Registration and Authentication of DTS Components to the system is achieved using an initial handshake process which ensures that all the actors involved are genuine and authorized DTS components.
The following diagrams present the entire initial handshake process in detail.
•The first step is for the Component that wants to register to compose its Registration Request.
The Authentication Package has exactly the following binary format:
Bytes |
Value |
0 to 7 |
Little Endian representation of the current timestamp (as a 64-bit signed integer (long) representing milliseconds since epoch) |
8 to 15 |
Little Endian representation of the byte length of COMP CERT (as a 64-bit signed integer (long) - [COMP_CERT_length] ) |
16 to [COMP_CERT_length] + 15 |
The Component's certificate encoded as a byte array - COMP CERT |
Rest |
The component signature as a byte array |
The resulting byte array is encoded as a Base64 String and included in the Registration Request.
•Next, the Controller verifies the request and composes a response that will authenticate itself to the Component while also providing the encryption keys for further communication.
The encrypted channel keys and component signature are encoded as Base64 strings for inclusion in the registration response.
•Finally, the Component verifies the Controller's response and begins normal operations.
