KeyGen2 JUnit Test

SKS Description: SKS Reference - Java Emulator Edition
SKS Vendor: WebPKI.org
SKS API Level: 0.99
SKS Interface: Direct
 
Begin Test (VirtualEnvironment:1)
Virtual Environment option
 

 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c9177c7KVUeB27h9AgDT05Mny7EG",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage",
    "clientCapabilityQuery": ["http://xmlns.webpki.org/keygen2/feature#ve"],
    "signature": {
        "algorithm": "ES256",
        "certificatePath": [
            "MIIClzCCAX-gAwIBAgIGAUDGIccKMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDEwMTAwMDAwMFoXDTIwMDcxMDA5NTk1OVowQjELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1wbGUgT3JnYW5pemF0aW9uMRQwEgYDVQQDEwtleGFtcGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABECkenu7FrOpy7J2FGeO1vrtseQqJT2GsaExxK5UVKe1zhFXjF-V8OFjv_FdM9fqdqwkP_YUnx5epvvHh_-_cQWjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgP4MB0GA1UdDgQWBBR4YF2UOnLWDhOPLLuXYZum7xLMajAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAjBuZK2TcDhib12DSW8rW3kyjfQ3iYtjNSVd7vJ5jyI-0OYQ_NlhN4vVJx7Z02vnrBxv1Nh9swgT5Jpw0724KawGC4P-_bUEvKVz89tPMl9DaV98yQ2YN4cBfhcW3FpAoI4dzBbCzfEplsh9Ek7VxuIgwPozl0AdqOmTjZ3hh54ApSq_PMwENDyCEzD6bvrCrqCjgWSYIQUIvQ7LfO2HAlEE9DcoV4mSl_8uiQ05hRdGmNYUHZVUua0HHX1h_nAS-IcS6_EDd89kEGrL3M92a5wqnIQvDLO2NBCXhHSxoPVyBzv0lIgaO0ixD-q5P2OszRBYG3uk9W_uNIHdoyQn19w"
        ],
        "value": "MGIJVy3qgN0PksdLy1mISsdSt_oVocsT_39F_MrfRg-x-HGItIN4TV0daRKJYHyIX7KuwCzDFRksHkuWNLnlvA"
    }
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c9177c7KVUeB27h9AgDT05Mny7EG",
    "nonce": "u4eVrT7sZmfrXgpvWuaTsA",
    "clientCapabilities": [
        {
            "type": "http://xmlns.webpki.org/keygen2/feature#ve",
            "values": ["http://platforms.extreme-vm.com/type.3"]
        }
    ]
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c9177c7KVUeB27h9AgDT05Mny7EG",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:32Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "bSSJUt8qBRnwY5QWsFxiqHqzmptBPkoaceJIZd0msZQ",
            "y": "SdXFdgNw0udbBXeYen0rAqs5QmBC_w-ZEjhBEm0E37g"
        }
    },
    "virtualEnvironment": {
        "type": "http://platforms.extreme-vm.com/type.3",
        "configuration": "AAECAw",
        "friendlyName": "Acme Industries"
    },
    "nonce": "u4eVrT7sZmfrXgpvWuaTsA",
    "signature": {
        "algorithm": "ES256",
        "certificatePath": [
            "MIIClzCCAX-gAwIBAgIGAUDGIccKMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDEwMTAwMDAwMFoXDTIwMDcxMDA5NTk1OVowQjELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1wbGUgT3JnYW5pemF0aW9uMRQwEgYDVQQDEwtleGFtcGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABECkenu7FrOpy7J2FGeO1vrtseQqJT2GsaExxK5UVKe1zhFXjF-V8OFjv_FdM9fqdqwkP_YUnx5epvvHh_-_cQWjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgP4MB0GA1UdDgQWBBR4YF2UOnLWDhOPLLuXYZum7xLMajAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAjBuZK2TcDhib12DSW8rW3kyjfQ3iYtjNSVd7vJ5jyI-0OYQ_NlhN4vVJx7Z02vnrBxv1Nh9swgT5Jpw0724KawGC4P-_bUEvKVz89tPMl9DaV98yQ2YN4cBfhcW3FpAoI4dzBbCzfEplsh9Ek7VxuIgwPozl0AdqOmTjZ3hh54ApSq_PMwENDyCEzD6bvrCrqCjgWSYIQUIvQ7LfO2HAlEE9DcoV4mSl_8uiQ05hRdGmNYUHZVUua0HHX1h_nAS-IcS6_EDd89kEGrL3M92a5wqnIQvDLO2NBCXhHSxoPVyBzv0lIgaO0ixD-q5P2OszRBYG3uk9W_uNIHdoyQn19w"
        ],
        "value": "RGIdYKFXy_nsa2bsJgzqPt8wG3OL70NA9H81ViU5mjzamckZhcc_fDcGWccdsq16mIDlUw9LlwWGnHx5gCy4dg"
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c9177c7KVUeB27h9AgDT05Mny7EG",
    "clientSessionId": "iAWrG6dmwKYohGBZX2QPX0rh4hQXaee4",
    "serverTime": "2016-01-13T19:58:32Z",
    "clientTime": "2016-01-13T20:58:32+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "KKO1C9gHjiug_6HBCAdERezkA1myI8sG58nSVt4qYuo",
            "y": "4CbyqFlq0_I8YvzXicvh9SYqnHPKM2hy7cSzx82kl5k"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "bxLng9b5CgJO36MpLUPFVNFyl-b-s_Rj9OcQxzvE0OWUgOdFaPuN5zrIDVg8dsjOAjtzY1sjn-y4nA3CIra7FOB5EKmkeewajcR8D2t4HmNkRk46-gWyDjuv3_JNxSpI8hoJI_myKKSt7OK-wbPFNeRDGIryeapAgh8oqJ18IKI",
    "signature": {
        "algorithm": "HS256",
        "value": "_NZ5tYTN4Qw6uIRQvR_SXGB6GCnVshBd_0g2Wf71N3Y"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c9177c7KVUeB27h9AgDT05Mny7EG",
    "clientSessionId": "iAWrG6dmwKYohGBZX2QPX0rh4hQXaee4",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "h14rv4VVygOW3Aeu3o1TiOjJntqDOkIPck3lNcb7TeE"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c9177c7KVUeB27h9AgDT05Mny7EG",
    "clientSessionId": "iAWrG6dmwKYohGBZX2QPX0rh4hQXaee4",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "j9OL7XfQ4fqlctOtlvGBAWIdbxCce5CCCAwPq9yE7sG9-p3g4n57iWkSyCRrdsH766U39qzzIrO4bBXZ8NHuMS6hc69McNntTQOhbunKqmlFVwWEpgJ4tEWBiKv6cIx576iy9o7LJOSD9sh5r1mDGUWR2Fy4dn3jtlgRCD_IbOoctotnNGn1Hmc8JyuxdOgNF5spyX8hqe00BHC5j8VexILzZSBAGamWc-Y9QQyjnRNYJZBBQWlhK0baxhCqlugAk8oAmUPXuQhbZbqtn10sUyhOSerkstrhiiWSk08CK0GT4rsW1pNO5yUqFIeSmyqKHvjB1DaS46UNHVhqC_BOew",
                "e": "AQAB"
            },
            "attestation": "ojNbFbwkvqTJKX-96-PlNXVu3PYHNbb_WMO5gZUywrc"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c9177c7KVUeB27h9AgDT05Mny7EG",
    "clientSessionId": "iAWrG6dmwKYohGBZX2QPX0rh4hQXaee4",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDajCCAlKgAwIBAgIGAVI8kXuAMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzM1oXDTQxMDExMzE5NTgzM1owSjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIzAhBgNVBAMTGktleUdlbjIgVmlydHVhbEVudmlyb25tZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9OL7XfQ4fqlctOtlvGBAWIdbxCce5CCCAwPq9yE7sG9-p3g4n57iWkSyCRrdsH766U39qzzIrO4bBXZ8NHuMS6hc69McNntTQOhbunKqmlFVwWEpgJ4tEWBiKv6cIx576iy9o7LJOSD9sh5r1mDGUWR2Fy4dn3jtlgRCD_IbOoctotnNGn1Hmc8JyuxdOgNF5spyX8hqe00BHC5j8VexILzZSBAGamWc-Y9QQyjnRNYJZBBQWlhK0baxhCqlugAk8oAmUPXuQhbZbqtn10sUyhOSerkstrhiiWSk08CK0GT4rsW1pNO5yUqFIeSmyqKHvjB1DaS46UNHVhqC_BOewIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUPNZ4ZTA3TcggdZWsDBZagtU0s-EwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAFwGJiet_QNjlh63TUS8YANr8qHCk5GXDpNs8YOSTCnCXeH4vS7Y2hhn4U8IwAhXzBpLuQ9cbBO5oVI6CyLuJCX3jgmm25DY_KoMVcsX_Gm70t1KF15p1mTIb8Di6SBkI4ya9P23RBH0sdFrWqRUf6CQIh6Fn69yLPnISYwaytyqgAPss2EMGSGnQc_OVzlY6fmOzg81y3ri2WyeZtbDo4a2UIxnR3nfMJ8ANJOUxrkzXwNb_uJCrux6Wl3eJJSXvkqShThHw_QalDi1SMoHuuN8h3k07wzEWuHyuG6kzwBFmfhxulJ8dbrXcRmBPn_XG-KC95BOCoXzhmMuIsWe51s"
            ],
            "mac": "_oiAonVXEtn5MIBJuNFGQW3Udj4hunmp4t0TeWIpNV0"
        }
    ],
    "nonce": "mRzPsNT4N6NivaTcj6AJ9_NoPlciPMmR3uR1cgQZE38",
    "mac": "rN_K9VI4fQly96NiEEkKZIyinIuhsDpAFXlPmgCWApc"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c9177c7KVUeB27h9AgDT05Mny7EG",
    "clientSessionId": "iAWrG6dmwKYohGBZX2QPX0rh4hQXaee4",
    "attestation": "GIrYMu0RrDUymMcL8B2jBsMVHHtwb3cYttksMf9kxtE"
}


Deployed key[1] CN=KeyGen2 VirtualEnvironment, E=john.doe@example.com


Begin Test (CustomNamedKey:1)
PIN Protection
Multiple Keys
Custom Key Name
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c917bafnMcdRUf5DCZuj6Bi4daS8",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c917bafnMcdRUf5DCZuj6Bi4daS8"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c917bafnMcdRUf5DCZuj6Bi4daS8",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:33Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "kg_L0SoCUA1C8nGiMA9rqflhG8xndhKIHNpAXIbwCuE",
            "y": "O_5Rn1NSoFkdig_DaFE_jzZlwyHgrSlbbjch6Xmq-_o"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c917bafnMcdRUf5DCZuj6Bi4daS8",
    "clientSessionId": "13QcQcgQ7RgS_ZXR9r2G6XWpp1X2iiqz",
    "serverTime": "2016-01-13T19:58:33Z",
    "clientTime": "2016-01-13T20:58:33+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "wtMpueS7VwmSMKB6ILtmfmSbaU-ZhdaAgRvA-uxWjNY",
            "y": "pm4Tr9v-jxHzfNa4q74W_fbZIBuyA-6g208rsHKNMD0"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "Q2bZqgTe-4mhxPS9s07M6kwHo3xhPNAeaOohIrH5aUUgvHBJw4efkQDZ-wFDyrUecZZfuk3Hd9c1rHH3zgq7KqK7TfGXV7lGsQ_AQfA8m2xp7sP1G2SuQKLFMfaQqDnt5nw6IQkB0YPIr0e27DS-tiJ6vd4o-CrBes432KlnbQ8",
    "signature": {
        "algorithm": "HS256",
        "value": "_YhvRC5831XO-XsDWFbbVBuGdRlbXlq7rRdXr_aep7o"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c917bafnMcdRUf5DCZuj6Bi4daS8",
    "clientSessionId": "13QcQcgQ7RgS_ZXR9r2G6XWpp1X2iiqz",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "q0NV4PomE67pX2qQ8c-eAk3QFw63gVfKQ-ghCr5sDzM",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "mac": "tvuBiwBklzJAB0SrnirBS_S20TWoIWnrbawlKcUmo1I"
                },
                {
                    "id": "MyKeyName",
                    "appUsage": "signature",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "f184uIKR5Eury322wsdsMfqgoIOFtGv3DwUxXPWEtqU"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c917bafnMcdRUf5DCZuj6Bi4daS8",
    "clientSessionId": "13QcQcgQ7RgS_ZXR9r2G6XWpp1X2iiqz",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "mgCPGWnZqKmFF_gDKHrRpbhLqCrpmkGsob9uGNjSl6qD2dwHoPxX-HD0m101TUVHBOEov3lJ-BjrMIClePZaphZ8PYKYNxUh0sNdin-Rjr8o8EYyx0zYz8YrApfrEGrvjm_Di79yasLLtqa7PbCCWaxV8OwS7t2Bh_X7MJDGL0-FfbkaL0gOGOoRuDlfj8U292b72xaHUusbp-iIoU3Ip1KCValLc5wvObrwCXxDTiJoE6ZP7MgS_-56tF3pA5Zki3ffXNnqgac3_x1HUOdKQQeFlXDqqbqJm7SKyidYhgt0Krjax3XIBvUBn81F-Cb0OBkZiRUHK-xAlok__DXhkw",
                "e": "AQAB"
            },
            "attestation": "pXOK7AToKhwcebl5DwtY1wfZI4bjFziysvpECVGHd10"
        },
        {
            "id": "MyKeyName",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "ymPc7JBd0D-rq1cPCelGX7nioJlfw3kieU0kkKCyk2s",
                "y": "dO6FRov76lFNt05Gm3HXNEVX_qe24YzzyGXdN4Zlvrk"
            },
            "attestation": "OJ4rG9VgcvSJoQG70NO4tzjqzwwSRj3ErdU9eVZ035s"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c917bafnMcdRUf5DCZuj6Bi4daS8",
    "clientSessionId": "13QcQcgQ7RgS_ZXR9r2G6XWpp1X2iiqz",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDZjCCAk6gAwIBAgIGAVI8kX4_MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNFoXDTQxMDExMzE5NTgzNFowRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFktleUdlbjIgQ3VzdG9tTmFtZWRLZXkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaAI8ZadmoqYUX-AMoetGluEuoKumaQayhv24Y2NKXqoPZ3Aeg_Ff4cPSbXTVNRUcE4Si_eUn4GOswgKV49lqmFnw9gpg3FSHSw12Kf5GOvyjwRjLHTNjPxisCl-sQau-Ob8OLv3Jqwsu2prs9sIJZrFXw7BLu3YGH9fswkMYvT4V9uRovSA4Y6hG4OV-PxTb3ZvvbFodS6xun6IihTcinUoJVqUtznC85uvAJfENOImgTpk_syBL_7nq0XekDlmSLd99c2eqBpzf_HUdQ50pBB4WVcOqpuombtIrKJ1iGC3QquNrHdcgG9QGfzUX4JvQ4GRmJFQcr7ECWiT_8NeGTAgMBAAGjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBRynRaN43_dE54P5UGnDfZN496WzjAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEARowBzGh6XsG3LT6Rd6cAcfxJzN9-Oa1EFgRhsrE4uZHX_3OhHziZCwjbWjS8lW1bLmKslzWQDX8OV9hTPSeF-UUDUv2_h5HWKSfaEY_aHUnZe9aC65EzJ0vk3ZS-gJxmqcmsgEvW6cZU97oUCoKG1-MwMVK3M7yyPmMU2eR_LdGeJKo_ceWhHYcqwDv4SJgzsgxeoFDs3njx9kZv184FY9U10CT59OBrWtPGvcw1WahJuUbmO45K_WwRfQjqMExW7Bh7wBYw0tUSO9JpcjQAGEyk8efPLeBILJoVVa63t2pAlz-QR0hGT-TCujm8aFah0rjXtWO7Z09ijqF2OFcY2A"
            ],
            "mac": "-56cdjPw53g_QCDMQEeEMtJO5b5sdoD2eg7IYMVl0WY"
        },
        {
            "id": "MyKeyName",
            "certificatePath": [
                "MIICmzCCAYOgAwIBAgIGAVI8kX5OMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNFoXDTQxMDExMzE5NTgzNFowRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFktleUdlbjIgQ3VzdG9tTmFtZWRLZXkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATKY9zskF3QP6urVw8J6UZfueKgmV_DeSJ5TSSQoLKTa3TuhUaL--pRTbdORptx1zRFV_6ntuGM88hl3TeGZb65o10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIEMDAdBgNVHQ4EFgQUByL7LxMsbM3W3qXsnyJwfl1KuiowHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAGKftOU3OgTdpbgCue2vWdomUGNEoSXdMUDuoDEklZeM1AvBQPZv2acAGHr7X9WoH--gzioqm39bcvU87j1pWV7lGTUaG4-FSkFyzFPJh_e1DgKy-C1MSca6bK6wlV4IucJfm7PloIYl1xQ1afRjH0GOu88jQvXs7jw5TiR_bXIgnhjqjgUo776DfBCwEyqQyLmRzLbNIXoURftbbGUtIWyBiUOIQXPP_GFDqgX5YwBmPUxZolXfGDxNvaOX1zYHpyzu7pMXKBdw-asEM_W5r8tKEPfAKPQyNPx7wRuU7hZIgPf6U0Iq_WzQ0OmxHMIqRzgQxcBWthHkoq2lorBJh3s"
            ],
            "mac": "cOsJeOJsDytpPlvcphrVZSdcRMfiXWIF5DbY858fjR4"
        }
    ],
    "nonce": "AewFdRc95vJS7N5fJ3nPRhBfkSFllc_vw21zzsfPSNQ",
    "mac": "yoeDaDGyY1cTLkNWE2X6TA-fRkg4tEJjy3xQlhhRoYw"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c917bafnMcdRUf5DCZuj6Bi4daS8",
    "clientSessionId": "13QcQcgQ7RgS_ZXR9r2G6XWpp1X2iiqz",
    "attestation": "po_0ZBxlV2EqarLxH3lKoiKYXB--x-v_9DxjQpxge6I"
}


Deployed key[2] CN=KeyGen2 CustomNamedKey, E=john.doe@example.com
Deployed key[3] CN=KeyGen2 CustomNamedKey, E=john.doe@example.com


Begin Test (PrivacyEnabled:1)
PIN Protection
Privacy Enabled
ECC Key
Updatable Session
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage",
    "privacyEnabled": true
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:34Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "Dc15L_dt038Phvqa_LzAkzuh5pTDGtrhhxjGoD3y0pA",
            "y": "ZH7EpUkWMUU9yR9rO8n6rWyb1SAq0-ca8EyzOaTNbQs"
        }
    },
    "keyManagementKey": {
        "publicKey": {
            "type": "RSA",
            "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
            "e": "AQAB"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-",
    "clientSessionId": "JCTiSE-nVMRv6Evnfpdo6sYh8do3WqvO",
    "serverTime": "2016-01-13T19:58:34Z",
    "clientTime": "2016-01-13T20:58:34+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "-tqhfujFA5P22sEYDwM-zQoij3CJCaw-F0GtuUIL4rQ",
            "y": "2NEKdb_PUbFJnukw0fo7E4iIcEN3UZV2btKOFxkx2qQ"
        }
    },
    "attestation": "lMjtZvjQU1Ak98Wsgug7txksxbQ-IKDU5nTCKZ7CW0A",
    "signature": {
        "algorithm": "HS256",
        "value": "PnaltQwwzYwfXV870iDB3rHnkRO5Q9DqHvtQwM1MWxw"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-",
    "clientSessionId": "JCTiSE-nVMRv6Evnfpdo6sYh8do3WqvO",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "OsCFt8rpK-L7DaJuSRJH7WS54vSlEOkWqko0nD2TzKY",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "tOofWmRQUIoZL3L9QYP0bQpvl_90t8JGFP3d4PBSJHE"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-",
    "clientSessionId": "JCTiSE-nVMRv6Evnfpdo6sYh8do3WqvO",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "8_pIDDkBxSylzLbl1XgCrPPZ5IVjMt02TLTbs5U05d0",
                "y": "4eU46jyeEXCxN3prG8zbAAf_vExdxFHlDyKEEThIQdc"
            },
            "attestation": "qOteFd7m7wa1lj5sRCnSHl5CW6WarEfHhWh-7hgMa8M"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-",
    "clientSessionId": "JCTiSE-nVMRv6Evnfpdo6sYh8do3WqvO",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICmzCCAYOgAwIBAgIGAVI8kX6sMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNFoXDTQxMDExMzE5NTgzNFowRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFktleUdlbjIgUHJpdmFjeUVuYWJsZWQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATz-kgMOQHFLKXMtuXVeAKs89nkhWMy3TZMtNuzlTTl3eHlOOo8nhFwsTd6axvM2wAH_7xMXcRR5Q8ihBE4SEHXo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUajL5V7GT92gTHFMsYp-wa164YVcwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAI2PkbSSg5yN5VdsOmC2qeAniAhrAejak1ZgliBr0OUgqwl6fMAFjXzioDfETT2F8DlrVOVnWxgjauqxUNnVbke13iZMRjjGLdZ6N2q0A067f9bqRsz7skLRkuFBV1opmvf9-uCi9ySl1krH4TQs0Lob4iClA6mUOru6K-rhar_RA30vNa9vF9N7TEFHRncxE0tCC_gAHgz9L2XXFjzBCixfjssL_btIJCIh2eAoEzuTCHn505J0Shy9x6KWkkg8W9CbgVZTQGhOB27wzZkPXvoRUT6czRmiTLL4XhLa4hDWvvbaSqCcuEXi69oUYaK8pu_URyXuC0fObyaY1K_snK8"
            ],
            "mac": "Mbi31H-bql3zxhBsbU0dU9vuVPc7nelvdfgrfRcRGUI"
        }
    ],
    "nonce": "8lEYgfG65d4q9-CUhp_cyw-VTzcCllivB5HEcVErZSA",
    "mac": "rUa0n4jGxJVHT7DmbmTtGaMqbuJslPy5Rh13gtJX-gU"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-",
    "clientSessionId": "JCTiSE-nVMRv6Evnfpdo6sYh8do3WqvO",
    "attestation": "1sgsBlFsSUx26zbXRTYsXfWpebZnp_rSvC9tPRAarlk"
}


Deployed key[4] CN=KeyGen2 PrivacyEnabled, E=john.doe@example.com


Begin Test (PrivacyEnabled:2)
Privacy Enabled
UnlockKey
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c917edbhBSJvXLsc1HFORv9U6l_P",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "unlock",
    "privacyEnabled": true
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c917edbhBSJvXLsc1HFORv9U6l_P"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c917edbhBSJvXLsc1HFORv9U6l_P",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:34Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "alM4SAeujhWPpXbCvINFNGpFctJN2ywjdn6QOZP0YR8",
            "y": "4Ha4JYV8xqjeAJldnPMloVtx67sBdz83n6xNdn3rKWo"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c917edbhBSJvXLsc1HFORv9U6l_P",
    "clientSessionId": "S_hBax4bS8opnFViWiLoYuc1k_suDfMI",
    "serverTime": "2016-01-13T19:58:34Z",
    "clientTime": "2016-01-13T20:58:34+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "HpWC6X2fIyFY16xvcMZg8iENE04tKCki5-qVkgdbsLo",
            "y": "Ki9Hn6zdLUtSmzYyBwKXTNI0IzBYHZMrpp6Ozmbwews"
        }
    },
    "attestation": "fGpmELaI6cYqjg-8DIpSiwG9z2OBqc4kzUjoOV8MmZI",
    "signature": {
        "algorithm": "HS256",
        "value": "jM8ybbosZzuvpuNVClNmckrIwUovI2sneGN0i7Ydcy0"
    }
}

 
 Pass #5: CredentialDiscoveryRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryRequest",
    "serverSessionId": "1523c917edbhBSJvXLsc1HFORv9U6l_P",
    "clientSessionId": "S_hBax4bS8opnFViWiLoYuc1k_suDfMI",
    "submitUrl": "http://issuer.example.com/credisc",
    "lookupSpecifiers": [
        {
            "id": "Lookup.1",
            "nonce": "0ObAIgPbbhORGzC4DXWy4TzcHHjh7clWVviVoYW3zMA",
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
                    "e": "AQAB"
                },
                "value": "LXmkoT-NL6QJKdkzbaokOTtddUDM69ItfD8QmGHoPj80iaISICrmcz7UpTN97nYc_GsiNt7TbFmbbeo4QkKdEfil22DSwtuUm-5A1Y93t_wMzx8y7Xlg2fs-ZHJWJ3ceGDFcEwkHKkf-fgji6gAVpN7cAQ20EoZ0ychvU4BXnLb0LToYDm71r2UQwa_7Q7eeqTCxiKGfied8rvl1I9Cz1TD8OwyMm6CqFxEgDaphUXZLSXVzkFZv1yvvJU90ZkiLApYUrfATCGD65Jxe1ZICIwWeRCQYz2qdHPHI4TplaLjpOV7Ekqyjo7IqK8Q1hYAtUpcOt-QEnhclN26kvHjE3g"
            }
        },
        {
            "id": "Lookup.2",
            "nonce": "0ObAIgPbbhORGzC4DXWy4TzcHHjh7clWVviVoYW3zMA",
            "searchFilter": {
                "emailRegEx": "\\Qjohn.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "t3bZw-cr4HFv1W4jrqK2kmObL--Kuh7KP_QGPeZxi7XA4tSnRrmOICs-UNSzfHpFJUIm42aI0eEaICRIHGhYNQ"
            }
        },
        {
            "id": "Lookup.3",
            "nonce": "0ObAIgPbbhORGzC4DXWy4TzcHHjh7clWVviVoYW3zMA",
            "searchFilter": {
                "emailRegEx": "\\Qjane.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "8o1lkY2UrPjz2oUt3AHyIG0dMkG88CkGwiDwU8yXTE4QTJCYviQ1PDaNKA2yY9fA5im5FHiwiG7RM3jNDfOatw"
            }
        },
        {
            "id": "Lookup.4",
            "nonce": "0ObAIgPbbhORGzC4DXWy4TzcHHjh7clWVviVoYW3zMA",
            "searchFilter": {
                "fingerPrint": "sVNedtvlG3cMhuVupbgRa-aXPcbfsx3m3hIR9gMlmwY",
                "issuerRegEx": "\\QCN=Root CA\\E",
                "serialNumber": "123",
                "subjectRegEx": "\\QCN=John,2.5.4.5=#1303313233\\E",
                "emailRegEx": "\\Qjohn.doe@example.com\\E",
                "policyRules": ["5.4.8","-5.4.9"],
                "keyUsageRules": ["-keyCertSign"],
                "extendedKeyUsageRules": ["1.3.6.1.5.5.7.3.2","1.3.6.1.5.5.7.3.4"],
                "issuedBefore": "2016-01-13T19:56:54Z",
                "issuedAfter": "2016-01-13T19:58:34Z",
                "grouping": "shared",
                "appUsage": "universal"
            },
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "kCNcOpatALB21jHrPIv1BgXlUJ5W8y9jfFci45G09x1zRz1E41lkBJYaEcxQNsT2h_vlf3nIK9g5Inr65vgeciLHQC-KFlpoGfSlTEnzq5eY8vON6egAOeQh5T-I_L9blNUqXsSDFHoA3DT5QcEkXNDz1_rqkNUk0YNJFIIuAWqe1OSEcU76dOmnRV1OAY6_OTC-1Wd4_teuLepi58BeUQoSTJTu2lbs-k8MZ1qnmcrYxTnou-NnYG1_Uhz1b8rS7WxaeFf1RaBIWjly2YjrnT76VcFXZX4BNALYhhxFq3wO-AVOV4TBOlF843Jd8tyHN9OGBspqNo75jsAZIucG9w",
                    "e": "AQAB"
                },
                "value": "SU9CPeSj2TCSjc4WSyWrZTDz810sS45JhHXZf5dnnJNHp_SyhocuYWZGv_ZR4QBTJdA8FZlY4N0z1WaGO9FIMhHk3VNvGDt6X9PiuxuCS1yL8Ml6L4z1Bt7QYJ_grFitbkjYdzM9Vig5Gp6ugYVmMu_gmHXGIZoNYk_WpjuthyZkguSC9rqNLKPkuhrMNuJFcXDLvdNcCDbyKkCUhpza9Mcl9SoEG-pN7gvT8hz2bWMxrM_MYV2YbVxR4Si6kM14P_5wxqRX4AN4XmMDkOg9_up5f7TOu46gFh3GJshhwcQz5slAjRd1PWhL8-khTkQhxabkwJH9Tlh5rVNZVP3sGg"
            }
        }
    ]
}

 
 Pass #6: CredentialDiscoveryResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryResponse",
    "serverSessionId": "1523c917edbhBSJvXLsc1HFORv9U6l_P",
    "clientSessionId": "S_hBax4bS8opnFViWiLoYuc1k_suDfMI",
    "lookupResults": [
        {
            "id": "Lookup.1",
            "matchingCredentials": [
                {
                    "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-",
                    "clientSessionId": "JCTiSE-nVMRv6Evnfpdo6sYh8do3WqvO",
                    "certificatePath": [
                        "MIICmzCCAYOgAwIBAgIGAVI8kX6sMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNFoXDTQxMDExMzE5NTgzNFowRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFktleUdlbjIgUHJpdmFjeUVuYWJsZWQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATz-kgMOQHFLKXMtuXVeAKs89nkhWMy3TZMtNuzlTTl3eHlOOo8nhFwsTd6axvM2wAH_7xMXcRR5Q8ihBE4SEHXo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUajL5V7GT92gTHFMsYp-wa164YVcwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAI2PkbSSg5yN5VdsOmC2qeAniAhrAejak1ZgliBr0OUgqwl6fMAFjXzioDfETT2F8DlrVOVnWxgjauqxUNnVbke13iZMRjjGLdZ6N2q0A067f9bqRsz7skLRkuFBV1opmvf9-uCi9ySl1krH4TQs0Lob4iClA6mUOru6K-rhar_RA30vNa9vF9N7TEFHRncxE0tCC_gAHgz9L2XXFjzBCixfjssL_btIJCIh2eAoEzuTCHn505J0Shy9x6KWkkg8W9CbgVZTQGhOB27wzZkPXvoRUT6czRmiTLL4XhLa4hDWvvbaSqCcuEXi69oUYaK8pu_URyXuC0fObyaY1K_snK8"
                    ],
                    "locked": true
                }
            ]
        },
        {
            "id": "Lookup.2",
            "matchingCredentials": []
        },
        {
            "id": "Lookup.3",
            "matchingCredentials": []
        },
        {
            "id": "Lookup.4",
            "matchingCredentials": []
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c917edbhBSJvXLsc1HFORv9U6l_P",
    "clientSessionId": "S_hBax4bS8opnFViWiLoYuc1k_suDfMI",
    "submitUrl": "http://issuer.example.com/finalize",
    "unlockKeys": [
        {
            "fingerPrint": "u9wh91G0Vszi9tHXE4NohDluC3Rvmbw4o655SIVa_W4",
            "serverSessionId": "1523c917e7diyU-tzsfxnO08J2bRMWq-",
            "clientSessionId": "JCTiSE-nVMRv6Evnfpdo6sYh8do3WqvO",
            "authorization": "U9z-9qHBaYiiD408CLwCb6u01EIrj1h8MkEQjYfOTHXU9BTR0Xs4gXZylCozYxePPEc8Spl3sEzEX4_HkqUQQ4EU0eg8JHNeYDaotNkyEY8rd08zJIA_CwvM27XreSXRa65I3ERb6QKbUwRhuKBY11orM1OqiADkdFTIraFahY6N9Oe1Hr63Tnn8ulWcoFqy5_LUtStKib7lhNzcyDfPQrHlooxzPBrrcRrOgCwH8kGLHpwNVykpqr1ZsY0kYDQ1naI3xt7HcnkeY7Ckao14M9id9zhVaoOywmImej2-YNdaTXS38D81zrZW_VnciHDmbnKNquuhPUknYgvgBSLtHA",
            "mac": "MEUyHmdjmrltnTeRUNIp6i69Y3G0dt5j9aUZBtllG3o"
        }
    ],
    "nonce": "4QMYSeX12PM-TleHCrWByWJQgNdtK9w1MiT7r2QY8G8",
    "mac": "vBt296I4oNX6ivRR5dTAr2l4Y7z5lDRNQGo43NxLPUA"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c917edbhBSJvXLsc1HFORv9U6l_P",
    "clientSessionId": "S_hBax4bS8opnFViWiLoYuc1k_suDfMI",
    "attestation": "1dn4UWo17NNLbGQ0Ksg8wE5Pj0lbnsLIHubysbUPjqw"
}


