Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
sp_Search Search
Advanced Search
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Search Search
Go to Bottom
No permission to create posts
sp_Feed Topic RSS sp_TopicIcon
OPC UA Simulation Server pad error when using 2048 bits certificate in the basic256sha256 security policy
June 28, 2021
11:34, EEST
Avatar
shuqing
Member
Members
Forum Posts: 7
Member Since:
June 28, 2021
sp_UserOfflineSmall Offline
Go to Top
1sp_Permalink sp_Print

6/28/2021 12:07:52.746 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-4] com.prosysopc.ua.stack.transport.tcp.nio.j [] – SecureInputMessageBuilder: expectedSequenceNumber=null
06/28/2021 12:07:52.746 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-4] com.prosysopc.ua.stack.transport.tcp.nio.g [] – onAsymmSecureChunk: java.nio.HeapByteBuffer[pos=1046 lim=2070 cap=2070]
06/28/2021 12:07:52.746 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-4] com.prosysopc.ua.stack.transport.tcp.nio.j [] – addChunk: expectedSequenceNumber=null
06/28/2021 12:07:52.747 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.nio.j [] – token: com.prosysopc.ua.stack.transport.security.s@24176b6d
06/28/2021 12:07:52.748 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – SecurityPolicy in use: http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
06/28/2021 12:07:52.748 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – SecurityMode in use: SignAndEncrypt
06/28/2021 12:07:52.762 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.security.c [] – Decrypt: inputBlockSize=512, outputBlockSize=470, dataToDecrypt.length=1024
06/28/2021 12:07:52.861 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – signatureAlgorithm=Algorithm URI=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 StandardName=SHA256withRSA Transformation=SHA256withRSA
06/28/2021 12:07:52.861 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – signatureSize=256
06/28/2021 12:07:52.861 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – verify: policy=http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
06/28/2021 12:07:52.870 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – paddingEnd=1301 paddingSize=41636
06/28/2021 12:07:52.870 INFO [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.nio.j [] – addChunk: failed
java.lang.IndexOutOfBoundsException: null
at java.nio.Buffer.checkIndex(Buffer.java:682) ~[?:?]
at java.nio.HeapByteBuffer.get(HeapByteBuffer.java:166) ~[?:?]
at com.prosysopc.ua.stack.transport.tcp.a.b.run(SourceFile:208) ~[ui-javafx-4.0.2-108.jar:4.0.2-108]
at com.prosysopc.ua.stack.transport.tcp.nio.j$2.run(SourceFile:208) [ui-javafx-4.0.2-108.jar:4.0.2-108]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Wor

1) I replace the server’s original 2048 bits certificate to 4096 bits, the error appears
2) Debug logs attached, it seems that the paddingSize=41636 so big

June 28, 2021
11:36, EEST
Avatar
shuqing
Member
Members
Forum Posts: 7
Member Since:
June 28, 2021
sp_UserOfflineSmall Offline
Go to Top
2sp_EditHistory sp_Permalink sp_Print

Sorry, the title should be OPC UA Simulation Server pad error when using 4096 bits certificate in the basic256sha256 security policy

June 28, 2021
12:03, EEST
Avatar
Jouni Aro
Moderator
Moderators
Forum Posts: 1026
Member Since:
December 21, 2011
sp_UserOfflineSmall Offline
sp_UserWebsite
Go to Top
3sp_Permalink sp_Print

What is the client application? Does it support 4096 bit certificates properly?

