cain.012.001.01
The KeyExchangeResponse message is sent by an acquirer, an issuer or an agent to answer to a KeyExchangeInitiation message and complete a cryptographic key exchange.
Message Construction
Every ISO20022 message has at the highest level what we call ‘building blocks’. Because the message is constructed as immutable records, the association is by composition. Below you can see the relationship between the message and its constituent building blocks: For comparison, see the ISO20022 official specification
classDiagram
direction LR
%% KeyExchangeResponse recursion level 0 with max 0
KeyExchangeResponse *-- "1..1" Header17 : Header
KeyExchangeResponse *-- "1..1" AcquirerKeyExchangeResponse1 : KeyExchangeResponse
KeyExchangeResponse *-- "1..1" ContentInformationType12 : SecurityTrailer
Now, we will zero-in one-by-one on each of these building blocks.
Header building block
Information related to the protocol management. Set of characteristics related to the protocol. For comparison, see the ISO20022 official specification
classDiagram
direction tb
%% Header17 recursion level 0 with max 1
class Header17{
MessageFunction MessageFunction6Code
ProtocolVersion IsoMax6Text
ExchangeIdentification IsoMax3NumericText
ReTransmissionCounter IsoMax3NumericText
CreationDateTime IsoISODateTime
}
Header17 *-- "1..1" GenericIdentification73 : InitiatingParty
Header17 *-- "0..1" GenericIdentification73 : RecipientParty
Header17 *-- "0..0" Traceability3 : Traceability
%% GenericIdentification73 recursion level 1 with max 1
class GenericIdentification73{
Identification IsoMax35Text
Type PartyType9Code
Issuer PartyType9Code
Country IsoMin2Max3AlphaText
ShortName IsoMax35Text
}
%% GenericIdentification73 recursion level 1 with max 1
class GenericIdentification73{
Identification IsoMax35Text
Type PartyType9Code
Issuer PartyType9Code
Country IsoMin2Max3AlphaText
ShortName IsoMax35Text
}
%% Traceability3 recursion level 1 with max 1
class Traceability3{
TraceDateTimeIn IsoISODateTime
TraceDateTimeOut IsoISODateTime
}
Traceability3 *-- "1..1" GenericIdentification74 : RelayIdentification
Header17 members
| Member name | Description | Data Type / Multiplicity |
|---|---|---|
| MessageFunction | Identifies the type of process related to the message. | MessageFunction6Code - Required 1..1 |
| ProtocolVersion | Version of the acquirer to issuer protocol specifications. | IsoMax6Text - Required 1..1 |
| ExchangeIdentification | Unique identification of an exchange occurrence. | IsoMax3NumericText - Required 1..1 |
| ReTransmissionCounter | Number of retransmission of the message. Incremented by one for each retransmission. | IsoMax3NumericText - Optional 0..1 |
| CreationDateTime | Date and time at which the message was sent. | IsoISODateTime - Required 1..1 |
| InitiatingParty | Unique identification of the partner that has initiated the exchange. | GenericIdentification73 - Required 1..1 |
| RecipientParty | Unique identification of the partner that is the recipient of the message exchange. | GenericIdentification73 - Optional 0..1 |
| Traceability | Identification of partners involved in exchange from the merchant to the issuer, with the relative timestamp of their exchanges. | Traceability3 - Unknown 0..0 |
KeyExchangeResponse building block
Information related to the response to a key exchange. Information related to the response to a key exchange. For comparison, see the ISO20022 official specification
classDiagram
direction tb
%% AcquirerKeyExchangeResponse1 recursion level 0 with max 1
AcquirerKeyExchangeResponse1 *-- "1..1" CardTransactionEnvironment6 : Environment
AcquirerKeyExchangeResponse1 *-- "1..1" CardTransaction14 : Transaction
%% CardTransactionEnvironment6 recursion level 1 with max 1
CardTransactionEnvironment6 *-- "1..1" GenericIdentification73 : SendingInstitution
CardTransactionEnvironment6 *-- "1..1" GenericIdentification73 : ReceivingInstitution
%% CardTransaction14 recursion level 1 with max 1
class CardTransaction14{
KeyExchangeType CardServiceType3Code
InitiatorDateTime IsoISODateTime
}
CardTransaction14 *-- "0..0" KEKIdentifier3 : KeyVerification
CardTransaction14 *-- "0..0" CryptographicKey6 : Key
CardTransaction14 *-- "1..1" ResponseType2 : TransactionResponse
AcquirerKeyExchangeResponse1 members
| Member name | Description | Data Type / Multiplicity |
|---|---|---|
| Environment | Environment of the transaction. | CardTransactionEnvironment6 - Required 1..1 |
| Transaction | Key exchange transaction. | CardTransaction14 - Required 1..1 |
SecurityTrailer building block
Trailer of the message containing a MAC or a digital signature. General cryptographic message syntax (CMS) containing protected data. For comparison, see the ISO20022 official specification
classDiagram
direction tb
%% ContentInformationType12 recursion level 0 with max 1
class ContentInformationType12{
ContentType ContentType2Code
}
ContentInformationType12 *-- "0..1" EnvelopedData4 : EnvelopedData
ContentInformationType12 *-- "0..1" AuthenticatedData4 : AuthenticatedData
