Skip to main content

%SOAP.WSSC.DerivedKeyToken

Class %SOAP.WSSC.DerivedKeyToken Extends %SOAP.Security.Element [ System = 4 ]

DerivedKeyToken from WS-SecureConversation 1.4.

Parameters

XMLFORMAT

Parameter XMLFORMAT = "literal";

NAMESPACE

Parameter NAMESPACE = "http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";

ELEMENTQUALIFIED

Parameter ELEMENTQUALIFIED = 1;

XMLPREFIX

Parameter XMLPREFIX = "wsc";

Properties

SecurityTokenReference

Property SecurityTokenReference As %SOAP.Security.SecurityTokenReference(REFELEMENTQUALIFIED = 1, REFNAMESPACE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", XMLREF = 1);

Properties

Property Properties As %SOAP.WSSC.Properties;

Generation

Property Generation As %xsd.unsignedLong;

Offset

Property Offset As %xsd.unsignedLong;

Length

Property Length As %xsd.unsignedLong;

Label

Property Label As %String(MAXLEN = "");

Nonce

Property Nonce As %xsd.base64Binary;

Algorithm

Property Algorithm As %xsd.anyURI(XMLPROJECTION = "attribute");

Implied

Property Implied As %Boolean(XMLPROJECTION = "none") [ Internal ];

Set Implied property = 1 to indicate make this an implied DerivedKeyToken. Am implied DerivedKeyToken should not be included in token list of Security header.

ReferenceOption

Property ReferenceOption As %String(XMLPROJECTION = "none") [ Internal ];

ReferenceOption argument from the Create call.

KeyElement

Property KeyElement As %SOAP.Security.Element(XMLPROJECTION = "none") [ Internal ];

The key element which contains the key material to use for creating the Key. The type of this property depends on the reference option.

Key

Property Key As %Binary(XMLPROJECTION = "none") [ Internal ];

The symmetric derived key.

Methods

Create

ClassMethod Create(keyElement As %SOAP.Security.Element = "", referenceOption As %Integer = "") As %SOAP.WSSC.DerivedKeyToken

Create a DerivedKeyToken element that is to be referenced from an EncryptedKey, EncryptedData or Signature element and that is to carry a key derived from a symmetric key specified by its SecurityTokenReference element.

The properties of %SOAP.WSSC.DerivedKeyToken instance may be set after the instance is created. The SecurityTokenReference is set by the Create method. The other properties default as specified by WS-SecureConversation. If not otherwise set, the Nonce property defaults to a 16 octet random binary string.

  • keyElement is the Security element which will supply the symmetric key: either an EncryptedKey or SecurityContextToken element. The required keyElement type depends on referenceOption specified. See referenceOption for details.
  • The referenceOption argument specifies the type of reference which will be in the SecurityTokenReference.
    • $$$SOAPWSReferenceEncryptedKey is reference to an EncryptedKey element in this message. The keyElement argument must be specified and is the EncryptedKey element.
    • $$$SOAPWSReferenceEncryptedKeySHA1 is reference by the SHA1 hash of the key contained in the EncryptedKey element specified as the first argument. If the keyElement is not specified, the key from the first EncryptedKey element in the received message is used.
    • $$$SOAPWSReferenceDerivedKey is reference to a DerivedKeyToken element in this message. The keyElement argument must be specified and is the DerivedKeyToken element.
    • $$$SOAPWSReferenceSCT is reference by wsu:Id to a SecurityContextToken element in this message. The keyElement argument must be specified and is the SecurityContextToken element.
    • $$$SOAPWSReferenceSCTIdentifier is reference by Identifier and Instance to a SecurityContextToken element not necessarily in this message. The keyElement argument must be specified and is the SecurityContextToken element.
    • If referenceOption is "" or not specified, no SecurityTokenReference is created.

InitializeForService

Method InitializeForService(service As %SOAP.WebBase, header As %SOAP.Security.Header) As %Status [ Internal ]

Initialize

InitializeKey

Method InitializeKey(service As %SOAP.WebBase, algorithm As %String) As %Status [ Internal ]

Initialize the derived key.

ComputeDerivedKey

Method ComputeDerivedKey(basekey As %Binary, Output error As %String) As %Binary [ Internal ]

Compute DerivedKey based on properties of this class

PSHA1

ClassMethod PSHA1(secret As %Binary, seed As %Binary, length As %Integer) As %Binary [ Internal ]

Compute P_SHA-1 from RFC 2246. Return computation of function of specified length.

ValidateKey

Method ValidateKey(service As %SOAP.WebBase) As %String [ Internal ]

Validate the derived key. If invalid return an error code.

ValidateElement

Method ValidateElement(document As %XML.Document, service As %SOAP.WebBase) As %String [ Internal ]

Validate the security header element. If invalid return an error code.

Reset

Method Reset()

Reset the element.

Equals

Method Equals(credentials As %SOAP.WSSC.DerivedKeyToken) As %Boolean

Return true if the same Key.