256 Sign & Encrypt

February 10, 2015
13:39, EET

Darko

Member

Members

Forum Posts: 8

Member Since:
November 18, 2014

Offline

Hello!

My SampleConsoleServer has security modes set to ALL_102 which should cover all of these: NONE, BASIC128RSA15_SIGN_ENCRYPT, BASIC128RSA15_SIGN, BASIC256_SIGN_ENCRYPT, BASIC256_SIGN, BASIC256SHA256_SIGN_ENCRYPT, BASIC256SHA256_SIGN.

My client application is trying to connect to all sorts of different modes.
It is using the mechanism of ApplicationIdentity.loadOrCreateIssuerCertificate method to create new key pairs if none is present.
After that, I use these generated certificates to connect to the server.

Each security mode is working great except BASIC256_SIGN_ENCRYPT and BASIC256SHA256_SIGN_ENCRYPT.
There is no problem in their sign-only pair, and BASIC128RSA15_SIGN_ENCRYPT works as well.

For BASIC256 and BASIC256SHA256 modes I had to use 2048 or 4096 bit public keys, because I read it in prosys client documentation.
But, then another problem arises for me and I am not sure what is the problem exactly.

com.prosysopc.ua.client.ConnectException: Failed to create session channel to server: : opc.tcp://localhost:52520/OPCUA/SampleConsoleServer [http://opcfoundation.org/UA/SecurityPolicy#Basic256,SignAndEncrypt] ServiceResult=Bad_SecurityChecksFailed (0x80130000) "An error occurred verifying security."
at com.prosysopc.ua.client.UaClient.h(Unknown Source)
at com.prosysopc.ua.client.UaClient.connect(Unknown Source)
at … my classes
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:131)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)
Caused by: org.opcfoundation.ua.common.ServiceResultException: Bad_SecurityChecksFailed (code=0x80130000, description="2148728832, Illegal key size")
at org.opcfoundation.ua.transport.tcp.impl.ChunkSymmEncryptSigner.encrypt(Unknown Source)
at org.opcfoundation.ua.transport.tcp.impl.ChunkSymmEncryptSigner.run(Unknown Source)
at org.opcfoundation.ua.transport.tcp.io.TcpConnection.sendSymmChunk(Unknown Source)
at org.opcfoundation.ua.transport.tcp.io.TcpConnection.sendRequest(Unknown Source)
at org.opcfoundation.ua.transport.tcp.io.SecureChannelTcp.serviceRequest(Unknown Source)
at org.opcfoundation.ua.transport.tcp.io.SecureChannelTcp.serviceRequest(Unknown Source)
at org.opcfoundation.ua.application.Client.createSession(Unknown Source)
… 22 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1024)
at javax.crypto.Cipher.init(Cipher.java:1345)
at javax.crypto.Cipher.init(Cipher.java:1282)
… 29 more
com.keba.kemro.plc.network.NetworkException:
at … my classes
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:131)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)

February 10, 2015
16:27, EET

Jouni Aro

Moderator

Moderators

Forum Posts: 1026

Member Since:
December 21, 2011

Offline

You will need to install the JCE Unlimited Policy Files to the JRE from

http://www.oracle.com/technetw…..32124.html (JRE 7)

http://www.oracle.com/technetw…..33166.html (JRE 8)

All RSS

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 1919

Currently Online:
21 Guest(s)

Currently Browsing this Page:
1 Guest(s)