Property

Description

Security Mechanism

Mechanism details as specified in SecurityPolicy Aes256-Sha256-RsaPss

The expected key length is of 4096

Fingerprinting

ToDo

Attribute type

ch.iec.30168.identifier (attribute name ch.iec.30168.identifier_value; cardinality 1)

The identifier value that is assigned to the personality at the time of its creation (cf. IEC TS 30168 6.6.10.4.13).

ch.iec.30168.trustlist.certificate.self.x509

X.509 end entity certificate

org.opcfoundation.product_instance_uri

ProductInstanceUri represented by the personality. This attribute shall be present for personalities which are eligible identities to be used in the OPC UA onboarding process. This attribute should occur at most once per personality. The attribute name shall be set to “ProductInstanceUri”.

Usage Info

org.opcfoundation.Aes256-Sha256-RsaPss

Property

Description

Profile Dependencies

org.opcfoundation.Aes256-Sha256-RsaPss for creation

Enrollment Attributes

cf. Table 2

Enrollment Artifact

cf. Table 2

Property

Description

Profile Dependencies

org.opcfoundation.Aes256-Sha256-RsaPss for creation and enrolment

gta_personality_get_attribute()

ch.iec.30168.identifier

ch.iec.30168.trustlist.certificate.self.x509

org.opcfoundation.product_instance_uri

gta_personality_add_attribute()

ch.iec.30168.trustlist.certificate.self.x509

gta_personality_remove_attribute()

ch.iec.30168.trustlist.certificate.self.x509

gta_authenticate_data_detached()

Signs data and returns a signature artifact depending on the mechanism of the used personality.

Mechanism details as specified in SecurityPolicy Aes256-Sha256-RsaPss (http://opcfoundation.org/UA/SecurityPolicy#Aes256-Sha256-RsaPss)

gta_unseal_data()

Decryption for OpenSecureChannel

Mechanism details as specified in SecurityPolicy Aes256-Sha256-RsaPss (http://opcfoundation.org/UA/SecurityPolicy#Aes256-Sha256-RsaPss)

Usage Attributes

n/a

Usage Artifact

Binary

tbd.