Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Basic256 Sign & Encrypt
February 10, 2015
13:39, EET
Avatar
Darko
Member
Members
Forum Posts: 8
Member Since:
November 18, 2014
sp_UserOfflineSmall Offline

Hello!

My SampleConsoleServer has security modes set to ALL_102 which should cover all of these: NONE, BASIC128RSA15_SIGN_ENCRYPT, BASIC128RSA15_SIGN, BASIC256_SIGN_ENCRYPT, BASIC256_SIGN, BASIC256SHA256_SIGN_ENCRYPT, BASIC256SHA256_SIGN.

My client application is trying to connect to all sorts of different modes.
It is using the mechanism of ApplicationIdentity.loadOrCreateIssuerCertificate method to create new key pairs if none is present.
After that, I use these generated certificates to connect to the server.

Each security mode is working great except BASIC256_SIGN_ENCRYPT and BASIC256SHA256_SIGN_ENCRYPT.
There is no problem in their sign-only pair, and BASIC128RSA15_SIGN_ENCRYPT works as well.

For BASIC256 and BASIC256SHA256 modes I had to use 2048 or 4096 bit public keys, because I read it in prosys client documentation.
But, then another problem arises for me and I am not sure what is the problem exactly.

com.prosysopc.ua.client.ConnectException: Failed to create session channel to server: : opc.tcp://localhost:52520/OPCUA/SampleConsoleServer [http://opcfoundation.org/UA/SecurityPolicy#Basic256,SignAndEncrypt] ServiceResult=Bad_SecurityChecksFailed (0x80130000) "An error occurred verifying security."
at com.prosysopc.ua.client.UaClient.h(Unknown Source)
at com.prosysopc.ua.client.UaClient.connect(Unknown Source)
at … my classes
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:131)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)
Caused by: org.opcfoundation.ua.common.ServiceResultException: Bad_SecurityChecksFailed (code=0x80130000, description="2148728832, Illegal key size")
at org.opcfoundation.ua.transport.tcp.impl.ChunkSymmEncryptSigner.encrypt(Unknown Source)
at org.opcfoundation.ua.transport.tcp.impl.ChunkSymmEncryptSigner.run(Unknown Source)
at org.opcfoundation.ua.transport.tcp.io.TcpConnection.sendSymmChunk(Unknown Source)
at org.opcfoundation.ua.transport.tcp.io.TcpConnection.sendRequest(Unknown Source)
at org.opcfoundation.ua.transport.tcp.io.SecureChannelTcp.serviceRequest(Unknown Source)
at org.opcfoundation.ua.transport.tcp.io.SecureChannelTcp.serviceRequest(Unknown Source)
at org.opcfoundation.ua.application.Client.createSession(Unknown Source)
… 22 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1024)
at javax.crypto.Cipher.init(Cipher.java:1345)
at javax.crypto.Cipher.init(Cipher.java:1282)
… 29 more
com.keba.kemro.plc.network.NetworkException:
at … my classes
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:131)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)
February 10, 2015
16:27, EET
Avatar
Jouni Aro
Moderator
Moderators
Forum Posts: 1026
Member Since:
December 21, 2011
sp_UserOfflineSmall Offline

You will need to install the JCE Unlimited Policy Files to the JRE from

http://www.oracle.com/technetw…..32124.html (JRE 7)

or

http://www.oracle.com/technetw…..33166.html (JRE 8)

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 1919

Currently Online:
25 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Heikki Tahvanainen: 402

hbrackel: 144

rocket science: 88

pramanj: 86

Francesco Zambon: 83

Ibrahim: 78

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

Member Stats:

Guest Posters: 0

Members: 731

Moderators: 7

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1529

Posts: 6471

Newest Members:

inilarythikibia, rickykennion, PromotionToold, HypromeImpupe, toneylapham544, rondawolinski7, Marypof5711, roycedelargie91, kourtneyquisenbe, ellis87832073466

Moderators: Jouni Aro: 1026, Pyry: 1, Petri: 0, Bjarne Boström: 1032, Jimmy Ni: 26, Matti Siponen: 349, Lusetti: 0

Administrators: admin: 1