Deployed key[4] CN=KeyGen2 PrivacyEnabled, E=john.doe@example.com


Begin Test (StandardExtension:1)
PIN Protection
ECC Key
Server Seed
Standard Extension
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c917f6dTvvkT-t6QnXF2wf80ebHv",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c917f6dTvvkT-t6QnXF2wf80ebHv"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c917f6dTvvkT-t6QnXF2wf80ebHv",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:34Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "OGTaToDviIM6wVc382JnwM57smho0TDp-1vWbncz-AE",
            "y": "8731_qljVSTJqRn5WgQB5U6l1gjH8rUWCr6_YEcXXDg"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c917f6dTvvkT-t6QnXF2wf80ebHv",
    "clientSessionId": "MhQWINLRJNkO9kaOdVmvIAFbuwhL3oWS",
    "serverTime": "2016-01-13T19:58:34Z",
    "clientTime": "2016-01-13T20:58:34+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "LQ8VT6neEINJpPWtosGdd8Wu0dL_6nURkR2NjPXXWj8",
            "y": "msdbCyi23kpEyo97GZRiwpEfg2jRrRTdqIkae8KxvHA"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "DAvZ6ZE_80L49cyL_iVQTX7MFEzKuCk7-1gWRtKSy0hSrKMwRYiB993OCHPHfD10S7eDQdBiU8V3cTp3MyLCugOl4_QzJUS-tuSEQRX0l2XxQXKxqlSo16up6thHK3mfG0zkL9CvKJW5YboFhFBCAw9cXmHJgNPc6j_8hrOuYk0",
    "signature": {
        "algorithm": "HS256",
        "value": "82fA2rzl7KWO0Sv9mt59xWS2JupNjtJ9DOE1j-C33QA"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c917f6dTvvkT-t6QnXF2wf80ebHv",
    "clientSessionId": "MhQWINLRJNkO9kaOdVmvIAFbuwhL3oWS",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "JqmTkvZEFTAO63S3WS1mBBvP5K4uSPTDArUArHHAvuY",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "serverSeed": "UFO2dyJ3w1H78zGN0g02mPn2m2evvXzhqIHzbYpeV3o",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "2q4dD4dYk4TOMWcUELyuqWE_tjdSpQwqXCR7KZz2T64"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c917f6dTvvkT-t6QnXF2wf80ebHv",
    "clientSessionId": "MhQWINLRJNkO9kaOdVmvIAFbuwhL3oWS",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "T0gUbYtRjDvHH7sxd9SZaz5n7YWX6dxtv3zGffsrZ1E",
                "y": "60KWQSJP6qjx66hBNebCs3qn0-EnT57Tal9zPqYbTVM"
            },
            "attestation": "cAuSIvZpGzIFzL6S7X-gugHpUZRmPK1rgzasosJU4So"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c917f6dTvvkT-t6QnXF2wf80ebHv",
    "clientSessionId": "MhQWINLRJNkO9kaOdVmvIAFbuwhL3oWS",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnjCCAYagAwIBAgIGAVI8kX-rMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNFoXDTQxMDExMzE5NTgzNFowSTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIjAgBgNVBAMTGUtleUdlbjIgU3RhbmRhcmRFeHRlbnNpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARPSBRti1GMO8cfuzF31JlrPmfthZfp3G2_fMZ9-ytnUetClkEiT-qo8euoQTXmwrN6p9PhJ0-e02pfcz6mG01To10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUPAwvy3qR6nu8vSgCFnFwRvxiWeAwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAGEgHIuBrXjo9zp5B_aKxkAy9PU4SIOY3t8xSjj_uA6kkvaOjDNUsASFwyYjipQ1VTl3B-gDy8mQQtXexH0f11qJxy1605ylCxBu8OF_YaCS522YTYYFjy4i_pK4yk5JEISmJfRj7K1385pILtXiyiBNTt8m-IUqxn5XELZqMRA-Ce3dykM4sGveLuIc1flvy8vHv0_oCgi-L5UjVR-SThgof_TARs9euybsJIL8BTBFXUOkIo0jddVJmXPYbHpQuClIpRdyWMVY5SWVvQEH4kUDvrn1KovVFXAxbXsbAdYbgSt-ySew2HZOtumK7VGHYKdTgPv1KBF93nqt70bNX5w"
            ],
            "mac": "Q4uwVzzCTcSsv26CllY_twHo9roYjLHPiMbTK0kIzRI",
            "extensions": [
                {
                    "type": "http://host/ee",
                    "extensionData": "AAU",
                    "mac": "6RRL2CUGOhw7hU4VrlsxFfO74qo9-ehzsOiYPKjg_0U"
                }
            ]
        }
    ],
    "nonce": "2Wy3iEM6wMD42dbFTU2_6u6DcmiCBcO5w44jxJFCxEo",
    "mac": "o75l_qrgSRQy1VWp2EOsv-WsKDAIIRh27qUF2sr0_Ds"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c917f6dTvvkT-t6QnXF2wf80ebHv",
    "clientSessionId": "MhQWINLRJNkO9kaOdVmvIAFbuwhL3oWS",
    "attestation": "QUF_XRenHPdBxrrjHgNenulIqCefRca1oc_mLj4Q7LQ"
}


Deployed key[5] CN=KeyGen2 StandardExtension, E=john.doe@example.com


Begin Test (ServerCertificate:1)
PIN Protection
ECC Key
HTTPS server certificate
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c917fda4F3otcs96nC1zJkXMMEwX",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c917fda4F3otcs96nC1zJkXMMEwX"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c917fda4F3otcs96nC1zJkXMMEwX",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:34Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "F_fJORaO4YI9vyZUWEOznOscI81AyiqoMYrxQvqOR4A",
            "y": "A5Z2Qv_NEa4a1kN_JYqQ1Iv2XlEYfcN4Vbc6XZtjbGw"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c917fda4F3otcs96nC1zJkXMMEwX",
    "clientSessionId": "imrdAxNY8w8-CaG_J8fLO7mSNMFi3Q6N",
    "serverTime": "2016-01-13T19:58:34Z",
    "clientTime": "2016-01-13T20:58:34+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "PUcdh0aCGyAYE0xTvmdwD2SKD-sAxrpNR_t6TFXOMrg",
            "y": "LVMWxqgHwAP_RKSS7ElizfWg_lSLKsRqyhmnBh_KkM4"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "mfMlqBI9bxrMEmQoG3iOyhzJqp8QqsWKE4T236gH10xroNfnSmSM-EwXQ_j-72knEDMlxTctdY-HBnrIAVPQUnIKQ-HFQXUXVquUTyVADsLclAglT39HLFWXk1BmI2kC-tHHkH7UNGUDLjtuAIS6GrMRNPaVBtPsIbhyTJW9Ra4",
    "serverCertificateFingerPrint": "HwKCofkqkTFXRmyyb_CnWhAcTbQF7w8rl1OqCwyM4TM",
    "signature": {
        "algorithm": "HS256",
        "value": "BmGLs86jA3Vv2Pd03bhawEZWkiRu12RCif1bjMqdZhg"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c917fda4F3otcs96nC1zJkXMMEwX",
    "clientSessionId": "imrdAxNY8w8-CaG_J8fLO7mSNMFi3Q6N",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "xnHv1UbA1K6267MD4zhj_K6WHDfTVtcmDaZYWlmi4TY",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "r5yTALMrgRGud9fG9sFWD4jwRio06wGXRXH07AD99Qk"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c917fda4F3otcs96nC1zJkXMMEwX",
    "clientSessionId": "imrdAxNY8w8-CaG_J8fLO7mSNMFi3Q6N",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "1wmenof3Opyjx4zgmhyNmRtsLg2WXUs4GtwEwti6Jno",
                "y": "3stnjKf1trFaFdzOqiGxbGw3x3M2xHzkyc_GE9stQws"
            },
            "attestation": "RpB087SrAcffiNqml6-iQ5tk9rCkktVpk0rrNclePks"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c917fda4F3otcs96nC1zJkXMMEwX",
    "clientSessionId": "imrdAxNY8w8-CaG_J8fLO7mSNMFi3Q6N",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnjCCAYagAwIBAgIGAVI8kYAZMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNFoXDTQxMDExMzE5NTgzNFowSTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIjAgBgNVBAMTGUtleUdlbjIgU2VydmVyQ2VydGlmaWNhdGUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATXCZ6eh_c6nKPHjOCaHI2ZG2wuDZZdSzga3ATC2Lomet7LZ4yn9baxWhXczqohsWxsN8dzNsR85MnPxhPbLUMLo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUKtiEytmROwYe-w_IkOLWKyiN4p4wHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBADsjmzQd4DgXcc1PXqH434K3sVZ9IyJdft8nIylETMfE1gTlVQE0SwwlJuOpELRXa2Awdqpi-PcTWiYv5drml7HtbEGfTk3ODcFY-t2Yf1amIXRi-DXecpXReDk6osT8XxxCAoNnlT7MDpmA3Hpgj-bX8vdpjc5JEpkCe0ceTMMzEa_NBS-alE8W5ENF5pe7f_TJEY_KTA4RaALI96OjZwL8MX0emXEjtff9PsU_7lhG76TrNdwNfPX6Q3VznvngD_OOgAP77IuWzIAh1wkVmqWE9czoqKUBT2q7OtcM1NXpvYLp9EJF1WetP0kShpSSObu0_k6PJOorFMahw_aKD8g"
            ],
            "mac": "J3bFQ0LL9RHQxfasTYP0vsMLu12jkaFmvpZD5XTqUts"
        }
    ],
    "nonce": "hMzbkckonZbNN294MVNqWB3QaReIYH0V6VIYv6tCuAw",
    "mac": "oiRDKmW5ysOVKoRkREiFVxH6A6fvPJZ_SZ3RBLYx1j4"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c917fda4F3otcs96nC1zJkXMMEwX",
    "clientSessionId": "imrdAxNY8w8-CaG_J8fLO7mSNMFi3Q6N",
    "attestation": "2Yjw1ULgAxtmok8f063oklOrideHX2yaxy5yIO9q7z0"
}


Deployed key[6] CN=KeyGen2 ServerCertificate, E=john.doe@example.com


Begin Test (PINPatterns:1)
PIN Protection
PIN patterns
ECC Key
HTTPS server certificate
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c918057m9iXeAnCRQs3SEAQYYoSj",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c918057m9iXeAnCRQs3SEAQYYoSj"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c918057m9iXeAnCRQs3SEAQYYoSj",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:34Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "EAl-zgNpAltfM3Xkhtc_e_tlcS_BCZXXV-1JpXC4Znk",
            "y": "Ei6kkSHaCKJZd5MBgqN28XNCWw7fqsc1622ZN7PKPv8"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c918057m9iXeAnCRQs3SEAQYYoSj",
    "clientSessionId": "zt5jgJWu9_17oK_Ckw8wBYkGSYmfB-LK",
    "serverTime": "2016-01-13T19:58:34Z",
    "clientTime": "2016-01-13T20:58:34+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "5vVD8hE-cQ85mDyYBrdlJSRoKyJr_SbPIRRQnihHkQo",
            "y": "K43a0RRM3uk0ofOwsD5sOt49e4X28Y2J_GNDSbWI15M"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "VeIquNQ7xgNidYaGzs0zCtqnFm8jDacX6RZUqfDopdUrDuS7JeVW7zhEeich8RMsnDgXHbcwvSE8Vo8MYt1v6U_UlOSLmbFi3HRXaiWMgBNnBesHthm8XKYyxU-NaunNBAEzj9jAioAvRt9bvyqOtw1WXY5SWqZuwDLBwo8eJC4",
    "serverCertificateFingerPrint": "HwKCofkqkTFXRmyyb_CnWhAcTbQF7w8rl1OqCwyM4TM",
    "signature": {
        "algorithm": "HS256",
        "value": "WOGAFuNdOtUoaHMMtQP8QuFIPSolwgZ83w04wN1YsaM"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c918057m9iXeAnCRQs3SEAQYYoSj",
    "clientSessionId": "zt5jgJWu9_17oK_Ckw8wBYkGSYmfB-LK",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "patternRestrictions": ["three-in-a-row","sequence"],
            "mac": "KlXLjOS3z0NQLN0be03SQLNC548cD4X5dMHXWfD84BM",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "RC0mn7mpxQLos4J85n2NhyyxeaUIGBtQKKxR1sH4PFM"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c918057m9iXeAnCRQs3SEAQYYoSj",
    "clientSessionId": "zt5jgJWu9_17oK_Ckw8wBYkGSYmfB-LK",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "AEkZiLXSC4sfqFjEMolrIgvS2Xj50JJtPVX5wPAMM7M",
                "y": "P9V-r5cwt0KiKtLp8ajiaDV65m7HtX1OigyX8zZ3jRk"
            },
            "attestation": "gxPzj3TRIhbtluaunGEd0Zz27J0oD_ytMp8gk61PT_U"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c918057m9iXeAnCRQs3SEAQYYoSj",
    "clientSessionId": "zt5jgJWu9_17oK_Ckw8wBYkGSYmfB-LK",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICmDCCAYCgAwIBAgIGAVI8kYCWMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNFoXDTQxMDExMzE5NTgzNFowQzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHDAaBgNVBAMTE0tleUdlbjIgUElOUGF0dGVybnMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQASRmItdILix-oWMQyiWsiC9LZePnQkm09VfnA8Awzsz_Vfq-XMLdCoirS6fGo4mg1euZux7V9TooMl_M2d40Zo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUFYqSnwxKPbYXEAgtRPiXeLUuCsYwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAHo4LRYEcsbmMKcxFG3bqfuDiuC_VFm6Rt1kCALQKK73zeqFcX9GVXisjK22dKlpuf9h0QZ6j3UOs5vzD4CitupLRY7oqnGsaOENg40UfxK9xEHrv4JWzFNKvDftV8bXfmm_nU8IAVzh-5RAuwZqVcI1YWvlY8bh9JxtvPRfk1vleBkJCpa4rZaK6YvwD5kPRMws8u1noWGSkXP2rdFUxnAH_jMCe3XTXTqvU959HgXik8w8ddUdt9HteDCIpKvCaikrnNTIMQ5YBKLoJHMnKVH34tBzqIk8TvkLMKGcVL92M4qNxFvT1I2PErdfGN_HBax7XuA6SYm-A-Mdu500SzA"
            ],
            "mac": "qvL07yWN5LAm_mCRAdIvQa8xhM6j9i4JbUiQOth85lk"
        }
    ],
    "nonce": "jJlOD4vnuPorm3iUuU-H1-ppszU2rzfFTK1KBzNhi14",
    "mac": "EujEpo0CWC7qaNf4xzoo9is2C-RbSV1cEaa9Fwt6QzA"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c918057m9iXeAnCRQs3SEAQYYoSj",
    "clientSessionId": "zt5jgJWu9_17oK_Ckw8wBYkGSYmfB-LK",
    "attestation": "p5OcqhFubTZnmvatmRPccTindpVffmcU4wVSqaFQbIQ"
}


Deployed key[7] CN=KeyGen2 PINPatterns, E=john.doe@example.com


Begin Test (PropertyBag:1)
PIN Protection
PropertyBag
Symmetric Key
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c9180c57lyr1nqJI9KLYAWkPYTeU",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c9180c57lyr1nqJI9KLYAWkPYTeU"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c9180c57lyr1nqJI9KLYAWkPYTeU",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:34Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "O3yPAXl99AI7dCI8b9LiiwSVr4XXdPoH9lYxg9Uu658",
            "y": "DAR1AuJDrufBet3Lw3dMipX9dzw6EezqV4DC_H1a0Kc"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c9180c57lyr1nqJI9KLYAWkPYTeU",
    "clientSessionId": "FkNQtvjH5r_OrKxyo4x2htOCs4Yx6xxY",
    "serverTime": "2016-01-13T19:58:34Z",
    "clientTime": "2016-01-13T20:58:34+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "r1MlPMWdyRLP0GRO1ptAQd3j9qvY6k2h-E8pEhlek1k",
            "y": "3L-dvY7V6IyYdaJp4xaBPsyAIlfX0s_GpVzZ4sHIpSA"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "fAVw3ahqFl2n40GvtQ2DVn-WP9uprMKYXi93hBtp2qW8dOuPfJnZ2wPV4WzK3jTB-e1vZyy11Bgff9q2tfPO_4jpRWtcPzHje_wKDY3xw6WVfcvPC2eUywwaXPXd6AduxrSL4itQEvuLS_qRAN2nVEKqMdlwJAqghpE-7HddzHs",
    "signature": {
        "algorithm": "HS256",
        "value": "NZHWuknOu0Lu7QMU6OLr9PcSxS5zH6s-mml-KhTCsjc"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c9180c57lyr1nqJI9KLYAWkPYTeU",
    "clientSessionId": "FkNQtvjH5r_OrKxyo4x2htOCs4Yx6xxY",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "uZVliAutQAQtTk2G6QAOPDM47xZnM3O-z089WUnpcWk",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "endorsedAlgorithms": ["http://www.w3.org/2000/09/xmldsig#hmac-sha1"],
                    "mac": "Cu8BqGg3EzPLpcRgGn7OS6vFBvQt7G9cgUm-H4EFEzU"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c9180c57lyr1nqJI9KLYAWkPYTeU",
    "clientSessionId": "FkNQtvjH5r_OrKxyo4x2htOCs4Yx6xxY",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "olhyoAWGCXCdCHiS5-PZ7upUUWjep2mUFpA6bh8ieXhYjnJq0NuGdCtv0AuJMNuWq290OL0A-gMwv-gMjNYnqReEkBzF6h_AJVNic45uCubf3wZB23roq8toz6pG3rVL4jN9jyiwMXbSWykv56_oYoZutpboskQIRkB5rpRudGI0lDmZMwCpLz2gSXYqHIGHvmqjvBE_rnfNr1myXnf6AfpJOR9C_LdeAORUSLd7coknSIv9RyloPnwklFs5EbA1SxDdOPH_1R3Wz3ZZ2vQbW9EjNKtSt-GfmRautYKLNPG_HxG7dUTzaG8SoFprQYNch5hdqVYifk_-K8L0gK8khw",
                "e": "AQAB"
            },
            "attestation": "FEwt392e9vBKnrQoh0vBKXKsfwFqorRUZxu5rsP__k0"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c9180c57lyr1nqJI9KLYAWkPYTeU",
    "clientSessionId": "FkNQtvjH5r_OrKxyo4x2htOCs4Yx6xxY",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDFjCCAf6gAwIBAgIGAVI8kYHeMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNFoXDTQxMDExMzE5NTgzNFowVTEQMA4GA1UECxMHT1RQIEtleTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHDAaBgNVBAMTE0tleUdlbjIgUHJvcGVydHlCYWcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiWHKgBYYJcJ0IeJLn49nu6lRRaN6naZQWkDpuHyJ5eFiOcmrQ24Z0K2_QC4kw25arb3Q4vQD6AzC_6AyM1iepF4SQHMXqH8AlU2Jzjm4K5t_fBkHbeuiry2jPqkbetUviM32PKLAxdtJbKS_nr-hihm62luiyRAhGQHmulG50YjSUOZkzAKkvPaBJdiocgYe-aqO8ET-ud82vWbJed_oB-kk5H0L8t14A5FRIt3tyiSdIi_1HKWg-fCSUWzkRsDVLEN048f_VHdbPdlna9Btb0SM0q1K34Z-ZFq61gos08b8fEbt1RPNobxKgWmtBg1yHmF2pViJ-T_4rwvSArySHAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACAw3ji4TBHiq-vgisBS_EFkGiXX-RnQ_J0H_wt6YmcxLJOQE1jKnHw9qWf7Idh-BIGMsVp_f6aQrXhBFRfqZcukUAG1Dvx3Iyj-Kb1yoZLkXoB8gTGI-OukMD932Ymw9s5fbWzPlrdkwiO1P5-vD4l5RJ3gPlVyWudT7LhuJcFH4mOnIu9dHGeSoBVA9_OnfCnGOTJCPazOtbI_nFv7a04g3Ks7Iutzo0zn9TElprou-G0iIVkmF6rHUHTuVUtFxt3CW28gwhcAFMvbqpHWSMN1JkoV2GwSR-v1-evZPgQMzDWEXRu7KCYChco9-WCvrjZ14OmGCZisNrAsl3w4cTU"
            ],
            "mac": "rzJe6WKkLv7IDIZ_qZJj6T0KKQlo7hByNQdW-y-91G4",
            "importSymmetricKey": {
                "encryptedKey": "NKhfcT77vH-qrkMj_xUQBT52smaCc44be2XOaHzEh5x-nWSXNe_qXlb4hgN09XVB",
                "mac": "fUB5mypQmKuwK5Xu-hj7O6NNoFkeYhsvcLB6G8vaFpc"
            },
            "propertyBags": [
                {
                    "type": "http://host/prop",
                    "properties": [
                        {
                            "name": "main",
                            "value": "234"
                        },
                        {
                            "name": "a",
                            "value": "fun",
                            "writable": true
                        }
                    ],
                    "mac": "N-rn9Db8N2y67XfnBZMzdq97RSSvRuAR-ne7y7jweJ4"
                }
            ]
        }
    ],
    "nonce": "FLBjMLVzfnpoijoAgtzxv_ncPd_53tDnbxDZ9h2e1w4",
    "mac": "65RC5u2nfLVKSlAbo52-Y1Tc7P60LhBNBUzsI1L0INI"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c9180c57lyr1nqJI9KLYAWkPYTeU",
    "clientSessionId": "FkNQtvjH5r_OrKxyo4x2htOCs4Yx6xxY",
    "attestation": "b6oLttpqy3_5DIEr9obfwbWQO2RDn9giedh0HUtJQyw"
}


Deployed key[8] CN=KeyGen2 PropertyBag, E=john.doe@example.com, OU=OTP Key


Begin Test (ImportPrivateKey:1)
PIN Protection
Private Key Import
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c9181eevOA9tqqPDx4lqpLYqmSA3",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c9181eevOA9tqqPDx4lqpLYqmSA3"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c9181eevOA9tqqPDx4lqpLYqmSA3",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:35Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "oEpYontyyknq4RATOsly-5YoJtaBn3XOlWe9AvHQoHA",
            "y": "FzQvbEbScP6NzFXDpGLr1T7roStncDPAtpWoXG4AgY4"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c9181eevOA9tqqPDx4lqpLYqmSA3",
    "clientSessionId": "XHwSwzDg_5qJ1XAdSGTl2aW1Dv8Ub291",
    "serverTime": "2016-01-13T19:58:35Z",
    "clientTime": "2016-01-13T20:58:35+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "KjfTgDkvJr0vwP-9BbtanxRqJXdQX_47rMt0HvbrsVQ",
            "y": "_72t1M7adz-wO5200fBAW-_IxsPwsXL270kM1g5dnco"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "AjjWzo4y9s5gzceyiPWcmav1BPT1yarImuLBLfuw-OC-u3tfgNrhxFD1Qz3BbhaCjahAljv5NK2Oz2e4c3wbxhlP7jy8dc0QuE2OH1MxCQNSB7UGw9aUx5RNIpgP7IlIZi-fKP4k28HKgKJGwgqab38wrPToRB8nt_b5yDHsoK4",
    "signature": {
        "algorithm": "HS256",
        "value": "2A2ddkNF7m3oqBR6D0S6z7kklFRcWawuSi3nIrUJRcU"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c9181eevOA9tqqPDx4lqpLYqmSA3",
    "clientSessionId": "XHwSwzDg_5qJ1XAdSGTl2aW1Dv8Ub291",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "Ssn5yHzDhRxEryJxKBUMYzUcwJucScjobbD7XJO1lHg",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "mac": "oNHDjV49CKeMQPooPSCOKrKrUJEZfkuFvA3J73ZWk48"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c9181eevOA9tqqPDx4lqpLYqmSA3",
    "clientSessionId": "XHwSwzDg_5qJ1XAdSGTl2aW1Dv8Ub291",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "kuxXTcZtecUMfzgQGiFeDMn2YB8irCMBUkhACs4iJAt96gBWP2PPRwRSqxFs4noHixFXyzEZKeJaf9cSN9Byp7x0MQdOCUFCHrxOJ3s5bF4j5Zkp8taR6vfliZsC1lTZOst6rZOxVAjCKYILRfnQGYTPvhxV3YlQ66wf3IditO4LmiaCRkIYwkWSjWtD8dUv_virGf_Hm_DCu8SXPvEF4OuP07t6j-zCNZRAXhI3gRGxZfRgN0Ty5Hw7FRrzfkq50v7b0Fdu4WAeT1rhsjXtEYZMU9XPdyYXCNaScbnCndJHR19izgw-KRzsZDNAssAl0byczrwhdu9zcIMqhCzeRw",
                "e": "AQAB"
            },
            "attestation": "wHyXz_trtEhe9xJivLLjApP4VDy5p4Tc4ZTmi0ScjV0"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c9181eevOA9tqqPDx4lqpLYqmSA3",
    "clientSessionId": "XHwSwzDg_5qJ1XAdSGTl2aW1Dv8Ub291",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIC5DCCAcygAwIBAgIGAVI8kYX1MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNVoXDTQxMDExMzE5NTgzNVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgSW1wb3J0UHJpdmF0ZUtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAi1ljQbVSJPbYtawFy4Ig-hw8uXdGxFG_F0cYk_iVzKrLGUMkDTgZCZsoro9ng0L-bLumrsyrGTZ3568Y4F00YaF2DiFXz6g5QwMlPzCQWzxFq7XMJrVGZMC0RnauxrNbXzovBHIfRubbhTCw8HAefYQ7wC4mg_mo2wO4TqdnkQUCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFExEePBanEPp1p0I-VFuDMeFL-dzMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQBr3PjsllVqMiD1HyIyggV0T3Lq4uraR7QBnaVm9UGLnMUBHWFg3BUeuPeT_6r0qxorSm0GtbdkvdWetphZyAs-tGmpIM0yvePNFSM17Jj_1d8WMyGR6gzNPvgCklmU02o986UVeldzanq11BFWFFoguoKP69FbD__cfG09R9e_sdiKGB_eViYBN56pZo0rRsceRFevuZQVrM3v6B-HIcyJBR2IzFzV8P_QFoBs3ihUiQkQLmlr4Zv19PR-kq6OFlBGOsVuXiD4qH_Fqk43g_YenMxFKlMA9RLsJ_DuwZBWqWtAL2PUQ3iI7IDJ1_-BbwTnr3ZTL1sydwsHKB9OwLpO"
            ],
            "mac": "weSbCJ0H_Wn1o-1-n9Sh-f6ZbnmdSeGy5IP31v_halY",
            "importPrivateKey": {
                "encryptedKey": "MZ7rgb8L2-RCE58gupT42G4VIgDh3AxD4F6aBRb6Kh6OyMMl5YPnq2cG6m7f4Mdph5UnZDpuHXWPnSh5GfiuUGzaiMWqUThNqqnAdPisPZlAqDmed2y04ELAWmtXxGUSi30EWBaseynZ28-ClZYHjWmw-stnkGntZr9bJ8U3XaF9je6xtLaUc91P4nOT7rvC91K8SZaeusG0__SipTb_lqqRpUwo4CvPKMq-Ju1SFYFK2oSRCTaBRg1LMWWTw4VqQJPLd5sJXJCSwA0Y8xyQSd5fIf-hSn6RJmmY5swummPcxoCfzXb00f6SGwtmn96v9guO4uOXlxMFHCG7_Z9KVYNfx3lmdxBGBVpQxeLczacJf3uITR4RHXPFEaYGhjKbNVGh0btfCDLXz_1GZ4Ji-ZtYKRGaOvqLSKXiVG4VHiC-ZKCtOplWrFTLELfdyjc9rIKCOEh88Fd9MeLcUiPy0DtBdo8vKVbrqK95GTonrchp3flFOpq9z4QXxmJSeBpk-dUb3i_ooPlhZMAQLprdF2CatFycD5UxQxEy4XI_TdgOflvRuHeGl1KOx2wUPyGO7z9XAF22GyPYu5aWJoAPogAm_SPlrI_sZvV_o88i-_KjOVGa3sTs-gQhtgqd_eimAI-6CXxJQTredI4s6sKl3pHgLQZcJrNvjFSsJ_mEmIrU22fJbKzq8Tm_MWj7yjibHRM1RcHbpFUDBDeAQB7RrgEcl1MyTh8-3fyCwvVzId0JIodwOW8wpbEzfFfu3hmHFH6K-V-BOtiUtWtsJx3Pb25siOOKxjYXmCtVRGePiUdoEO2CZsMw2MhqWMgcL5b5CYyW9rVtRkXzNpjrkq7wfApstbHnoXZcVIwMM03Rzxk",
                "mac": "aUvSDbzx7l3WG6X-ZEtPO1XUgjCN2X3JAKbf_U9023g"
            }
        }
    ],
    "nonce": "WBJ5ens5KFIGWU3ECjUjAevjmAZfmrmY8uo2qVnGZ7A",
    "mac": "Y4ad55ka6YXqinZ7Nguz_DFxjdsAdgFBcLWdcnmspKs"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c9181eevOA9tqqPDx4lqpLYqmSA3",
    "clientSessionId": "XHwSwzDg_5qJ1XAdSGTl2aW1Dv8Ub291",
    "attestation": "gq8xRkpeB1e07aA7a_RfvErNy2IXnyqH-zdy6exwRwI"
}


