UADP messages may be signed to ensure integrity. In this case a security header and a signature have to be added to the message. See clause 18.104.22.168.3 (UADP Message Security) for a complete description of the signing mechanism.
This header layout is basically the same as the header layout defined in C.3.4 but with additional security level ‘Signing but no encryption’. The NetworkMessage header layout with signing is shown in Figure C.8.
Figure C.8 : UADP NetworkMessage header layout with integrity (signing)
Table C.9 : UADP NetworkMessage header layout with integrity (signing)
|ExtendedFlags1||Byte||Bit 4: Security enabled|
|SecurityFlags||Byte||Bit 0: NetworkMessage Signed enabled
Bit 1: NetworkMessage Encryption disabled
Bit 2: SecurityFooter disabled
Bit 3: Force key reset disabled
Bit range 4-7: Reserved
|SecurityTokenId||IntegerId||The ID of the security token that identifies the security key in a SecurityGroup.|
|NonceLength||Byte||The length of the Nonce used to initialize the encryption algorithm.|