Controlling the central power supply via XML
G&D MultiPower-12-NT ·
19
English
Notes on encrypting passwords
While the entire data stream is transmitted encrypted when
transport encryption
is acti-
vated, encryption with
password encryption
is limited exclusively to the passwords of
the user accounts in the XML requests.
A subset of the W3 standard
XML encryption
is used for encrypting passwords. The pass-
word is replaced by an
<EncryptedData>
container with the XML namespace
"http://
www.w3.org/2001/04/xmlenc#"
. In this container, the container
<CipherData>
is
expected, which in turn contains the container
<CipherValue>
:
The encrypted data block (
CipherValue
) consists of the combination of initialization vec-
tor and encrypted text with padding encoded in BASE64.
NOTE:
When using XML requests, passwords can either be encrypted (recom-
mended) or sent to the device in plain text if password encryption is activated.
PASSWORD AS EMBEDDED ENCRYPTED TEXT
<?xml version=\"1.0\" encoding=\"utf-8\"?>
<root>
<logon>
<DviConsole>0x22222222</DviConsole>
<User>JohnDoe</User>
<Password>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#">
<CipherData>
<CipherValue>B2Wmn52teOPvY31wq0l4nw==</CipherValue>
</CipherData>
</EncryptedData>
</Password>
</logon>
</root>