Deployed key[9] CN=KeyGen2 ImportPrivateKey, E=john.doe@example.com


Begin Test (UpdateKeyManagementKey:1)
PIN Protection
Updatable Session
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:36Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "-VoCUxwOP5jdGHOXrDVY7HCWCQJCt_RELggQrbMG3cI",
            "y": "gqgNTCQcDr4GF6uY2ffrA0WrHz0sZy_9GI77NhXHrvQ"
        }
    },
    "keyManagementKey": {
        "publicKey": {
            "type": "RSA",
            "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
            "e": "AQAB"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D",
    "clientSessionId": "9jEOBV-X5MhYl4lHHPc1J5Fll3XL7nU3",
    "serverTime": "2016-01-13T19:58:36Z",
    "clientTime": "2016-01-13T20:58:36+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "IGWLVwhW5iy3DhoVuOlhRQ84d_QyOdU351w4G-BVEkE",
            "y": "t9X7KpMMQIuaVTBzlESOVLLdARqkogDJ272tTW21tEQ"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "iZ8IouE9HVO-abeW_V9Zn3i5aaVr_9PB2UnqxmhxKKtUZf71CZiWaklVKGs0mTbgsws2tJjKfUwuew7q8Te_dFXimwXpUamZcCsWoJiCbm0R7mOge8kJ8F9S9R9Q5nB3KvTxTHceRJ_xqrZxjDWVdKHvhx98ofEv8qey1l9p6bw",
    "signature": {
        "algorithm": "HS256",
        "value": "xzF6upzHna2TzZ3MlGHby502dRkwfhn9OPdF4Kxuarc"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D",
    "clientSessionId": "9jEOBV-X5MhYl4lHHPc1J5Fll3XL7nU3",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "grouping": "shared",
            "mac": "OOrMFmLf_HyafnZCMK987fMQfs9HUH6t6Te-P9yAzMU",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "mac": "9umj-Mmz5mB444EerNy1Oe-zNlceDMAC0EOqbVNSZFQ"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D",
    "clientSessionId": "9jEOBV-X5MhYl4lHHPc1J5Fll3XL7nU3",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "y8RMPpmH6x26Yhb-Lg-7K58PQydtRx7v64wOPVpCK8jKg05UaD_af--fGBLnWhBN89SU8imLPq3-CQI6yBFzeCqSjKh-zmhPeSMVXHpnkFz3pWLZVILJOSEwpj24FXhZSZT8-5Pj1DeLX8Q1S0NyEyjPz1B9GBM8XRyEJB7mRk6tMdOZwCiIzp92DiHihivUG-ERHixQ0xGlpYBqOnMBMu9dk-5spQWzIV_aOyQctZTwCx0G_sZrqG2zUZk9As-w3el8maNsUIk4Soh8P5UL-ZnSyBocg1haIITR4ILaLRdZxNRt7zTk0aX2UCTzjJa5cVCLJ3axHl3zGFj3Xdw9jw",
                "e": "AQAB"
            },
            "attestation": "1UMHQhirrBdLrklMoe-nxYie6VlhdS2cPlZ6r6YtQ1Y"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D",
    "clientSessionId": "9jEOBV-X5MhYl4lHHPc1J5Fll3XL7nU3",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDbjCCAlagAwIBAgIGAVI8kYceMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNloXDTQxMDExMzE5NTgzNlowTjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJzAlBgNVBAMTHktleUdlbjIgVXBkYXRlS2V5TWFuYWdlbWVudEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvETD6Zh-sdumIW_i4PuyufD0MnbUce7-uMDj1aQivIyoNOVGg_2n_vnxgS51oQTfPUlPIpiz6t_gkCOsgRc3gqkoyofs5oT3kjFVx6Z5Bc96Vi2VSCyTkhMKY9uBV4WUmU_PuT49Q3i1_ENUtDchMoz89QfRgTPF0chCQe5kZOrTHTmcAoiM6fdg4h4oYr1BvhER4sUNMRpaWAajpzATLvXZPubKUFsyFf2jskHLWU8AsdBv7Ga6hts1GZPQLPsN3pfJmjbFCJOEqIfD-VC_mZ0sgaHINYWiCE0eCC2i0XWcTUbe805NGl9lAk84yWuXFQiyd2sR5d8xhY913cPY8CAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFJkbpCbdr-A4ffCeAVwSK75kqa8YMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQBsAh2VKmsNu-T7N3BFXtPmMnC2vpwrosddMj0TYVPT42XC_X33JEW_3ukESoFO6_F6Znyxp1yBzBMNt2Zscdbei5fsmzfHALGmYyv4peaFf2NLCrwZpMy6e9tJOwTYOvxvoxOA4BZbLaSMoxsesQxi7jM2TxSqf9bf2_ahFJRrHJUUT6Xq9ue1Iykrh_RSNV2FkrenjTdqDTrrQVNwc_J_q1yfbjT6dpm1gFmtjXK0x-uU0d37jLRS8SoCoVCka7MrgxrmXSnSF4twdQdw1exilosm8AiWKkWWK_X1VIBjIFOOtdhVNWqIK-LE9rJlCvaiZ4boO8CaYABu-G4QRP81"
            ],
            "mac": "Q6TYmuH3gqduOEwQ14FOZqZIxU_drX_tmVPYBxGWooY"
        }
    ],
    "nonce": "Cj7YIgWT2K7Str9IZH0V-okPqx3A_rm6q8-rPymDG_k",
    "mac": "Ufz3HxH-tZgahyHhJIwnibCtoh04vVX3X9YxR-8oYyo"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D",
    "clientSessionId": "9jEOBV-X5MhYl4lHHPc1J5Fll3XL7nU3",
    "attestation": "Slqe3rvns929D73kkAyMWGiSCXC81EdtCbTM0feTUJM"
}


Deployed key[10] CN=KeyGen2 UpdateKeyManagementKey, E=john.doe@example.com


Begin Test (UpdateKeyManagementKey:2)
Updatable Session
UpdateKey
ECC KMK
Update KMK
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:36Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "a3mPKvU2ykm14XVRXnoFgq62nDikL-7veEyDNTFe2IA",
            "y": "XvbmIG6qG23Py5xjvnjPpq_AxWSJ6Pcvrkk_tOkLI5w"
        }
    },
    "keyManagementKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
            "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
        },
        "updatableKeyManagementKeys": [
            {
                "publicKey": {
                    "type": "RSA",
                    "n": "kCNcOpatALB21jHrPIv1BgXlUJ5W8y9jfFci45G09x1zRz1E41lkBJYaEcxQNsT2h_vlf3nIK9g5Inr65vgeciLHQC-KFlpoGfSlTEnzq5eY8vON6egAOeQh5T-I_L9blNUqXsSDFHoA3DT5QcEkXNDz1_rqkNUk0YNJFIIuAWqe1OSEcU76dOmnRV1OAY6_OTC-1Wd4_teuLepi58BeUQoSTJTu2lbs-k8MZ1qnmcrYxTnou-NnYG1_Uhz1b8rS7WxaeFf1RaBIWjly2YjrnT76VcFXZX4BNALYhhxFq3wO-AVOV4TBOlF843Jd8tyHN9OGBspqNo75jsAZIucG9w",
                    "e": "AQAB"
                },
                "authorization": "XjzIoz0muM8AMjFafySlRE9co0cSAEV8D-0yKwSCJ_T8HQaZrmLp829oTdX9XwWgc5NBhlVaxafL2RrZKAye6DwgK_EoTC7QQ8GGVw1qqFRrw-KPXALRdUBj1ZQxbZGA9eK514nuuXO74zU7KRDZY9gmEQi1aWXzI0g_wTZFvzJVNUCLGP1h4pQPox8anZzrVkgCit4Mu0qBPbZC-mYQWIO8gbwSxxomgqdNbX1EwvrComec5fPyqLuB-OWdK9Bc7J81sBUWCA9NBlV6LKvl3JRYSgeEKwnbbWfMqEBA_uT1TvOrrybJS9V_NsTdfZ_O0Sq3sLm1Bfkm4XbbdbrvJw",
                "updatableKeyManagementKeys": [
                    {
                        "publicKey": {
                            "type": "RSA",
                            "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
                            "e": "AQAB"
                        },
                        "authorization": "MSq7BUGGFxfO57sHWFWastIlVuUFYK88slFXP-G92-WC_tjKHIXqj1IYJ54HZzOF4Qwt9ZKODh6ePKCo11KjR_LKzBru8XHlDZibOgKvBISm7kjWXCmdc8dnnOmU9lMjtoXZDzfCwmM7ap5foP5_iMm2mFWXA-zZ2fyXca2pJlyMdAAMtDNi4g7_DubqzaSq3AkN4lazQPHiXve3YzrDy5gGHfLaiRSKxtY-7O6PTvcVgJFF2BmW4Eyh_XVrMY4gzB-oCjHFP_6vf5CBCE0v4yyVF8Qx1zB4Ef75hR3jJyvobMirqOs7iFw5c0jkk5qhkItJGhqf32KM5LmQNQPPug"
                    }
                ]
            }
        ]
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
    "serverTime": "2016-01-13T19:58:36Z",
    "clientTime": "2016-01-13T20:58:36+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "07DhXYW7jehFWT5ydyWUrhul16xDglrsCEygSy3gSoU",
            "y": "5or9TdRUAaeEd9xVRwfvaehavZAdJROnoUYycKKHG7M"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "RHzlxQq3JS55ZrTeaE-W-vrRcgrPDyUK8Yo2bIMowOImldXqIvk0_H5pVRJ4zgtMBaFbS_INnRZUfRe1wMhWfxpj_V17K3GhRSuKmz9p0txQeXVzOYyAV49yhBuayJAnY7qthWYYBzqXx3agqqcLXJZ_CVUC2McSmRyTVEYToog",
    "signature": {
        "algorithm": "HS256",
        "value": "H-7AGteWuSumjY1cuFu5GyNbKKm2x-J-UgXUGXYWjns"
    }
}

 
 Pass #5: CredentialDiscoveryRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryRequest",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
    "submitUrl": "http://issuer.example.com/credisc",
    "lookupSpecifiers": [
        {
            "id": "Lookup.1",
            "nonce": "9MCJ-4zAjeWTOwvC3_dY4O-VMrcZZAgDuf5hbKkGd8g",
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
                    "e": "AQAB"
                },
                "value": "WySffXkG5U0Zv_oxgi9MhDK0DAFuJ344EqByP0jCBjffmcrqGtNBghPt23uU-n-cMxyPFsjSGRf-ho4fEgKfL2BcgBNOT6aMGSQgvGNYxl_doUux_jfYWhjQlo3NVQ1wqBe4sBJnMaQRZpOZ5qS472qQ9TlCxtdx59SOfXx1ILi4tfoS8yZGg2ZsqT9T3QRug9ubZYIT3xX2Mwe63bJ30WQ_ziRXokyfeslzdpFruztnv6ybbI5Whi4ueYODhtZQMGEz-LI3GQoJUYq7eXBQvvhZq6E3y420jbxYMq850kWgrlYm0TeK9lPVdmQ1BoBB_GhPCmnU8zZvcQNeorOI7w"
            }
        },
        {
            "id": "Lookup.2",
            "nonce": "9MCJ-4zAjeWTOwvC3_dY4O-VMrcZZAgDuf5hbKkGd8g",
            "searchFilter": {
                "emailRegEx": "\\Qjohn.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "mzCEdGc60iMYpMDA4InKwkGPtlrdFhMH1sNBV5qBT3NemFvmdgW2byST9TWjO6lIbJHua6-p4MAc6s0ba1iX5g"
            }
        },
        {
            "id": "Lookup.3",
            "nonce": "9MCJ-4zAjeWTOwvC3_dY4O-VMrcZZAgDuf5hbKkGd8g",
            "searchFilter": {
                "emailRegEx": "\\Qjane.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "Bck-csz5Q4dRBKWW2EanC1N9JyYgeRNl5bSclAcbSUGH9Jic2uj5Kgt9SBotrPQPx3PODmMs9dsgzcwjnu9snw"
            }
        },
        {
            "id": "Lookup.4",
            "nonce": "9MCJ-4zAjeWTOwvC3_dY4O-VMrcZZAgDuf5hbKkGd8g",
            "searchFilter": {
                "fingerPrint": "sVNedtvlG3cMhuVupbgRa-aXPcbfsx3m3hIR9gMlmwY",
                "issuerRegEx": "\\QCN=Root CA\\E",
                "serialNumber": "123",
                "subjectRegEx": "\\QCN=John,2.5.4.5=#1303313233\\E",
                "emailRegEx": "\\Qjohn.doe@example.com\\E",
                "policyRules": ["5.4.8","-5.4.9"],
                "keyUsageRules": ["-keyCertSign"],
                "extendedKeyUsageRules": ["1.3.6.1.5.5.7.3.2","1.3.6.1.5.5.7.3.4"],
                "issuedBefore": "2016-01-13T19:56:56Z",
                "issuedAfter": "2016-01-13T19:58:36Z",
                "grouping": "shared",
                "appUsage": "universal"
            },
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "kCNcOpatALB21jHrPIv1BgXlUJ5W8y9jfFci45G09x1zRz1E41lkBJYaEcxQNsT2h_vlf3nIK9g5Inr65vgeciLHQC-KFlpoGfSlTEnzq5eY8vON6egAOeQh5T-I_L9blNUqXsSDFHoA3DT5QcEkXNDz1_rqkNUk0YNJFIIuAWqe1OSEcU76dOmnRV1OAY6_OTC-1Wd4_teuLepi58BeUQoSTJTu2lbs-k8MZ1qnmcrYxTnou-NnYG1_Uhz1b8rS7WxaeFf1RaBIWjly2YjrnT76VcFXZX4BNALYhhxFq3wO-AVOV4TBOlF843Jd8tyHN9OGBspqNo75jsAZIucG9w",
                    "e": "AQAB"
                },
                "value": "LYzHRIBoQqVXDfpVMkaRIlYeiGX1Wy8sd00uLKzmUTnYWMT3lsKge340yOHNP6DjKh__X1nGThJyy7t_jDlNf74zDVKnklTNlYisfflCyW1PRiMYdvoP--f6ONC3VuiuAX2LNN5Xa8yKB_IaCY6C4TziboBtWiGNXNqxNfOS5mqCkNcpg0vMMhH306XKCRmYAp10UgfSR4GjOsX1RE7D4q8_ok3J-AwTCOA_be0zs9p418fHOuoXnALnBt1ctQ35o9L8Z7uQMp9qj16kK_7xEgbDfsJ7PbQVnPme82EVqiVoLIPTh9E9rJWP_0ZfyjQq2ejFPsPvZjbyNtXxhJvMSA"
            }
        }
    ]
}

 
 Pass #6: CredentialDiscoveryResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryResponse",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
    "lookupResults": [
        {
            "id": "Lookup.1",
            "matchingCredentials": []
        },
        {
            "id": "Lookup.2",
            "matchingCredentials": [
                {
                    "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D",
                    "clientSessionId": "9jEOBV-X5MhYl4lHHPc1J5Fll3XL7nU3",
                    "certificatePath": [
                        "MIIDbjCCAlagAwIBAgIGAVI8kYceMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNloXDTQxMDExMzE5NTgzNlowTjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJzAlBgNVBAMTHktleUdlbjIgVXBkYXRlS2V5TWFuYWdlbWVudEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvETD6Zh-sdumIW_i4PuyufD0MnbUce7-uMDj1aQivIyoNOVGg_2n_vnxgS51oQTfPUlPIpiz6t_gkCOsgRc3gqkoyofs5oT3kjFVx6Z5Bc96Vi2VSCyTkhMKY9uBV4WUmU_PuT49Q3i1_ENUtDchMoz89QfRgTPF0chCQe5kZOrTHTmcAoiM6fdg4h4oYr1BvhER4sUNMRpaWAajpzATLvXZPubKUFsyFf2jskHLWU8AsdBv7Ga6hts1GZPQLPsN3pfJmjbFCJOEqIfD-VC_mZ0sgaHINYWiCE0eCC2i0XWcTUbe805NGl9lAk84yWuXFQiyd2sR5d8xhY913cPY8CAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFJkbpCbdr-A4ffCeAVwSK75kqa8YMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQBsAh2VKmsNu-T7N3BFXtPmMnC2vpwrosddMj0TYVPT42XC_X33JEW_3ukESoFO6_F6Znyxp1yBzBMNt2Zscdbei5fsmzfHALGmYyv4peaFf2NLCrwZpMy6e9tJOwTYOvxvoxOA4BZbLaSMoxsesQxi7jM2TxSqf9bf2_ahFJRrHJUUT6Xq9ue1Iykrh_RSNV2FkrenjTdqDTrrQVNwc_J_q1yfbjT6dpm1gFmtjXK0x-uU0d37jLRS8SoCoVCka7MrgxrmXSnSF4twdQdw1exilosm8AiWKkWWK_X1VIBjIFOOtdhVNWqIK-LE9rJlCvaiZ4boO8CaYABu-G4QRP81"
                    ]
                }
            ]
        },
        {
            "id": "Lookup.3",
            "matchingCredentials": []
        },
        {
            "id": "Lookup.4",
            "matchingCredentials": []
        }
    ]
}

 
 Pass #7: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "hqynGhCkV30hjblaYL9Ebiv2fh0G5K7QC8lTejPw3Do"
        }
    ]
}

 
 Pass #8: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "gJCZB6uas6iP5UCPmsk0-ltvCXCVYcYE1skBVJHoN3h1K2JLrKBlOcH6r_vTz89l7QHX4AjbfaMQhMjWpkaqeW475S4tv6g4PrwgauRAMjzKIxceQIvw7X4Q5XniVxe7XDI0bd_FPrN6dqLP9SK4GAXiUzGdh7TJWalIVAvS-pftZ1uXoWcEjE0mcgY34JcMTCMN5poI0yV6fry9vOzgdYK1E3UvNsI1z2Y_5ENWiMjS8rwpfwza_ig64oKBYtClDX9ntflpHrwJaME7wIS3UfIwVJYqNbJykjVsBBcUZzWW5W3jqySJkY8k7PXkeWyAzj7smlyiaankXkS7Jm-SoQ",
                "e": "AQAB"
            },
            "attestation": "dbXFw48K1snlkOFFBB3Ce_iICucYS8-95Ej3M7E812c"
        }
    ]
}

 
 Pass #9: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDbjCCAlagAwIBAgIGAVI8kYjEMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNloXDTQxMDExMzE5NTgzNlowTjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJzAlBgNVBAMTHktleUdlbjIgVXBkYXRlS2V5TWFuYWdlbWVudEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAICQmQermrOoj-VAj5rJNPpbbwlwlWHGBNbJAVSR6Dd4dStiS6ygZTnB-q_708_PZe0B1-AI232jEITI1qZGqnluO-UuLb-oOD68IGrkQDI8yiMXHkCL8O1-EOV54lcXu1wyNG3fxT6zenaiz_UiuBgF4lMxnYe0yVmpSFQL0vqX7Wdbl6FnBIxNJnIGN-CXDEwjDeaaCNMlen68vbzs4HWCtRN1LzbCNc9mP-RDVojI0vK8KX8M2v4oOuKCgWLQpQ1_Z7X5aR68CWjBO8CEt1HyMFSWKjWycpI1bAQXFGc1luVt46skiZGPJOz15HlsgM4-7Jpcommp5F5EuyZvkqECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFKFR87PkcSliMGn3tTfC-Pfi4d6oMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQA88OuUj2x40uRImZ81KTBSPRt-O7Yf9GlsnAh4f75k0kiv18obsudl5FewYBo5jfa6LEwm0fmcTVlFW7oFhdWQ-Hi5-RUv6C5H4FEe0DFMr_0scAI1Phiu9fLWnf88yDfBX9fpD_ldZ-Llgm9YVTGLztk0-PyexUYLJbpPVUu5qGp5bXroIKCPIZj9DYQ1WqaiH7GAGQTKFyS7rbtiyP27UXo7avgRCRVmUWlRidvNM39sUFxKYWyEEqXohloxiozTMabnx60uA4ICZJWkNfbbYVixtxtaEP08ki2f-WvZQHVPV44cuNhTXakj695ZaMnSyxos01OT4gPHNQlYuT57"
            ],
            "mac": "E2nT-Tz-Kfxj5CP_ghFTbZm6BAIRcFdOiWuYZkGQ7nk",
            "updateKey": {
                "fingerPrint": "PKNH0UddNPiCsgNit9tUW4iFEVaMxq6FWyUXwF4U5tM",
                "serverSessionId": "1523c918604Ud5a41kBEYskpWWoWY38D",
                "clientSessionId": "9jEOBV-X5MhYl4lHHPc1J5Fll3XL7nU3",
                "authorization": "DyMkUSUDbRopUf44Cs_BiiPwNUzTD8s6wYwKKuKkOga_Daa2CqwKBp3tiuuLadFGJ4DiD2LylooHKHXGsnU8HA",
                "mac": "IHR9SkdbbGpw-7f8Ae2LtWcabkpsfJwk8c50Zy6Kf5M"
            }
        }
    ],
    "nonce": "ooWLCtToPP2rPHWHz7zDKWitVCpBfIBOpcdH4Csw28o",
    "mac": "A47pWfJ_U0ixQPe9_KI2POvVdvinzw8j4Fq-2LDAIE0"
}

 
 Pass #10: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
    "attestation": "Sq5tKPbRXzWlkcvFm_e50KixogUJoAbFjt8rKFc4t4A"
}


Deployed key[10] CN=KeyGen2 UpdateKeyManagementKey, E=john.doe@example.com


Begin Test (PreferredLanguages:1)
Languages
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c9188f2_AdNhkksubb28ul0GiGjV",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage",
    "preferredLanguages": ["en","de","fr"]
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c9188f2_AdNhkksubb28ul0GiGjV"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c9188f2_AdNhkksubb28ul0GiGjV",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:36Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "MK5oc8p3_w4kGjvue1waVxruqyf18QYEGgVcHzn7puQ",
            "y": "uTO4Ye1Mcn1DPHUlCEXkHt-SwGdHM2xqgJ4b3uosST8"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c9188f2_AdNhkksubb28ul0GiGjV",
    "clientSessionId": "0Jz-vQ8l7Hp7aQUdmb3rG30WsG4xN0cB",
    "serverTime": "2016-01-13T19:58:36Z",
    "clientTime": "2016-01-13T20:58:36+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "6w1Z-yQDdE3RRoCBsojChhJOhbHN0bTJr8dgpi-1scQ",
            "y": "zYQUe45qwJnr5EsOBUnEBkmPAQjBa0oMVqNT7yY7eeM"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "Kj4bxcvI_CHDIgKCBMYLYuwkIO1tcJDraQ0w7w9e_QN6xwYjX0WQ-3zXGlRcfYORqOP3QgtXZvZMzlXUB35fGpMSdFRK96J0vZcQNEXJ0H7OXlvOmvbI0jpsOHqBcMDu5iK3DiCr-q2wX3-IUpbhlJuOLdXRXXqFbhfYtoSGZEQ",
    "signature": {
        "algorithm": "HS256",
        "value": "zzQ8mPx3Hj72nEyDAoAZMeb1wLxIofofyFH0CeSYXmQ"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c9188f2_AdNhkksubb28ul0GiGjV",
    "clientSessionId": "0Jz-vQ8l7Hp7aQUdmb3rG30WsG4xN0cB",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "9xEe06NqIsuTBBoQSps-NTOkSIRag5Z-3UUQHLOXGyw"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c9188f2_AdNhkksubb28ul0GiGjV",
    "clientSessionId": "0Jz-vQ8l7Hp7aQUdmb3rG30WsG4xN0cB",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "pdqWroNR15bqawQaDZKTFL0HyFbwnbgOt1PqFwdFV2axaX7In_RuMHABF-EjaPvjFMTeHCc41G4r3g6V_BUs_OAEzfxomhklyKZbLzXnDAUte1e2ssxI3px4NqiIAIIlejtWQ0pink6zSD9215JlddOEbhMH1RNAJAX0rGoc1jpdIujMOViVf1e8XQbFNDd_Or_IfLbTCUmbkyOLCpVOMrNEgl5LQmCZq3uEAbIRjf5aGyFhlOr-KQ7X4hG_3iVA2bk8eIgI8PWpR6Lzd-z4e4_CVNpbNMKli01oEY0xHNPPRIDFg6Exqx77-A0jqVRS3U-Ia1RHmR3dmp9kSiS1ow",
                "e": "AQAB"
            },
            "attestation": "hMA0Zm9m9Q4xhQntl3noAOZNZUt6JGUa37ba5JteK9k"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c9188f2_AdNhkksubb28ul0GiGjV",
    "clientSessionId": "0Jz-vQ8l7Hp7aQUdmb3rG30WsG4xN0cB",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDajCCAlKgAwIBAgIGAVI8kY1mMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzN1oXDTQxMDExMzE5NTgzN1owSjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIzAhBgNVBAMTGktleUdlbjIgUHJlZmVycmVkTGFuZ3VhZ2VzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdqWroNR15bqawQaDZKTFL0HyFbwnbgOt1PqFwdFV2axaX7In_RuMHABF-EjaPvjFMTeHCc41G4r3g6V_BUs_OAEzfxomhklyKZbLzXnDAUte1e2ssxI3px4NqiIAIIlejtWQ0pink6zSD9215JlddOEbhMH1RNAJAX0rGoc1jpdIujMOViVf1e8XQbFNDd_Or_IfLbTCUmbkyOLCpVOMrNEgl5LQmCZq3uEAbIRjf5aGyFhlOr-KQ7X4hG_3iVA2bk8eIgI8PWpR6Lzd-z4e4_CVNpbNMKli01oEY0xHNPPRIDFg6Exqx77-A0jqVRS3U-Ia1RHmR3dmp9kSiS1owIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUe3i1yZoagJnFPo5hqR-tOz-PluAwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAItGXmaTZwupMhB5t7ABg8zBI4V7SIilzQV8bNvZnmI3jS-phR6kUIMEPVGUZ8LIpqbXd84_yHC84yRCCVBMzN44Nu7-WQkpAz0nPvMK29cnNMrNMJi64NFaPgfHXAAwttKv3uI7XBSKaPgbxpV1hxnIHeYSaI6K8tGayUfbtuP2muHH8NccZnmtWRC2-bmmnFdSlybyeAPRZI2b9G2N3OqV19umc_sWYU_swvdmhU7_xzqtwMWNmSH7dB1D-hRtXCAvFixSb0rYb6-bYz8JPKYa-ILdfBG94HACG3vOrf-E7rzoju8QldCfwPTvvCRVPiQNvyxEmCq_UvrB5esFsuQ"
            ],
            "mac": "dXt_IRhLo5MHaTMhX4eIq3pDiULmdcj2FzNRmZGiUns"
        }
    ],
    "nonce": "wAQxYIetDFmmdaJ8Lavu8-gVfv19TUDvF9qx7l_XuE0",
    "mac": "oqUROvN-FdxvfR_SxDOYlUf8PCgqsIFe0-v9YguRu38"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c9188f2_AdNhkksubb28ul0GiGjV",
    "clientSessionId": "0Jz-vQ8l7Hp7aQUdmb3rG30WsG4xN0cB",
    "attestation": "qNG0qp7w_s2gYWmpOfw2NgUoNm6FJOMs4GmbZDasKXY"
}


Deployed key[12] CN=KeyGen2 PreferredLanguages, E=john.doe@example.com


Begin Test (UnlockKey:1)
PIN Protection
ECC Key
Updatable Session
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:37Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "tXy5Y91sU_F35-r0uAUshvm_BbPewRVGO3cEhMlvNW4",
            "y": "HowWE7jTkjilb7hKD3Zq3LHZsesQgLKcZ69yKuaOMHY"
        }
    },
    "keyManagementKey": {
        "publicKey": {
            "type": "RSA",
            "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
            "e": "AQAB"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI",
    "clientSessionId": "qzZQGuAjxaJqu7WQhhM2YjKv7-iYI2zQ",
    "serverTime": "2016-01-13T19:58:37Z",
    "clientTime": "2016-01-13T20:58:37+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "3dmm9en1MTSqdQ56dKJPmvhHKpAfprG_JRX_39zECVU",
            "y": "Hp6Klp1_c1nmKc-_Gou_ne5Ve66hoIE-L8tFcBuXtjg"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "MxNGAE2gzHG-bg9vAzgJyAPhYjTmsPqow09ot1Olnun-zhJwA6BWW8QM0_P0RuTMIMy3_Fse53rpUKCgWcGogCH0JfK10CeZITJuCxaqRF6bOojQoFWweilgxNsUPXGkNl4YrZVFLxssBaWt7UZOUjabmgKbq2T86ACrWK38cSs",
    "signature": {
        "algorithm": "HS256",
        "value": "d_z3Haq2k0qC9oViyieUEq6HvIbB98kIPdBAox46nLQ"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI",
    "clientSessionId": "qzZQGuAjxaJqu7WQhhM2YjKv7-iYI2zQ",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "wTKP7lfXcQFha4MEIi0R_IwwohJkm7isHzt7oGAjUGw",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "2hVQmCNrlE5oLXb0sYaFfAaT2PkanozVsR5FUrL030c"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI",
    "clientSessionId": "qzZQGuAjxaJqu7WQhhM2YjKv7-iYI2zQ",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "zY_Nze2fOz40OQI7X0R9Dtg89VKc2uL8Mtb3DjjtYIQ",
                "y": "2o1TD_tvcm0rPwbnLmI5Ax5r89814b9qdMTW5zqA048"
            },
            "attestation": "-oDlsb3nQ_iUgeThVA-UCmQsVjI9WvKY8qcsb87p4kI"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI",
    "clientSessionId": "qzZQGuAjxaJqu7WQhhM2YjKv7-iYI2zQ",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICljCCAX6gAwIBAgIGAVI8kY2kMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzN1oXDTQxMDExMzE5NTgzN1owQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgVW5sb2NrS2V5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzY_Nze2fOz40OQI7X0R9Dtg89VKc2uL8Mtb3DjjtYITajVMP-29ybSs_BucuYjkDHmvz3zXhv2p0xNbnOoDTj6NdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFMcdjvLUt9-PDZ6HBbNCWuoLLc1RMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQB-xH5GOgM-Ra83nHhusIXh1m38QAVXffio21DSENkSNmWMhDpQmZ1lyAACYVLOztHvhgwkyQH1HZh2EfISWgs6m-4etsFyxz3hjVUHNpcGYEAVoNTg7EQfckLL17SonTFMbe-Zggy3P9w86CaOzMqqPAf426efzl0KH6t5bmFgVMNDR7ZOGk60kDsphX6TGvgCoHDPLyndPfzW71wNXB3YpdTj7hGAczA91DVP7ph5scBFt7kjKMivEGlcH1jcx20rphh9avOnfXpVPKmi8DokKD1gI9NP8m0mFo8kL39I0FLPVdCT9sL8Y7Tx1vfGManKggz-wi_TKF0p-qVjOZ-t"
            ],
            "mac": "ER2FaU9PnZrizB87iAQCPmABOSI08PtFGj3KGh4DOmQ"
        }
    ],
    "nonce": "w9ofSAE4xZBl1wWcjxR_ZnyUO8isrIvOIK6zh75ETUk",
    "mac": "FA0Ebe9WhFBOl9qfGYExMqkp2Mvkt_A3S5CuePVpAB8"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI",
    "clientSessionId": "qzZQGuAjxaJqu7WQhhM2YjKv7-iYI2zQ",
    "attestation": "Hb1-ohDPQuC5bMT44SxaVHz2rP-ln7GdNhkaSGnHhA8"
}


Deployed key[13] CN=KeyGen2 UnlockKey, E=john.doe@example.com


Begin Test (UnlockKey:2)
UnlockKey
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c918dc5OaBo28nx4B49hBi_uRWgB",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "unlock"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c918dc5OaBo28nx4B49hBi_uRWgB"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c918dc5OaBo28nx4B49hBi_uRWgB",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:38Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "3wbbMDc9FkG8YESIzuUlRgMEKbeovyo6-SS6yUvKYGA",
            "y": "xSbKBCCaG5d74DalthIEZQuL7MqnhsHH7kNRMyD3NJU"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c918dc5OaBo28nx4B49hBi_uRWgB",
    "clientSessionId": "MWxjPH9bdNMOqWBJrthXQKQwGwke2ANx",
    "serverTime": "2016-01-13T19:58:38Z",
    "clientTime": "2016-01-13T20:58:38+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "zdPILtxwT2kqIILT4PV4sa-hP7piMNwXJ5crFQUyzlw",
            "y": "gTuZ_b_4EeqKOm9G8SOs8TBUxzI9BHv93r6LsXzCOqI"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "BttR7PrHFYMnjPXn-ggF2poGAs-6UM1Y5_0pDLCqXDCe4kIMKcY6ax9RPSCDk_cCdduiu3mIpBeqrkvsX6FHcXQ3gwHXFakQvmvLfq07L3j1Qjk1PJYhUv7xgElOmVy0zBrrXG6BE2wRMfpG8U0zbXAmRRnFcOQKBd4TVzpJs0Q",
    "signature": {
        "algorithm": "HS256",
        "value": "oWppsAdQmpUlCHZJ8yRC96j61XXEwc7tS-Q8V7eSqAI"
    }
}