June 28, 2021
12:32, EEST
Avatar
shuqing
Member
Members
Forum Posts: 7
Member Since:
June 28, 2021
sp_UserOfflineSmall Offline
Go to Top
4sp_EditHistory sp_Permalink sp_Print

client application is my app, and its certificate is 2048 bits,
when i test using: simulation server: 2048 bits, and the client 2048 bits, it works well, it can find the paddingSize is 163 (0xa2). the log attached

06/28/2021 17:35:40.931 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.nio.j [] – token: com.prosysopc.ua.stack.transport.security.u@19b7bfb3
06/28/2021 17:35:40.931 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – SecurityPolicy in use: http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
06/28/2021 17:35:40.931 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – SecurityMode in use: SignAndEncrypt
06/28/2021 17:35:40.941 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.security.c [] – Decrypt: inputBlockSize=256, outputBlockSize=214, dataToDecrypt.length=768
06/28/2021 17:35:40.975 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – signatureAlgorithm=Algorithm URI=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 StandardName=SHA256withRSA Transformation=SHA256withRSA
06/28/2021 17:35:40.975 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – signatureSize=256
06/28/2021 17:35:40.975 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – verify: policy=http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
06/28/2021 17:35:40.981 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – paddingEnd=1291 paddingSize=163

June 28, 2021
12:41, EEST
Avatar
shuqing
Member
Members
Forum Posts: 7
Member Since:
June 28, 2021
sp_UserOfflineSmall Offline
Go to Top
5sp_Permalink sp_Print

the trace is as follows:
06/28/2021 17:40:01.283 TRACE [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – verify: dataToVerify=[1292] 0x
4f504e460c0800000000000039000000687474703a2f2f6f7063666f756e646174696f6e2e6f72672f55412f5365637572697479506f6c696379234261736963
323536536861323536a7030000308203a33082028ba003020102020900e7a7a0b19bfbc0b8300d06092a864886f70d0101050500302b310b3009060355040613
02434e310b300906035504080c025354310f300d06035504030c06526f6f744341301e170d3231303631313031353633355a170d333130363039303135363335
5a302b310b300906035504061302434e310b300906035504080c025354310f300d06035504030c06526f6f74434130820122300d06092a864886f70d01010105
000382010f003082010a0282010100b51163caebad74339bbdaa0a45589c50d2738c5ffff2f0f54fde6a254321c3992c6664949d0c5e537cb5bec721affe1d6a
a443c76c2847b1569838a97b27b6d6509abce3c021c9d49d6fe81ff1490cc2cedcb80b80d9f9fef5e42cd6e3b8efd32ee292c41a97835a7bbc724eccd49f6d86
d7371854e9d9a7aba0de9233b85321c8ab61029017455adf36ca7a5dfe017c10f549ffc5f4f454e38652e954de582740fa39e96fe986cbbfceffb27524fb72a2
45f7a620bbafa288f91346e0363163947b5bfe5e051fb8689cae27ce51b5220fe3d40eb45d21047c88de9d1cbb8d88465f901af34ca96829405d330311a3e30e
cc7c0214798dff8fa50d054be981230203010001a381c93081c6301f0603551d1104183016861475726e3a5465737453756974653a526f6f7443413009060355
1d1304023000300b0603551d0f0404030202f4301d0603551d250416301406082b0601050507030106082b06010505070302302c06096086480186f842010d04
1f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414655b2d5b913048ed7795aba22c64da34e47c352730
1f0603551d23041830168014655b2d5b913048ed7795aba22c64da34e47c3527300d06092a864886f70d01010505000382010100612fbfedcff56bf38022498c
43227b4a705c0c1f1519601580b9c306f177b6c52b74a5e3c19feeed9415263c8fcc9973550a4d441c35dfced26778a478758878615543df869e7a83f5772ab6
8c47d2ec809b3cf64cbae4f5596bc2bd222752c0fbbcac7eb51b43cf9a6bb633615a98fdfdda0f1b438c746fa4862b1366cd2df80f7c96d1c2be9e77067a3d4f
2c0fdfe3ebfe68d3c3d779325115a05cf1a925dce4bf359200ea15e5638f4cb6dc946c0c8ba9df829e2ac94cd3e1f6237065097bbdb310f54fae7590474717ef
b79f97e239c493865bbe60ae74aec13d70e2911b4ae3e966f52269ab0a3067e01a034ce98f8eca5af2ac7b221eff9afbd89584f3140000006d7b6c1a5cf009fb
1133a1b8b67ff6afcf058cde01000000020000000100be01000040a9d090016cd7010000000000000000ffffffff000000000000000000000000000000030000
0020000000c295c48d820751f890be66ab1f11685184a0b0118a7df039c2d367e811cdee0780ee3600a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2
a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2
a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2
a2a2a2a2a2a2a2a2a2a2a2a2
06/28/2021 17:40:01.283 TRACE [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – verify: signature=[256] 0x
05044b2792be3845cb92dbe3ff2c7b34385d218dbaa257105a88c1a2af5ff62ff8ad35b51c9bd40a458410a500d6119471d43812c28c4743c957a47ed15a16aa
7aa53296e01ac2fa05216f8e4b6afa57a020eb940ebf7a36d570166a2390c1117394ba5e76b81f3ae7cfb1c53f4d9bdd6639a602f0731684476fe1071938b513
bfad9a84635193430cc4f51a4c048dd1feb8ee6ea87fb84778930e11b3bfd9ec55fbc0f0aa86f9a59ff4f0f4c1f12f864bf59790e381072dc08f8277dd524fa1
de952a414a43bdfbb9e2024c00df622513ff08042609ea7087cac9a33ede4c34314c808e2701c591d84b04b3cbc168263bcb52680fb5d8de6eb4fb8147aa69f0
06/28/2021 17:40:01.291 DEBUG [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.a.b [] – paddingEnd=1291 paddingSize=41636
06/28/2021 17:40:01.291 INFO [OPC-UA-Stack-Non-Blocking-Work-Executor-5] com.prosysopc.ua.stack.transport.tcp.nio.j [] – addChunk: failed
java.lang.IndexOutOfBoundsException: null
at java.nio.Buffer.checkIndex(Buffer.java:682) ~[?:?]
at java.nio.HeapByteBuffer.get(HeapByteBuffer.java:166) ~[?:?]
at com.prosysopc.ua.stack.transport.tcp.a.b.run(SourceFile:208) ~[app-5.0.8-330.jar:5.0.8-330]
at com.prosysopc.ua.stack.transport.tcp.nio.j$2.run(SourceFile:208) [app-5.0.8-330.jar:5.0.8-330]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?]
at java.lang.Thread.run(Thread.java:834) [?:?]

