Search

Scope: Core (OPC-10000-*) All specs

7 result(s) for EncryptedSecret

OPC-10000-4 – OPC Unified Architecture - Part 4: Services

7.40.2.1 Overview

this format shall not exceed 64 bytes. If the password exceeds 64 bytes, the EncryptedSecret format shall be used or the clear text password is sent over a SecureChannel that ... encrypted. The EncryptedSecret format defined in 7.40.2.3 provides an extensible secret format together with the definition how the secret is signed and encrypted. It allows for the layout
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

7.40.2.3 EncryptedSecret Format

EncryptedSecret Format The EncryptedSecret uses an extensible format which has the TypeId of a DataType Node as a prefix as defined for the ExtensionObject encoding ... general layout of the EncryptedSecret is shown in Figure 39 . Figure 39 - EncryptedSecret layout The TypeId specifies how the EncryptedSecret is serialized and secured. For example, the RsaEncryptedSecret requires that
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

7.40.2.4 RsaEncryptedSecret DataType

RsaEncryptedSecret uses RSA based Asymmetric Cryptography . Additional semantics for the fields in the EncryptedSecret layout for the RsaEncryptedSecret Structure are described in Table 185 . Table 185 - RsaEncryptedSecret structure Name Type ... KeyData The KeyData is encrypted with the PublicKey associated with the receiver of the EncryptedSecret . The creator of the EncryptedSecret generates the SigningKey , EncryptingKey and InitializationVector using a cryptographic random
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

7.40.2.5 EccEncryptedSecret DataType

EccEncryptedSecret uses ECC based Asymmetric Cryptography . Additional semantics for the fields in the EncryptedSecret layout for the EccEncryptedSecret Structure are described in Table 186 . The EccEncryptedSecret uses
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

7.40.6 IssuedIdentityToken

JWTs in more detail. If the token is encrypted, it shall use the EncryptedSecret format defined in 7.40.2.3 . This token shall be encrypted by the Client if required
OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings

6.8.3 ECC and RSA-DH Encrypted Secret

bytes and the additional data part shall include all headers in the EncryptedSecret . The AuthenticatedEncryption tag is appended after the PayloadPaddingSize and is verified when the Payload is decrypted
OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings

6.9 Diffie-Hellman Key Agreement (RSA)

Response messages are signed but not encrypted when using RSA-DH. When creating an EncryptedSecret , the DH PublicKeys are exchanged using the mechanisms defined for ECC in 6.8.2 . This includes