 
 Pass #5: CredentialDiscoveryRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryRequest",
    "serverSessionId": "1523c918dc5OaBo28nx4B49hBi_uRWgB",
    "clientSessionId": "MWxjPH9bdNMOqWBJrthXQKQwGwke2ANx",
    "submitUrl": "http://issuer.example.com/credisc",
    "lookupSpecifiers": [
        {
            "id": "Lookup.1",
            "nonce": "PGbBhzFzu1Z6azJFYuwv1Ch8lL2a-VbXWWTHAxFysm0",
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
                    "e": "AQAB"
                },
                "value": "QSyzZcZdpnlB6ZCgkq0nuiweAz90DjQEZ646vhaf3nU06-XTP3SqmHf5KkfLAR4oVC40-L_teEBAhdqWXBS8d-qtLtX0WSmN_wSMMijrvKuFDCBpY5ZaHsNnXbsveL8llNyd5x2OjiJfnOnzt6ToIynjZl4bt3dWCjcufIOIWU6L79WEErBoIVjqq-JqLKgHbZDJp9duaReaEp2Rl4XVQt5QQnXB_ss26MH9SwBVP_Qrqf0Aw6AtustWdC_Dw4v4h34dkWIH-pbm68nGxJw5BMU7eGYN7XN4osWxY4E9E955tLV43jC93g4ye2Ed8LpFGqGDB96jYuVs-Y8a3Tl0cw"
            }
        },
        {
            "id": "Lookup.2",
            "nonce": "PGbBhzFzu1Z6azJFYuwv1Ch8lL2a-VbXWWTHAxFysm0",
            "searchFilter": {
                "emailRegEx": "\\Qjohn.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "HjWk9PUp7cowThSKmMVTjwa6OUhHw_EHcu1GMFtaRMRT56KV5gOzIyc7-J0TFnAQmwrNM1ugUcMn2y9AdE3d1Q"
            }
        },
        {
            "id": "Lookup.3",
            "nonce": "PGbBhzFzu1Z6azJFYuwv1Ch8lL2a-VbXWWTHAxFysm0",
            "searchFilter": {
                "emailRegEx": "\\Qjane.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "rtL8z6iCMD-soiq99YeraOOzo8KCSJuusIUzq8xNpMjjKe4yemlNFsYf8mSJaDXwibY_8nTvCz-JrBswF2rsuw"
            }
        },
        {
            "id": "Lookup.4",
            "nonce": "PGbBhzFzu1Z6azJFYuwv1Ch8lL2a-VbXWWTHAxFysm0",
            "searchFilter": {
                "fingerPrint": "sVNedtvlG3cMhuVupbgRa-aXPcbfsx3m3hIR9gMlmwY",
                "issuerRegEx": "\\QCN=Root CA\\E",
                "serialNumber": "123",
                "subjectRegEx": "\\QCN=John,2.5.4.5=#1303313233\\E",
                "emailRegEx": "\\Qjohn.doe@example.com\\E",
                "policyRules": ["5.4.8","-5.4.9"],
                "keyUsageRules": ["-keyCertSign"],
                "extendedKeyUsageRules": ["1.3.6.1.5.5.7.3.2","1.3.6.1.5.5.7.3.4"],
                "issuedBefore": "2016-01-13T19:56:58Z",
                "issuedAfter": "2016-01-13T19:58:38Z",
                "grouping": "shared",
                "appUsage": "universal"
            },
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "kCNcOpatALB21jHrPIv1BgXlUJ5W8y9jfFci45G09x1zRz1E41lkBJYaEcxQNsT2h_vlf3nIK9g5Inr65vgeciLHQC-KFlpoGfSlTEnzq5eY8vON6egAOeQh5T-I_L9blNUqXsSDFHoA3DT5QcEkXNDz1_rqkNUk0YNJFIIuAWqe1OSEcU76dOmnRV1OAY6_OTC-1Wd4_teuLepi58BeUQoSTJTu2lbs-k8MZ1qnmcrYxTnou-NnYG1_Uhz1b8rS7WxaeFf1RaBIWjly2YjrnT76VcFXZX4BNALYhhxFq3wO-AVOV4TBOlF843Jd8tyHN9OGBspqNo75jsAZIucG9w",
                    "e": "AQAB"
                },
                "value": "WChnNRdzBxvxWrI8GbG-77MHXw8F7IrEJZgZOlhxgCPhMJ5nB_h6297vJktSQjg7RNwPnnsCajULn1UNyGSnD9tIVKBhOfvXcGPTdIGsNt6qDPPiuQTDnOoop8C1RuGuTA-j6IWJfqHyVL4tW0BK1lilXerdOVE_tizk1D6nHhYnDZuhcUqcJNGvtwOC1Rlih9zKVkWr7azZnpxPEJ7mVypDtpktipWfK-1OQpt_yC44jWg8jg9JfBNXvHBpHhjz_fx64kaSnQ8vKM31uz_g5XnRhy-3XcJrEryGacbGYsz0ftVp4hoHQxQmehBkyMQC3VL4aVlaE9snudMgyHl-YQ"
            }
        }
    ]
}

 
 Pass #6: CredentialDiscoveryResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryResponse",
    "serverSessionId": "1523c918dc5OaBo28nx4B49hBi_uRWgB",
    "clientSessionId": "MWxjPH9bdNMOqWBJrthXQKQwGwke2ANx",
    "lookupResults": [
        {
            "id": "Lookup.1",
            "matchingCredentials": [
                {
                    "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI",
                    "clientSessionId": "qzZQGuAjxaJqu7WQhhM2YjKv7-iYI2zQ",
                    "certificatePath": [
                        "MIICljCCAX6gAwIBAgIGAVI8kY2kMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzN1oXDTQxMDExMzE5NTgzN1owQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgVW5sb2NrS2V5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzY_Nze2fOz40OQI7X0R9Dtg89VKc2uL8Mtb3DjjtYITajVMP-29ybSs_BucuYjkDHmvz3zXhv2p0xNbnOoDTj6NdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFMcdjvLUt9-PDZ6HBbNCWuoLLc1RMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQB-xH5GOgM-Ra83nHhusIXh1m38QAVXffio21DSENkSNmWMhDpQmZ1lyAACYVLOztHvhgwkyQH1HZh2EfISWgs6m-4etsFyxz3hjVUHNpcGYEAVoNTg7EQfckLL17SonTFMbe-Zggy3P9w86CaOzMqqPAf426efzl0KH6t5bmFgVMNDR7ZOGk60kDsphX6TGvgCoHDPLyndPfzW71wNXB3YpdTj7hGAczA91DVP7ph5scBFt7kjKMivEGlcH1jcx20rphh9avOnfXpVPKmi8DokKD1gI9NP8m0mFo8kL39I0FLPVdCT9sL8Y7Tx1vfGManKggz-wi_TKF0p-qVjOZ-t"
                    ],
                    "locked": true
                }
            ]
        },
        {
            "id": "Lookup.2",
            "matchingCredentials": [
                {
                    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
                    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
                    "certificatePath": [
                        "MIIDbjCCAlagAwIBAgIGAVI8kYjEMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNloXDTQxMDExMzE5NTgzNlowTjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJzAlBgNVBAMTHktleUdlbjIgVXBkYXRlS2V5TWFuYWdlbWVudEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAICQmQermrOoj-VAj5rJNPpbbwlwlWHGBNbJAVSR6Dd4dStiS6ygZTnB-q_708_PZe0B1-AI232jEITI1qZGqnluO-UuLb-oOD68IGrkQDI8yiMXHkCL8O1-EOV54lcXu1wyNG3fxT6zenaiz_UiuBgF4lMxnYe0yVmpSFQL0vqX7Wdbl6FnBIxNJnIGN-CXDEwjDeaaCNMlen68vbzs4HWCtRN1LzbCNc9mP-RDVojI0vK8KX8M2v4oOuKCgWLQpQ1_Z7X5aR68CWjBO8CEt1HyMFSWKjWycpI1bAQXFGc1luVt46skiZGPJOz15HlsgM4-7Jpcommp5F5EuyZvkqECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFKFR87PkcSliMGn3tTfC-Pfi4d6oMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQA88OuUj2x40uRImZ81KTBSPRt-O7Yf9GlsnAh4f75k0kiv18obsudl5FewYBo5jfa6LEwm0fmcTVlFW7oFhdWQ-Hi5-RUv6C5H4FEe0DFMr_0scAI1Phiu9fLWnf88yDfBX9fpD_ldZ-Llgm9YVTGLztk0-PyexUYLJbpPVUu5qGp5bXroIKCPIZj9DYQ1WqaiH7GAGQTKFyS7rbtiyP27UXo7avgRCRVmUWlRidvNM39sUFxKYWyEEqXohloxiozTMabnx60uA4ICZJWkNfbbYVixtxtaEP08ki2f-WvZQHVPV44cuNhTXakj695ZaMnSyxos01OT4gPHNQlYuT57"
                    ]
                }
            ]
        },
        {
            "id": "Lookup.3",
            "matchingCredentials": []
        },
        {
            "id": "Lookup.4",
            "matchingCredentials": []
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c918dc5OaBo28nx4B49hBi_uRWgB",
    "clientSessionId": "MWxjPH9bdNMOqWBJrthXQKQwGwke2ANx",
    "submitUrl": "http://issuer.example.com/finalize",
    "unlockKeys": [
        {
            "fingerPrint": "NxfkcmWkGFweR9RcsEsGsQ7kP4CgZ6-g-hlS6_1vhs4",
            "serverSessionId": "1523c918d762Dyyrvx9OZqKx91mTdLQI",
            "clientSessionId": "qzZQGuAjxaJqu7WQhhM2YjKv7-iYI2zQ",
            "authorization": "FArvBkGm2FSC_ME1b5nwYFqgom460gtCOWT2-TICpFjdXDjqIzdxSYl6rvMA9X8ab6r9KfExZVVHPEgdKk3jQQKOxXp-5-OswCDUaW7uP9EY_v7tbmzY34hqc5IAx-L_h5PFrlGX129wMcYqrfnL6Va6BjiGXsGhKR05XsC-2e762swMOh8zFFl99G2_VKQzsEfdTmhCxoMnzHGgIl0DwK-qzpOgccUOWxqFZiGlg5Nf2cXabxhMcqJ6Q7GYhCkEYz96PEinY49NaNt513HplSkXKLk_Rf7CQYzUFR6--yjyagYWBklkQP68GwS5ZP7DQs5LJ1DFNnNdvLgPXpb1Pg",
            "mac": "uGSyiN7CNk5TApvpXTcM-AkfefVdR7qSWelfZjXSJ6Y"
        }
    ],
    "nonce": "4-FXFckoGLnPdDNb_XTMfwBQuV0Ss2TXCb8RWqOv_RA",
    "mac": "kQzctmx6YJBT_VKJ4F0hn2BoqgdeCwM3bY8vlq0MnMM"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c918dc5OaBo28nx4B49hBi_uRWgB",
    "clientSessionId": "MWxjPH9bdNMOqWBJrthXQKQwGwke2ANx",
    "attestation": "UvS7wwxnsWEh-MXTyV-pVqq7nvXnA1JzOok7HS9dUC0"
}


Deployed key[13] CN=KeyGen2 UnlockKey, E=john.doe@example.com


Begin Test (EncryptedExtension:1)
PIN Protection
ECC Key
Server Seed
PropertyBag
Encrypted Extension
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c918e4381QFswJE7rkNAznrMXjHP",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c918e4381QFswJE7rkNAznrMXjHP"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c918e4381QFswJE7rkNAznrMXjHP",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:38Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "doxha5c9nX_3IGRO-X5EEuzqOIAMgqGtegZnexKutrI",
            "y": "TwQXLWZ8lEN_41B7oic88omLOrZopPA_LF72teT4Qdg"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c918e4381QFswJE7rkNAznrMXjHP",
    "clientSessionId": "is4cTMrFnKTuU5r763Po6z8rDxCflheZ",
    "serverTime": "2016-01-13T19:58:38Z",
    "clientTime": "2016-01-13T20:58:38+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "5bUyIj15sml_YmeDOyeF5AIejTzUw841ED45cChLhGc",
            "y": "xN2db8LQUvj1paU2pzHjqnEd8z_N3uwsRPzPjfXiS-8"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "GdxEKPPZaQxW65zJrtCG9_X6Z8htoDCrhBajHcNEYPgRnUHiC3Nz2UUAiXzGwSfGqr9lom0jk2xfd8w-vZPc9_58l5zTvgHJl8ObQpexIOK6bN1hYuwP8-LZjVaNipkh59YBz7tOFifZqSxCDKWdX8Q4HH32xaC_oKiZUbXhfuY",
    "signature": {
        "algorithm": "HS256",
        "value": "88JeDSKVbrFG5tvJGoDud24nicUqBsWQgmAlEtvaRIk"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c918e4381QFswJE7rkNAznrMXjHP",
    "clientSessionId": "is4cTMrFnKTuU5r763Po6z8rDxCflheZ",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "IfcSeZwmp6ifN1Rr-zqLxf3-BaM3r2ONo1z_Sni295w",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "serverSeed": "YvXaq32Z4-h6M4hkzIbXayjtjcdqF7vS_oZ_KaNYri8",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "t5rj37t642-lnLjIn2xQ5UdhSSGz7-wMIA2WAdfoz6A"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c918e4381QFswJE7rkNAznrMXjHP",
    "clientSessionId": "is4cTMrFnKTuU5r763Po6z8rDxCflheZ",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "ndzO3kVOPiehZVaNYJXd8IGAM5wWe_0bbtTQGdLO2AE",
                "y": "w_Ve2sqwOIMq_CZznKIpUjZvxjAfHtg2istJtL1JCzQ"
            },
            "attestation": "zlP9L1ucgXS5nZF3oPzBTncKcyEbRqYlfvIp9CRSfHk"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c918e4381QFswJE7rkNAznrMXjHP",
    "clientSessionId": "is4cTMrFnKTuU5r763Po6z8rDxCflheZ",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnzCCAYegAwIBAgIGAVI8kY5yMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzOFoXDTQxMDExMzE5NTgzOFowSjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIzAhBgNVBAMTGktleUdlbjIgRW5jcnlwdGVkRXh0ZW5zaW9uMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEndzO3kVOPiehZVaNYJXd8IGAM5wWe_0bbtTQGdLO2AHD9V7ayrA4gyr8JnOcoilSNm_GMB8e2DaKy0m0vUkLNKNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFA4mb7B4dRfsOrS5xJ8_JBYNcM4qMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQAmd8vb5ZaDW5yRvqGW6jwUou9JSRQ8NvE1odMmsyKKtZFjAHxI6VXGAdsUeOzx1umXO1NjwF_HGthlzJIHfFUB1VnHRNPHKoM7-F-s45-QfCfq74tf4BDnBQ6I-4kMEEYNr_gAcX1GH6osWdo4pHpL-UjsEaazKz-i9_60ckVH3o0q-UWJ5y_vHfHLFeRKpAZ-Jod6Hf2I4t8o4Tp7vFenVo5Cc8H03k-u3cNsY5788jKqXRjeLkox8U2_PdLNyO3FwO44UepcCHJpC3i6bbylmbx4tMEGfS-dUogf6Gaavt3R43Jdn0VG4QZOwf37ukicnG86Now6r9wiD_6X7fln"
            ],
            "mac": "e3TqEBLknzZ8_1d9GatkOnQHtuiG_KazmcKADt7DZNc",
            "encryptedExtensions": [
                {
                    "type": "http://host/ee",
                    "extensionData": "dd51HOnS6kBbm5NtzMuy14XE3YMtxDDN9frgVOy-C2k",
                    "mac": "t7q8lqYCBYMJZW-1w7VnjqksTLLPWo1uq4ZpXNVAbKk"
                }
            ],
            "propertyBags": [
                {
                    "type": "http://host/prop",
                    "properties": [
                        {
                            "name": "main",
                            "value": "234"
                        },
                        {
                            "name": "a",
                            "value": "fun",
                            "writable": true
                        }
                    ],
                    "mac": "_T3zvjTPTnqi2cv2c681AXnwRli6ggED7WlrmKYMwLs"
                }
            ]
        }
    ],
    "nonce": "fSEUqoB_bZ8EL_Igfp5V2mn_BCtLISzSLar7s_RmQg0",
    "mac": "UFFWB3Iw3A6m9xFFIyc6R8vvm5b5f72bXZ4Ml0q9IdA"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c918e4381QFswJE7rkNAznrMXjHP",
    "clientSessionId": "is4cTMrFnKTuU5r763Po6z8rDxCflheZ",
    "attestation": "GOJnLVTa-nyjjFUQvpQ67jnkqoSiwXyyzK3pH_4OoXA"
}


Deployed key[14] CN=KeyGen2 EncryptedExtension, E=john.doe@example.com


Begin Test (UpdateKey:1)
PIN Protection
Updatable Session
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:38Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "rcGw-56TjM4SnNiKxphm0mt7Zcys7bKV8Ru_TzXrdLw",
            "y": "mc1Xkfp2u--xgnau_uE8Hhj0-Zxc1PDN7Sk13UA_-p8"
        }
    },
    "keyManagementKey": {
        "publicKey": {
            "type": "RSA",
            "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
            "e": "AQAB"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF",
    "clientSessionId": "eBXLBtXYi1lDsGyDn9be9xEx3Qrzmsf1",
    "serverTime": "2016-01-13T19:58:38Z",
    "clientTime": "2016-01-13T20:58:38+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "Iub9YViA35dOyknYzV5MaLRW-DW5L7rFIBbQBCmF4Y4",
            "y": "tuMTedXYIiJmImdgQOxKUHz1ZfERYfCmjS476GcoUcU"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "EIF8_G12gPvzBzUouRefVa1pV6urN1zF4PuRJQxaVgCNVepb8s91FqdVnwo2wR0HJ75tLkFCUySgxY2vm-k6wxiWtudkfGLHPDSUM1yhoydLrohdGNgEpWscuCDhChOocai9C3UnntrbU5RP5REh5JipdMDSIKa0kSzRNrObshA",
    "signature": {
        "algorithm": "HS256",
        "value": "Y5t2LFwsBQW0IrfOqfWM8NZIkw1MVF1uYArK-fDD458"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF",
    "clientSessionId": "eBXLBtXYi1lDsGyDn9be9xEx3Qrzmsf1",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "grouping": "shared",
            "mac": "PP-MXCM_wWLjziKX8yMcNshZBrJn7HmRPto-vlCnu_w",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "mac": "hyTvcVz4pjNwZIEzi0K0-2I0WDTcYMjMeKvLhtZjj6I"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF",
    "clientSessionId": "eBXLBtXYi1lDsGyDn9be9xEx3Qrzmsf1",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "wecPrQ_xxepQBT95O8qwjGDvnT31nvb-uQSBxR8lPlHtu2_1JMKdgfpqicLdgy0zOBwokDzccGH3TBSD1gEonwGplg6IodJ3JbvYPE1tBGTyIx4ZnmM7GGotmRB2ijt4L0J_Q-YgCh3xlpS9HUi2OeuS1c7PaojOCPkzkvc-wfNIoE6c6ECZVANMqJqPvNOsIkab6fsaOaiNu2LhhDTdV10wBJwu83LEyhGeCsCXNCVE_GWlWrh3hQqKLL2LUy4CBjaoe6OHgIhIKnLpLiT-5pUsOpspg17uHnUsynWKKppVx8OTVld1lMS24v4SFg7svOZXvtNDn7ez1296QI4Elw",
                "e": "AQAB"
            },
            "attestation": "MrYotZy1hEEpV2CLvLeKqKS8MUt1PK8jMxYF0vAEsyE"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF",
    "clientSessionId": "eBXLBtXYi1lDsGyDn9be9xEx3Qrzmsf1",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDYTCCAkmgAwIBAgIGAVI8kZARMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzOFoXDTQxMDExMzE5NTgzOFowQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgVXBkYXRlS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwecPrQ_xxepQBT95O8qwjGDvnT31nvb-uQSBxR8lPlHtu2_1JMKdgfpqicLdgy0zOBwokDzccGH3TBSD1gEonwGplg6IodJ3JbvYPE1tBGTyIx4ZnmM7GGotmRB2ijt4L0J_Q-YgCh3xlpS9HUi2OeuS1c7PaojOCPkzkvc-wfNIoE6c6ECZVANMqJqPvNOsIkab6fsaOaiNu2LhhDTdV10wBJwu83LEyhGeCsCXNCVE_GWlWrh3hQqKLL2LUy4CBjaoe6OHgIhIKnLpLiT-5pUsOpspg17uHnUsynWKKppVx8OTVld1lMS24v4SFg7svOZXvtNDn7ez1296QI4ElwIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUOhweueWA_hcD1Th6iF3InSLSiFMwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAHtfZkHrpdTsSO37JJ3x4uXQm9OvEXNQ-74w33irmFf5wAmgjqZqK6VFbmevoGhhm9pz_Et0Im4P_dCMWcOY41KOlPg1CQlWAk7PRMk3fOtvR20O6Ig-_Rx5zAMV5umlxm0RoVV1OQ_2igneAmyJMxqLw7TIg325Bv-3YZFojYbTQZLbgwSmTy7lnUDBGSmth4JbHHMBYA3AGUss7r4nQu8BX_Vf0cEv693LMJDwSbtreXOhpRzb1oVvpT6gtJRqOyNwVSIM0VIbAT_vXg472bDosrpD32nUv50PQ7Y29RgkPuH_Az8HLkdVT1Dakql1JOKNsVg9diKPozLnYMYqYKk"
            ],
            "mac": "U8FDjYf_A3NfT1wIMUbve0lYzIj8G09Rc-QIZJz1coE"
        }
    ],
    "nonce": "7rQYaKESOjOTAUsDlEVzAiNqS0uEFbnc7_NXOxoPY7I",
    "mac": "wkP9VcAJJgW4ggZodLO0Zihv92b_gbGSZvA8DWzdOkM"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF",
    "clientSessionId": "eBXLBtXYi1lDsGyDn9be9xEx3Qrzmsf1",
    "attestation": "rOXMty7Haf4ItsjYDxqlmwoZJnHaaw-D31EdZteB4kg"
}


Deployed key[15] CN=KeyGen2 UpdateKey, E=john.doe@example.com


Begin Test (UpdateKey:2)
UpdateKey
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:38Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "eRqMqgKFWZRI8OIxONAQBlnWpqohZCVtWKSsfS6V0ls",
            "y": "cr6OL25-Hwxfz4kx6uX37gSZ93wPiz8teQ7FQL1Od0I"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6",
    "clientSessionId": "zS96w-7jvKkfQPFXnUGPcXpQif2p23sg",
    "serverTime": "2016-01-13T19:58:38Z",
    "clientTime": "2016-01-13T20:58:38+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "Ze2MZK7h9bVVJjIjNmlHou0EFYut_cP2TGgSzSRTOvM",
            "y": "mXkcd_vV2v6a6hwDRWXCqTX8goLxwpA6ED_gUyERy8w"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "DmjzMy57h1Y1E7kR-1AYIr8hya8Jl9WLr2Vwlz_CqaSUXAmQoUVDpjQCAofip4EK5Vfs7V07G5oOnsVO9dGPfb11Vs74kUtg_rlxRejJZ2AeLFAvzuqSBOKoixQoY3iXatDMdMCbVEL_CYGfkSMo-9JnWm3ZnOLXrLOcih5ELbE",
    "signature": {
        "algorithm": "HS256",
        "value": "5ydxe9OtUTij9uVKLV-JBBo3dx0rYfGQuGPV61_wOgM"
    }
}

 
 Pass #5: CredentialDiscoveryRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryRequest",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6",
    "clientSessionId": "zS96w-7jvKkfQPFXnUGPcXpQif2p23sg",
    "submitUrl": "http://issuer.example.com/credisc",
    "lookupSpecifiers": [
        {
            "id": "Lookup.1",
            "nonce": "OE86076uzt49kCKLpt2zqJwnkt8zN6y_XAM9XB9QQv4",
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
                    "e": "AQAB"
                },
                "value": "SuLZBJf_EPmtVMkkBwRLSWsn8ifv3jWRa5T9LBHQ7tR0cRgmGhCIMFvnF8w84mlMUBsnKS63txQtmZnAWNVFsMJxHqssUN63_nQWraTw-MzUsGY7UvvrR2wZ5Fsb1H6spBrOQuICYfAQo4h5o5brOilaO6_sd6JxZ3jOXtJxrlFbv7znWa5xkIvf2qihAToXdpqtsc56gf7vyiklIjg57hzqJ1BzBcd9UobAdnNdJrreMtB3k3kBvS2rQ9rw9TMFLaGvV0nml2vFCft9xSCUby31puh9_f9QToV-Gsz1DKNfnFqCF107i15XpPSLQqC_i3JqBj9gI7N2YCX38Q5UVw"
            }
        },
        {
            "id": "Lookup.2",
            "nonce": "OE86076uzt49kCKLpt2zqJwnkt8zN6y_XAM9XB9QQv4",
            "searchFilter": {
                "emailRegEx": "\\Qjohn.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "sgrV6gET3JV77yakmAUGcPuqTCAxRJbQM1kYX_OGEL6KF1OGSrD_u0t8y53YfnDt2pHNUbx8KDIyApk09g_M7g"
            }
        },
        {
            "id": "Lookup.3",
            "nonce": "OE86076uzt49kCKLpt2zqJwnkt8zN6y_XAM9XB9QQv4",
            "searchFilter": {
                "emailRegEx": "\\Qjane.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "Qw0b61oF4uJA4PTu7R3DglNCvv1qZ9HBaY07n1eoqBRucejHT76qfiRCjvmOhgYq2P73eBTaYOGKKtnZFXQeGQ"
            }
        },
        {
            "id": "Lookup.4",
            "nonce": "OE86076uzt49kCKLpt2zqJwnkt8zN6y_XAM9XB9QQv4",
            "searchFilter": {
                "fingerPrint": "sVNedtvlG3cMhuVupbgRa-aXPcbfsx3m3hIR9gMlmwY",
                "issuerRegEx": "\\QCN=Root CA\\E",
                "serialNumber": "123",
                "subjectRegEx": "\\QCN=John,2.5.4.5=#1303313233\\E",
                "emailRegEx": "\\Qjohn.doe@example.com\\E",
                "policyRules": ["5.4.8","-5.4.9"],
                "keyUsageRules": ["-keyCertSign"],
                "extendedKeyUsageRules": ["1.3.6.1.5.5.7.3.2","1.3.6.1.5.5.7.3.4"],
                "issuedBefore": "2016-01-13T19:56:58Z",
                "issuedAfter": "2016-01-13T19:58:38Z",
                "grouping": "shared",
                "appUsage": "universal"
            },
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "kCNcOpatALB21jHrPIv1BgXlUJ5W8y9jfFci45G09x1zRz1E41lkBJYaEcxQNsT2h_vlf3nIK9g5Inr65vgeciLHQC-KFlpoGfSlTEnzq5eY8vON6egAOeQh5T-I_L9blNUqXsSDFHoA3DT5QcEkXNDz1_rqkNUk0YNJFIIuAWqe1OSEcU76dOmnRV1OAY6_OTC-1Wd4_teuLepi58BeUQoSTJTu2lbs-k8MZ1qnmcrYxTnou-NnYG1_Uhz1b8rS7WxaeFf1RaBIWjly2YjrnT76VcFXZX4BNALYhhxFq3wO-AVOV4TBOlF843Jd8tyHN9OGBspqNo75jsAZIucG9w",
                    "e": "AQAB"
                },
                "value": "jlEW019tqwKRL8IwDfuGJUzmVInFqt4cQUHEb_2myjGsu574TQDLzGoRy4RvSmGzhkU69gyCuNu0Np94vaxXeqldJTj8aTNC9Q1EN08iUIG4j-vIf94nh1FwE_Z62jJS9reZxHRm01LsqqylTCW3lfvpgJmufc2lGjvO52eTCrMjZQWV9ezJvgIbShYFyAUzEdM2lmcrkigYi318wIa1AdyI18ZW7eBJc7UTuK9lwAJXe4g_ExWI9sgkhLnGx6RcU1Pe-fGmUo599DTP-aF0AYU44gyiymSkw8QThKqNO7Tft_BjQ_df2PKUHUwxrRJZQ9iDuw0kCI-z_Xuz_EL4aQ"
            }
        }
    ]
}

 
 Pass #6: CredentialDiscoveryResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryResponse",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6",
    "clientSessionId": "zS96w-7jvKkfQPFXnUGPcXpQif2p23sg",
    "lookupResults": [
        {
            "id": "Lookup.1",
            "matchingCredentials": [
                {
                    "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF",
                    "clientSessionId": "eBXLBtXYi1lDsGyDn9be9xEx3Qrzmsf1",
                    "certificatePath": [
                        "MIIDYTCCAkmgAwIBAgIGAVI8kZARMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzOFoXDTQxMDExMzE5NTgzOFowQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgVXBkYXRlS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwecPrQ_xxepQBT95O8qwjGDvnT31nvb-uQSBxR8lPlHtu2_1JMKdgfpqicLdgy0zOBwokDzccGH3TBSD1gEonwGplg6IodJ3JbvYPE1tBGTyIx4ZnmM7GGotmRB2ijt4L0J_Q-YgCh3xlpS9HUi2OeuS1c7PaojOCPkzkvc-wfNIoE6c6ECZVANMqJqPvNOsIkab6fsaOaiNu2LhhDTdV10wBJwu83LEyhGeCsCXNCVE_GWlWrh3hQqKLL2LUy4CBjaoe6OHgIhIKnLpLiT-5pUsOpspg17uHnUsynWKKppVx8OTVld1lMS24v4SFg7svOZXvtNDn7ez1296QI4ElwIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUOhweueWA_hcD1Th6iF3InSLSiFMwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAHtfZkHrpdTsSO37JJ3x4uXQm9OvEXNQ-74w33irmFf5wAmgjqZqK6VFbmevoGhhm9pz_Et0Im4P_dCMWcOY41KOlPg1CQlWAk7PRMk3fOtvR20O6Ig-_Rx5zAMV5umlxm0RoVV1OQ_2igneAmyJMxqLw7TIg325Bv-3YZFojYbTQZLbgwSmTy7lnUDBGSmth4JbHHMBYA3AGUss7r4nQu8BX_Vf0cEv693LMJDwSbtreXOhpRzb1oVvpT6gtJRqOyNwVSIM0VIbAT_vXg472bDosrpD32nUv50PQ7Y29RgkPuH_Az8HLkdVT1Dakql1JOKNsVg9diKPozLnYMYqYKk"
                    ]
                }
            ]
        },
        {
            "id": "Lookup.2",
            "matchingCredentials": [
                {
                    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
                    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
                    "certificatePath": [
                        "MIIDbjCCAlagAwIBAgIGAVI8kYjEMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNloXDTQxMDExMzE5NTgzNlowTjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJzAlBgNVBAMTHktleUdlbjIgVXBkYXRlS2V5TWFuYWdlbWVudEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAICQmQermrOoj-VAj5rJNPpbbwlwlWHGBNbJAVSR6Dd4dStiS6ygZTnB-q_708_PZe0B1-AI232jEITI1qZGqnluO-UuLb-oOD68IGrkQDI8yiMXHkCL8O1-EOV54lcXu1wyNG3fxT6zenaiz_UiuBgF4lMxnYe0yVmpSFQL0vqX7Wdbl6FnBIxNJnIGN-CXDEwjDeaaCNMlen68vbzs4HWCtRN1LzbCNc9mP-RDVojI0vK8KX8M2v4oOuKCgWLQpQ1_Z7X5aR68CWjBO8CEt1HyMFSWKjWycpI1bAQXFGc1luVt46skiZGPJOz15HlsgM4-7Jpcommp5F5EuyZvkqECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFKFR87PkcSliMGn3tTfC-Pfi4d6oMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQA88OuUj2x40uRImZ81KTBSPRt-O7Yf9GlsnAh4f75k0kiv18obsudl5FewYBo5jfa6LEwm0fmcTVlFW7oFhdWQ-Hi5-RUv6C5H4FEe0DFMr_0scAI1Phiu9fLWnf88yDfBX9fpD_ldZ-Llgm9YVTGLztk0-PyexUYLJbpPVUu5qGp5bXroIKCPIZj9DYQ1WqaiH7GAGQTKFyS7rbtiyP27UXo7avgRCRVmUWlRidvNM39sUFxKYWyEEqXohloxiozTMabnx60uA4ICZJWkNfbbYVixtxtaEP08ki2f-WvZQHVPV44cuNhTXakj695ZaMnSyxos01OT4gPHNQlYuT57"
                    ]
                }
            ]
        },
        {
            "id": "Lookup.3",
            "matchingCredentials": []
        },
        {
            "id": "Lookup.4",
            "matchingCredentials": []
        }
    ]
}

