The EncryptedSecretuses an extensible format which has the TypeIdof a DataType Nodeas a prefix as defined for the ExtensionObjectencoding in OPC 10000-6. The general layout of the EncryptedSecretis shown in Figure 39.


Figure 39– EncryptedSecret layout

The TypeIdspecifies how the EncryptedSecretis serialized and secured. For example, the RsaEncryptedSecretrequires that the KeyDatabe encrypted with the public key associated with the EncryptingCertificatebefore it is serialized.

The SecurityPolicyUriis used to determine what algorithms were used to encrypt and sign the data. Valid SecurityPolicyUris are defined in OPC 10000-7.

The payload is always encrypted using the symmetric encryption algorithm specified by the SecurityPolicyUri. The KeyDatais used to create the keys used needed for the symmetric encryption. The structure of the KeyDatadepends on the EncryptedSecret DataType.

The EncryptedSecretis secured and serialized as follows:

  • Serialize the common header;
  • Serialize the KeyData;
  • If required, encrypt the KeyData and append the result to the common header;
  • Update the KeyDataLength with the length of the encrypted KeyData;
  • Append the Nonce and the Secret to the encrypted KeyData;
  • Calculate padding required on the payload and append after the Secret;
  • Encrypt the payload;
  • Calculate a Signature;
  • Append the Signature.

Individual fields are serialized using the UA Binary encoding (see OPC 10000-6) for the DataTypespecified in Table 187. The Paddingis used to ensure there is enough data to fill an integer multiple of encryption blocks. The size of the encryption block depends on the encryption algorithm. The total length of the Padding, not including the PaddingSize, is encoded as a UInt16. The individual bytes of the Paddingare set to the the least significant byte of the PaddingSize.

The EncryptedSecret is deserilized and validated as follows:

  • Deserialize the common header;
  • Verify the Signature if the KeyData is not encrypted;
  • Decrypt the KeyData and verify the Signature if the KeyData is encrypted;
  • Decrypt the payload;
  • Verify the padding on the payload;
  • Extract the Secret;

The fields in the EncryptedSecretare described in Table 187. The first three fields TypeId, EncodingMaskand Lengthbelong to the ExtensionObjectencoding defined in OPC 10000-6.

Table 187– EncryptedSecret layout






The NodeIdof the DataType Node.



This value is always 1.



The length of the data that follows including the Signature.



The URI for the SecurityPolicyused to apply security.



The signing and/or encrypting Certificate.



When the Signaturewas created.



The length, in bytes, of the KeyDatathat follows

If the KeyDatais encrypted this is the length of the encrypted data;

Otherwise, it is the length of the unencrypted data.


Byte [*]

The key data used to create the keys needed for decrypting and verifying the payload. Each EncryptedSecret DataTypedescribes how the key data is structured for different SecurityPolicies.



This is the last serverNoncereturned in the CreateSessionor ActivateSession Responsewhen a UserIdentityTokenis passed with the ActivateSession Request.

If used outside of an ActivateSession call, the Nonceis created by the sender and is a function of the SecureChannelNonceLength.



The secret to protect.

The passwordwhen used with UserNameIdentityTokens.

The tokenDatawhen used with IssuedIdentityTokens.

If the Secretis a Stringis it encoded using UTF-8 first.



Additional padding added to ensure the size of the encrypted payload is an integer multiple of the input block size for the symmetric encryption algorithm specified by the SecurityPolicyUri.

The value of each byte is the least significant byte of the PayloadPaddingSize.



The size of the padding added to the payload.



The Signaturecalculated after all encryption is applied.

Each EncryptedSecret DataTypedescribes how the Signatureis calculated for different SecurityPolicies.

The PayloadPaddingSize adjusted with the following formula:

If (Secret.Length + PayloadPaddingSize < InputBlockSize) Then

PayloadPaddingSize = PayloadPaddingSize + InputBlockSize

Where the InputBlockSize is specified by the SymmetricEncryptionAlgorithm.

The currently available EncryptedSecret DataTypesare defined in Table 188.

Table 188– EncryptedSecret DataTypes

Type Name

When to Use


Used when the SecurityPolicyrequires the use of RSA cryptography. It is described in


Used when the SecurityPolicyrequires the use of ECC cryptography.It is described in .