Annex C (normative) UADP Header Layouts ToC

C.3 Message headers for Events and Data with dynamic layout ToC Previous

C.3.6 Header layout for NetworkMessages with integrity and confidentiality (signing and encryption) ToC Previous Next

UADP messages may be signed and encrypted. In this case a security header and a signature have to be added to the message. See clause 7.2.2.2.3 (UADP Message Security) for a complete description of the security mechanisms.

This header layout is basically the same as the header layout defined in C.3.4 but with additional security level ‘Signing and encryption’. The NetworkMessage header layout with signing and encryption is shown in Figure C.9.

readme_files/image011.png

Figure C.9 : UADP NetworkMessage header layout with integrity and confidentiality

Table C.10 shows the configuration for the NetworkMessage header with signing and encryption. The table contains only the added or modified rows from Table C.7.

Table C.10 : UADP NetworkMessage header layout with integrity and confidentiality

Name Type Restrictions
ExtendedFlags1 Byte Bit 4: Security enabled
SecurityHeader    
   SecurityFlags Byte Bit 0: NetworkMessage Signed enabled
Bit 1: NetworkMessage Encryption enabled
Bit 2: SecurityFooter disabled
Bit 3: Force key reset disabled
Bit range 4-7: Reserved
   SecurityTokenId IntegerId The ID of the security token that identifies the security key in a SecurityGroup.
   NonceLength Byte 4
   MessageNonce Byte[4] A number used exactly once for a given security key.

Previous Next