 
 Pass #7: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6",
    "clientSessionId": "zS96w-7jvKkfQPFXnUGPcXpQif2p23sg",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "zR9pkADXpV9dLbOoKfNvwFcYI-jsaW5QigAk8G3_75g"
        }
    ]
}

 
 Pass #8: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6",
    "clientSessionId": "zS96w-7jvKkfQPFXnUGPcXpQif2p23sg",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "hWfdHXDkxxqbrYi-4fx_NyWI3zBBlAmoRIWDmG-4L7R-W6G2uKB4YaSGYwmDK_w3gSyjs16Y7LrlpmqzDzo2PQqh2-5cIMLrkZlSckWDLL5DZ2bDSJWj8mRjF16MSUFx9u_vltLZYsLDnoLoKxip7wK6uHo7MSIslBLs4clm5ltni2Kgkq3Et364RdiYIGgLVLzFiKTRC7p1zoxKdkUcoRyGmyQ5EGLIRl5iOprULVdOk_7lfXZDtX-jAQaVAtekzDIp7XHS7w3HKO7TV3w43jJ2R7eNaVTrtwmGgX9dndsuj2WrLEFPtRPrD73tY7pshIYGkCzqSANEKgScM3xg7w",
                "e": "AQAB"
            },
            "attestation": "AS7t58WKVJjLix4A9gQhc8FOg0jHwxg_LOlKiEIO_oc"
        }
    ]
}

 
 Pass #9: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6",
    "clientSessionId": "zS96w-7jvKkfQPFXnUGPcXpQif2p23sg",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDYTCCAkmgAwIBAgIGAVI8kZJAMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzOVoXDTQxMDExMzE5NTgzOVowQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgVXBkYXRlS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWfdHXDkxxqbrYi-4fx_NyWI3zBBlAmoRIWDmG-4L7R-W6G2uKB4YaSGYwmDK_w3gSyjs16Y7LrlpmqzDzo2PQqh2-5cIMLrkZlSckWDLL5DZ2bDSJWj8mRjF16MSUFx9u_vltLZYsLDnoLoKxip7wK6uHo7MSIslBLs4clm5ltni2Kgkq3Et364RdiYIGgLVLzFiKTRC7p1zoxKdkUcoRyGmyQ5EGLIRl5iOprULVdOk_7lfXZDtX-jAQaVAtekzDIp7XHS7w3HKO7TV3w43jJ2R7eNaVTrtwmGgX9dndsuj2WrLEFPtRPrD73tY7pshIYGkCzqSANEKgScM3xg7wIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUzyt0X7gkTEyiqsJTWUWhjuRxVLQwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAFmqW8XVIYuhWoxQJ61TlRuyz2HsUQbMByiRro_BV0Dz8UBz1hmzivxQzazTtu61ERVyfqCyHaCnNK2Nomx9oA4vQWM4FGjBbVb7_JHcw1z96Oi5W6Ngrfh1yKEOaHNrx5tMRxK1cPbp54B3rmI8pEDD8f1JjccezeYQvZepy0maBbChX4UOqNuslUiYPcsUXML5h04lAIg3INXBJ3kxjAXYOg2sygWoZOhWzVxt4--URhJwkhgK577XiDn0blQsyGAoYa33964GEnJxd8mk9Lh_i0a9dC7nAHYN0JhHFmh6GYqdzkgy-rS5eT6I5YhUyTqKCBqrnUIIf_DBz5zhSzI"
            ],
            "mac": "8WGLoJc1nLDq20w8eNs-ipGnuIq3Ux6Mr4F3yHrNKjI",
            "updateKey": {
                "fingerPrint": "U3s78pkZKkm3v038lbp_MDNdz_1esXi0pdxiKBYMhok",
                "serverSessionId": "1523c918e914fYzZw7DcSquIodeQu-AF",
                "clientSessionId": "eBXLBtXYi1lDsGyDn9be9xEx3Qrzmsf1",
                "authorization": "YXg1dr0NUBICZg5leqpcqnCkctQkh68DAMZI7x7tynJCylFRnYIpXgWryoV3qW6saMry8SLX21oV3uRBRK9qitvY2ubeyZTXxo1nWdmAXPfDkfAOW62OMs4wpcg9XUMdqIE_VyO6SM0TObOMyUK_zGIDslF1rYShtOdv8LvcwydP46foSPUWSxhc3wxV1xMKuPQr5t3wbZljWJrTNogZLJKpfw8mzYoBKEhaZwyq3uSqJIEZxfgrGdqVZUIWBlfsd5ZkKU-uk1MJNEB4gIvyUbKp-H3a_u1Ksv8Domis7FlT7bHYuRyG-6U9sfjbdbeoVroRHZeck32MGVJ1CYEy_A",
                "mac": "7z5AlwkMPwtog2mCn1lBZCVvQFa_5rKiQ5j_X7IhSG4"
            }
        }
    ],
    "nonce": "F6Deahoq3b-A9mp_M5XNGGiHTVN6fesSY_9tuPQFqIk",
    "mac": "SXCefBBQS1F8OdJOlCBYC3DCxcijQ_ibXb_erIHILLc"
}

 
 Pass #10: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919021ReuXTgdkQVkaDhDgtk4B6",
    "clientSessionId": "zS96w-7jvKkfQPFXnUGPcXpQif2p23sg",
    "attestation": "tQFmU-WyQ_9ml729he_99wbxwDrQsD1JH5q69wudcLA"
}


Deployed key[15] CN=KeyGen2 UpdateKey, E=john.doe@example.com


Begin Test (ImagePreferences:1)
Client shows one image preference
PIN Protection
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919254cieGkefzgoSNDNDA0Vt0a",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage",
    "clientCapabilityQuery": ["http://xmlns.webpki.org/keygen2/logotype#card","http://xmlns.webpki.org/keygen2/logotype#list"]
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919254cieGkefzgoSNDNDA0Vt0a",
    "clientCapabilities": [
        {
            "type": "http://xmlns.webpki.org/keygen2/logotype#card",
            "imageAttributes": {
                "mimeType": "image/png",
                "width": 200,
                "height": 120
            }
        },
        {
            "type": "http://xmlns.webpki.org/keygen2/logotype#list",
            "supported": false
        }
    ]
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919254cieGkefzgoSNDNDA0Vt0a",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:39Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "0c3Mca45h9y6oWfOFfuTA6qMXSrvj3WXEfadxNiViPc",
            "y": "X2Ijynp7PBldKB9s92qTKHUqawJ8Zn6qKrz46jgZ-1g"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919254cieGkefzgoSNDNDA0Vt0a",
    "clientSessionId": "S2iEuOveElvsRXQOKivQ9A_DYC6SyUR0",
    "serverTime": "2016-01-13T19:58:39Z",
    "clientTime": "2016-01-13T20:58:39+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "0sUKPcIozh1zxHzJ0JsawFg1OQxfTo87xRHKV0A_3Ew",
            "y": "xgFGggPePn71FVTVhuij1XyYoqsYN9_WPHB1RXasiKg"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "AJiSAM3Q_NYMDdBKtksnc0whKLc9ZWi7U8hb5LHN3bVmZfYTBerpRSBVipK_vmXGSI5Aqi6KFvlzw8JLc5JUxHckuE7_qCtT36Exin6__kTy7DFKBj0wm1psXR_MTCECggz5Mcqghk6I5UuxpuCo0qb07cRoejf22d_dFzNmPm4",
    "signature": {
        "algorithm": "HS256",
        "value": "YB90BOb-3a0c3IOJ8SiqI-gBLDMm2zhnlpJgVHbP1aw"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919254cieGkefzgoSNDNDA0Vt0a",
    "clientSessionId": "S2iEuOveElvsRXQOKivQ9A_DYC6SyUR0",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "4R7DvqJgFJ3rWDy_a3HkoFdjlUuU6pnGJnCQElSRrak",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "mac": "CvZiT3iBkhBD6lZKyV_kC6XEUFjrJ_22-GzPkk3Zm08"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919254cieGkefzgoSNDNDA0Vt0a",
    "clientSessionId": "S2iEuOveElvsRXQOKivQ9A_DYC6SyUR0",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "qihuBRJGHULmvaXgzibBxJGwLC8FB4FZ2C3fd057JDI7OJmExo0JTeeLLGg_Ij-iNibRkuwno4rkE0aEBFFkeVg1EAhQMjWnNaEUsb_CIQjaj29zcrFIgpMCgB1NK6Vf4bvUC44uB0egoayczFdejQTpI8EUl_H6uFBifgNs8b8hJn0KK56SvuOOopCeusx-YeSe_pIDoulDKSVokERjYKdp18WnH7FpNcRqt3IaxgEBpF1puMF1FKoHEk_afChSfzU0PVUCXIZblBDpbk2trrgQvVAZK995o0zbxaM-eXGWyoswDpaQHSjH176taX41gAkmKb0fhSKMVxtJhk4g9w",
                "e": "AQAB"
            },
            "attestation": "zu_fdRz_4gR1PW1Bs44-eCE1lfV4pnBD7fjwMT-hWpY"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919254cieGkefzgoSNDNDA0Vt0a",
    "clientSessionId": "S2iEuOveElvsRXQOKivQ9A_DYC6SyUR0",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDaDCCAlCgAwIBAgIGAVI8kZTLMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzOVoXDTQxMDExMzE5NTgzOVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgSW1hZ2VQcmVmZXJlbmNlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKoobgUSRh1C5r2l4M4mwcSRsCwvBQeBWdgt33dOeyQyOziZhMaNCU3niyxoPyI_ojYm0ZLsJ6OK5BNGhARRZHlYNRAIUDI1pzWhFLG_wiEI2o9vc3KxSIKTAoAdTSulX-G71AuOLgdHoKGsnMxXXo0E6SPBFJfx-rhQYn4DbPG_ISZ9Ciuekr7jjqKQnrrMfmHknv6SA6LpQyklaJBEY2CnadfFpx-xaTXEardyGsYBAaRdabjBdRSqBxJP2nwoUn81ND1VAlyGW5QQ6W5Nra64EL1QGSvfeaNM28WjPnlxlsqLMA6WkB0ox9e-rWl-NYAJJim9H4UijFcbSYZOIPcCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFNA9dnhG-7IsJDmKe3qofp7K-o-KMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQBiOSj8CsSuH1m6SAXbB7mPWmBJ9459EAjwXMYLtBq8hF2txrfyW-9mBqdXcR6ArEEgyWq_dHRAEAJwOeSz2T3tn9xpMxD3fzDIUW8NYoBJkTvJngeSCswIvbgFVGOYtKcow3UZv-fnNng12tfLBZrT1BjvkYi-DzU3z3-Sj-d2tZxq6MGZ041yRrdcAXECNJQPP1Sjow4BCxCjhllm4H7LS_ZrZ4I46YMBlArQd2RRkXQgg2x6yLGQl5WoGbeuLwhXoJT8whmY8BjEPv5fI2UhuZ9VL1WUSBbizxrU1VVazm7vtGO__3sENdAaX6nT0H1SIA-PPkG4O_UhS156Lbw0"
            ],
            "mac": "wtyasSG1WYA8_c6oYAzIg2GbWyMiqZFJ4xLdW9b4HxE",
            "logotypes": [
                {
                    "type": "http://xmlns.webpki.org/keygen2/logotype#card",
                    "mimeType": "image/png",
                    "extensionData": "CAYEBA",
                    "mac": "YBhr0cB-gE4J8XUt2T4Ebk2lmPtFHaac8eQJncq78wQ"
                }
            ]
        }
    ],
    "nonce": "NN__PUmQYEjcPgtyOkLPfI8HUsB0ZcrliTuHvFWk_ic",
    "mac": "7ck1WWxii0hN5MUyLoXbe_WlRQ9WJEcPCa4zQWl7oHY"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919254cieGkefzgoSNDNDA0Vt0a",
    "clientSessionId": "S2iEuOveElvsRXQOKivQ9A_DYC6SyUR0",
    "attestation": "lMNvhF_XLKIf_YlCvOyhhDF8Fl-7kG_wm_lGH2rWoM0"
}


Deployed key[17] CN=KeyGen2 ImagePreferences, E=john.doe@example.com


Begin Test (ClientAttributes:1)
Get client attributes
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c9194daE23oD3xPUJxPr4jRzWiDr",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage",
    "clientCapabilityQuery": [
        "http://xmlns.webpki.org/keygen2/clientattr#imei-number",
        "http://xmlns.webpki.org/keygen2/clientattr#ip-address",
        "http://xmlns.webpki.org/keygen2/clientattr#mac-address"
    ]
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c9194daE23oD3xPUJxPr4jRzWiDr",
    "clientCapabilities": [
        {
            "type": "http://xmlns.webpki.org/keygen2/clientattr#imei-number",
            "values": ["490154203237518"]
        },
        {
            "type": "http://xmlns.webpki.org/keygen2/clientattr#ip-address",
            "values": ["fe80::4465:62dc:5fa5:4766%10","192.168.0.202"]
        },
        {
            "type": "http://xmlns.webpki.org/keygen2/clientattr#mac-address",
            "supported": false
        }
    ]
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c9194daE23oD3xPUJxPr4jRzWiDr",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:39Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "yHhKoN-0SmeaXMhOoMRSgSPHw5DBlbQAz5exhycb46M",
            "y": "tu0lTts6FXGGCWLgDC5mEuX6HTDABy9TuDhp6bJ-I7U"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c9194daE23oD3xPUJxPr4jRzWiDr",
    "clientSessionId": "qJBYQaEX4nohWZPcrFK_6_8GtFBB-roH",
    "serverTime": "2016-01-13T19:58:39Z",
    "clientTime": "2016-01-13T20:58:39+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "yn_nxDdeAqQ9Lhj1Slw-tKVCW7txHwRyesCne2zTTK0",
            "y": "BblftSAZ5hjZSjdulg0QatgiFd1eFvcaqBXIeNZYzQQ"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "LG7dSy5nuuWpIAZfkNin5GEyqtsjw0RTVPXKqlNcXQAdCyM4gJ7UwEEFS9TVo10cmHqQozYibzHy5R_a9ZoqFUQuH8pcRSMOCPbKRc14ot2iQAbgujvBIWizPnOtUUTIrA5ju4tfZd3p0tgvibUJT5Df7G8V-O_epN1Ke3RsrfM",
    "signature": {
        "algorithm": "HS256",
        "value": "ABgoXaXezDbwiPTelKkp5d1aowo3kGusfl-qW-wlTsk"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c9194daE23oD3xPUJxPr4jRzWiDr",
    "clientSessionId": "qJBYQaEX4nohWZPcrFK_6_8GtFBB-roH",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "kWPD1-9HlRNWHX3BX5cBSwSKUg6Vo5AO5kYluP3uyH4"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c9194daE23oD3xPUJxPr4jRzWiDr",
    "clientSessionId": "qJBYQaEX4nohWZPcrFK_6_8GtFBB-roH",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "zQ45oz2upde3JOcbKz3-u8Okc3Gh4qgYA1poNn4hN49tXVt5aKES7mxvQg5VEEg1l__6zrLOz2hVJlsInO47N7RLRjn-UjDIeprkNvCGohRMgw6umyl4Cn1h7I13iKQyQYOFnP6CIdODexTxNpke1_TgRdaOvqtGFAaNsYBnWjQqZLkqerEymjV93ALbQ1rofjus0Tby-tte8Oxqlzjk4So9gFbsxwa2XkCqQfTavELCrmoIv62-zFX6TkvZRF0fdK2PsmQm-GB0agzOya1HcawavJ0kQ7qsuzRw0KJxclAA8EBt0mX-uqkaFOMi0wy4yX811Fc_JyRCAx7xnuNQ-w",
                "e": "AQAB"
            },
            "attestation": "f49sqguLIcVykhiXzbM6bUsy6i0qs4qnI_3T0K50UeE"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c9194daE23oD3xPUJxPr4jRzWiDr",
    "clientSessionId": "qJBYQaEX4nohWZPcrFK_6_8GtFBB-roH",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDgjCCAmqgAwIBAgIGAVI8kZV_MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzOVoXDTQxMDExMzE5NTgzOVowYjEYMBYGA1UEBRMPNDkwMTU0MjAzMjM3NTE4MSMwIQYJKoZIhvcNAQkBFhRqb2huLmRvZUBleGFtcGxlLmNvbTEhMB8GA1UEAxMYS2V5R2VuMiBDbGllbnRBdHRyaWJ1dGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQ45oz2upde3JOcbKz3-u8Okc3Gh4qgYA1poNn4hN49tXVt5aKES7mxvQg5VEEg1l__6zrLOz2hVJlsInO47N7RLRjn-UjDIeprkNvCGohRMgw6umyl4Cn1h7I13iKQyQYOFnP6CIdODexTxNpke1_TgRdaOvqtGFAaNsYBnWjQqZLkqerEymjV93ALbQ1rofjus0Tby-tte8Oxqlzjk4So9gFbsxwa2XkCqQfTavELCrmoIv62-zFX6TkvZRF0fdK2PsmQm-GB0agzOya1HcawavJ0kQ7qsuzRw0KJxclAA8EBt0mX-uqkaFOMi0wy4yX811Fc_JyRCAx7xnuNQ-wIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQU35i8CVpzwgKGriMag5AywQVbmXswHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBABCjjiyikZsM2Qh9OmUyyqlaKaQjKMMVEgaYfcMuFhwmr5empUt0arshVtyO7RNea44vln7KZAeL7SoDm2R1lTz86MEqcCbrEr0Ys6I33ilib1JRZm0p8NAdwf1LqBS8NOCvhzgOxhhO--Lm1Dif6NnovTk3HivRJPY3PTs95394KT0oAtuCVNdCM3-Lo5rSAuxRoJfj9nASq_-FdBu-anoggBx55deH3GFvV6kW_h-dS5qRLpHf2b09QZIc1vDBoOEAFbEsITRX6A0tcMuXDwNUo4BjpA-sPF1YI6-UjoD6M4z0maOJJzNYy6zqBzxZ5abgMRbnnIHTiEOIXjzBxIk"
            ],
            "mac": "a4WTXI-JRhaH4KOWmiesH0HEb2lnuVHyvHTHNCgOuIE"
        }
    ],
    "nonce": "ncZYiwRYHu8PwyG9PEYid-G5Oj_ugmH99iM5Wfq5Mbo",
    "mac": "RibFFXirP78BYcGMuWefJIcmUXO_D5CWGnoFERKiBJI"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c9194daE23oD3xPUJxPr4jRzWiDr",
    "clientSessionId": "qJBYQaEX4nohWZPcrFK_6_8GtFBB-roH",
    "attestation": "fEqErymqwdXR6vQYTDHgzjhNWIeDQPPrBynbJsfWfsU"
}


Deployed key[18] CN=KeyGen2 ClientAttributes, E=john.doe@example.com, SerialNumber=490154203237518


Begin Test (ServerSeed:1)
PIN Protection
Fixed PIN
Server Seed
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919590Y8ix2sKsdDtgN7-Q5rbLV",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919590Y8ix2sKsdDtgN7-Q5rbLV"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919590Y8ix2sKsdDtgN7-Q5rbLV",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:40Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "dHeLpsa88RQbVD2j5zO4zfvAbYqxccdusxDETYvyPSs",
            "y": "HK7y31bv3ZTRzantz_ZzumvYkjrT0SbFATHO1ZSz1gw"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919590Y8ix2sKsdDtgN7-Q5rbLV",
    "clientSessionId": "4p3NSH8aO7cEQTsVA_n49AjekkOUGK7j",
    "serverTime": "2016-01-13T19:58:40Z",
    "clientTime": "2016-01-13T20:58:40+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "vbDb4ku9trHN6ryqkPEKCbeRlfiDNH9SZrQcUo9GSbg",
            "y": "yq5ZiBsK4Qqe5fvUkfHYRrbP1J3ma1uvS24Vxz4-lts"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "jk3cs83fQnSIxKr0fWzIBA4iA4cNueHfbykH9WK3IDMmr903l5yYtwwKhkjH8X2_ECOeEODsTV-PS-1MFgjYBqdWdo5E4HG6XpZN5oSI9yREECe0ALKmGjEV-HXCU-hIqjDhYbaGMcJmXr96f_rsTOauOvFgH71odWaiWWJyNBg",
    "signature": {
        "algorithm": "HS256",
        "value": "2x6Liul8-oHyHQpFYI0fN1-749yDkKWlG7NiwiA0AOk"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919590Y8ix2sKsdDtgN7-Q5rbLV",
    "clientSessionId": "4p3NSH8aO7cEQTsVA_n49AjekkOUGK7j",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "userModifiable": false,
            "mac": "w4sil56lXX_aUePol8kodV9Mbg5Ivd-4OOsh3for-x4",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "serverSeed": "wJzQQeqG38iJb6pvdJhYkp20cxFKkYLVSsZLtji4__c",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "mac": "3JKWvwtdjixvtS_9kMgR2L0II-eeVvRC4DrqEHffyb4"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919590Y8ix2sKsdDtgN7-Q5rbLV",
    "clientSessionId": "4p3NSH8aO7cEQTsVA_n49AjekkOUGK7j",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "ghYir1CCW1bULBl_xjA8T7PZhXaEIegwGrVJVLiarus-NhFpsVZ3EbGyz5_EDmq7_SbZjWEcxRZdZJQ9QGrM3tkdrdHeH0AbV3RZe0HqDcycOjDpAN-_Rls_od8gw-M-VvrcJ_bBdGtNPaHWTGmEjVBfTP-ndFR3aJNQx5vLZBvK-_621lA9MXx45q5FrtcwYXD8BIb1bgXmItrb5ggJM0azMCdDEQtLf3CU1mAkGhkY9uNkXWSZ8tkXeYNd4TKRTb5SPEnFyWmVUygkuxJaW7drdQf__ngk_Ea0i0Qxv-LYGaAcJ4XLhHjFO1vP-udi9IzQIOntsymivgkgfq3jDw",
                "e": "AQAB"
            },
            "attestation": "v3lo4j_W62H6ynE2k8vh4UApAYArRUG3wtoiKPhiM7I"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919590Y8ix2sKsdDtgN7-Q5rbLV",
    "clientSessionId": "4p3NSH8aO7cEQTsVA_n49AjekkOUGK7j",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDYjCCAkqgAwIBAgIGAVI8kZjaMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MFoXDTQxMDExMzE5NTg0MFowQjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGzAZBgNVBAMTEktleUdlbjIgU2VydmVyU2VlZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIWIq9QgltW1CwZf8YwPE-z2YV2hCHoMBq1SVS4mq7rPjYRabFWdxGxss-fxA5qu_0m2Y1hHMUWXWSUPUBqzN7ZHa3R3h9AG1d0WXtB6g3MnDow6QDfv0ZbP6HfIMPjPlb63Cf2wXRrTT2h1kxphI1QX0z_p3RUd2iTUMeby2Qbyvv-ttZQPTF8eOauRa7XMGFw_ASG9W4F5iLa2-YICTNGszAnQxELS39wlNZgJBoZGPbjZF1kmfLZF3mDXeEykU2-UjxJxclplVMoJLsSWlu3a3UH__54JPxGtItEMb_i2BmgHCeFy4R4xTtbz_rnYvSM0CDp7bMpor4JIH6t4w8CAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFIHEUEgR8nyoXJOCsa-71e3N6__ZMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQBFr5zvG9lFIb7jA1GNdVkEK5yfWGQyGhzE13qGPzEpoVfpG4zIeJt_ZoWnxLTgfXnYLZD6-CYEQ8Yvz1Tdw7usPDdfa9SNSVwNjmkBRri6wJdOVnkZgSC1-fCE570Y2cTdtnH70ffsItoYAwuXupaJNEbM_6QRDtLgPaMXI4KJdZ0pEO8-F7VuL8u1stxlFKxdwe5o_Xpw3lxKfiDMt5uHsu-AA9rE1s4B-mrC4KY2klTBY_rap8Tlv_cXo_Qkoe7oMVknlBXuqz46zwIM0y42RKHdfEuU6PisrQTKfdAEprWe9YJQdMUv4bYzcYFNuKbhcViEGSUrUb7JlFsVBdQo"
            ],
            "mac": "0LssEqVCid4CnX6huWZPiYaHce1wmpG5d4ZNAsSv9JQ"
        }
    ],
    "nonce": "PTdmIjpz40e0DOblHfE6NYcsTpkToBLNEDDS16DB0AM",
    "mac": "ChAo58meZIDwYmD0Nt9UQQCBClMNpX0cSfuqMlV5QKY"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919590Y8ix2sKsdDtgN7-Q5rbLV",
    "clientSessionId": "4p3NSH8aO7cEQTsVA_n49AjekkOUGK7j",
    "attestation": "s50JsazWkQggpdEihcXVXr4KsZ6jae37Ehs9GmXYhSQ"
}


Deployed key[19] CN=KeyGen2 ServerSeed, E=john.doe@example.com


Begin Test (DeleteProtection:1)
ECC Key
Delete Protection
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c9198e9Xic7140NdXuW5sgx6H-Vj",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c9198e9Xic7140NdXuW5sgx6H-Vj"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c9198e9Xic7140NdXuW5sgx6H-Vj",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:40Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "HVtvAA4WeKGkwBLqHjrVMt12hk_OBKzW3syrGjadfNk",
            "y": "YIT2dn450PjmyVX7THLr0EOmsAKGQBQx5jZGKhC07P8"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c9198e9Xic7140NdXuW5sgx6H-Vj",
    "clientSessionId": "w4HMofq2Afi5jDM0wjeqDly29yj_bLuN",
    "serverTime": "2016-01-13T19:58:40Z",
    "clientTime": "2016-01-13T20:58:40+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "ouLH9zdbfl5JGsfTpFjzn9vwNSZCgle_YbwipFhERD4",
            "y": "89MjnoJBgGO_-gPbYCc_0IuCaR0Any4b6o2qiMZAMzc"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "Ef94UzynP55YOxgmQesSjZV2G-AqHJ6vZy2XDDlcHwsoMZnX8zorCOe2AaW_mbFJH5dVkHyPEhn5POJUPcwN17d1pqEltnhmUDGbFsd_Uxrb8cdgI4OnolfNJx0Zzg9_dZIozMFJBE6OXBthWOmdBu7EpHHSvUSB_vlluyi1ZG4",
    "signature": {
        "algorithm": "HS256",
        "value": "DWNtJXxHeVZw_l1nsXcwdNzqM7YAeM0ZII2shd_0zw8"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c9198e9Xic7140NdXuW5sgx6H-Vj",
    "clientSessionId": "w4HMofq2Afi5jDM0wjeqDly29yj_bLuN",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "deleteProtection": "none",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
            "mac": "cAm1wIG561-OtSty072qR7kCFDEAIEBzlkvTpqqd2_4"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c9198e9Xic7140NdXuW5sgx6H-Vj",
    "clientSessionId": "w4HMofq2Afi5jDM0wjeqDly29yj_bLuN",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "sOllNh5g2egRzx99-BNBYu2bL2VsRe5gUDpxbtylPjY",
                "y": "I2F1WNo3KHMepRGDTTeoIFW7sJuARfoHgQG55B0u7TA"
            },
            "attestation": "g3ktdWnhc8y3FCMIBki0HHqK3NnjDrUB_PTEP2ngv6c"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c9198e9Xic7140NdXuW5sgx6H-Vj",
    "clientSessionId": "w4HMofq2Afi5jDM0wjeqDly29yj_bLuN",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnTCCAYWgAwIBAgIGAVI8kZkYMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MFoXDTQxMDExMzE5NTg0MFowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgRGVsZXRlUHJvdGVjdGlvbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLDpZTYeYNnoEc8fffgTQWLtmy9lbEXuYFA6cW7cpT42I2F1WNo3KHMepRGDTTeoIFW7sJuARfoHgQG55B0u7TCjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBQ_MvdJW3pAfitiPfG2qJb2ZUUmtTAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEADFjQPlUxKBH7eNcNuM3WGjC1Aplg-JjNBSfljB3ZD8JxLmYHDoS_LmJsnhCpxhzWC-tdXvekb6BTqQKT8QgI83MuOj67lhwj4ndVSdF2heML31TelOnP7N77OisYcezgkFetQQP03TxSvaDNTXxjNsUogKmn6tz8-DeAC8vKyJrBj1M7xlhyVoOgwyDqAcZ6s1rk8PnQ0L9m4c_ZiVHw_WOnGo_nqN5unZH35SelpQnzNthAtJXFZ9Ni3TsWFflslJb-XcRZtXaoQODAlC4tUktFMGE3cQCt_O2IEOw1EqPfCSDe-gMmSD5XmR0xssHDRdxiep6_MkuCVXFUX5ycWQ"
            ],
            "mac": "yPOocD-qgHQs4ABH7Imz5N4POs2No8WHVyzWPicNNKo"
        }
    ],
    "nonce": "h92JATIoAGZIQ4hl4wCDIB-EAcF7QOeDEYg7zL-fE1A",
    "mac": "4VIZjkLRiIdKQ8b3eWgZFuIJm8IlUOj5tb3TVuT7oVw"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c9198e9Xic7140NdXuW5sgx6H-Vj",
    "clientSessionId": "w4HMofq2Afi5jDM0wjeqDly29yj_bLuN",
    "attestation": "5K2u1l2u6KhlL-iBalAX9VKGEYJJuX6SZb9IDffpBGo"
}


Deployed key[20] CN=KeyGen2 DeleteProtection, E=john.doe@example.com


Begin Test (DeleteProtection:2)
PIN Protection
ECC Key
Delete Protection
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c9199377zgHfMNF_RkLvtNs2U_sh",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c9199377zgHfMNF_RkLvtNs2U_sh"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c9199377zgHfMNF_RkLvtNs2U_sh",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:40Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "rHOf0ZK4JdgacizcUXpRGVRWH2mu9wHYIFGt68pqZNk",
            "y": "Upe87pTGYwerrbhQNMn1LN4WeOkf5LN_g6uIDv7nLiI"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c9199377zgHfMNF_RkLvtNs2U_sh",
    "clientSessionId": "UG9w1uG1-08EO37JM_cF3i00mG1qw7bw",
    "serverTime": "2016-01-13T19:58:40Z",
    "clientTime": "2016-01-13T20:58:40+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "P2RufC1GOUQWtPwiVAepSIz-boNG9sbbCiwqsn7MqAE",
            "y": "WFGniLMcNlOMheJ3giPUyugGvLVu6sS7CURmoSAsCxE"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "kWidiwnYel-sD93-G3coxmy9Uz0Q7BU_4ETol1GWmVG1MyrRNCj9PIafPZ_oaqI2OBStqF0etS2-X41SyXsMrilR1lPclGA5ej1H2TNTr3B9tBVuqw6sJiAqDg9FuxY5oHXbhPY3_mDKTbbeHHbRUlTFW1QUtVMIoefX37NjOIA",
    "signature": {
        "algorithm": "HS256",
        "value": "ozOyvrUspbDB-geN1X5n-DfqpY_BbW1pYGsnI6PVaXA"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c9199377zgHfMNF_RkLvtNs2U_sh",
    "clientSessionId": "UG9w1uG1-08EO37JM_cF3i00mG1qw7bw",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "sjdztkqphiZEetQuHiyVhpQ0QrUSKCv8g6KlVS2LKI4",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "deleteProtection": "pin",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "HRt03RPZgVRUbY5Kzd2vle6dhan-osDlorVigU5kgnI"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c9199377zgHfMNF_RkLvtNs2U_sh",
    "clientSessionId": "UG9w1uG1-08EO37JM_cF3i00mG1qw7bw",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "0aMHbl5U0wEC1GCJM_xrcodovzKECppV3-Q9Q5K3Kqg",
                "y": "p1rrFfAj9ECFo-Xp58Fju1lw2m_gvkFnSagG2cYLwOQ"
            },
            "attestation": "SQwYue-gb4cr7zyUK0wx1Ao45bh0BxuEN7bquAxm_v0"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c9199377zgHfMNF_RkLvtNs2U_sh",
    "clientSessionId": "UG9w1uG1-08EO37JM_cF3i00mG1qw7bw",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnTCCAYWgAwIBAgIGAVI8kZlmMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MFoXDTQxMDExMzE5NTg0MFowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgRGVsZXRlUHJvdGVjdGlvbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABNGjB25eVNMBAtRgiTP8a3KHaL8yhAqaVd_kPUOStyqop1rrFfAj9ECFo-Xp58Fju1lw2m_gvkFnSagG2cYLwOSjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBQRtXbM1WjEgYkzuoXI2xBbPIw8mzAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAK-_xJLnSw6A5jbUHysjZNAOc6wojE4YNNKDxVHyHPcf80r4VZVWtKZs-I33G3aPAjzvqlgSpZl3dMtOBTdoDNzEUvQTN34OF8bGtx3I0Gp8L8KNN6AS-BS1awsrtAUVnqIAJBEFr7x0a0f5EbrxRMgn6V2FcVwWP5ozAEDlZiY4gZhqwiQk0tjHwkvASMGens7K8_3A6cBRlnybKl7jqkcTpt9XRQ53Q26ue3cqOYE9LEwYScihfvEIkpOkgxUdCUC0IU6xim1189xso7BxFwD31o4STLZY55easvFQIo-_g0Lo0uQrodqoa_-fjf46sl3hULkwg5dcZBBTRjxfowA"
            ],
            "mac": "fMH8VFjZIKnN9exzBXiGPFv7yX7JTschhS4bFgh-GPk"
        }
    ],
    "nonce": "BrlNg4IF8ayzwBJR1l02Aj2pqluH6-TlX5M89QSmyac",
    "mac": "skbZt4eJteIM3qt8mjshYkAjXhGNFh7HIChWvRHZ0OE"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c9199377zgHfMNF_RkLvtNs2U_sh",
    "clientSessionId": "UG9w1uG1-08EO37JM_cF3i00mG1qw7bw",
    "attestation": "YxfOlw2KVUKPI-36ufKHmlAWmf5TnNv8ZfiSoc2W6Iw"
}


