OpenSecureChannel request
=========================
.. note::
Add more information about:
* ua time format
* the Construct
* openSSL
The OPC UA OpenSecureChannel request
------------------------------------
The OpenSecureChannel request contains the following fields:
=================================== ============== ======================= ==================================
Parameter Datatype Value Comments
=================================== ============== ======================= ==================================
MessageType 3 ACII bytes OPN from Open
IsFinal 1 ASCII byte F from final
MessageSize ULInt32
SecureChannelId ULInt32
SecurityPolicyUriLength ULInt32
SecurityPolicyUri String NONE [SecPol]_ utf-8 encoded.
SenderCertificateLength ULInt32
SenderCertificate Array of bytes a DER encoded blob
ReceiverCertificateThumbprintLength ULInt32
ReceiverCertificateThumbprint Array of bytes
Sequencenumber ULInt32
RequestId ULInt32
EncodingByte ULInt8 (ENUM)
NameSpace Byte
Identifier UInt16
AuthenticationTokenEncodingByte Byte
AuthenticationTokenIdentifier Byte
TimeStamp ULInt64
RequestHandle ULInt32
ReturnDiagnostics ULInt32
AuditEntryId String
TimeOutHint ULInt32
AHEncodingByte ULInt8 (ENUM)
AHIdentifier Byte
AHEncoding Byte
ProtocolVersion ULInt32
RequestType ULInt32
SecurityMode ULInt32
ClientNonce ULInt32
RequestedLifetime ULInt32
=================================== ============== ======================= ==================================
Construct
---------
Using Construct we can create a struct, containing these fields.
.. code-block:: python
from construct import *
c = Struct('OPC UASC OpenSecureChannel Request',
String('MessageType', 3),
String('IsFinal', 1),
ULInt32('MessageSize'),
ULInt32('SecureChannelId'),
PascalString('SecurityPolicyUri', length_field=ULInt32('length')),
SLInt32('SenderCertificateLength'),
Bytes('SenderCertificate', lambda ctx:ctx['SenderCertificateLength']),
SLInt32('ReceiverCertificateThumbprintLength'),
Bytes('ReceiverCertificateThumbprint', lambda ctx:ctx['ReceiverCertificateThumbprintLength']),
ULInt32('SequenceNumber'),
ULInt32('RequestId'),
ULInt8('EncodingByte'),
ULInt8('NameSpace'),
ULInt16('Identifier'),
ULInt8('AuthenticationTokenEncodingByte'),
ULInt8('AuthenticationTokenIdentifier'),
ULInt64('TimeStamp'),
ULInt32('RequestHandle'),
ULInt32('ReturnDiagnostics'),
PascalString('AuditEntryId',
length_field=ULInt32('length'),
encoding='utf8'),
ULInt32('TimeOutHint'),
ULInt8('AHEncodingByte'),# AdditionalHeader
ULInt8('AHIdentifier'),
ULInt8('AHEncoding'),
ULInt32('ProtocolVersion'),
ULInt32('RequestType'),
ULInt32('SecurityMode'),
ULInt32('ClientNonce'),
ULInt32('RequestedLifetime'),
)
Snippets
--------
.. [SecPol] The correct URL is something like:
`http://opcfoundation.org/UA/SecurityPolicy#None <https://opcfoundation.org/profilereporting/index.htm?ModifyProfile.aspx?ProfileID=53605a50-a6ac-44ed-9baa-36c4873ff504>`_