OPC Foundation
  • Documents
  • NodeSets
  • Search
A.2.5 Header layout for NetworkMessages with integrity (signing)

UADP messages may be signed to ensure integrity. In this case the SecurityHeader and the Signature have to be added to the message. See clause 7.2.2.4.3 for a complete description of the signing mechanism.

This header layout is basically the same as the header layout defined in A.2.4 but with additional security level ‘signing but no encryption’.

The NetworkMessage header layout with signing is shown in Figure A.2.

image052.png

image053.pngFigure A.2 – UADP NetworkMessage header layout with integrity (signing)

Table A.3 shows the configuration for the NetworkMessage header with signing. The table contains only the added or modified rows from Table A.1.

Table A.3 – UADP NetworkMessage header layout with integrity (signing)

Name

Type

Restrictions

ExtendedFlags1

Byte

Bit 4: SecurityHeader enabled

SecurityHeader

SecurityFlags

Byte

Bit 0: NetworkMessage Signed enabled = 1

Bit 1: NetworkMessage Encryption enabled = 0

Bit 2: SecurityFooter enabled = 0

Bit 3: Force key reset enabled = 0

Bit range 4-7: Reserved

SecurityTokenId

IntegerId

The ID of the security token that identifies the security key in a SecurityGroup.

NonceLength

Byte

8

MessageNonce

Byte[8]

A number used exactly once for a given security key.

Please report errors or issues with the site to webmaster.

Copyright © 2023 - OPC Foundation