PROTOCOL: Symmetric Key Services (SKS) response with a symmetric key


PROTOCOL: Symmetric Key Services (SKS) response with a KeyCachePolicy (KCP)
A successful response to a KCP request (without the WSS overlay) resembles the following:
	<kcp:KeyCachePolicy xmlns:kcp="http://www.strongauth.com/2006/01/symkey#KeyCachePolicy">
		<kcp:kcpid>2</kcp:kcpid> <kcp:name>Active KeyCachePolicy for all devices</kcp:name> <kcp:description>This is a modified description for KCPID 2</kcp:description> <kcp:start_date>2006-08-02 11:49:13.0</kcp:start_date> <kcp:end_date>2010-10-12 12:31:35.0</kcp:end_date> <kcp:maxnewkeys>0</kcp:maxnewkeys> <kcp:maxnewdays>0</kcp:maxnewdays> <kcp:maxusedkeys>5</kcp:maxusedkeys> <kcp:maxuseddays>60</kcp:maxuseddays> <kcp:usefirst>Cache</kcp:usefirst> <kcp:status>Active</kcp:status>
	</kcp:KeyCachePolicy>

The same response when wrapped within the OASIS WSS protocol:

	<?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1"> <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="XWSSGID-1154643601188487838158">MIIEJTCCAw2gAwIBAgIIK8YzLjBJ0qswDQYJKoZIhvcNAQELBQAwZzEmMCQGA1UEAxMdU3Ryb25n S2V5IERFTU8gU3Vib3JkaW5hdGUgQ0ExJDAiBgNVBAsTG0ZvciBTdHJvbmdLZXkgREVNTyBVc2Ug T25seTEXMBUGA1UEChMOU3Ryb25nQXV0aCBJbmMwHhcNMDYwNzI1MTYzODE4WhcNMDcwNzI1MTY0 ODE4WjBqMRIwEAYKCZImiZPyLGQBARMCMTAxFTATBgNVBAMTDFNLUyBTZXJ2ZXItMjEkMCIGA1UE CxMbRm9yIFN0cm9uZ0tleSBERU1PIFVzZSBPbmx5MRcwFQYDVQQKEw5TdHJvbmdBdXRoIEluYzCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ2Kge/hQG7b7Tv7vWzt+phYWQxGsurJ0fUM ILXJ+BfY7INZ7g9K9ZuqjE62Vds6odX2C91Wk0vIPeeyl10EQ6u2LsYi0qswlydrW4Qbt6zR8376 NuQdhGtyNsboeG7UDzFDJDIu8NxO6tE72t5nFdtTIbM6O11mZ43KZxhUizst8qGR1cpnU7bhTuRm Ud737tLvowe4ubYRk8n/9DDTG1MR3BhKD9ylqW7j1+9nAG9JUshIbNoZZ6Z0aCxp7QvpiOjLnkIq znwq50gWEyZYJSVu5W++XCORIIGjEiRJqHKblwjHF3HXCGQqIuzGnFf275sOi9qO3ALtNpS75li4 bF0CAwEAAaOB0TCBzjAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0OBBYEFB7F74j+RVORjhNyCeaLcGpR GhFiMB8GA1UdIwQYMBaAFPTYwEHoJG4iFVHRnt2EWxGluAQVMCYGA1UdEQQfMB2BG3NlcnZlci5h ZG1pbkBzdHJvbmdhdXRoLmNvbTAYBgNVHSAEETAPMA0GCysGBAHSEoN9AQQBMDoGA1UdHwQzMDEw L6AtoCuGKWh0dHA6Ly9kZW1vLnN0cm9uZ2tleS5vcmcvZGVtby1zdWItY2EuY3JsMA0GCSqGSIb3 DQEBCwUAA4IBAQAkhGJr1wg/Qt6JKnxvWKK/0fOlguSRRQl1in37MTtnqot7H8ahkaDP2sVXNW1V LrEeXyNfHE4vTAoP5VIiT8nXlsvdujqRAsY0gigJ5VJ/D990DBqKN2kotvZMvbAY4mcDdU+TaX4z k/oetZqrAYX7Szs3NUgxopd8K+GzdR+b1FzlAhvf39zqrCjEGYjJyxfPQruWKPmdvRO1ccIxvQlG kMP9nDOKbnRNTmS1ZOJqktytFAjAlfEVoaV5/mACOZOYKpUJsOHm+TwSyR9373kMjIWh8oCpiFYf 2kQKk66f86UazwChKnDQn1THnFFBukr6VRw50AaIaXVTauCM+R1X</wsse:BinarySecurityToken> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse SOAP-ENV"/> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#XWSSGID-1154643528345-183864812"> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>JWAIjBcvriJGGfaPp4gKvoc8kdw=</ds:DigestValue> </ds:Reference> <ds:Reference URI="#XWSSGID-11546435283461063250055"> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>fN74wtJOaVfSgSEe3zyBooVjEc8=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>H7adGcmI7Lu5kdlNLpibhkoLTCEJDThoM9JHx1IbFazfgzewvwu7RVVqNxcTbBM/ixJq2b7I0MZk RjQk9jDG+L+mCSLsolk6NSCkrHbRroajgrMuT3oErKekbYaECm++5wPBpNdubAqt7A0/QXgLYmRn naDuK1pMNxi/7GRK9YJWZZ1BHBKASOgKbzuBooiXK4fZFVfP5S4k1RjxGODxudZ9NEY4AxUCB3xK O/VoHqKL8O2nGmmB1AsdpY0Qccze1T/MsOs83ufrLbPcIOG0rNBmiAMiHPtM8FQD/GmQXcnWhyb0 knezpftaZqw1i/tTFQENMFcmJga89UIMLkYrKA==</ds:SignatureValue> <ds:KeyInfo> <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1154643528342-2073946234"> <wsse:Reference URI="#XWSSGID-1154643601188487838158" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-11546435283461063250055"> <wsu:Created>2006-08-03T22:18:48Z</wsu:Created> <wsu:Expires>2006-09-02T22:18:48Z</wsu:Expires> </wsu:Timestamp> </wsse:Security> </SOAP-ENV:Header> <SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1154643528345-183864812"> <kcp:KeyCachePolicy xmlns:kcp="http://www.strongauth.com/2006/01/symkey#KeyCachePolicy"> <kcp:kcpid>2</kcp:kcpid> <kcp:name>Active KeyCachePolicy for all devices</kcp:name> <kcp:description>This is a modified description for KCPID 2</kcp:description> <kcp:start_date>2006-08-02 11:49:13.0</kcp:start_date> <kcp:end_date>2010-10-12 12:31:35.0</kcp:end_date> <kcp:maxnewkeys>0</kcp:maxnewkeys> <kcp:maxnewdays>0</kcp:maxnewdays> <kcp:maxusedkeys>5</kcp:maxusedkeys> <kcp:maxuseddays>60</kcp:maxuseddays> <kcp:usefirst>Cache</kcp:usefirst> <kcp:status>Active</kcp:status> </kcp:KeyCachePolicy> </SOAP-ENV:Body> </SOAP-ENV:Envelope>