Skip to main content

%XML.Security.EncryptedKey

Class %XML.Security.EncryptedKey Extends (%XML.Security.KeyInfoClause, %XML.Security.EncryptedType) [ System = 4 ]

For details on using this class, see Encrypting XML Documents. and Encrypting SOAP Security Headers.

XML Encryption element.

Parameters

XMLFORMAT

Parameter XMLFORMAT = "literal";

NAMESPACE

Parameter NAMESPACE = "http://www.w3.org/2001/04/xmlenc#";

ELEMENTQUALIFIED

Parameter ELEMENTQUALIFIED = 1;

Properties

CipherData

Property CipherData As %XML.Security.CipherData(XMLREF = 1) [ Required ];

EncryptionProperties

Property EncryptionProperties As %XML.Security.EncryptionProperties(XMLREF = 1);

ReferenceList

Property ReferenceList As %XML.Security.ReferenceList(XMLREF = 1);

CarriedKeyName

Property CarriedKeyName As %String(MAXLEN = "");

Recipient

Property Recipient As %String(MAXLEN = "", XMLPROJECTION = "attribute");

UsedAsSigningKey

Property UsedAsSigningKey As %Boolean(XMLPROJECTION = "none");

UsedAsSigningKey is true if this EncryptedKey element was used for signing

UsedAsEncryptionKey

Property UsedAsEncryptionKey As %Boolean(XMLPROJECTION = "none");

UsedAsEncryptionKey is true if this EncryptedKey element was used for encryption

EncryptionOptions

Property EncryptionOptions As %Integer(XMLPROJECTION = "none");

EncryptionOptions specifies which parts of the message are to be signed. See %soap.inc definitions of $$$SOAPWSEncrypt.... for possibilities.

EncryptionAlgorithm

Property EncryptionAlgorithm As %String(XMLPROJECTION = "none") [ Calculated, Internal ];

The algorithm used for encryption

Methods

EncryptionAlgorithmGet

Method EncryptionAlgorithmGet() As %String [ CodeMode = expression, Internal ]

CreateX509

ClassMethod CreateX509(credentials As %SYS.X509Credentials = "", encryptionOptions As %Integer, referenceOption As %Integer, Output status As %Status) As %XML.Security.EncryptedKey

Create an EncryptedKey element that is to carry a symmetric key which is encrypted using an X.509 certificate's public key.

  • The certificate is specified in the token argument by a %SYS.X509Credentials instance containing the certificate or a BinarySecurityToken containing the X509 certificate.
  • The encryptionOptions argument specifies the parts of the SOAP message to be encrypted. The default is to encrypt the body - $$$SOAPWSEncryptSoapBody. $$$SOAPWSEncryptNoBody means body will not be encrypted, but other parts added using AddReference method. $$$SOAPWSEncryptNone means there will be no ReferenceList in the EncryptedKey element. See %soap.inc definitions of $$$SOAPWSEncrypt.... for possibilities.
  • The referenceOption argument specifies the type of reference to create. See %soap.inc definitions of $$$SOAPWSReference.... The default is to use the Thumbprint if the first argument is a %SYS.X509Credentials instance.

GetEncryptedKeySHA1

Method GetEncryptedKeySHA1() As %Binary

Get EncryptedKeySHA1 format of this EncryptedKey element. Get EncryptedKeySHA1 format of this EncryptedKey element.

Initialize

Method Initialize() As %Status

Initialize an EncryptedKey element that is intended for creating EncryptedKey elements which will not be in the Security header. EncryptionMethod, and Algorithm or KeySize are expected to be set or defaulted.

InitializeForService

Method InitializeForService(service As %SOAP.WebBase, header As %SOAP.Security.Header) As %Status [ Internal ]

Initialize

EncryptKey

Method EncryptKey() As %Status [ Internal ]

Encrypt the symmetric key

AddReference

Method AddReference(reference As %XML.Security.DataReference, doNotReuse As %Boolean = 0)

Add a reference to XML element using a %XML.Security.DataReference. The reference may be created by using the ##class(%XML.Security.Reference).Create method. If doNotReuse is true, then this reference will be removed during Reset

Perform

Method Perform(messageStream As %BinaryStream, header As %SOAP.Security.Header) As %Status [ Internal ]

Perform encryption

Reset

Method Reset()

Reset the element.

ValidateKey

Method ValidateKey(service As %SOAP.WebBase) As %String [ Internal ]

Validate the key decryption. If invalid return an error code.

ValidateTokenRef

Method ValidateTokenRef(service As %SOAP.WebBase, ByRef tokenType As %String, Output credentials As %RawString) As %String [ Internal ]

Validate this input EncryptedKey used as a KeyInfo clause. If valid, set credentials and tokenType and return "". credentials is this EncryptedKey element

ValidateElement

Method ValidateElement(ByRef document As %XML.Document, service As %SOAP.WebBase, mimeAttachments As %Net.MIMEPart = "") As %String [ Internal ]

Validate the security header element. If invalid return an error code.

Equals

Method Equals(credentials As %XML.Security.EncryptedKey) As %Boolean

Return true if the same Key.