ContentInformationType12 *-- "0..1" SignedData4 : SignedData
ContentInformationType12 *-- "0..1" DigestedData4 : DigestedData
%% EnvelopedData4 recursion level 1 with max 1
class EnvelopedData4{
Version IsoNumber
}
EnvelopedData4 *-- "1..0" IRecipient4Choice : Recipient
EnvelopedData4 *-- "0..1" EncryptedContent3 : EncryptedContent
%% AuthenticatedData4 recursion level 1 with max 1
class AuthenticatedData4{
Version IsoNumber
MAC IsoMax140Binary
}
AuthenticatedData4 *-- "1..0" IRecipient4Choice : Recipient
AuthenticatedData4 *-- "1..1" AlgorithmIdentification15 : MACAlgorithm
AuthenticatedData4 *-- "1..1" EncapsulatedContent3 : EncapsulatedContent
%% SignedData4 recursion level 1 with max 1
class SignedData4{
Version IsoNumber
Certificate IsoMax5000Binary
}
SignedData4 *-- "1..0" AlgorithmIdentification16 : DigestAlgorithm
SignedData4 *-- "1..1" EncapsulatedContent3 : EncapsulatedContent
SignedData4 *-- "1..0" Signer3 : Signer
%% DigestedData4 recursion level 1 with max 1
class DigestedData4{
Version IsoNumber
Digest IsoMax140Binary
}
DigestedData4 *-- "1..1" AlgorithmIdentification16 : DigestAlgorithm
DigestedData4 *-- "1..1" EncapsulatedContent3 : EncapsulatedContent
ContentInformationType12 members
| Member name | Description | Data Type / Multiplicity |
|---|---|---|
| ContentType | Type of data protection. | ContentType2Code - Required 1..1 |
| EnvelopedData | Data protection by encryption, with a session key. | EnvelopedData4 - Optional 0..1 |
| AuthenticatedData | Data protection by a message authentication code (MAC). | AuthenticatedData4 - Optional 0..1 |
| SignedData | Data protected by a digital signatures. | SignedData4 - Optional 0..1 |
| DigestedData | Data protected by a digest. | DigestedData4 - Optional 0..1 |
Extensibility and generalization considerations
To facilitate generalized design patterns in the system, the KeyExchangeResponse implementation follows a specific implementaiton pattern. First of all, KeyExchangeResponse impleemnts IOuterRecord indicating it is the outermost logical part of the message definition. Like all message wrappers, KeyExchangeResponseDocument implements IOuterDocument. Because KeyExchangeResponse implements IOuterDocument, it is a suitable template parameter for IOuterDocument, and causes the internal ‘Message’ to be of type KeyExchangeResponse.
classDiagram
class IOuterRecord
KeyExchangeResponse --|> IOuterRecord : Implements
KeyExchangeResponseDocument --|> IOuterDocument~KeyExchangeResponse~ : Implements
class IOuterDocument~KeyExchangeResponse~ {
KeyExchangeResponse Message
}
Document wrapper for serialization
The only real purpose KeyExchangeResponseDocument serves is to cause the document to be serialized into the ‘urn:iso:std:iso:20022:tech:xsd:cain.012.001.01’ namespace. Therefore, it will probably be the usual practice to build the message and construct this wrapper at the last minute using KeyExchangeResponse.ToDocument() method. The returned KeyExchangeResponseDocument value will serialize correctly according to ISO 20022 standards.
classDiagram
KeyExchangeResponseDocument *-- KeyExchangeResponse : Document
Sample of message format
This is an abbreviated version of what the message should look like.
<Document xmlns="urn:iso:std:iso:20022:tech:xsd:cain.012.001.01">
<KeyXchgRspn>
<Hdr>
<!-- Header inner content -->
</Hdr>
<KeyXchgRspn>
<!-- KeyExchangeResponse inner content -->
</KeyXchgRspn>
<SctyTrlr>
<!-- SecurityTrailer inner content -->
</SctyTrlr>
</KeyXchgRspn>
</Document>
Data from ISO specification
This is the technical data from the specification document.
<messageDefinition
xmi:id="_UPyNIHvQEeS2PZh7wUMQog"
nextVersions="_mpuu1lWdEeeiG_nL4vgKnQ"
name="KeyExchangeResponse"
definition="The KeyExchangeResponse message is sent by an acquirer, an issuer or an agent to answer to a KeyExchangeInitiation message and complete a cryptographic key exchange."
registrationStatus="Registered"
messageSet="_urpIICeJEeOCeO5e7islRQ"
xmlTag="KeyXchgRspn"
rootElement="Document"
xmlns:xmi="http://www.omg.org/XMI">
<messageBuildingBlock
xmi:id="_djiQcHvQEeS2PZh7wUMQog"
name="Header"
definition="Information related to the protocol management."
registrationStatus="Provisionally Registered"
maxOccurs="1"
minOccurs="1"
xmlTag="Hdr"
complexType="_l60LgXq_EeSA34QF-FhTBw" />
<messageBuildingBlock
xmi:id="_MSqJEHvREeS2PZh7wUMQog"
name="KeyExchangeResponse"
definition="Information related to the response to a key exchange."
registrationStatus="Provisionally Registered"
maxOccurs="1"
minOccurs="1"
xmlTag="KeyXchgRspn"
complexType="_HDOPwHvREeS2PZh7wUMQog" />
<messageBuildingBlock
xmi:id="_GvIZoHvSEeS2PZh7wUMQog"
name="SecurityTrailer"
definition="Trailer of the message containing a MAC or a digital signature."
registrationStatus="Provisionally Registered"
maxOccurs="1"
minOccurs="1"
xmlTag="SctyTrlr"
complexType="_PwIbYWmPEeS7iYydEtv3Ug" />
<messageDefinitionIdentifier
businessArea="cain"
messageFunctionality="012"
flavour="001"
version="01" />
</messageDefinition>
ISO Building Blocks
The following items are used as building blocks to construct this message.