Deployed key[21] CN=KeyGen2 DeleteProtection, E=john.doe@example.com


Begin Test (DeleteProtection:3)
PUK Protection
PIN Protection
ECC Key
Delete Protection
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919986VhvzRWrbEyN6odmhuClqz",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919986VhvzRWrbEyN6odmhuClqz"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919986VhvzRWrbEyN6odmhuClqz",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:41Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "HIX_K8ZHBvDKcfbsSIflZVyvbk09GJrmz-T_vw4h-fo",
            "y": "OOnGNVBlbuTDi2jXdlIrk5QvU9RYoBz2bKLnGcrhheI"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919986VhvzRWrbEyN6odmhuClqz",
    "clientSessionId": "S0BKkoN0Xdp2NYkjyvYqIm-j-oFOZcBZ",
    "serverTime": "2016-01-13T19:58:41Z",
    "clientTime": "2016-01-13T20:58:41+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "imB_gKTjMqQYhDN3L2bGvT9vMTwt6b0kKnS3VlJ_qP0",
            "y": "fZ_YcwT5pjCWpmRrP-_N2zxl987XQwagCKLdSBlCKNs"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "V5135Yx8FWUZPfM_sbnrtMd2-ymAdxNJIjVj6PU8WL4UiCxArGAxgDDIC9oqtXfN0jQsCLHS2YuIwn63nWmRupWFEz9MuBdbyUKRR3KRYw422AnrZTeOK1ak_l-bD5XvxSydOyskng9DS1C5mtEq8ZUxbrDF-GwdigThsvHOg5I",
    "signature": {
        "algorithm": "HS256",
        "value": "6DfouvSennRI6CE6wzTpKiq_vhbcA1FD_PnNz9AGDg8"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919986VhvzRWrbEyN6odmhuClqz",
    "clientSessionId": "S0BKkoN0Xdp2NYkjyvYqIm-j-oFOZcBZ",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pukPolicySpecifiers": [
        {
            "id": "PUK.1",
            "encryptedPuk": "Cz_FyPr7Viv5G2pcz_KyY68EKha-cFthk9whbnIS4uE",
            "retryLimit": 3,
            "format": "numeric",
            "mac": "BdMZ0XWWglfTkBFXFH4nNxKO2BlbjwwilXIB8x9X14s",
            "pinPolicySpecifiers": [
                {
                    "id": "PIN.1",
                    "minLength": 4,
                    "maxLength": 8,
                    "retryLimit": 3,
                    "format": "numeric",
                    "mac": "t_-D7lq27_DZ80MubbuvOyKzuxYIafpP5pppY1faPVI",
                    "keyEntrySpecifiers": [
                        {
                            "id": "Key.1",
                            "deleteProtection": "puk",
                            "appUsage": "authentication",
                            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                            "mac": "hKdwjGPWTdMYDzbDX_IG6aD88M_Bt5Y1zkrt_XBb-cQ"
                        }
                    ]
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919986VhvzRWrbEyN6odmhuClqz",
    "clientSessionId": "S0BKkoN0Xdp2NYkjyvYqIm-j-oFOZcBZ",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "ZXeZhZsG8renpSE0ibjtJoVvxpYJyTaM2q7X9lNeF7g",
                "y": "sU9ifT9dPEBzgtom4V3DCLP-Ks6N_xkJ-xQi7VrKcGM"
            },
            "attestation": "1mXLybS31OH9XyTcrCOZSEvjQH0GcSEDHxOZK1M8gAM"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919986VhvzRWrbEyN6odmhuClqz",
    "clientSessionId": "S0BKkoN0Xdp2NYkjyvYqIm-j-oFOZcBZ",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnTCCAYWgAwIBAgIGAVI8kZm1MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MVoXDTQxMDExMzE5NTg0MVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgRGVsZXRlUHJvdGVjdGlvbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGV3mYWbBvK3p6UhNIm47SaFb8aWCck2jNqu1_ZTXhe4sU9ifT9dPEBzgtom4V3DCLP-Ks6N_xkJ-xQi7VrKcGOjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBR5IKkB5KX5fIY5PxK9lYJmS5mUiDAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEANDxa4IcXx1xNeOhQ3UvUAEsvkHsaNANg1d0udSiwTv-Fi0Qi_tA8ZgUaIKunuqYcSBnoM5zz8UpfFYmdB24kX2n0bWBSXygnSRljk4C9wHeilU5GSnCiE3KkoDCb_Cx6maNok1Lyy3sCbmFJza4m09SzXtMYIN7NHmIMKGr2nSpG-MtS7ghKOFzjs3e3C2FbeOKLwqhnye6x_dMz7S_NALX8b6VOYNhxTZp7EBZM7az-og_JBIChf7fy5dUmzZCuvqqjkVDpo8NE7f58PUp7FCKh97pccILjAqZrszq8cl17HZmpwn6YF5Bk-eYero39l3y85pjjrN-5EbDWmkxJNw"
            ],
            "mac": "IBlkEl1bw70ZGXsgsMscNa3MbLkPVmqzOgGeluvThQs"
        }
    ],
    "nonce": "Cck4KG8nkaf4O_FtAdW6hb_EDHMPCR9M1HoSLMS2zGM",
    "mac": "k6etV7SCLnSjwG4kCeOcq1abTZfvoPC8k1JhXBRe3AI"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919986VhvzRWrbEyN6odmhuClqz",
    "clientSessionId": "S0BKkoN0Xdp2NYkjyvYqIm-j-oFOZcBZ",
    "attestation": "r_kDDS5ARG5i6p1doJkzu-RA12b9SwqDYxlFHVsGBOg"
}


Deployed key[22] CN=KeyGen2 DeleteProtection, E=john.doe@example.com


Begin Test (DeleteProtection:4)
ECC Key
Delete Protection
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c9199d4F-v9nHunMuzd1BU6tRO-l",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c9199d4F-v9nHunMuzd1BU6tRO-l"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c9199d4F-v9nHunMuzd1BU6tRO-l",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:41Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "dGxBxqpxxVLk1QnhCfu5xoy-cSsoyz_dYNzmKaBev_s",
            "y": "lYBoT0AALK6mT851kD-eK8NvSCZFIC1os_4ljfs04v4"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c9199d4F-v9nHunMuzd1BU6tRO-l",
    "clientSessionId": "Ms6N-3qpKZSQtGDs1mGXW63BRoLND_wl",
    "serverTime": "2016-01-13T19:58:41Z",
    "clientTime": "2016-01-13T20:58:41+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "6kuGyFmuUPjsjeqf5kcAxfm3dTJ91lDPhxtwkLn97sc",
            "y": "JRYcDzDOA0hB4KmD8pNvuoRHGA3V19_kDtYC4lKi5k0"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "el36gZkpvIN8zqiQUEZ7I0Hnenpiaki7YqLfE9jsSHQ-aJgV_2K8PehmBAZCxaGE8rtUspKCrN5H5pw38wFwaXwqV27K4OSj9O43yBAxeK23udelXfPK5Y-HKzkNfDEcsknU9fnxoroa8y4ubjSqyXUidhrrRjFO6Sb7zpl4eKw",
    "signature": {
        "algorithm": "HS256",
        "value": "3sZUaeFsiVKgbGtkcS4vtJCa-zVauTKmIF81v6Yf0oc"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c9199d4F-v9nHunMuzd1BU6tRO-l",
    "clientSessionId": "Ms6N-3qpKZSQtGDs1mGXW63BRoLND_wl",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "deleteProtection": "non-deletable",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
            "mac": "zzIreI73DY3FK664TDLoEKQdmO9Uhrmq2aiCcL40mAE"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c9199d4F-v9nHunMuzd1BU6tRO-l",
    "clientSessionId": "Ms6N-3qpKZSQtGDs1mGXW63BRoLND_wl",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "ewuVCYfkqq7f3n2fK2ZZL-qkisYXdhl5KQ-1-WuCAHI",
                "y": "I_S2XGQCTSIQgTWYAplTts9bvBFapaIn8LazLxyi3ik"
            },
            "attestation": "qXYZe8kTMdOzD1UBKMGV_ucRD1IesvIMgVsppGKuFMU"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c9199d4F-v9nHunMuzd1BU6tRO-l",
    "clientSessionId": "Ms6N-3qpKZSQtGDs1mGXW63BRoLND_wl",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnTCCAYWgAwIBAgIGAVI8kZoDMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MVoXDTQxMDExMzE5NTg0MVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgRGVsZXRlUHJvdGVjdGlvbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHsLlQmH5Kqu3959nytmWS_qpIrGF3YZeSkPtflrggByI_S2XGQCTSIQgTWYAplTts9bvBFapaIn8LazLxyi3imjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBQqlKRKkrHAgOTJZ-J1suE6UyLaGDAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAekdlFVtcnnh53ubeZaQCvxst_bVOBTMFqdJbGf3MplV86vHB2q4ow_2gkHWssei2__PrNeHgniHUl2X2BToGqBpkZEt5P6FwavsWkwy4I7s_K8E-WnmunCbR64q5oseMJuqXFOaUYNYPo99AfDoJIw399TO1ZhEMBkh5Vv5851hXjFKY8RgQOMUYVVfOn_qFtTdALot25QajJJXdIFCAvb3bvCsXNaxhypJOTW09qLaJyTJ5_FqcnD80UuOwG6G33IuDN4PnY8bVgeWdbuXXXoJTeK79KIxUDw69Un0gTysUxAOwB0CYJZ2wHDVYPMErSdEa25kX0mXSt4CeNCmzhA"
            ],
            "mac": "r8wCuxCTnUXB0n2fgGjJcItJT_WVbE30TFWig3Jv7UI"
        }
    ],
    "nonce": "O9jRelXcqaOBPknhblo8CaXhJuRFkvrMvcLvcXfq39s",
    "mac": "UMjg_ra_PKmybzmZq1GkacM6GEVuLXudzhLA3RUvKxY"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c9199d4F-v9nHunMuzd1BU6tRO-l",
    "clientSessionId": "Ms6N-3qpKZSQtGDs1mGXW63BRoLND_wl",
    "attestation": "R2y3sJE9KE2c8xA9KAcrUuhWnal_ZWfRCWiTQ6saUnE"
}


Deployed key[23] CN=KeyGen2 DeleteProtection, E=john.doe@example.com


Begin Test (MultipleKeys:1)
PIN Protection
Multiple Keys
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919a32KfSdOtCg4aZ6arLM7_Fp9",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919a32KfSdOtCg4aZ6arLM7_Fp9"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919a32KfSdOtCg4aZ6arLM7_Fp9",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:41Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "4uXrBhhdinc-KNvsKlDR_pC9stoz59SC4IkO6JJ7GzU",
            "y": "nntLO49W2xIqbdowNGwICw25j0tZEh1tzhUlviJrFS8"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919a32KfSdOtCg4aZ6arLM7_Fp9",
    "clientSessionId": "gTY9ZcvH7Jv4DxlgxPJYpoeEPOw0yWAm",
    "serverTime": "2016-01-13T19:58:41Z",
    "clientTime": "2016-01-13T20:58:41+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "5nBh_1Kt-R082p3aVuGy3-GYWTyOrPrGKFTnVtjMgQo",
            "y": "RzUqgAaOwnJl8pDNXmlgVgyApBXo7Rq7qC9qkybdE6Y"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "f5AW_csfYjMt1iqWsLQnxy8pinWeXs8NTebKPzYV2jBmU1-h_cgwaCL3H6ZgRVldQu0srdYiSr_Hq6nQPYXy2nAV2S1suaCJXZ6qeqepv9n-7PnVOdgmPyO7dMFb1EQg8po6n1CkHoCUVJxw5jXXQXcB7ljTHVrdNpnTJfoIHeI",
    "signature": {
        "algorithm": "HS256",
        "value": "U_SwghBeCLC52yeRgMWwCV8AMieBkxlOtWv1NXJJaog"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919a32KfSdOtCg4aZ6arLM7_Fp9",
    "clientSessionId": "gTY9ZcvH7Jv4DxlgxPJYpoeEPOw0yWAm",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "vFBMxKVWF_tLABsQ95XkFvTkwdi7RZuEtJqBWF94UYU",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "mac": "HthNKs6S0Awnx0xyuTmLeQF5JS_s8_JUrNnOGVh5RFg"
                },
                {
                    "id": "Key.2",
                    "appUsage": "signature",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "130C4vvn1h7HqCWdc6aNBocz15mnsmZQK0iMF7EnP6E"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919a32KfSdOtCg4aZ6arLM7_Fp9",
    "clientSessionId": "gTY9ZcvH7Jv4DxlgxPJYpoeEPOw0yWAm",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "1j9macoG4m5lOiMXwB93A64R-u9KomC3bPtrOk6GIQOFjzeDJFsco7I-QwAB7trba0HvWNmKkq78cVeerdujeDE_q7s1hHU_7XNKmXVfRCRDUo0_l1wlBq95TsTyNB6CkL_UlX6WNTxLcNU47vu4vcaePYGs4RLBv2UItOoVVvGc9DBxZZ_ZzLXcSnmwJ90jFpIjq_9ZkVyIOHaE6Uj8YiczolWiLgeaTHEw7WnINvCxh5dgRK7ODRJ3AF6PVpxNrB5Rb4-nJV6ie5INMtXA7bUWi8YbDff_khQGhGel5nfn6-VfNDYfY863zAUWPVj-Q3EVp8J7FrRptGKGdSK3dQ",
                "e": "AQAB"
            },
            "attestation": "AgzArVq_4XP6xDguRL0PreRuWag6uhBy-Er1YLyFrQ4"
        },
        {
            "id": "Key.2",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "dBYNldiBarmH7FsQXUJ3bhb5sLrjhlsHWoe47Xs5WSw",
                "y": "iUS7sOrWgEnsvaer28yApdOWbxS1sa7Qrid2U4ce5M8"
            },
            "attestation": "fRUoS6mcTRuNIoW0rEElTtkkWS-owaTJr6tJg1cLB80"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919a32KfSdOtCg4aZ6arLM7_Fp9",
    "clientSessionId": "gTY9ZcvH7Jv4DxlgxPJYpoeEPOw0yWAm",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDZDCCAkygAwIBAgIGAVI8kZv3MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MVoXDTQxMDExMzE5NTg0MVowRDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHTAbBgNVBAMTFEtleUdlbjIgTXVsdGlwbGVLZXlzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j9macoG4m5lOiMXwB93A64R-u9KomC3bPtrOk6GIQOFjzeDJFsco7I-QwAB7trba0HvWNmKkq78cVeerdujeDE_q7s1hHU_7XNKmXVfRCRDUo0_l1wlBq95TsTyNB6CkL_UlX6WNTxLcNU47vu4vcaePYGs4RLBv2UItOoVVvGc9DBxZZ_ZzLXcSnmwJ90jFpIjq_9ZkVyIOHaE6Uj8YiczolWiLgeaTHEw7WnINvCxh5dgRK7ODRJ3AF6PVpxNrB5Rb4-nJV6ie5INMtXA7bUWi8YbDff_khQGhGel5nfn6-VfNDYfY863zAUWPVj-Q3EVp8J7FrRptGKGdSK3dQIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUQ8SJeTkhroZ4FZXgKIMtBC643sEwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAIV4KNOuxq1A-C-GTQAsrlSq3ZlWAY-b0LR5z2FWBKRPqaeF4p_d60QVX7Q0Gw7XF7MXe7e4tKI28HD9q7cIulSGe1xt-QvoCIdm93Ri1k6YBYHt5MhWKw5mgA5iyRIwR4zM6H9tBedV7Z2M_IQSHfv6tkQ8WDdlFDoKQyzbUtQp572kJX9UrXXHPw1deJaOECZIypNwf0RU_GxqYAJ_wL-oYfH0PmsC4l83wPU2nxNyUAofe5Dmba00CC_B31Ysa2SXJTISoeJDz9N1C0tyFyIKWjzZR71NZaVQdfsLqM0pSKK_z4vgfoCZLOk4-Y8PY8BJ_s690J9yamA3DS_HbG8"
            ],
            "mac": "r07uixx-X1gWO-z0zHrQ_nmxNV2_j2qgTdMe4ryntLc"
        },
        {
            "id": "Key.2",
            "certificatePath": [
                "MIICmTCCAYGgAwIBAgIGAVI8kZwHMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MVoXDTQxMDExMzE5NTg0MVowRDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHTAbBgNVBAMTFEtleUdlbjIgTXVsdGlwbGVLZXlzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEdBYNldiBarmH7FsQXUJ3bhb5sLrjhlsHWoe47Xs5WSyJRLuw6taASey9p6vbzICl05ZvFLWxrtCuJ3ZThx7kz6NdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBDAwHQYDVR0OBBYEFDpoDL8PKyOO5R6ZSHuhHA1_ouaWMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQB9Y3T1wz-LhaQjwoWa88F4z962-6ASr_Mmu-qv-uFKEfuNzbCxxHt_iOUKP9YQGZp265eo4_cTCl1lQPXVj_NBeFy2_Rbp8eELny-jEbB5ydMiyy8-Ac8V6ogCi5_TGxAeQzgxs3SffeoA7SOIAqliFl-Zc14GaW5KvpJaSfe1TRB3sL_w_G1oskPNfw_7KMhr8flr84ZPMitX-ePFb525BxaezeKGFCTLmVcin1AaeyUkbq6zipfv6H8bDOAE9esnfRcfjdJX3wGcy87pIIk1uHTOmJAZuQE6SPlgO5IeLOMcAN2aeAUk_z7E-A-3nfsgtD-zfs4fumFsbqj7if8y"
            ],
            "mac": "1xqcOxLfQdDu2i1RGthmwaP1x4teea9XgO4SZmHG4_U"
        }
    ],
    "nonce": "UqFnYkpJFdHT5mBT3LKIfc1R0KBy5eoSRdJYagsX3ak",
    "mac": "qWJ8h8FQvvm7reN2mNhNqAe0TibhIQ8OnrKk559x3AQ"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919a32KfSdOtCg4aZ6arLM7_Fp9",
    "clientSessionId": "gTY9ZcvH7Jv4DxlgxPJYpoeEPOw0yWAm",
    "attestation": "Tsin7bib1Rzly7XmivUKNy9alQEX92L5DYXpfwUhILs"
}


Deployed key[24] CN=KeyGen2 MultipleKeys, E=john.doe@example.com
Deployed key[25] CN=KeyGen2 MultipleKeys, E=john.doe@example.com


Begin Test (ExportProtection:1)
ECC Key
Export Protection
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919c26R1A6eIKQDdsaes4EHpnQs",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919c26R1A6eIKQDdsaes4EHpnQs"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919c26R1A6eIKQDdsaes4EHpnQs",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:41Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "I_isx6j-2X1K5ANuMjq3nhZN974GOzjdxcDY8g2fLUQ",
            "y": "RzfZoxp9XNP4S8C2CuNr_4c3jTWv8_Yrh-nsV8q0Ssw"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919c26R1A6eIKQDdsaes4EHpnQs",
    "clientSessionId": "zEIhZpLr_aCyxtuNzbM5RjzzeEHM5a9c",
    "serverTime": "2016-01-13T19:58:41Z",
    "clientTime": "2016-01-13T20:58:41+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "nPqjTHOaRKeSNYVaBUcLlSnSxbOKaweGmfwpsz-8yOI",
            "y": "DQZw5BOj23WWm8zV09CQeoweadX8GELFjMKQt3DwIFg"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "d_2FcCQ93UJqoXW3EgP_6FneDd18ctmNynG5yQ-FRNIrTj_83n6KzIJU6k_k55E-dwnr6sBA0nL6QBjkilxBjA-_IQBjco5LtH9b2mtkTl7YM2ZKqbgHFyhCyvvr3DauXc2gP4ldsLDPeKoEFTraxtylmRZFPrI0UUSrPApNvJ8",
    "signature": {
        "algorithm": "HS256",
        "value": "E1FGQ5yO1cbqbplOqUUQXbedGNWoSbuFtkriEcr2PKQ"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919c26R1A6eIKQDdsaes4EHpnQs",
    "clientSessionId": "zEIhZpLr_aCyxtuNzbM5RjzzeEHM5a9c",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "exportProtection": "none",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
            "mac": "F2P60s8BurmRi9NTannvg-DGeYEgTpZ_5QV13On9oLI"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919c26R1A6eIKQDdsaes4EHpnQs",
    "clientSessionId": "zEIhZpLr_aCyxtuNzbM5RjzzeEHM5a9c",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "kQUjSzuktBcIm3b2ubqGvNvZQyabWyBuPzBja8SGSGU",
                "y": "eXKtuTiXp3uSpWF_2YASDESrWWuEAd7JieYp5Bkf2QY"
            },
            "attestation": "trwc4rxFwfoRxWmRbUmsXkSQ8Ew-g_73NmCJ7etCBjM"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919c26R1A6eIKQDdsaes4EHpnQs",
    "clientSessionId": "zEIhZpLr_aCyxtuNzbM5RjzzeEHM5a9c",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnTCCAYWgAwIBAgIGAVI8kZxVMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MVoXDTQxMDExMzE5NTg0MVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgRXhwb3J0UHJvdGVjdGlvbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJEFI0s7pLQXCJt29rm6hrzb2UMmm1sgbj8wY2vEhkhleXKtuTiXp3uSpWF_2YASDESrWWuEAd7JieYp5Bkf2QajXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBQLEOHtXUV7lflJkoIgPQwsXoKM0TAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAH4LXTTGv_u-sYDsaM0dVQO0vRYGTbn_BmHD94X0naZV1Asi-Aq_q0YWVJPMtaDVweI_oPH_WIW5vsUvnuXpnCjuL6oc_raww2AXYx19nfQGJTjUB16WDZ03NTz9gEk_Xn99h6KnxaxJ7ZCzdGBeZg14BYZoGtyz3b1YfdY3bhiGmNBNXRtwWM2vK9G7lqX8qUUnF_291ETWS8TKRB0tOAqSLLMkmr0vrV5p1-eIMS5ni6Hsgdwd0buLLH05U1Jr_DkFmekcY4BPSVl3OKgFs1BF8-rp2jASrBOfdVE9TZKZ3s6Wu6ZDXowhHiKCFrJz1I2UXOiM3NI6Br6QdC7TJag"
            ],
            "mac": "Lp8CzAb53llo5MDg62s1uXOazI48xgDCnPQ5DuXA9E0"
        }
    ],
    "nonce": "HbK77-DBKMKgc0P29rtXohHArzU3eMSuVs8KQ0riw3g",
    "mac": "jqsIKnyUSUAyTjPc82IKT1LaxJqXNBjfu1cqi1UYJN4"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919c26R1A6eIKQDdsaes4EHpnQs",
    "clientSessionId": "zEIhZpLr_aCyxtuNzbM5RjzzeEHM5a9c",
    "attestation": "gcU-9yAA0wf0KPr0tcXz973TuhzEzQTv2R8G0etpVp0"
}


Deployed key[26] CN=KeyGen2 ExportProtection, E=john.doe@example.com


Begin Test (ExportProtection:2)
PIN Protection
ECC Key
Export Protection
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919c74rYp5XUADTk-8G_WPAiT3-",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919c74rYp5XUADTk-8G_WPAiT3-"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919c74rYp5XUADTk-8G_WPAiT3-",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:41Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "tmAC2xLlYtut2gRIWNp5XgQVR80O36HnxLgcYhCIYAs",
            "y": "5e5P8xY1XLcoUkArhUmz9olPyYFxEU-8xCUmRI1fBmg"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919c74rYp5XUADTk-8G_WPAiT3-",
    "clientSessionId": "FqAeCfRRn3N4b47qDICHK50kO-sDbiET",
    "serverTime": "2016-01-13T19:58:41Z",
    "clientTime": "2016-01-13T20:58:41+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "Ydf6GKrA7MQhx23Xps7se1Dc8s4qqzsdElDjjbxDGcY",
            "y": "xb9MlEk0apnTvWThGRF0JTOeVepPi1E6gzzF32kS_qE"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "p3r5SNnCRLhs8V9c3dSaqN1WwaXfZUBVNpUsZ-Q7YkA6OOe0-ccxbwSaj2m-jBpKPglf6hCvKdcbBkQ2LPyea_TQ-z_mePfwa6WGy_zvlgst_YGq3wRzZPFO9f1Fudiu6d4_hAqjMfmoBqcHweV3N6Q7ZffevkDkwCDS9FZR2JA",
    "signature": {
        "algorithm": "HS256",
        "value": "5i1sbhEmbbVX1YtSZ9IjwoiSnjgw4L4RFCRNWxcKa8o"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919c74rYp5XUADTk-8G_WPAiT3-",
    "clientSessionId": "FqAeCfRRn3N4b47qDICHK50kO-sDbiET",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "nmxKFSddf6p7DUb8C6-ktMY_bSbzACn_O-beuojmDG0",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "exportProtection": "pin",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "mac": "9qfVTXYxEGtNDEQp2sdXWdHdL6Hlqsq11vPln0MeqO8"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919c74rYp5XUADTk-8G_WPAiT3-",
    "clientSessionId": "FqAeCfRRn3N4b47qDICHK50kO-sDbiET",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "N-bE7X2k_Whr0B-antHMKcANCF4DThrem7CmXvYVbBM",
                "y": "L86zUEvsv-5xauT_t0S4rjFFVuMnHKLi8S0226LC_1w"
            },
            "attestation": "8e_fg464lH342n08aq_d9bdIcmzRKa9cNuaTnSeQxpE"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919c74rYp5XUADTk-8G_WPAiT3-",
    "clientSessionId": "FqAeCfRRn3N4b47qDICHK50kO-sDbiET",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnTCCAYWgAwIBAgIGAVI8kZyjMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MVoXDTQxMDExMzE5NTg0MVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgRXhwb3J0UHJvdGVjdGlvbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfmxO19pP1oa9Afmp7RzCnADQheA04a3puwpl72FWwTL86zUEvsv-5xauT_t0S4rjFFVuMnHKLi8S0226LC_1yjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBSnqNYlhuKwUWOzrKpWRwm8oekj5jAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEABp-_3hqS-7Zw9oMIfEf6cUSgaIWtbt0-eGJT7LTstn7q8VqqsSaH54d03KPHgwdxw3EPShgF99JPIkXFLtqe5j7UHYoBpgPq3X3OswTXWjonu4a371_QqfjZnVPkO2DhYhVcJbJCNqu0nVHAyX_VFNhYKdUc0DBuQhuPg7MGgnEVtPKojzmlMZhhmYzytixkxFt_bnOAXIGT2bPWPZla-BRqRkMa_eMiUNL-qsLj2atNjWB8PY5Hv5AzVXKTxLGmq_xzmbfaoFzFS2SHnXD8CSXy8fvnH7XWRkKTCrdY_exrPaWKeu3OBNOeIAFiRcu5fykE2tr_iYqLuWoRHptTbA"
            ],
            "mac": "ZLOT7xBz8CKq86rUHVRjyKupMGfZW55halajfCv2VbA"
        }
    ],
    "nonce": "mHp8sgG2r4tlst8jkowVkckfx3NKKXVebgw2s_MtrCc",
    "mac": "0Ym37Sx1EhLeuflMTyqf7DkrpdEFDAct-9imNcbd1eE"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919c74rYp5XUADTk-8G_WPAiT3-",
    "clientSessionId": "FqAeCfRRn3N4b47qDICHK50kO-sDbiET",
    "attestation": "vID5UYlQe_89XOQI3OZXRxuPwEGZAlTaHJD33rLcxoY"
}