June 28, 2021
13:44, EEST
Avatar
Jouni Aro
Moderator
Moderators
Forum Posts: 1026
Member Since:
December 21, 2011
sp_UserOfflineSmall Offline
sp_UserWebsite
Go to Top
6sp_Permalink sp_Print

I assume your client is not made with the SDK for Java?

The client needs to know how to prepare the message encoding properly when the server is using 4096 bit certificates. There is a difference in the padding (it is defined with 2 bytes), but if your client does it wrong, this is expected.

June 29, 2021
4:11, EEST
Avatar
shuqing
Member
Members
Forum Posts: 7
Member Since:
June 28, 2021
sp_UserOfflineSmall Offline
Go to Top
7sp_Permalink sp_Print

yeah, that’s the problem, i will try to fix, thanks

No permission to create posts
sp_Feed All RSS
Go to top
Forum Timezone: Europe/Helsinki

Most Users Ever Online: 1919

Currently Online:
20 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Heikki Tahvanainen: 402

hbrackel: 144

rocket science: 88

pramanj: 86

Francesco Zambon: 83

Ibrahim: 78

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

Member Stats:

Guest Posters: 0

Members: 737

Moderators: 7

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1524

Posts: 6450

Newest Members:

fannielima, kristiewinkle8, rust, christamcdowall, redaahern07571, nigelbdhmp, travistimmons, AnnelCib, dalenegettinger, howardkennerley

Moderators: Jouni Aro: 1026, Pyry: 1, Petri: 0, Bjarne Boström: 1026, Jimmy Ni: 26, Matti Siponen: 346, Lusetti: 0

Administrators: admin: 1