Jump to content

Using Encryption Compendium to create a certificate for the NI OPC UA Toolkit


mhenz

Recommended Posts

Has anyone tried to generate a client/server certificate for the NI OPC UA toolkit using the Encryption Compendium? I had no success, but it seems, that it has somethinh to do with incorrect attributes.

BTW: The hexadecimal output of the ECL Sign.vi seems to have a final/additional 00h character at the end in the "Signature[HEX]" output. The "Signature[BYTES]" output is correct. The problem is located in RSA.lvlib:RSA_sign.vi, DSA.lvlib:DSA_sign.vi and ECDSA.lvlib:ECDSA_sign.vi. I can correct this, but don't know if this is a bug or a feature 😉 

 

Link to comment
1 hour ago, mhenz said:

Has anyone tried to generate a client/server certificate for the NI OPC UA toolkit using the Encryption Compendium? I had no success, but it seems, that it has somethinh to do with incorrect attributes.

BTW: The hexadecimal output of the ECL Sign.vi seems to have a final/additional 00h character at the end in the "Signature[HEX]" output. The "Signature[BYTES]" output is correct. The problem is located in RSA.lvlib:RSA_sign.vi, DSA.lvlib:DSA_sign.vi and ECDSA.lvlib:ECDSA_sign.vi. I can correct this, but don't know if this is a bug or a feature 😉 

 

Send an email to support@lvs-tools.co.uk with this info and we can start to look more closely at it.

The next release has a lot more functions to deal with x.509 attributes so we can probably resolve this if we know what the NI OPC toolkit is expecting and make sure the attribute function is available to set them.

image.png.b12f8bb87fc241d82e50e06d37caee23.png

image.png.93b80b90c09c50d0b6e383c4368349b8.png

With regards to the signature, those functions simply convert the byte array using the following code. So it seems strange that there is a disparity between the byte array and the hex string representation.

image.png.882b87876fbdfddd9a7738309809fbe5.png

Edited by ShaunR
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.