The loadKeyComponent (LKC) operation receives a CCKeyComponentType object (along with other parameters to authenticate and authorize the transaction) to store a key component for use with calls to the loadBaseDerivationKey or storeAnsiX9241Key web services. This operation requires four parameters:
DID |
The unique encryption domain identifier. |
username |
The username (service credential) within the encryption domain with the authorization to call this web service. The credential requires the Key Component Operator (KMO) privilege. |
password |
The password of the username to authenticate the credential of the requester. |
keycomp |
The CCKeyComponentType object that contains the key component and metadata. |
When SAKA receives the request, it verifies the credentials presented in the web service operation against its internal database, or an optional LDAP directory server, and then determines their authorization to request the loadKeyComponent service by determining if they are a member of the KMOAuthorized group. If using LDAP, this group and its members must be created in the LDAP directory as a distinct task of the SAKA installation process; when using the SAKA internal database, this group is created automatically.
If the requester is authorized, SAKA parses out the contents of the CCKeyComponentType object. The KCV is used in conjunction with the Key Component to verify the integrity of the Key Component.
On success, the following values will be returned, either as a JSON or XML string; in the case of SOAP, the JSON or XML string is embedded in the objectContent attribute of the CCReturnObject object.
DID |
The unique encryption domain identifier for the domain that serviced this request. |
SRID |
A unique request identifier for this transaction. |
KeyName |
The KeyName of this loaded component. |
K |
The K value of this loaded component. |
N |
The N value of this loaded component. |
KCV |
The KCV of this loaded component. |