cain.011.001.01
The KeyExchangeInitiation message is sent by any party to an acquirer, an issuer or an agent, to initiate a cryptographic key exchange.
Message Construction
Every ISO20022 message has at the highest level what we call ‘building blocks’. Because the message is constructed as immutable records, the association is by composition. Below you can see the relationship between the message and its constituent building blocks: For comparison, see the ISO20022 official specification
classDiagram
direction LR
%% KeyExchangeInitiation recursion level 0 with max 0
KeyExchangeInitiation *-- "1..1" Header17 : Header
KeyExchangeInitiation *-- "1..1" AcquirerKeyExchangeInitiation1 : KeyExchangeInitiation
KeyExchangeInitiation *-- "1..1" ContentInformationType12 : SecurityTrailer
Now, we will zero-in one-by-one on each of these building blocks.
Header building block
Information related to the protocol management. Set of characteristics related to the protocol. For comparison, see the ISO20022 official specification
classDiagram
direction tb
%% Header17 recursion level 0 with max 1
class Header17{
MessageFunction MessageFunction6Code
ProtocolVersion IsoMax6Text
ExchangeIdentification IsoMax3NumericText
ReTransmissionCounter IsoMax3NumericText
CreationDateTime IsoISODateTime
}
Header17 *-- "1..1" GenericIdentification73 : InitiatingParty
Header17 *-- "0..1" GenericIdentification73 : RecipientParty
Header17 *-- "0..0" Traceability3 : Traceability
%% GenericIdentification73 recursion level 1 with max 1
class GenericIdentification73{
Identification IsoMax35Text
Type PartyType9Code
Issuer PartyType9Code
Country IsoMin2Max3AlphaText
ShortName IsoMax35Text
}
%% GenericIdentification73 recursion level 1 with max 1
class GenericIdentification73{
Identification IsoMax35Text
Type PartyType9Code
Issuer PartyType9Code
Country IsoMin2Max3AlphaText
ShortName IsoMax35Text
}
%% Traceability3 recursion level 1 with max 1
class Traceability3{
TraceDateTimeIn IsoISODateTime
TraceDateTimeOut IsoISODateTime
}
Traceability3 *-- "1..1" GenericIdentification74 : RelayIdentification
Header17 members
| Member name | Description | Data Type / Multiplicity |
|---|---|---|
| MessageFunction | Identifies the type of process related to the message. | MessageFunction6Code - Required 1..1 |
| ProtocolVersion | Version of the acquirer to issuer protocol specifications. | IsoMax6Text - Required 1..1 |
| ExchangeIdentification | Unique identification of an exchange occurrence. | IsoMax3NumericText - Required 1..1 |
| ReTransmissionCounter | Number of retransmission of the message. Incremented by one for each retransmission. | IsoMax3NumericText - Optional 0..1 |
| CreationDateTime | Date and time at which the message was sent. | IsoISODateTime - Required 1..1 |
| InitiatingParty | Unique identification of the partner that has initiated the exchange. | GenericIdentification73 - Required 1..1 |
| RecipientParty | Unique identification of the partner that is the recipient of the message exchange. | GenericIdentification73 - Optional 0..1 |
| Traceability | Identification of partners involved in exchange from the merchant to the issuer, with the relative timestamp of their exchanges. | Traceability3 - Unknown 0..0 |
KeyExchangeInitiation building block
Information related to the key exchange. Information related to the key exchange. For comparison, see the ISO20022 official specification
classDiagram
direction tb
%% AcquirerKeyExchangeInitiation1 recursion level 0 with max 1
AcquirerKeyExchangeInitiation1 *-- "1..1" CardTransactionEnvironment6 : Environment
AcquirerKeyExchangeInitiation1 *-- "1..1" CardTransaction13 : Transaction
%% CardTransactionEnvironment6 recursion level 1 with max 1
CardTransactionEnvironment6 *-- "1..1" GenericIdentification73 : SendingInstitution
CardTransactionEnvironment6 *-- "1..1" GenericIdentification73 : ReceivingInstitution
%% CardTransaction13 recursion level 1 with max 1
class CardTransaction13{
KeyExchangeType CardServiceType3Code
InitiatorDateTime IsoISODateTime
}
CardTransaction13 *-- "0..0" KEKIdentifier3 : RequestedKey
CardTransaction13 *-- "0..0" CryptographicKey6 : Key
CardTransaction13 *-- "0..1" ResponseType2 : TransactionResponse
AcquirerKeyExchangeInitiation1 members
| Member name | Description | Data Type / Multiplicity |
|---|---|---|
| Environment | Environment of the transaction. | CardTransactionEnvironment6 - Required 1..1 |
| Transaction | Key exchange transaction. | CardTransaction13 - Required 1..1 |
SecurityTrailer building block
Trailer of the message containing a MAC or a digital signature. General cryptographic message syntax (CMS) containing protected data. For comparison, see the ISO20022 official specification
classDiagram
direction tb
%% ContentInformationType12 recursion level 0 with max 1
class ContentInformationType12{
ContentType ContentType2Code
}
ContentInformationType12 *-- "0..1" EnvelopedData4 : EnvelopedData
ContentInformationType12 *-- "0..1" AuthenticatedData4 : AuthenticatedData
ContentInformationType12 *-- "0..1" SignedData4 : SignedData
