Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Kura » OPCUA asymmetric encryption
OPCUA asymmetric encryption [message #1702098] Sun, 19 July 2015 13:38 Go to next message
jesse jesse is currently offline jesse jesseFriend
Messages: 1
Registered: July 2015
Junior Member
Hello,
In the OPCUA specification we should use an Asymmetric encryption (in my case RSA 256 oaep) to encrypt the "OpenSecureChannel request" and "OpenSecureChannel response".
My OpenSecureChannel request/response size = 2000 octets
RSA Algorithm support bloc size of ~217 octets or something like that (RSA blocSize = RSA_Size(key) paddingSize)

How should i do to encrypt my request and my response ???
Should i use an operation mode (CBC for example) to split my plainText into a small blocs ?? Am i respecting the specification by doing that

Any idea !!! please Sad
Thank you

Report message to a moderator

Re: OPCUA asymmetric encryption [message #1702404 is a reply to message #1702098] Wed, 22 July 2015 07:24 Go to previous message
Luca Dazi is currently offline Luca DaziFriend
Messages: 15
Registered: December 2014
Junior Member
Hello Jesse,
if I got it right, you have a OpenSecureChannel request (or response) packet, and according to OPCUA specs, you have to encrypt (or decrypt) them using RSA with SHA 256.

If that's the case, you have plenty of choices. The most simple thing to do would be to use java.security.Signature.
Just a basic example:
private void test() throws Exception {
  KeyPair keyPair=null;
  keyPair=readPkcs1(new FileInputStream("/somefolder/private.pem"));
  Signature signature=Signature.getInstance("SHA256withRSA");
  signature.initSign(keyPair.getPrivate());
  signature.update(yourRequest.getBytes());
  byte[] signatureBytes=signature.sign();
  keyPair=readPkcs8(new FileInputStream("/somefolder/private.pk8der"));
  signature.initVerify(keyPair.getPublic());
  signature.update(yourReqeust.getBytes());
  System.out.println(signature.verify(signatureBytes));
}


Hope this helps a bit!

Luca

Report message to a moderator

Previous Topic:Problem including jdk.dio into Hello World Example
Next Topic:how to change the MQTT messages format?
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Apr 25 21:40:21 GMT 2024

Powered by FUDForum. Page generated in 0.03125 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly