Common Notes
This documentation is not complete and will be updated later.
Overview
- The ISecurityProvider is reponsible for
- creating a CertificateFactory
- creating certificate validators
- creating certifcate stores
- creating secure channels
- creating the crypto provider
- The SDK contains a default implementation of ISecurityProvider (DefaultSecurityProvider).
- You can implement the whole interface or override single methods of the default implementation to implement own security functions.
- By overriding ApplicationInstanceBase.CreateDefaultSecurityProvider you can set the custom SecurityProvider.
Create Certificate
- There are two default certificate factories provided by the sdk:
- WindowsCertificateFactory in UaBase.Windows using Opc.Ua.CertificateGenerator.exe
- BouncyCastleCertificateFactory in UaBase.BouncyCastle using the external package BouncyCastle
- To implement own certificate creation you need to
- implement ICertificateFactory
- implement ISecurityProvider.CreateCertificateFactory
Encryption and decryption
- Encryption and decryption is done by the CryptoProvider returned by ISecurityProvider.CreateCryptoProvider
- You can implement ICryptoProvider or override single methods of DefaultRsaCryptoProvider