ContentInformationType12 *-- "0..1" DigestedData4 : DigestedData
%% EnvelopedData4 recursion level 1 with max 1
class EnvelopedData4{
Version IsoNumber
}
EnvelopedData4 *-- "1..0" IRecipient4Choice : Recipient
EnvelopedData4 *-- "0..1" EncryptedContent3 : EncryptedContent
%% AuthenticatedData4 recursion level 1 with max 1
class AuthenticatedData4{
Version IsoNumber
MAC IsoMax140Binary
}
AuthenticatedData4 *-- "1..0" IRecipient4Choice : Recipient
AuthenticatedData4 *-- "1..1" AlgorithmIdentification15 : MACAlgorithm
AuthenticatedData4 *-- "1..1" EncapsulatedContent3 : EncapsulatedContent
%% SignedData4 recursion level 1 with max 1
class SignedData4{
Version IsoNumber
Certificate IsoMax5000Binary
}
SignedData4 *-- "1..0" AlgorithmIdentification16 : DigestAlgorithm
SignedData4 *-- "1..1" EncapsulatedContent3 : EncapsulatedContent
SignedData4 *-- "1..0" Signer3 : Signer
%% DigestedData4 recursion level 1 with max 1
class DigestedData4{
Version IsoNumber
Digest IsoMax140Binary
}
DigestedData4 *-- "1..1" AlgorithmIdentification16 : DigestAlgorithm
DigestedData4 *-- "1..1" EncapsulatedContent3 : EncapsulatedContent
ContentInformationType12 members
| Member name | Description | Data Type / Multiplicity |
|---|---|---|
| ContentType | Type of data protection. | ContentType2Code - Required 1..1 |
| EnvelopedData | Data protection by encryption, with a session key. | EnvelopedData4 - Optional 0..1 |
| AuthenticatedData | Data protection by a message authentication code (MAC). | AuthenticatedData4 - Optional 0..1 |
| SignedData | Data protected by a digital signatures. | SignedData4 - Optional 0..1 |
| DigestedData | Data protected by a digest. | DigestedData4 - Optional 0..1 |
Extensibility and generalization considerations
To facilitate generalized design patterns in the system, the KeyExchangeInitiation implementation follows a specific implementaiton pattern. First of all, KeyExchangeInitiation impleemnts IOuterRecord indicating it is the outermost logical part of the message definition. Like all message wrappers, KeyExchangeInitiationDocument implements IOuterDocument. Because KeyExchangeInitiation implements IOuterDocument, it is a suitable template parameter for IOuterDocument, and causes the internal ‘Message’ to be of type KeyExchangeInitiation.
classDiagram
class IOuterRecord
KeyExchangeInitiation --|> IOuterRecord : Implements
KeyExchangeInitiationDocument --|> IOuterDocument~KeyExchangeInitiation~ : Implements
class IOuterDocument~KeyExchangeInitiation~ {
KeyExchangeInitiation Message
}
Document wrapper for serialization
The only real purpose KeyExchangeInitiationDocument serves is to cause the document to be serialized into the ‘urn:iso:std:iso:20022:tech:xsd:cain.011.001.01’ namespace. Therefore, it will probably be the usual practice to build the message and construct this wrapper at the last minute using KeyExchangeInitiation.ToDocument() method. The returned KeyExchangeInitiationDocument value will serialize correctly according to ISO 20022 standards.
classDiagram
KeyExchangeInitiationDocument *-- KeyExchangeInitiation : Document
Sample of message format
This is an abbreviated version of what the message should look like.
<Document xmlns="urn:iso:std:iso:20022:tech:xsd:cain.011.001.01">
<KeyXchgInitn>
<Hdr>
<!-- Header inner content -->
</Hdr>
<KeyXchgInitn>
<!-- KeyExchangeInitiation inner content -->
</KeyXchgInitn>
<SctyTrlr>
<!-- SecurityTrailer inner content -->
</SctyTrlr>
</KeyXchgInitn>
</Document>
Data from ISO specification
This is the technical data from the specification document.
<messageDefinition
xmi:id="_tdBdMHvGEeSCJdwgzb6SFw"
nextVersions="_2CqhVVWVEeeiG_nL4vgKnQ"
name="KeyExchangeInitiation"
definition="The KeyExchangeInitiation message is sent by any party to an acquirer, an issuer or an agent, to initiate a cryptographic key exchange."
registrationStatus="Registered"
messageSet="_urpIICeJEeOCeO5e7islRQ"
xmlTag="KeyXchgInitn"
rootElement="Document"
xmlns:xmi="http://www.omg.org/XMI">
<messageBuildingBlock
xmi:id="_4D0cwHvGEeSCJdwgzb6SFw"
name="Header"
definition="Information related to the protocol management."
registrationStatus="Provisionally Registered"
maxOccurs="1"
minOccurs="1"
xmlTag="Hdr"
complexType="_l60LgXq_EeSA34QF-FhTBw" />
<messageBuildingBlock
xmi:id="_K6H0YHvHEeSCJdwgzb6SFw"
name="KeyExchangeInitiation"
definition="Information related to the key exchange."
registrationStatus="Provisionally Registered"
maxOccurs="1"
minOccurs="1"
xmlTag="KeyXchgInitn"
complexType="_E98w4HvHEeSCJdwgzb6SFw" />
<messageBuildingBlock
xmi:id="_urqrgHvPEeSCJdwgzb6SFw"
name="SecurityTrailer"
definition="Trailer of the message containing a MAC or a digital signature."
registrationStatus="Provisionally Registered"
maxOccurs="1"
minOccurs="1"
xmlTag="SctyTrlr"
complexType="_PwIbYWmPEeS7iYydEtv3Ug" />
<messageDefinitionIdentifier
businessArea="cain"
messageFunctionality="011"
flavour="001"
version="01" />
</messageDefinition>
ISO Building Blocks
The following items are used as building blocks to construct this message.