Deployed key[27] CN=KeyGen2 ExportProtection, E=john.doe@example.com


Begin Test (ExportProtection:3)
PUK Protection
PIN Protection
ECC Key
Export Protection
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919cc2grFjHXCXMRD7_MaKCoo1_",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919cc2grFjHXCXMRD7_MaKCoo1_"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919cc2grFjHXCXMRD7_MaKCoo1_",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:41Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "Hb58v7pJyCJkWcIuUUbAEs5KY9iBmix12n4VtWXbr8s",
            "y": "3DqSOqxzZlysydzM88g52I5b6Ct8xM0WJyvTFEHYGE0"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919cc2grFjHXCXMRD7_MaKCoo1_",
    "clientSessionId": "SqNOFlmNjcEgcuuNm-Pjf90SUJfBrwJw",
    "serverTime": "2016-01-13T19:58:41Z",
    "clientTime": "2016-01-13T20:58:41+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "6aHr_YH5Lj7lfnLtEH8Ekn9hWVZzG-au-nabGFRThDs",
            "y": "jb6UAmYkO7FId0kitcDUJYndZ7sc5gfVWQ-9m_IwQAI"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "N3edEPaOW6NgFJ2rGyQMwENHseYZMZd8u8vfYFkgsb4Ph9On2wmpwTT44umn1FWLi01lE1NiWIQ-VaWxIPRP4YXkMyfPOpDoP49YOrwMTszTw_9ABqMdd0gAkbDknDjVUS6hn2-91O2bZAQrEbWpFe4-AajuDF5Iie4v7UdmZVw",
    "signature": {
        "algorithm": "HS256",
        "value": "H4wfZmFWhojgp_ip_Rws23pTwyRhs1Wn8hJprFqaY54"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919cc2grFjHXCXMRD7_MaKCoo1_",
    "clientSessionId": "SqNOFlmNjcEgcuuNm-Pjf90SUJfBrwJw",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pukPolicySpecifiers": [
        {
            "id": "PUK.1",
            "encryptedPuk": "35ccs4pu0H-FifNTxedH4pJiLGVpaK2jXWy362xiHZ4",
            "retryLimit": 3,
            "format": "numeric",
            "mac": "-ypQhwEpHmKaIs-yMESwxpXsVDIfx-_eg5n6L9j4OrI",
            "pinPolicySpecifiers": [
                {
                    "id": "PIN.1",
                    "minLength": 4,
                    "maxLength": 8,
                    "retryLimit": 3,
                    "format": "numeric",
                    "mac": "VWxRoBlsnh8qleAz_dBWSn1bkJZGzyjEy4-piVPk8Uw",
                    "keyEntrySpecifiers": [
                        {
                            "id": "Key.1",
                            "exportProtection": "puk",
                            "appUsage": "authentication",
                            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                            "mac": "FgFHM7v1uJUPk_gsiqKuuUgYhY-lj8XdpLs30Msw_T4"
                        }
                    ]
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919cc2grFjHXCXMRD7_MaKCoo1_",
    "clientSessionId": "SqNOFlmNjcEgcuuNm-Pjf90SUJfBrwJw",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "rfnflizUrodCF4ijO8ZLapspCscfJZ_h_kNXiDKHxRc",
                "y": "a86jlHxuEGQvPH-pBHV2gVQMzFdCN98wElJPdeHn7Y4"
            },
            "attestation": "iDMr48NmchHc9cZzIwjVROkYcxxjSLQZmetCbfRyi4E"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919cc2grFjHXCXMRD7_MaKCoo1_",
    "clientSessionId": "SqNOFlmNjcEgcuuNm-Pjf90SUJfBrwJw",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnTCCAYWgAwIBAgIGAVI8kZ0BMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MVoXDTQxMDExMzE5NTg0MVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgRXhwb3J0UHJvdGVjdGlvbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABK3535Ys1K6HQheIozvGS2qbKQrHHyWf4f5DV4gyh8UXa86jlHxuEGQvPH-pBHV2gVQMzFdCN98wElJPdeHn7Y6jXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBSxV-RP02aVMENKhU4ZqWt7Djl3CDAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAJGPEydLmql7bg_ffmXE6gHUC91w6Zu-TL6N115c3c3t-ju6l8Fcf3Oruckd_dT6r9yzUX4LTMAyeu6jc-Si7BGszmkNe4jLlsWu6afOEHzQmIyv3vubjQePWECI9UanRA_EyegfEe67ZIfRJ13qMcpvR75XWGWKHGOfls85l6B00_gYZ_tyhD7DnpiDGL0TQnL-UfTi3KIQ4fegNhdLsBcAAoIxTtcNVblkcUzq-gYX1_cwM6ED-EY028mQCS2bprzVqTEa71mKB679l5SMbBwiNDPDviLSfn_zGKG2hzPk0gi6PJnLiryq5n4wItXZncKg2itVYfsTk3Waqqb0uHA"
            ],
            "mac": "cPK01BswpIJBcWNnTCt5HgDLXeXf-5Ri-PKGcq-1SV4"
        }
    ],
    "nonce": "c5vbMXt78TRsekGj90Baec9TGcQ5ay3jmhwNR1o-8xE",
    "mac": "XB2slqfVqK8B1tk1_EfG8xNtSTXIhzfp-mmIXE27Cxo"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919cc2grFjHXCXMRD7_MaKCoo1_",
    "clientSessionId": "SqNOFlmNjcEgcuuNm-Pjf90SUJfBrwJw",
    "attestation": "jlTEN5nexD6Yj0-W6Xj8LL83kV3ZBn74BXd7QzmZ648"
}


Deployed key[28] CN=KeyGen2 ExportProtection, E=john.doe@example.com


Begin Test (ExportProtection:4)
ECC Key
Export Protection
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919d200ZAZ1wMUjU1yfwM5Dw1Tl",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919d200ZAZ1wMUjU1yfwM5Dw1Tl"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919d200ZAZ1wMUjU1yfwM5Dw1Tl",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:41Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "Y3qphc_PGBK6e6m1EX9rNXR-0ebBi7Im7dZDu0N5Dx0",
            "y": "ZNBi8oxFxlJZ7Cj46V90It-xVeQV0LLIx-aIUvi5-0U"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919d200ZAZ1wMUjU1yfwM5Dw1Tl",
    "clientSessionId": "4232xlVxCJhTeOOzTZB6TNV3OkhtHmB8",
    "serverTime": "2016-01-13T19:58:41Z",
    "clientTime": "2016-01-13T20:58:41+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "JAX6wpZ4k99gkVe1ZLECD1or2hP0l1ApMZD8WY5Dfy8",
            "y": "d1SL5yzoDrO15i0nffat8wFKese637eQnUC2tDExvhQ"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "U3O28kDHYeLm1jzNI70w-nAm4_sIBUIHqrvVUtrJ54OqQdL8hSELAIDJsNkC5E5lfW_qbj5MtLC1eHHmi5KP1oI6g0nNr3eiY6eVqHjqsw_u_z77_Q32HUus7U9xhFDTKwyLYWy7udeVGmAajx7DpG_l4S-_gwXkHkNorvjuaRw",
    "signature": {
        "algorithm": "HS256",
        "value": "EamBxy6dQHteB7pU2XrPdAYn5eGL1yG-U1SD64WBX38"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919d200ZAZ1wMUjU1yfwM5Dw1Tl",
    "clientSessionId": "4232xlVxCJhTeOOzTZB6TNV3OkhtHmB8",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "exportProtection": "non-exportable",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
            "mac": "PKCiOjWxdwD-n0HdYnJ8ZKBYmdNJQUem1cTT2KMdefU"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919d200ZAZ1wMUjU1yfwM5Dw1Tl",
    "clientSessionId": "4232xlVxCJhTeOOzTZB6TNV3OkhtHmB8",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "y0f-W6JxkXpfrlq9bcHFGx9PwD88jSyDoXv30yiVhHs",
                "y": "fSrQp63BifUxFd7sOQZAxr8hpHZNZ3Ig6q7vREaclRs"
            },
            "attestation": "h7pAWD4NpdhCR-bKeL9s05NUPZNdbIFp6ooCmj8_Mr8"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919d200ZAZ1wMUjU1yfwM5Dw1Tl",
    "clientSessionId": "4232xlVxCJhTeOOzTZB6TNV3OkhtHmB8",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICnTCCAYWgAwIBAgIGAVI8kZ1PMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MVoXDTQxMDExMzE5NTg0MVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEtleUdlbjIgRXhwb3J0UHJvdGVjdGlvbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMtH_luicZF6X65avW3BxRsfT8A_PI0sg6F799MolYR7fSrQp63BifUxFd7sOQZAxr8hpHZNZ3Ig6q7vREaclRujXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBQzgNKCHGfivJbHya9xUP7SW9I7CDAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAgIm32ZN0AjeQJcnR6cZlGOo6zsw2sTZUld6VqS9620LzvQZLxULAGsCVmnbY6yMY6WkHurbirnNp6K9TLIoDeiNdcxVKSiEuWoQZtJdIFv1IyhsBjP5w4Ea-9bI4O3LXqa_GbzjS41OxG16QxXUDY2BGv62Fz-H3KrXpYqbrJNlzRMXrC47QsdPGvdgUcneXNAIj7nV3F9-ay_VKn0Fu0QkpP7uaxvEnczAmptk8PwpQwj44Ms3xgUpQAXV_lyDPDc1mae7_h7JizHdyCqWxvidqDcYVucPKC1vRFDqa_FcUapEEJmc01340L57nBbP0r7n0faoliMiz6Dr2k4qOyQ"
            ],
            "mac": "DJ6oWN-nJBsYXUJpTGk_pz371UYy6rjvDY_0sGiRYgk"
        }
    ],
    "nonce": "nmmEZUgazeIakitTrgcPs_fbLA_8gxz3QoCS24jRfE0",
    "mac": "fWq7s5HfjiRW0n45G7vNDbruX4qV4KknF3Z4V1MHBdI"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919d200ZAZ1wMUjU1yfwM5Dw1Tl",
    "clientSessionId": "4232xlVxCJhTeOOzTZB6TNV3OkhtHmB8",
    "attestation": "zMdMge6uAtBjcwkQ6ANyaqNYMK7niNZf4-MBFzfymP4"
}


Deployed key[29] CN=KeyGen2 ExportProtection, E=john.doe@example.com


Begin Test (KeyAgreement:1)
PIN Protection
ECC Key
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919d6e_NV0ke2ZvfUxhvYQEO5oU",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919d6e_NV0ke2ZvfUxhvYQEO5oU"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919d6e_NV0ke2ZvfUxhvYQEO5oU",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:42Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "jhlHK4QenZzkmbwQBY4wCe7WapmJbkm36P6NJ8BjQOE",
            "y": "ymF7QwzjkFsBabHCVMcx80GE-TP6EYtN8n1ZRenrQXE"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919d6e_NV0ke2ZvfUxhvYQEO5oU",
    "clientSessionId": "_g13oE6qK6O2JGWWF1eD85FGS5OzFLBr",
    "serverTime": "2016-01-13T19:58:42Z",
    "clientTime": "2016-01-13T20:58:42+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "WJk1ZtgW5LnLIcYjC6a0OeiwVpoFReyk3oXlGZsIrTM",
            "y": "iNj-hFpuzPvxhQSz2d-o31t1sqZKyxki0BhSDW3gN1E"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "UhkMmdX2zPTF6v3VLLZ-z4vtZmWLs14l8LNmIjH00qQRkj9WwgkS33XsQ0413JDwT8_Ey003MLQ4d9Az5mQz0BNMBa6GMdNFrHfuwlQJQhVmgIrrfVz76_by3Tklrsr3ddC9uT5OuuRvOko1Ox6s5jvGX13gBQ8KRG8uNXIXKqk",
    "signature": {
        "algorithm": "HS256",
        "value": "1mxXSzrdqyIy5PGEQ6EdGx8bQOe9eZ3YVmG4ve_yBck"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919d6e_NV0ke2ZvfUxhvYQEO5oU",
    "clientSessionId": "_g13oE6qK6O2JGWWF1eD85FGS5OzFLBr",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "yAndSXGI7W3IxakFytENsGodsSDsrGzXbN_THFIynOM",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "encryption",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.nist.p256",
                    "endorsedAlgorithms": ["http://xmlns.webpki.org/sks/algorithm#ecdh.raw"],
                    "mac": "o_HSbUOKFEwwjCJEgLx_64mSj5KQI3F-WBT0xqr1ejE"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919d6e_NV0ke2ZvfUxhvYQEO5oU",
    "clientSessionId": "_g13oE6qK6O2JGWWF1eD85FGS5OzFLBr",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "EC",
                "curve": "P-256",
                "x": "IlpDIP8t5yLa1VZldtWkNf6434daBQn_uHqGi4uc19M",
                "y": "zr6Ore9J6q7XzHcAYslyzbY63m_S5p-oZHEnjMArW-w"
            },
            "attestation": "Whqr934aaQDb6s4bEtqfO7fecr-rjuyHeEHvx_EvSeQ"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919d6e_NV0ke2ZvfUxhvYQEO5oU",
    "clientSessionId": "_g13oE6qK6O2JGWWF1eD85FGS5OzFLBr",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIICmTCCAYGgAwIBAgIGAVI8kZ2dMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0MloXDTQxMDExMzE5NTg0MlowRDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHTAbBgNVBAMTFEtleUdlbjIgS2V5QWdyZWVtZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIlpDIP8t5yLa1VZldtWkNf6434daBQn_uHqGi4uc19POvo6t70nqrtfMdwBiyXLNtjreb9Lmn6hkcSeMwCtb7KNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBDAwHQYDVR0OBBYEFAUjXuIDyLYZNn5X5L6-9-WTeAcNMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQAiwOkg3YIwZ26YqX2-YfaX6Rf9h4-H7CvMXvmmhsL5ZELoz0Rd_v8Ebpzxf_hrv1xNHwQ0Jl8gmT88l-dvUvNrz7iAEe9WXMwP1WFW4bhDU3TkkffmjPBxF21bLdbKDR7ZP51yRuTXoySKHfEiBZjEvxNSZiC5qzjbwPXrfE93N-Lbj9ydV91DvgCelnd1WT2qfZm4vjCGmKA1CsoVbHgBExvxDoyRFIbad5b6eK_EbXjXlsZITAs6Oz3Q9XyP_8aSBIJrFVyebM0yBaqqd9xbAxtGo-Rpj31hcYe4j41G_GFclh32kyVmKh7sFyvzBOim8Klfm0BSIs0N0aJ9_Xs8"
            ],
            "mac": "Usebwo0-ykstHThkQkO5r8Wwyc8z042vM0bO3DT26b4"
        }
    ],
    "nonce": "9qmDzjkWNY007v5SYJfQvTTJrhXRhaiaevdVvGFyoHE",
    "mac": "eaHkJHnVIxq0jkUbUudkR-KOVGylmCT3zF_kHYNvpV0"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919d6e_NV0ke2ZvfUxhvYQEO5oU",
    "clientSessionId": "_g13oE6qK6O2JGWWF1eD85FGS5OzFLBr",
    "attestation": "8cpEOvLUXowkk7OmoheYxbdbMMZQ1rx3uYtqPy6QLWA"
}


Deployed key[30] CN=KeyGen2 KeyAgreement, E=john.doe@example.com


Begin Test (RSAExponentPreferences:1)
RSA key with custom exponent
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c919de4U8o2HnIo-LApXHTPOEEpC",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage",
    "clientCapabilityQuery": ["http://xmlns.webpki.org/sks/algorithm#rsa2048.exp"]
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c919de4U8o2HnIo-LApXHTPOEEpC",
    "clientCapabilities": [
        {
            "type": "http://xmlns.webpki.org/sks/algorithm#rsa2048.exp",
            "supported": true
        }
    ]
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c919de4U8o2HnIo-LApXHTPOEEpC",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:42Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "59N-vxUc8tAq5pCb5PklqeJhlbSNLNIVZRIE2wrizew",
            "y": "X3YcXg-4bU4cmqTSq8MRgMfAlBxUP5xPvs7FYUM7JbA"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c919de4U8o2HnIo-LApXHTPOEEpC",
    "clientSessionId": "T4EEVJpw22usxZ6dCIGKiUn2c8V9eL8l",
    "serverTime": "2016-01-13T19:58:42Z",
    "clientTime": "2016-01-13T20:58:42+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "KKDE434KWIZsxZuiKwTCgJaZQaqgT4wqF1019e7NpK8",
            "y": "AZvbGWoMSCFEUV-D_BtkCOS4jtRsDsWM_JyZohw5NIo"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "hMvM_rFFpH_CyccshvApzh4SuT1zwpJGZkiZk9RISShf3e9kU3J6A292v2k8ueiuAHsmceZnRp0t6935-FaI6qtojyklI4XY4xnKHMtZXz9OPMX_ZTWWql2xEmbdnoPlBiJtZmITn6MYSXaFbir0oH3M_qyBgnO-Lv7p1Rg4LO0",
    "signature": {
        "algorithm": "HS256",
        "value": "scQogUurwNkGyYi85Yqi4L9hJoGW2E8RRoS0MpRpW9U"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c919de4U8o2HnIo-LApXHTPOEEpC",
    "clientSessionId": "T4EEVJpw22usxZ6dCIGKiUn2c8V9eL8l",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048.exp",
            "keyParameters": "Aw",
            "mac": "7hn1adBa72ANwVYnYxw07O-7aC0O3FLBF4dnvmNkj-0"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c919de4U8o2HnIo-LApXHTPOEEpC",
    "clientSessionId": "T4EEVJpw22usxZ6dCIGKiUn2c8V9eL8l",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "rKj8GMbRO-iFWx2xTE5Xk4bns7TZReUR537Ja-oRJg-aHboFXHNKklf-modZGkMlDn5x0uIQTlJmatBR89agRNZNQfvf_v0Nsj0W0pDFV8mT7qaTKC5SWK8iNRZvOeNW3-6oBo2cVTQxAkNV7UGc1rEnnDWRCI5hfAOqc1YJmBgdBzLtgrCwGmUjyjTOJxkrD-Z4fTgguwYuPLoFk5uUlGX4MclOPWnq1BgJ3weea5kMDbkThS05Zfv-0UcVoZCZRdDIFztGTn1zp0OdfCuz4Ob1Cjaphj36hCJRBxFZ6OxuTgu_F7fFUT1vEVhhIL9Rb_O1C4EBH0_yfu_8WnMqcQ",
                "e": "Aw"
            },
            "attestation": "ytfnYHH_oZRFwnhI4mgGlMeVZwj_YgkhyNvZH3QaL34"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c919de4U8o2HnIo-LApXHTPOEEpC",
    "clientSessionId": "T4EEVJpw22usxZ6dCIGKiUn2c8V9eL8l",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDbDCCAlSgAwIBAgIGAVI8kaTlMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0M1oXDTQxMDExMzE5NTg0M1owTjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJzAlBgNVBAMTHktleUdlbjIgUlNBRXhwb25lbnRQcmVmZXJlbmNlczCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAKyo_BjG0TvohVsdsUxOV5OG57O02UXlEed-yWvqESYPmh26BVxzSpJX_pqHWRpDJQ5-cdLiEE5SZmrQUfPWoETWTUH73_79DbI9FtKQxVfJk-6mkyguUlivIjUWbznjVt_uqAaNnFU0MQJDVe1BnNaxJ5w1kQiOYXwDqnNWCZgYHQcy7YKwsBplI8o0zicZKw_meH04ILsGLjy6BZOblJRl-DHJTj1p6tQYCd8HnmuZDA25E4UtOWX7_tFHFaGQmUXQyBc7Rk59c6dDnXwrs-Dm9Qo2qYY9-oQiUQcRWejsbk4Lvxe3xVE9bxFYYSC_UW_ztQuBAR9P8n7v_FpzKnECAQOjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBRzMO84_pCI7a3RjYefU3wBy6vvMzAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAXyiVQuhjBAk4Obq1XH2GYQZ7sL3ivpsskloJzPuNSuJ5o7qU-RRA2Satyjok4uOBfuoTErhtV2C30peZ2wt3Jjz-DFaGUYzb7pFLi7jNUls6uzEqAJScJER0Gmb4msANzKt_lnob8fVLA3HknEpONNmVwJw1MzItrBJk-OUOoY7tu165b-wMBArdwbzdp_K5HYtJOVNbOer7sjQWVhyuf67ipVrFjfUqmeVD8T9M1QvnFBAw-oZ-1-S8rcSzvOsaop33mKhANvlCj8HF7X9dxppr_RTv8mWkr5_Rxr1MT0q1uvhdDz8u0fVjofeftO7MuBAOFVxybf51AmqdiImWcA"
            ],
            "mac": "SapzB37P-tbR0f07BixfMO-O_QdEEa4uKczBkDKQ7LQ"
        }
    ],
    "nonce": "D-SEJSw5Ijij6hTTrFZwvpbWBQbx4XkrnyqADwYG4y0",
    "mac": "l_pCnnkZVOobDLzF0tPx5eBto-hIpkffWJU8DnALzFY"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c919de4U8o2HnIo-LApXHTPOEEpC",
    "clientSessionId": "T4EEVJpw22usxZ6dCIGKiUn2c8V9eL8l",
    "attestation": "sz9JUVQTThc0xUmGArXlQKKiYDrmX3hxmVwOlEfTzTE"
}


Deployed key[31] CN=KeyGen2 RSAExponentPreferences, E=john.doe@example.com


Begin Test (TargetKeyContainers:1)
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91a4f5OtuiSrZb91jBp5va8xF_F",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage",
    "targetKeyContainers": ["software","embedded"]
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91a4f5OtuiSrZb91jBp5va8xF_F"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91a4f5OtuiSrZb91jBp5va8xF_F",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:43Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "KIOFF1nUMR_HjsvPM3bpf_UjTdFG_iTuo1bZk2ZtUGo",
            "y": "yVc4ZfjzxNCXy4N3c7Meug_k5plAQM9z4D4j8h0H9Qc"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91a4f5OtuiSrZb91jBp5va8xF_F",
    "clientSessionId": "A9XfOFzV-pEb5nG4Qia0zG6-c0OwDimY",
    "serverTime": "2016-01-13T19:58:43Z",
    "clientTime": "2016-01-13T20:58:43+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "ZWnv-qNmO7BiewjFphqWHej9H-ga0Hy-3OmEtUG97j4",
            "y": "MJ1l4ZunVJW8lBd6P95xDrU4zael0uGNWR_3Txn17vg"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "W6JDtOQ9z53NzGkrlcNigvq8TqChPhrxbwlDTAVEhHbPGY-h77sOyj5asHkMPWi6dJazDfOhQ-QQj_wV086l-jEZWVBXpdZXpm-ra8oy2V8-Dwi6_pR7C5fn-akPIhdRMEJ60pzqFOl4_BSfv6WQtHYQJ3GvKzlH7Mout8rdqy8",
    "signature": {
        "algorithm": "HS256",
        "value": "gqwfe2oBBlhdAL4TJ1W5Gb1U49ZBfxs74DpYHJLvoOM"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91a4f5OtuiSrZb91jBp5va8xF_F",
    "clientSessionId": "A9XfOFzV-pEb5nG4Qia0zG6-c0OwDimY",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "9hn9BbusxYsRcpjrkLo0urztQMHv2_RFR0KGN2yNLCI"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91a4f5OtuiSrZb91jBp5va8xF_F",
    "clientSessionId": "A9XfOFzV-pEb5nG4Qia0zG6-c0OwDimY",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "02uiL7BcDt3OEZvxYqdaLPP0A6hpW9EjY-z3jKt8ZeJAXsthdtLnwoICfaw4C36Tobdegh39Z95XmEy6By8MAtphlwkLeLCS-PUVJ3-WHZS2qlzm20aE87glie2-OfSoYsOY8dfdFFRf3obrgCJ99c3MGLPsIxgpy6K8wfi_ckY3HWunRJylOWrTp1ZdPxch-Q0eHt3muEqQFwKe1Vy8Y0Zc4lF-3kHzlftN9unDK2St7GrGznekcEmaHawBQ5aIOl1JRjJ3oil937KZFjsfO_vdGnyvFFfr_6f4WD7329ZbcHOOSwNeZGZki6upejDqFZiz_1gV4lPeP73FKBt-WQ",
                "e": "AQAB"
            },
            "attestation": "eLYkj-F1MJNEWXa1tt82eRf-VndZbouk4EFPor46pxo"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91a4f5OtuiSrZb91jBp5va8xF_F",
    "clientSessionId": "A9XfOFzV-pEb5nG4Qia0zG6-c0OwDimY",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDazCCAlOgAwIBAgIGAVI8kaXvMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0NFoXDTQxMDExMzE5NTg0NFowSzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJDAiBgNVBAMTG0tleUdlbjIgVGFyZ2V0S2V5Q29udGFpbmVyczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANNroi-wXA7dzhGb8WKnWizz9AOoaVvRI2Ps94yrfGXiQF7LYXbS58KCAn2sOAt-k6G3XoId_WfeV5hMugcvDALaYZcJC3iwkvj1FSd_lh2Utqpc5ttGhPO4JYntvjn0qGLDmPHX3RRUX96G64AiffXNzBiz7CMYKcuivMH4v3JGNx1rp0ScpTlq06dWXT8XIfkNHh7d5rhKkBcCntVcvGNGXOJRft5B85X7Tfbpwytkrexqxs53pHBJmh2sAUOWiDpdSUYyd6Ipfd-ymRY7Hzv73Rp8rxRX6_-n-Fg-99vWW3BzjksDXmRmZIurqXow6hWYs_9YFeJT3j-9xSgbflkCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFKqKPT0eIHR3O_UJJQRaBlzcFZhyMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQBKFu2L_EfxqPD4BF8uhkGe0P6WVnPAqKa3wPQaxzTtdHAF8vrCypL_hqbEusOsrq69We9fj47X747dyIF3PutPk_TbugWYwIwg4i4dbVGYvMgJs_pjv1u6Bdh31V5SU9BEeo1XtpZ8CKECg_8kK1R68q8TDPBVVoHpxpKUOdXXO0YX9e61G9BuLgV153wi2mItUWaNhZw06_5Zzt4MdnWdkPvZ7wRb1z2XfD8MZgYMaNbTNa7V0d8u5WSZNzjXu7I_5ore5wryymLD10i0PZdR4vCjU48FDiiH7GEMp45jVx3U210fn4_FlELtsnZL7O-Hgk-Nzj7B6ZmizF5e2SVF"
            ],
            "mac": "RYeuT8hgRbhVQCKHfFvYJg60REnV3QmH0sYbO1-_Dlo"
        }
    ],
    "nonce": "3AOtkOw2GZYntAQFrucXRqA7ppum17MRPsTDal_V-4M",
    "mac": "aUrfeOtVH9Sa-n5QamQTd8HmIy14VL5YCxkUw-EwBBA"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91a4f5OtuiSrZb91jBp5va8xF_F",
    "clientSessionId": "A9XfOFzV-pEb5nG4Qia0zG6-c0OwDimY",
    "attestation": "V_HCnQmhCy4FFRSXXlb6rMpQ_PfJEW4WqjqJ8O_Vs8s"
}


Deployed key[32] CN=KeyGen2 TargetKeyContainers, E=john.doe@example.com


Begin Test (PresetPIN:1)
PIN Protection
PIN Input Method
Preset PIN
Enable PIN Caching
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91a5ffts7L9X-b1l2OySHTaxzS4",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91a5ffts7L9X-b1l2OySHTaxzS4"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91a5ffts7L9X-b1l2OySHTaxzS4",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:44Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "5S_caBLoiIpwayadD78jbYvncmc4_5HEl3MVqXYOf3Q",
            "y": "L8mE4YK3N4IGsygFx1frR9QnOym6GTrwUHig72iQkgk"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91a5ffts7L9X-b1l2OySHTaxzS4",
    "clientSessionId": "teOprSD2_jTsUT-zAdlFzHHZMfHAmb3v",
    "serverTime": "2016-01-13T19:58:44Z",
    "clientTime": "2016-01-13T20:58:44+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "0nwshiIkxS1kjoJDmSb7s8syBKqC_u-5QwbP8AvzCpY",
            "y": "31mfE-e6qY3DDbRA6WBeAENHz6ICtiySXaXtkb5q5nI"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "dPIMfkI776XkRcEgB2nztRuoC2ZaM4coTAT3rmJqOzt8CeAj6RTLUyir_E7_F9uqZeO83DnnIRtgQKpmg_F4TtdCAebwe_-jhaWiXggdCJ8Sz8XIAX9par73Sr7HbzXFEDYmdA2_ZTX-DQb1GMlErp6-qhW-a0AWyWdmmhxEhqM",
    "signature": {
        "algorithm": "HS256",
        "value": "zuXe17YPoK2hIfwlqYM7u5DojtbwH5U6UakLdVAd9qc"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91a5ffts7L9X-b1l2OySHTaxzS4",
    "clientSessionId": "teOprSD2_jTsUT-zAdlFzHHZMfHAmb3v",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "inputMethod": "trusted-gui",
            "mac": "73GkhCBiV-YctY998otGZ8U5uN0_8uAWjIxxi3DdY04",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "encryptedPin": "LVMhRBfTRkdJeXKqylICarWp21t71OJlerOt5NxoNYI",
                    "enablePinCaching": true,
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "mac": "1zU2nSJl-hNRusPnchwBvBX1YvZjV2Qub5aiZS1lOa8"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91a5ffts7L9X-b1l2OySHTaxzS4",
    "clientSessionId": "teOprSD2_jTsUT-zAdlFzHHZMfHAmb3v",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "rbUUWgcV-3jrOBZ-mp6ngMfxbahLfX_8N7I5Mjx08ll0n8rFU7wJ51jRlmK1qqf1AySSeKwJloVlbVq6DXwuxByAcRscRwbyMJmbEgFhpX1YZnD2kI2_ouNuwhzA1InUmgagFdL5pP4MQd6b_HhWproNrYd6U66cO2oLLRmG1ruGk_PWpmhVXX_zC4cs0D6BFjdN7sid5Kpv_bXOjJiuGzN3gwwTrA-vD5ACqENfFmLPzUOip9ijKiQcgV-GlHEl8G4LkM3U5CKbzQ6PQGd0l4kPQb7S37zMqdv5u65spXC25YbQoF4yQ90EUmyZXxl7nOjq4ktT6UzJ3hiN3KigDw",
                "e": "AQAB"
            },
            "attestation": "qpGwKuRXibVLIHF3XSZ9rpkpVDoWjpcMthCx6OH8i-8"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91a5ffts7L9X-b1l2OySHTaxzS4",
    "clientSessionId": "teOprSD2_jTsUT-zAdlFzHHZMfHAmb3v",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDYTCCAkmgAwIBAgIGAVI8kaeFMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0NFoXDTQxMDExMzE5NTg0NFowQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgUHJlc2V0UElOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbUUWgcV-3jrOBZ-mp6ngMfxbahLfX_8N7I5Mjx08ll0n8rFU7wJ51jRlmK1qqf1AySSeKwJloVlbVq6DXwuxByAcRscRwbyMJmbEgFhpX1YZnD2kI2_ouNuwhzA1InUmgagFdL5pP4MQd6b_HhWproNrYd6U66cO2oLLRmG1ruGk_PWpmhVXX_zC4cs0D6BFjdN7sid5Kpv_bXOjJiuGzN3gwwTrA-vD5ACqENfFmLPzUOip9ijKiQcgV-GlHEl8G4LkM3U5CKbzQ6PQGd0l4kPQb7S37zMqdv5u65spXC25YbQoF4yQ90EUmyZXxl7nOjq4ktT6UzJ3hiN3KigDwIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQU0R6srYORnys7_u6eXDsQItVfBqYwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAHWgb0nB-KIub2Ez0FGPUHpeKdhd34MBfSVyI-rcl7tiN-myBq9ftp8S9J3mgOfzCeRY0ai3JZk0jSNW31cozUTp-mh4xrHmXzhYqoo-gEIF43NgWrwzWZWbK6fRgAMPm_kCWw9MThxNysuCct40DNR5VDoE6P3XuZxKoWXjrY-ZGkz_7e57OlFsyStGD0OCUm8UCwvSLYpw_ihUFt1QW7gIXEIVPpoRXPA69c_5vOiyNgSHYLfdpbCD5yAA9pawhROTmxI_HwngoTvujAVb_xa-owsbDeb0nfElo94KiVMhKyWX-ZP4g8ObCLzYX27MyNv51S2PkV-DuUEHdVj-XTs"
            ],
            "mac": "jDf3imI5X71TTeLqOl9WY1gN36sAppAaCtzxDu0KzUo"
        }
    ],
    "nonce": "8RnCWFzdoJB1xrppvJ0BVxhsQJSZIKlUAtiX7MM8gaI",
    "mac": "rD6wvzLDoIA0CySlMOxrWR9DcWZBQuoisdYI8UGtaps"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91a5ffts7L9X-b1l2OySHTaxzS4",
    "clientSessionId": "teOprSD2_jTsUT-zAdlFzHHZMfHAmb3v",
    "attestation": "2590DVD3NvnJZDuTkPipOrP_ejMO5vTHvq1oYCe-zWg"
}


