iaik.xkms
Interface XResultType

All Superinterfaces:
XMessageAbstractType
All Known Subinterfaces:
CompoundResult, LocateResult, RecoverResult, RegisterResult, ReissueResult, Result, RevokeResult, StatusResult, ValidateResult, XKRSSResult

public interface XResultType
extends XMessageAbstractType

Abstract base type from which all XKMS result messages are derived.

[114] The XResultType type is the type from which all XKMS response element types are derived. The ResultType type inherits the element and attributes of the XMessageAbstractType abstract type and in addition contains the following attributes:

<RequestSignatureValue> [Optional]
The value of the ds:SignatureValue element of the corresponding request.

ResultMajor [Required]
The most significant component of the result code.

ResultMinor [Optional]
The least significant component of the result code.

RequestId [Optional]
The unique identifier Id specified in the request.

[115] If the ResultMajor value has the value 'Represent' the Nonce attribute MUST be present and MUST NOT be the empty string.

[116] The generic <Result> element is returned in response to an XKMS request if and only if the service cannot return a more specific result element that inherits from the ResultType. For example if a request is made for the status of a pending request whose identifier is unknown to the service.

[117] Security Consideration: Care must be taken when signing responses to ensure that the service does not provide a signing oracle, that is sign messages whose content is guessable by an attacker. Implementations MUST ensure that response messages contain a sufficient quantity of unpredictable data such as a pseudo-randomly chosen 'Id' attribute.


Element <RequestSignatureValue>

[123] The <RequestSignatureValue> element in a response contains the value of the base64 encoded value from the content within the block in the corresponding request. If the response is signed this provides a cryptographic linkage between the request and the response.

[124] A service SHOULD include the <RequestSignatureValue> element in a response if the following conditions are satisfied and MUST NOT include the value otherwise:
-- The element was present in the corresponding request,
-- The service successfully verified the <ds:Signature> element in the corresponding request, and
-- The ResponseMechanism RequestSignatureValue was specified.

[125] If the <RequestSignatureValue> element is present in a response the requestor MUST reject the message if either:
-- The corresponding request was not authenticated, or
-- The content of the element used in the request does not match the content of the <RequestSignatureValue> element in the response.


Method Summary
 void addStandardReplyData(XKMSContext ctx, XRequestAbstractType request)
          Adds standard data to the result.
 NCName getRequestId()
          Gets the value of RequestId of this result.
 byte[] getRequestSignatureValue()
          Gets the value of RequestSignatureValue of this result.
 ResultMajor getResultMajor()
          Gets ResultMajor of this result.
 ResultMinor getResultMinor()
          Gets ResultMinor of this result.
 void setRequestId(NCName requestid)
          Sets the RequestId of this result to a new value.
 void setRequestSignatureValue(byte[] value)
          Sets RequestSignature to the specified value.
 void setResultMajor(ResultMajor result)
          Sets ResultMajor of this result.
 void setResultMinor(ResultMinor result)
          Sets ResultMinor of this result.
 
Methods inherited from interface XMessageAbstractType
addDefaults, addOpaqueClientData, clearOpaqueClientData, getId, getMessageName, getNonce, getOpaqueClientData, getService, getSignatureCertificate, hasSignature, isValid, setId, setNonce, setService, setSignature, toString
 

Method Detail

setResultMajor

void setResultMajor(ResultMajor result)
Sets ResultMajor of this result.

Parameters:
result - new value for ResultMajor of this result

getResultMajor

ResultMajor getResultMajor()
Gets ResultMajor of this result.

Returns:
value of ResultMajor of this result

setResultMinor

void setResultMinor(ResultMinor result)
Sets ResultMinor of this result.

Parameters:
result - new value for ResultMinor of this result

getResultMinor

ResultMinor getResultMinor()
Gets ResultMinor of this result.

Returns:
value of ResultMinor of this result

setRequestId

void setRequestId(NCName requestid)
Sets the RequestId of this result to a new value.

Parameters:
requestid - new value for RequestId

getRequestId

NCName getRequestId()
Gets the value of RequestId of this result.

Returns:
value of RequestId of this result

setRequestSignatureValue

void setRequestSignatureValue(byte[] value)
Sets RequestSignature to the specified value.

Parameters:
value - new value for RequestSignature

getRequestSignatureValue

byte[] getRequestSignatureValue()
Gets the value of RequestSignatureValue of this result.

Specified by:
getRequestSignatureValue in interface XMessageAbstractType
Returns:
value of RequestSignatureValue

addStandardReplyData

void addStandardReplyData(XKMSContext ctx,
                          XRequestAbstractType request)
Adds standard data to the result.

The following data is added to the result:
- same as basic message (random Id, Service URI, privkey+cert)
- The RequestId is set to the Id of the request.
- The OpaqueClientData from request is added.
- RequestSignatureValue if signature is valid and RSV requested.

Parameters:
request - request to extract data from