15:39, EET
March 4, 2014
Hi,
I have a general question about the Key Wrap Algorithm
and how this algorithm gets the secret for generating the symmetric key.
I read the specifications, but this point is not clear for me.
In part 6 on page 27, the security handshake of OPC UA is described.
If I capture a communication process between a client and a slave with wireshark (Security Mode: None),
then I can see the different exchanged messages. The handshake and the theoretical usage of the described algorithms is clear.
But how does OPC UA creates the symmetric key, when security is used. Which secret is used to generate the symmetric key with the key wrap algorithm P_SHA1? And also for signing the “Create Session Request/Response”: what is the Client/Server Signing Key? Where do I find hints in the message-structure?
Is there any quote in the spezifications where this part is explained?
Thank you very much,
Mel
16:10, EET
December 21, 2011
9:13, EET
March 4, 2014
Hi,
I have another question to this topic. There is also the Key Derivation Algorithm used which belongs to the WS-Secure-Conversation Specification.
The Link in the OPC UA specification does not work.
For the computation of P_SHA1 the following formular is used:
P_SHA(secret, label + seed)
When I compare this formular with the formular used in TLS Specification (RFC2246):
P_SHA1 (secret, seed) = HMAC_SHA1(secret, A(1) + seed)+
HMAC_SHA1(secret, A(2) + seed)+ …
with A(): A(0)= seed and A(i)=HMAC_SHA1(secret, A(i-1))
I think label is similar with A(). What is seed? And where do I find seed in the OPC UA handshake. I understood that the secret is ClientNonce and ServerNonce.
Thanks,
Mel
Most Users Ever Online: 518
Currently Online:
16 Guest(s)
Currently Browsing this Page:
1 Guest(s)
Top Posters:
hbrackel: 135
pramanj: 86
Francesco Zambon: 81
rocket science: 77
Ibrahim: 76
Sabari: 62
kapsl: 57
gjevremovic: 49
Xavier: 43
fred: 41
Member Stats:
Guest Posters: 0
Members: 681
Moderators: 16
Admins: 1
Forum Stats:
Groups: 3
Forums: 15
Topics: 1467
Posts: 6261
Newest Members:
graciela2073, sagarchau, elviralangwell4, Donnavek, Eddiefauth, DonaldPooma, fidelduke938316, Jan-Pfizer, DavidROunc, fen.pang@woodside.comModerators: Jouni Aro: 1010, Otso Palonen: 32, Tuomas Hiltunen: 5, Pyry: 1, Petri: 0, Bjarne Boström: 983, Heikki Tahvanainen: 402, Jukka Asikainen: 1, moldzh08: 0, Jimmy Ni: 26, Teppo Uimonen: 21, Markus Johansson: 42, Niklas Nurminen: 0, Matti Siponen: 321, Lusetti: 0, Ari-Pekka Soikkeli: 5
Administrators: admin: 1