2.2.2.6.1 AUTHORITY_BUFFER
The AUTHORITY_BUFFER structure is contained within a logical message containing the CPA and extended payload information associated with a Key. Parts of this logical message appear in AUTHORITY messages.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
FieldID1 |
Length1 |
||||||||||||||||||||||||||||||
|
000000 |
L |
00000 |
B |
00 |
N |
Padding1 |
|||||||||||||||||||||||||
|
FieldID2 (optional) |
Length2 (optional) |
||||||||||||||||||||||||||||||
|
Certificate Chain (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Padding2 (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
FieldID3 (optional) |
Length3 (optional) |
||||||||||||||||||||||||||||||
|
Keytoken (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Padding3 (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
FieldID4 (optional) |
Length4 (optional) |
||||||||||||||||||||||||||||||
|
Classifier (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Padding4 (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
FieldID5 (optional) |
Length5 (optional) |
||||||||||||||||||||||||||||||
|
Extended Payload (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Padding5 (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
FieldID6 (optional) |
Length6 (optional) |
||||||||||||||||||||||||||||||
|
Route Entry (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Padding6 (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
FieldID7 (optional) |
Length7 (optional) |
||||||||||||||||||||||||||||||
|
CPA (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
FieldID1 (2 bytes): MUST be set to 0x0040 (FLAGS_FIELD).
Length1 (2 bytes): MUST be set to 0x0006.
000000 (6 bits): These bits are all reserved. MUST be set to zero when sent and MUST be ignored on receipt.
L (1 bit): Leaf Set. If set, this flag indicates that the target Key is unknown to the sender, but it is in the sender's Leaf Set if the target Key is known.
00000 (5 bits): These bits are all reserved. MUST be set to zero when sent and MUST be ignored on receipt.
B (1 bit): Busy. If set, indicates that the sender is too busy to handle a LOOKUP message request.
00 (2 bits): These bits are all reserved. MUST be set to zero when sent and MUST be ignored on receipt.
N (1 bit): Not Found. If set, indicates that the requested Validate Key in the LOOKUP or INQUIRE message is not known to the sender.
Padding1 (2 bytes): MUST be set to zero when sent, and MUST be ignored on receipt.
FieldID2 (2 bytes): If present, MUST be set to 0x0080 (CREDENTIAL). Note that a receiver can tell whether this field is present or absent, based on the value at this location.
Length2 (2 bytes): MUST be present if and only if FieldID2 is present. If present, it MUST be set to 4 plus the length in bytes of the Certificate Chain field.
Certificate Chain (variable): A Certificate Chain containing the public key used to sign the CPA and its Certificate Chain. MUST be present if and only if FieldID2 is present.
Padding2 (variable): A number of bytes between 0 and 3, such that the offset from the start of the message to the end of this field is a multiple of 4. MUST be present if and only if FieldID2 is present. MUST be set to zero when sent, and MUST be ignored on receipt.
FieldID3 (2 bytes): If present, MUST be set to 0x009F (KEYTOKEN). This field MUST be present if and only if the protocol is executing in confidential security mode.
Length3 (2 bytes): If present, MUST be set to 4 plus the length in bytes of the Keytoken field. This field MUST be present if and only if FieldID3 is present.
Keytoken (variable): Contains a Keytoken structure defined in the security profile and provided by the upper-layer application. It is used by the recipient of the message to decrypt the encrypted structures in this message. This field MUST be present if and only if FieldID3 is present.
Padding3 (variable): A number of bytes between 0 and 3, such that the offset from the start of the message to the end of this field is a multiple of 4. This field MUST be present if and only if FieldID3 is present. This field MUST be set to zero and ignored on receipt.
FieldID4 (2 bytes): If present, MUST be set to 0x0085 (CLASSIFIER) if and only if the protocol is not executing in confidential security mode. If present, MUST be set to 0x00A3 (ENCRYPTED_CLASSIFIER) if and only if the protocol is executing in confidential security mode.
Length4 (2 bytes): MUST be present if and only if FieldID4 is present. If present, MUST be set to 4 plus the length, in bytes, of the Classifier field.
Classifier (variable): MUST contain a FIELD_ARRAY of WCHAR elements representing the classifier string if and only if FieldID4 is set to 0x0085 (CLASSIFIER). It MUST contain an array of bytes if FieldId4 is set to 0x00A3 (ENCRYPTED_CLASSIFIER). It MUST NOT be present if FieldID4 is not present.
Padding4 (variable): A number of bytes between 0 and 3, such that the offset from the start of the message to the end of this field is a multiple of 4. MUST be present if and only if FieldID4 is present. MUST be set to zero when sent, and MUST be ignored on receipt.
FieldID5 (2 bytes): If present, MUST be set to 0x005A (EXTENDED_PAYLOAD) if and only if the protocol is NOT executing in confidential security mode. If present, MUST be set to 0x00A4 (ENCRYPTED_PAYLOAD) if and only if the protocol is executing in confidential security mode. Note that a receiver can determine whether this field is present or absent, based on the value at this location. This field is present if the X flag is set in the INQUIRE message in response to which this AUTHORITY is generated.
Length5 (2 bytes): MUST be present if and only if FieldID5 is present. If present, MUST be set to 4 plus the length, in bytes, of the Extended Payload field.
Extended Payload (variable): An EXTENDED_PAYLOAD structure. MUST be present if and only if FieldID5 is present. The Extended Payload structure MUST be encrypted if and only if the protocol is executing in confidential security mode.
Padding5 (variable): A number of bytes between 0 and 3, such that the offset from the start of the message to the end of this field is a multiple of 4. MUST be present if and only if FieldID5 is present. MUST be set to zero when sent, and MUST be ignored on receipt.
FieldID6 (2 bytes): If present, MUST be set to 0x009A (ROUTING_ENTRY) if and only if the protocol is NOT executing in confidential security mode. If present, MUST be set to 0x00A1 (ENCRYPTED_ROUTING_ENTRY) if and only if the protocol is executing in confidential security mode. Note that a receiver can tell whether this field is present or absent, based on the value at this location. This field is present if the sender is responding to a lookup with a next hop routing entry.
Length6 (2 bytes): MUST be present if and only if FieldID6 is present. If present, MUST be set to 4 plus the length, in bytes, of the Route Entry field.
Route Entry (variable): A ROUTE_ENTRY structure. MUST be present if and only if FieldID6 is present. For a response to a LOOKUP message, this MUST be the route entry that is the closest to the target key in the LOOKUP message, as seen by the remote node. The ROUTE_ENTRY structure MUST be encrypted if and only if the protocol is executing in confidential security mode.
Padding6 (variable): A number of bytes between 0 and 3, such that the offset from the start of the message to the end of this field is a multiple of 4. MUST be present if and only if FieldID6 is present. MUST be set to zero when sent, and MUST be ignored on receipt.
FieldID7 (2 bytes): If present, MUST be set to 0x009B (VALIDATE_CPA) if and only if the protocol is NOT executing in confidential security mode. If present, MUST be set to 0x00A2 (ENCRYPTED_CPA) if and only if the protocol is executing in confidential security mode. Note that a receiver can tell whether this field is present or absent, based on the value at this location.
Length7 (2 bytes): MUST be present if and only if FieldID7 is present. If present, it MUST be set to 4 plus the length, in bytes, of the CPA field.
CPA (variable): An Encoded CPA structure. The Encoded CPA structure MUST be encrypted if and only if the protocol is executing in confidential security mode.