Open Exchange
Global Masters
Home / Class Reference / %SYS namespace / %SOAP.WSSC.DerivedKeyToken
Private  Storage   


class %SOAP.WSSC.DerivedKeyToken extends

DerivedKeyToken from WS-SecureConversation 1.4.


Parameters Properties Methods Queries Indices ForeignKeys Triggers
4 12 9


Algorithm Generation Id Implied
Key KeyElement Label Length
Nonce Offset OriginalElement Properties
ReferenceOption SecurityTokenReference WasEncrypted

%%OIDGet %AddToSaveSet %BindExport %BuildObjectGraph
%ClassIsLatestVersion %ClassName %Close %ConstructClone
%DispatchClassMethod %DispatchGetModified %DispatchGetProperty %DispatchMethod
%DispatchSetModified %DispatchSetMultidimProperty %DispatchSetProperty %Extends
%GetParameter %IncrementCount %IsA %IsModified
%New %NormalizeObject %ObjectModified %OriginalNamespace
%PackageName %RemoveFromSaveSet %SerializeObject %SetModified
%ValidateObject %XMLGenerate ComputeDerivedKey Create
Equals GetId InitializeForService InitializeKey
PSHA1 Perform Reset ValidateElement
ValidateKey XMLAfterExport XMLBeforeExport XMLDTD
XMLExport XMLExportInternal XMLExportToStream XMLExportToString
XMLGetSchemaImports XMLImport XMLImportInternal XMLIsObjectEmpty
XMLNew XMLSchema XMLSchemaNamespace XMLSchemaType


• parameter ELEMENTQUALIFIED = 1;
ELEMENTQUALIFIED controls the format of exported XML. The ELEMENTQUALIFIED specification should be based on the elementFormDefault attribute of the schema that defines the type. To maintain compatibility, ELEMENTQUALIFIED will default to 1 (true) for literal format export and will default to 0 (false) for encoded or encoded12 format export. These were the values always previously assumed for the elementFormDefault attribute. NOTE: Direct use of XMLExport method does not support the ELEMENTQUALIFIED. The export must be done using %XML.Writer or SOAP support.
• parameter NAMESPACE = "http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
NAMESPACE specifies the XML namespace to be used when projecting the class to XML. if NAMESPACE - "", the default namespace is used for the XML schema is used as the namespace for his class.
• parameter XMLFORMAT = "literal";
The XMLFORMAT parameter controls the generation of the XMLExport and XMLImport methods for XML enabled classes to include code for only literal or only encoded format. This allows the generated routines to be significantly smaller since usually both formats are not needed.
If XMLFORMAT="Literal", then only support for literal format import and export is generated.
If XMLFORMAT="Encoded", then only support for SOAP encoded format import and export is generated.
The default is to generate support for both literal and encoded format.
• parameter XMLPREFIX = "wsc";
The XMLPREFIX parameter controls the prefix to be used for the XML namespace that is given by the NAMESPACE parameter.


• property Algorithm as %xsd.anyURI(XMLPROJECTION="attribute");
• property Generation as %xsd.unsignedLong;
• property Implied as %Boolean(XMLPROJECTION="none");
Set Implied property = 1 to indicate make this an implied DerivedKeyToken. Am implied DerivedKeyToken should not be included in token list of Security header.
• property Key as %Binary(XMLPROJECTION="none");
The symmetric derived key.
• property KeyElement as %SOAP.Security.Element(XMLPROJECTION="none");
The key element which contains the key material to use for creating the Key. The type of this property depends on the reference option.
• property Label as %String(MAXLEN="");
• property Length as %xsd.unsignedLong;
• property Nonce as %xsd.base64Binary;
• property Offset as %xsd.unsignedLong;
• property Properties as %SOAP.WSSC.Properties;
• property ReferenceOption as %String(XMLPROJECTION="none");
ReferenceOption argument from the Create call.
• property SecurityTokenReference as %SOAP.Security.SecurityTokenReference(REFELEMENTQUALIFIED=1,REFNAMESPACE="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",XMLREF=1);


• method ComputeDerivedKey(basekey As %Binary, Output error As %String) as %Binary
Compute DerivedKey based on properties of this class
• classmethod Create(keyElement As %SOAP.Security.Element = "", referenceOption As %Integer = "") as %SOAP.WSSC.DerivedKeyToken
Create a DerivedKeyToken element that is to be referenced from an EncryptedKey, EncryptedData or Signature element and that is to carry a key derived from a symmetric key specified by its SecurityTokenReference element.

The properties of %SOAP.WSSC.DerivedKeyToken instance may be set after the instance is created. The SecurityTokenReference is set by the Create method. The other properties default as specified by WS-SecureConversation. If not otherwise set, the Nonce property defaults to a 16 octet random binary string.
  • keyElement is the Security element which will supply the symmetric key: either an EncryptedKey or SecurityContextToken element. The required keyElement type depends on referenceOption specified. See referenceOption for details.
  • The referenceOption argument specifies the type of reference which will be in the SecurityTokenReference.
    • $$$SOAPWSReferenceEncryptedKey is reference to an EncryptedKey element in this message. The keyElement argument must be specified and is the EncryptedKey element.
    • $$$SOAPWSReferenceEncryptedKeySHA1 is reference by the SHA1 hash of the key contained in the EncryptedKey element specified as the first argument. If the keyElement is not specified, the key from the first EncryptedKey element in the received message is used.
    • $$$SOAPWSReferenceDerivedKey is reference to a DerivedKeyToken element in this message. The keyElement argument must be specified and is the DerivedKeyToken element.
    • $$$SOAPWSReferenceSCT is reference by wsu:Id to a SecurityContextToken element in this message. The keyElement argument must be specified and is the SecurityContextToken element.
    • $$$SOAPWSReferenceSCTIdentifier is reference by Identifier and Instance to a SecurityContextToken element not necessarily in this message. The keyElement argument must be specified and is the SecurityContextToken element.
    • If referenceOption is "" or not specified, no SecurityTokenReference is created.
• method Equals(credentials As %SOAP.WSSC.DerivedKeyToken) as %Boolean
Return true if the same Key.
• method InitializeForService(service As %SOAP.WebBase, header As %SOAP.Security.Header) as %Status
• method InitializeKey(service As %SOAP.WebBase, algorithm As %String) as %Status
Initialize the derived key.
• classmethod PSHA1(secret As %Binary, seed As %Binary, length As %Integer) as %Binary
Compute P_SHA-1 from RFC 2246. Return computation of function of specified length.
• method Reset()
Reset the element.
• method ValidateElement(document As %XML.Document, service As %SOAP.WebBase) as %String
Validate the security header element. If invalid return an error code.
• method ValidateKey(service As %SOAP.WebBase) as %String
Validate the derived key. If invalid return an error code.