Using Encryption Compendium to create a certificate for the NI OPC UA Toolkit

[mhenz]

Has anyone tried to generate a client/server certificate for the NI OPC UA toolkit using the Encryption Compendium? I had no success, but it seems, that it has somethinh to do with incorrect attributes.

BTW: The hexadecimal output of the ECL Sign.vi seems to have a final/additional 00h character at the end in the "Signature[HEX]" output. The "Signature[BYTES]" output is correct. The problem is located in RSA.lvlib:RSA_sign.vi, DSA.lvlib:DSA_sign.vi and ECDSA.lvlib:ECDSA_sign.vi. I can correct this, but don't know if this is a bug or a feature 😉 

 

[ShaunR]

1 hour ago, mhenz said:

Has anyone tried to generate a client/server certificate for the NI OPC UA toolkit using the Encryption Compendium? I had no success, but it seems, that it has somethinh to do with incorrect attributes.

BTW: The hexadecimal output of the ECL Sign.vi seems to have a final/additional 00h character at the end in the "Signature[HEX]" output. The "Signature[BYTES]" output is correct. The problem is located in RSA.lvlib:RSA_sign.vi, DSA.lvlib:DSA_sign.vi and ECDSA.lvlib:ECDSA_sign.vi. I can correct this, but don't know if this is a bug or a feature 😉 

 

Send an email to support@lvs-tools.co.uk with this info and we can start to look more closely at it.

The next release has a lot more functions to deal with x.509 attributes so we can probably resolve this if we know what the NI OPC toolkit is expecting and make sure the attribute function is available to set them.

With regards to the signature, those functions simply convert the byte array using the following code. So it seems strange that there is a disparity between the byte array and the hex string representation.

Edited February 25, 2022 by ShaunR