Deployed key[33] CN=KeyGen2 PresetPIN, E=john.doe@example.com


Begin Test (InputMethod:1)
PUK Protection
PIN Protection
PIN Input Method
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91a795DemAaX-sC8vDCFxjYExWL",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91a795DemAaX-sC8vDCFxjYExWL"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91a795DemAaX-sC8vDCFxjYExWL",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:44Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "j3bICEdGokzge5BKxcZIfhAnf2CdS0qBzXZH44I9_H4",
            "y": "klE4fg3l6M13MFn9ewFKrOdZ-d494hqdKsLUTcK5iBc"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91a795DemAaX-sC8vDCFxjYExWL",
    "clientSessionId": "yXChgFGZ5mMKfJbhpepJZvW3H1vEXNn6",
    "serverTime": "2016-01-13T19:58:44Z",
    "clientTime": "2016-01-13T20:58:44+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "2g4yUmKUMejmACJlKXKv7Pum2nvyQ-48F91WboFHZ_E",
            "y": "NmduR-aKYY9SlwqXHldiT1yjJ7vF9qTX0TV0mwbPtrg"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "CMuYrOyeef7E5REJXFzZwHAi7g934W4TAfEmT0uguk39sJCntoYuKtjnpxPDHSp7i9Ksut2rCWnWrgKYq3zqGlbRmJkVJ9VAR4snTDgKAFegw3yOLcQGln6P2ReNu1OwMaVPuLAaAFVGT7wB90rJLwv71sYJ-DYg8qzMvFwe02U",
    "signature": {
        "algorithm": "HS256",
        "value": "2syRjKbgXxE-KoO-YcA49PLIoQ9XCCQilYKdAhf7poQ"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91a795DemAaX-sC8vDCFxjYExWL",
    "clientSessionId": "yXChgFGZ5mMKfJbhpepJZvW3H1vEXNn6",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pukPolicySpecifiers": [
        {
            "id": "PUK.1",
            "encryptedPuk": "34jqzf9n2B85bD1Ydqp4h7fbSHXQXyEZXi39j9M6yes",
            "retryLimit": 3,
            "format": "numeric",
            "mac": "sCEohPSo_XhLikpSlVVSNjFkkA_Wv67FQuoswuZSsaA",
            "pinPolicySpecifiers": [
                {
                    "id": "PIN.1",
                    "minLength": 4,
                    "maxLength": 8,
                    "retryLimit": 3,
                    "format": "numeric",
                    "inputMethod": "programmatic",
                    "mac": "KolpHR17l0weUWNp_oCAPmUDyy85hd2bwvC9KjzLylY",
                    "keyEntrySpecifiers": [
                        {
                            "id": "Key.1",
                            "appUsage": "authentication",
                            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                            "mac": "9xxJHgKRr4W9ArBwAos0C4AzRtgmQKRPghyLN0z0ybs"
                        }
                    ]
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91a795DemAaX-sC8vDCFxjYExWL",
    "clientSessionId": "yXChgFGZ5mMKfJbhpepJZvW3H1vEXNn6",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "hEPb44muTNaZF82p_lnxm1jvzeP-M_PdDS-7uB3na7iYj_Yyds_IgOqGQfs5sqQ3tAg0bxmIBSj9iDkjW_WfHovBgE3ZdbGe2KLGtxFj9uqVTL6-H4H2H912hpK0piiBChTLTOssyYRrT9U8KsIM8kvuCResHb5IachE2cJttlReEMnzOXeJ6VqQB2VlODm52-0v5Iv1pmYKsAIWz3l59VblMxOgf_8AlxgCk1jW_A1aY4m13NsnYesjScAweZJVUt1q070yySIMnjUXU67r8O8TD6nsXT7pLiwME0h8oBQS0IhJVPdJEDY0U3Pf808u-m3E-GtEUiIvRak74KRpoQ",
                "e": "AQAB"
            },
            "attestation": "6RYShJz1M3W6FCkJAq7F1oCGb2BxiyNvKf4rGgLZ06M"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91a795DemAaX-sC8vDCFxjYExWL",
    "clientSessionId": "yXChgFGZ5mMKfJbhpepJZvW3H1vEXNn6",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDYzCCAkugAwIBAgIGAVI8kakEMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0NFoXDTQxMDExMzE5NTg0NFowQzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHDAaBgNVBAMTE0tleUdlbjIgSW5wdXRNZXRob2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEQ9vjia5M1pkXzan-WfGbWO_N4_4z890NL7u4HedruJiP9jJ2z8iA6oZB-zmypDe0CDRvGYgFKP2IOSNb9Z8ei8GATdl1sZ7Yosa3EWP26pVMvr4fgfYf3XaGkrSmKIEKFMtM6yzJhGtP1TwqwgzyS-4JF6wdvkhpyETZwm22VF4QyfM5d4npWpAHZWU4Obnb7S_ki_WmZgqwAhbPeXn1VuUzE6B__wCXGAKTWNb8DVpjibXc2ydh6yNJwDB5klVS3WrTvTLJIgyeNRdTruvw7xMPqexdPukuLAwTSHygFBLQiElU90kQNjRTc9_zTy76bcT4a0RSIi9FqTvgpGmhAgMBAAGjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBSlXz5z_rEYzD57wlXG3c0J6sNOJDAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAAk-OYRc-I0E3aWJBx8vIRXQgNrsOQ7OD_orCX60ICTpRi0eZd_ihoNwrvK8ukotPwrjdTWVnfX8GcJry2ZCZB5ziGYw3Cy9F3EY5KjVHEMrjMj3Oxk0D_j3Dynr7RuPWPlRt2Idxcu6Zch_ao5SYA5Gi_DSrDehqwhiHjx9EH7hKHU4QcNIGbze4TBhOApgb4x42xvpLVF8BAXX0piWUfPm1KYLeKmbb-7qVpG9VDyw0ZFfpcayjWPA-M5lubIN__44Z3H4XqC5ddeG3--BqGljX4lGcY52ztEKnqnx53QKLVkD-HfNDZ4woH5afbf0KjbgajAFRZxeonrMqgvHI8Q"
            ],
            "mac": "klMYCteup9PrAUUMhCwhV2tvTAnOaXcDIRayBOwlsB8"
        }
    ],
    "nonce": "zZXQNdkUj_Tejtn8abl3476Fe7IXCaJk1vf8Q6-pCgY",
    "mac": "hMv3CmZJr5oBjs0gYSoehr1KYZjA-4EyKSiQgN3RQuE"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91a795DemAaX-sC8vDCFxjYExWL",
    "clientSessionId": "yXChgFGZ5mMKfJbhpepJZvW3H1vEXNn6",
    "attestation": "LDqLYmzwKZC8GvXtFIuPgjPq0OzsD32K4z8pI9q6W4I"
}


Deployed key[34] CN=KeyGen2 InputMethod, E=john.doe@example.com


Begin Test (BrainpoolOption:1)
Brainpool EC
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91a915L04I1Pmh-_iIpG3fj1kWK",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91a915L04I1Pmh-_iIpG3fj1kWK"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91a915L04I1Pmh-_iIpG3fj1kWK",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:45Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "http://xmlns.webpki.org/sks/algorithm#ec.brainpool.p256r1",
            "x": "Dn817MDwpLT4FrtY9eW3rtdn1P1f6EDJLqj5r15XCWY",
            "y": "Z-_L2JY9wTYegzJz-JdxVbnP--ea0QUwMeVRCP-GS6A"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91a915L04I1Pmh-_iIpG3fj1kWK",
    "clientSessionId": "iqwgtskLBWM_EgKwI3r6KbgXBG-2-Gro",
    "serverTime": "2016-01-13T19:58:45Z",
    "clientTime": "2016-01-13T20:58:45+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "http://xmlns.webpki.org/sks/algorithm#ec.brainpool.p256r1",
            "x": "D5fHDeVUbuJM3v28ZXJ9K-3PUkVL0W5ig5CdwqbcHYk",
            "y": "mkNpJUxG9GHLskDIgWdHvDdf7g4YyHpQ_pGnZZQC77w"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "O-zOWvDuAQBliWsQgc_hGG35bNEuJoj-BSy0LESdJGSu0krmigcqn6EUCEP5lUA9pbK7gjT4qonIMZvMCLu-uTM1a0nYDO3Ve8UN5zySEVzh0LR4zdbVQVKECZhfnZzpNw_ORL0POPhp01xjHxIFcUfvUtwrIIVgme7HdrmELbk",
    "signature": {
        "algorithm": "HS256",
        "value": "94LoRNAa2mES4hGvVexKhWUPFFWBnYfOO6x-k9X3ccU"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91a915L04I1Pmh-_iIpG3fj1kWK",
    "clientSessionId": "iqwgtskLBWM_EgKwI3r6KbgXBG-2-Gro",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "_lccO6QVMDGGePU0ZibJRus6DSPiJu0HGE0vy_OX65I"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91a915L04I1Pmh-_iIpG3fj1kWK",
    "clientSessionId": "iqwgtskLBWM_EgKwI3r6KbgXBG-2-Gro",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "k1uQ-X8VmS69VRVxM7HjytBgalPesr8TQCIlx771EHJRGr7gCS2Wzy3zADPzXzedoFqwC8SgIDwG3H7kYUIfdLFBvza5uRhPbkz0AIK6iqfWdTaMpZmT5ycTF_SduIf5IqsMvjOq-RZg-Dz40yBTc605oXxX_c6sZ3jHuJWcuKl2LVKSodFOmoExv1CiarJvoXsdP0XuzkGf4CbYfnNhwMT9p3sT1mu3r4BLfw0mT2raalDmQN8N1h62ODUrnQvDsadSY0AB_8x2TcpjJL8nXAcVE3Bv29VCrZnQ8BTelKytFtlpg_26aOYaFjbuA4eyvFB7DFMwakkVvVo4JVczww",
                "e": "AQAB"
            },
            "attestation": "gP1R4u9L3eq2qdkZVTFCa5VVmftS0xXURjLjHX2qUJI"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91a915L04I1Pmh-_iIpG3fj1kWK",
    "clientSessionId": "iqwgtskLBWM_EgKwI3r6KbgXBG-2-Gro",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDZzCCAk-gAwIBAgIGAVI8karRMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0NVoXDTQxMDExMzE5NTg0NVowRzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIDAeBgNVBAMTF0tleUdlbjIgQnJhaW5wb29sT3B0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1uQ-X8VmS69VRVxM7HjytBgalPesr8TQCIlx771EHJRGr7gCS2Wzy3zADPzXzedoFqwC8SgIDwG3H7kYUIfdLFBvza5uRhPbkz0AIK6iqfWdTaMpZmT5ycTF_SduIf5IqsMvjOq-RZg-Dz40yBTc605oXxX_c6sZ3jHuJWcuKl2LVKSodFOmoExv1CiarJvoXsdP0XuzkGf4CbYfnNhwMT9p3sT1mu3r4BLfw0mT2raalDmQN8N1h62ODUrnQvDsadSY0AB_8x2TcpjJL8nXAcVE3Bv29VCrZnQ8BTelKytFtlpg_26aOYaFjbuA4eyvFB7DFMwakkVvVo4JVczwwIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUK8H7m1--Bw_wkW5HhiATZV5WskEwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAB_3WDht7wAJbhjOFhiijj_ciPuxW1pZGLztaiV1bz0qE6Il7L034PQtcqhNn7c02lJ1F99POYgL3pc_iLSSXirobPcEcnP29s5oOU-JbZfRTPzs-P7Fl6djEvuy-zr5zdD5olyb85GGq1MhYcUrtnLApG4lcljaqxGTzzngMfKaRIHQDktSlCOHleUp5LLo1nT-Y4FBYAf8iweERw3hhoApRUp8kKIckBYZ48XHvbuLK7SNKKbV9L-Scwz-eSidLnRxowp2FcpJLbUcPXL0z-TShxrQU9UytzIYKCV-g00C01wZKY2gwN4zFADnoPUiSnzYNG7y7_E8bOIFqBenR9I"
            ],
            "mac": "oTr1Tn1_1k8ssCtV1y5DKR6nTSpgGZzH7NXSfp9iF0E"
        }
    ],
    "nonce": "ryEmHZUubKwFcM9cynxNU1JNH28sAPf0hV-odj4zHXI",
    "mac": "w2CJzu3GYy5vG9OkawnE4BSHuv35AF5hNCzB4bMndmU"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91a915L04I1Pmh-_iIpG3fj1kWK",
    "clientSessionId": "iqwgtskLBWM_EgKwI3r6KbgXBG-2-Gro",
    "attestation": "avNJ0AjzQXSJUB1Z9NeICUkVMsluUtbN3ocuoVnkAKQ"
}


Deployed key[35] CN=KeyGen2 BrainpoolOption, E=john.doe@example.com


Begin Test (CloneKeyProtection:1)
PIN Protection
Updatable Session
ECC KMK
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:45Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "WSm2wrtNRzZ3qkn3rjQB0D4Qg9z1rBBI7CTtgZfTPNE",
            "y": "WcajXRgY56ZgTngCXXUly3bZGI58eZS2LdU_4Kfl-3E"
        }
    },
    "keyManagementKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
            "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH",
    "clientSessionId": "WkQUQI_CxcP6XuNeyv_Xdh0eBvdjDluC",
    "serverTime": "2016-01-13T19:58:45Z",
    "clientTime": "2016-01-13T20:58:45+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "efo5jSipnPPOFy-M5bTEmMw3DaVfWH2XxncylI2_Iyc",
            "y": "CkCdLLxwWr9Yq_CWrfdCkOyEuqks_dnf1Ky_w1oOmh4"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "ZEE6hbSS5UrkqPs6MVF2A-X_h4x-BGI34RrvlsOQd6HQL5uxriqAHlgI6iB6V0vfBxMgd9KQNdRmNIzprvKA6rwvzW36sTjGLC5RyYewqczybbqmAk5__mQrk8ILJ9tyoEOfGln9RkyRTAxlyINoNrBXj38-wIkmrxeASQZbsOc",
    "signature": {
        "algorithm": "HS256",
        "value": "w-AP2gsL2Xa5VhBEZWSprhwJf0TMj0PAwqkDHvCUla4"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH",
    "clientSessionId": "WkQUQI_CxcP6XuNeyv_Xdh0eBvdjDluC",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "grouping": "shared",
            "mac": "GdD_M9TSDKRx_cJLkbd9NN6h3vZ2_zGy5031BtB1Roo",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "authentication",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "mac": "dGOQz11z7wsNpUw4jNexqT7QpQqWabxRI2mNTmRQrsA"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH",
    "clientSessionId": "WkQUQI_CxcP6XuNeyv_Xdh0eBvdjDluC",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "n3elbFHub1zaW3vbEUWpFE43B-V0kR-jhUxyG-D6Aru0E8SQf63JedM6YNDHWx_OtE0gESDCBVIHmQRMsk56xYCL7pwgPc4-1MsxkG3Tj82EWS7ZO0ruv3F4S2OGt8ItHttdcg9jEPCObtiVbsskg_i2EwM6OhKo97oY37mCZ_Hr5e4N2uv4ypnidheIgfC5sToJg64QoQfcHYHRmvwQguEuYu7cAwy6fVRiVPjr8o7rixqi94X8L3ZOGmZBw4xpK1c9z-kbzugGhABkWnjpq1P_LYVKK5dbEgHbAdBupbcrUF2LdAA7HRFj9jFmNezCLLfao-ft7gfoKV-x3XeOiQ",
                "e": "AQAB"
            },
            "attestation": "m1N7JtQ9qZKzGJs-eFfjix5tU7mNAlSNPzO-kTzGsSM"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH",
    "clientSessionId": "WkQUQI_CxcP6XuNeyv_Xdh0eBvdjDluC",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDajCCAlKgAwIBAgIGAVI8ka2AMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0NloXDTQxMDExMzE5NTg0NlowSjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIzAhBgNVBAMTGktleUdlbjIgQ2xvbmVLZXlQcm90ZWN0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3elbFHub1zaW3vbEUWpFE43B-V0kR-jhUxyG-D6Aru0E8SQf63JedM6YNDHWx_OtE0gESDCBVIHmQRMsk56xYCL7pwgPc4-1MsxkG3Tj82EWS7ZO0ruv3F4S2OGt8ItHttdcg9jEPCObtiVbsskg_i2EwM6OhKo97oY37mCZ_Hr5e4N2uv4ypnidheIgfC5sToJg64QoQfcHYHRmvwQguEuYu7cAwy6fVRiVPjr8o7rixqi94X8L3ZOGmZBw4xpK1c9z-kbzugGhABkWnjpq1P_LYVKK5dbEgHbAdBupbcrUF2LdAA7HRFj9jFmNezCLLfao-ft7gfoKV-x3XeOiQIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUSAig9pB_L6zeo-IuBGoCXSiyQnQwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAE7xjbLZQTAMQgrDTf-fj-BrRGde8kX3Ng6U5pD2nX9iHDfb8InoKimdcQp_PWzBMPGmANueX8-kTAIMESL8LbgUqKFJ-XFZDkuQCOFWTPRjy6c-H8Ag1Pslqm0VWlk44onaZu4oDdh_AYhiohsi2kXcqIxWpKjqQHudBxwQQZtEvP0_6cgSaYuE75StpH47WsfIR68MdqY9jAO8f6RYyjPr8tWipQfzmGNDaI9zmCZP0zFsz-VvjCuQdiCJklHK4wX_qF7PefvxLaJSn9wouK2O0Kw1nH1EvqXJNPyxslZ7q0zG8I4Ki9ynOo6LKTJRx2Ezbw8Ne925FBnnlQupak4"
            ],
            "mac": "eFwCzmBOfGOrVgUuceXXCARiV_9rqQH9TOdezEbwVPA"
        }
    ],
    "nonce": "A9aUQ0mIs_4HGDy2xVV_WWT0dbg6LiDXMXFvaWuS29E",
    "mac": "UyO1bdymY2htWYBa0JMivBZ8mDhyn1d6Q1yNGk6xLBI"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH",
    "clientSessionId": "WkQUQI_CxcP6XuNeyv_Xdh0eBvdjDluC",
    "attestation": "No-rKMkgm2XAmcy6UepuS-5FtONAI39QS6Q9mLskohw"
}


Deployed key[36] CN=KeyGen2 CloneKeyProtection, E=john.doe@example.com


Begin Test (CloneKeyProtection:2)
CloneKeyProtection
ECC KMK
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:46Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "UaDJW_zAmT4jEJwPlkPCJ6Zde1SEKbZvkfKtiPZT0l8",
            "y": "eH8c7f6zmRm-xwWICPtEvWxhVc7pyQY31g3mo9gDJNk"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m",
    "clientSessionId": "Plhs_rHUngo7uY7SZhmJLSwGvFySrFw7",
    "serverTime": "2016-01-13T19:58:46Z",
    "clientTime": "2016-01-13T20:58:46+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "RXmb_KoeDaqMaQCVOgFf14KQd5XMHhs0yAJppmUtDEI",
            "y": "iWI1kAe2sOFDbUK2SqMz2G_5WXgID6yEIZzR5Se6G0A"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "hV-YKxuQtga_XBEF3KDcMd_hXis0wbEff8b0rqg8MqTEtO7kwOb7vJRBEMpalke0Y6Yc3emvSzcjngJEAzK6kJqFsbPpOnUibWhXRkAq1RMRcMcQDherKsAsAGH3L0YwH5Nv7HXGmcLKqaMYlYJJbHb3pb8k7xEWZlWTzMQI98Q",
    "signature": {
        "algorithm": "HS256",
        "value": "uPo4SBGpOls72Y4vPJz0mhfd3W4cST0xOVVV4FUyFIU"
    }
}

 
 Pass #5: CredentialDiscoveryRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryRequest",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m",
    "clientSessionId": "Plhs_rHUngo7uY7SZhmJLSwGvFySrFw7",
    "submitUrl": "http://issuer.example.com/credisc",
    "lookupSpecifiers": [
        {
            "id": "Lookup.1",
            "nonce": "HI91pcuaC-7VcJXI8M_muuhP8GWcNGY4bn4vSoz0dos",
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
                    "e": "AQAB"
                },
                "value": "byXrRSkluvYQDbRkInZEip_yTVltPkypzQnMHVABIXrMgGDDb5hkO4WrBLReDkINTgJDPM6Q_XMov_NJtCE1senUusLdLMOIiD1pbER4bldIjeATNrNmLFoBmmZQKlE-8HTurxnQRBbAHGXXI9DA3g2mzCVQHpkCELh6YK0iBhO5YjurhDERqPXEcGE83gBo-5JYkzLDDBTugTmIgc05rHQeSuvsiIpEVrRPBnCt_ix1iMdke8071rkZ99d4te5RA-rcBJIf_tPjMCAfOY2DEt8DhAAmYi4Ytmoti0ANsyDR65sWze9P94aJGz9oGbeiWF-R-Iv0Hb9EEdgxvy8s5w"
            }
        },
        {
            "id": "Lookup.2",
            "nonce": "HI91pcuaC-7VcJXI8M_muuhP8GWcNGY4bn4vSoz0dos",
            "searchFilter": {
                "emailRegEx": "\\Qjohn.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "TySEWG5n0nvf6abOdAVmp4r6UNE_tFfA8g7NBameOOb63Cf89QX_KMte6DtAFvVqgmkW7L15Qlzl3CUGwYHxkw"
            }
        },
        {
            "id": "Lookup.3",
            "nonce": "HI91pcuaC-7VcJXI8M_muuhP8GWcNGY4bn4vSoz0dos",
            "searchFilter": {
                "emailRegEx": "\\Qjane.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "TtO32TaK5mEOQWnN4kGfCx3R9lz8jOuZOhdZpgQfyIjl21WKRVHAyxdIcWOcrh9_FHGJCW5-jhrgUTlg9Gg-9A"
            }
        },
        {
            "id": "Lookup.4",
            "nonce": "HI91pcuaC-7VcJXI8M_muuhP8GWcNGY4bn4vSoz0dos",
            "searchFilter": {
                "fingerPrint": "sVNedtvlG3cMhuVupbgRa-aXPcbfsx3m3hIR9gMlmwY",
                "issuerRegEx": "\\QCN=Root CA\\E",
                "serialNumber": "123",
                "subjectRegEx": "\\QCN=John,2.5.4.5=#1303313233\\E",
                "emailRegEx": "\\Qjohn.doe@example.com\\E",
                "policyRules": ["5.4.8","-5.4.9"],
                "keyUsageRules": ["-keyCertSign"],
                "extendedKeyUsageRules": ["1.3.6.1.5.5.7.3.2","1.3.6.1.5.5.7.3.4"],
                "issuedBefore": "2016-01-13T19:57:06Z",
                "issuedAfter": "2016-01-13T19:58:46Z",
                "grouping": "shared",
                "appUsage": "universal"
            },
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "kCNcOpatALB21jHrPIv1BgXlUJ5W8y9jfFci45G09x1zRz1E41lkBJYaEcxQNsT2h_vlf3nIK9g5Inr65vgeciLHQC-KFlpoGfSlTEnzq5eY8vON6egAOeQh5T-I_L9blNUqXsSDFHoA3DT5QcEkXNDz1_rqkNUk0YNJFIIuAWqe1OSEcU76dOmnRV1OAY6_OTC-1Wd4_teuLepi58BeUQoSTJTu2lbs-k8MZ1qnmcrYxTnou-NnYG1_Uhz1b8rS7WxaeFf1RaBIWjly2YjrnT76VcFXZX4BNALYhhxFq3wO-AVOV4TBOlF843Jd8tyHN9OGBspqNo75jsAZIucG9w",
                    "e": "AQAB"
                },
                "value": "EbYc_SPu2uKEf6f1X6UjmKcEcfkjwHEqLyvpzuUnI-zBOTD7tJSW5kf3eMJKn1S1Hz_X3cvLXYXgGp_B9W6BNno0jLeuVvERrKNk9DwaqNI0OUkNmsTQGWYCIH9HqGs7iEmH3725p_dtBR2isBWXx9oqKEF_HxI0nbBTROiGGyXN_iDU2zleltUIaDsaqdpoZG3umkUBJJsC5KP3uGLUJW0rPn5DMyAx-iAAHng9he4mf5yL8QFudBDhJh19a71MUOx8vi8dsj_C6m-PNSGWjYJgXz4HqlYIL2ILmY4oZQ5Pel4QYw3yvs9YxhOtgqKqJEXVRXy9BIb0rlQSBnbcog"
            }
        }
    ]
}

 
 Pass #6: CredentialDiscoveryResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryResponse",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m",
    "clientSessionId": "Plhs_rHUngo7uY7SZhmJLSwGvFySrFw7",
    "lookupResults": [
        {
            "id": "Lookup.1",
            "matchingCredentials": []
        },
        {
            "id": "Lookup.2",
            "matchingCredentials": [
                {
                    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
                    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
                    "certificatePath": [
                        "MIIDbjCCAlagAwIBAgIGAVI8kYjEMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNloXDTQxMDExMzE5NTgzNlowTjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJzAlBgNVBAMTHktleUdlbjIgVXBkYXRlS2V5TWFuYWdlbWVudEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAICQmQermrOoj-VAj5rJNPpbbwlwlWHGBNbJAVSR6Dd4dStiS6ygZTnB-q_708_PZe0B1-AI232jEITI1qZGqnluO-UuLb-oOD68IGrkQDI8yiMXHkCL8O1-EOV54lcXu1wyNG3fxT6zenaiz_UiuBgF4lMxnYe0yVmpSFQL0vqX7Wdbl6FnBIxNJnIGN-CXDEwjDeaaCNMlen68vbzs4HWCtRN1LzbCNc9mP-RDVojI0vK8KX8M2v4oOuKCgWLQpQ1_Z7X5aR68CWjBO8CEt1HyMFSWKjWycpI1bAQXFGc1luVt46skiZGPJOz15HlsgM4-7Jpcommp5F5EuyZvkqECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFKFR87PkcSliMGn3tTfC-Pfi4d6oMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQA88OuUj2x40uRImZ81KTBSPRt-O7Yf9GlsnAh4f75k0kiv18obsudl5FewYBo5jfa6LEwm0fmcTVlFW7oFhdWQ-Hi5-RUv6C5H4FEe0DFMr_0scAI1Phiu9fLWnf88yDfBX9fpD_ldZ-Llgm9YVTGLztk0-PyexUYLJbpPVUu5qGp5bXroIKCPIZj9DYQ1WqaiH7GAGQTKFyS7rbtiyP27UXo7avgRCRVmUWlRidvNM39sUFxKYWyEEqXohloxiozTMabnx60uA4ICZJWkNfbbYVixtxtaEP08ki2f-WvZQHVPV44cuNhTXakj695ZaMnSyxos01OT4gPHNQlYuT57"
                    ]
                },
                {
                    "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH",
                    "clientSessionId": "WkQUQI_CxcP6XuNeyv_Xdh0eBvdjDluC",
                    "certificatePath": [
                        "MIIDajCCAlKgAwIBAgIGAVI8ka2AMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0NloXDTQxMDExMzE5NTg0NlowSjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIzAhBgNVBAMTGktleUdlbjIgQ2xvbmVLZXlQcm90ZWN0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3elbFHub1zaW3vbEUWpFE43B-V0kR-jhUxyG-D6Aru0E8SQf63JedM6YNDHWx_OtE0gESDCBVIHmQRMsk56xYCL7pwgPc4-1MsxkG3Tj82EWS7ZO0ruv3F4S2OGt8ItHttdcg9jEPCObtiVbsskg_i2EwM6OhKo97oY37mCZ_Hr5e4N2uv4ypnidheIgfC5sToJg64QoQfcHYHRmvwQguEuYu7cAwy6fVRiVPjr8o7rixqi94X8L3ZOGmZBw4xpK1c9z-kbzugGhABkWnjpq1P_LYVKK5dbEgHbAdBupbcrUF2LdAA7HRFj9jFmNezCLLfao-ft7gfoKV-x3XeOiQIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUSAig9pB_L6zeo-IuBGoCXSiyQnQwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAE7xjbLZQTAMQgrDTf-fj-BrRGde8kX3Ng6U5pD2nX9iHDfb8InoKimdcQp_PWzBMPGmANueX8-kTAIMESL8LbgUqKFJ-XFZDkuQCOFWTPRjy6c-H8Ag1Pslqm0VWlk44onaZu4oDdh_AYhiohsi2kXcqIxWpKjqQHudBxwQQZtEvP0_6cgSaYuE75StpH47WsfIR68MdqY9jAO8f6RYyjPr8tWipQfzmGNDaI9zmCZP0zFsz-VvjCuQdiCJklHK4wX_qF7PefvxLaJSn9wouK2O0Kw1nH1EvqXJNPyxslZ7q0zG8I4Ki9ynOo6LKTJRx2Ezbw8Ne925FBnnlQupak4"
                    ]
                }
            ]
        },
        {
            "id": "Lookup.3",
            "matchingCredentials": []
        },
        {
            "id": "Lookup.4",
            "matchingCredentials": []
        }
    ]
}

 
 Pass #7: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m",
    "clientSessionId": "Plhs_rHUngo7uY7SZhmJLSwGvFySrFw7",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "l7W-JqCve_uihTMGJOXsv7nu30dXOaMNVoMHSqn15jw"
        }
    ]
}

 
 Pass #8: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m",
    "clientSessionId": "Plhs_rHUngo7uY7SZhmJLSwGvFySrFw7",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "hKRCsNJNQKkMKbk6TatFOL2ACq8OOJ2SKF7A8M078Q-ZRIHJcsRGX0RA0TMlhiW443Fq-5wDwP6Elo1Db98G9LHESdPJPq2wkeggUY_Am5-Xomw0qIj3rg3O5TOS1r9helgepVg5yTN_-t6T7JDpqGxbUdON6acRG7JX3yT9HYQhZP9wTviWDjfcrgXG7WUVZfObETdn67CF_xh_QwnmmA3BYlg4gA9YNLrSGJnizhZTrbiW0_ZuSRc3iA5DhqLY8i1BcELaRstjUfakTc8eVWPdJthVmZm1OQoTFVLtPjMloVpxoKzChkMZZ7Z87MDpFkzXvZKf-7LBq1ui5X6A5Q",
                "e": "AQAB"
            },
            "attestation": "gqTGN-3LnOT0cojqcywj4gNS_xjv3mr1XKjYdxdrCDY"
        }
    ]
}

 
 Pass #9: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m",
    "clientSessionId": "Plhs_rHUngo7uY7SZhmJLSwGvFySrFw7",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDajCCAlKgAwIBAgIGAVI8kbEuMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0N1oXDTQxMDExMzE5NTg0N1owSjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIzAhBgNVBAMTGktleUdlbjIgQ2xvbmVLZXlQcm90ZWN0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKRCsNJNQKkMKbk6TatFOL2ACq8OOJ2SKF7A8M078Q-ZRIHJcsRGX0RA0TMlhiW443Fq-5wDwP6Elo1Db98G9LHESdPJPq2wkeggUY_Am5-Xomw0qIj3rg3O5TOS1r9helgepVg5yTN_-t6T7JDpqGxbUdON6acRG7JX3yT9HYQhZP9wTviWDjfcrgXG7WUVZfObETdn67CF_xh_QwnmmA3BYlg4gA9YNLrSGJnizhZTrbiW0_ZuSRc3iA5DhqLY8i1BcELaRstjUfakTc8eVWPdJthVmZm1OQoTFVLtPjMloVpxoKzChkMZZ7Z87MDpFkzXvZKf-7LBq1ui5X6A5QIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUdb4qxcZzgpSmhUT0bIHWTPrkI1AwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAEHll_1IkgMu7Q5UlqhmBp-W-_Xbmig6fWKajmJEkhm3GjDKaf25D2cOoqg_l3NWYIId8NXZfRochbTzZqSWS2HbFqyDmo1W9YDTBnwx378vDDN3ZGTXXivm_lfhxMzD6EaLwAUb9NszE4sv9-KHKRelx7NMCChRkU0tjAFsIfvAIFY4p90EAcR0kLyZu99lOCYaJmbMP_1XqPSY5S0RICFZbnpsbxbUXz3AybJdmugTmyWYaOCKdSFAGtF9SXShA1pYjLrwS_Wi5T8PvsxU3gi9m2OUttnLaNLHZp6LARgqo28hi94G4r13d7kymKrY-BFMjKSPlQAEZiNg3mw0ic8"
            ],
            "mac": "XLk-0MTF8JwGVtxTBz0IJ5DyEJQn4Mc6M_WvhnF4C9I",
            "cloneKeyProtection": {
                "fingerPrint": "QxiwDOly9JTiLEAc5CN5kowZKeGStJa_LRYX45Mxb2c",
                "serverSessionId": "1523c91aae1_DxIPu7Llr4Pq6B0XspoH",
                "clientSessionId": "WkQUQI_CxcP6XuNeyv_Xdh0eBvdjDluC",
                "authorization": "sL-vNNcGvkAEeR-WFydK656Fc04PNWbrouwT5cLGYPXTs0ePUJ7By1adxTjJDFAjZzjpet6hzJoRxEkPriXB2w",
                "mac": "XYlwi7fkCKVRkU8MwIDhveHewYCWj3aP3lyE64EDGHs"
            }
        }
    ],
    "nonce": "W3vM8Xt5k81V_m97UFC2WjoppWiJW-atcXo-0XBdSR4",
    "mac": "gP3LuBu9hgYMLNnlNy3552HqNWL_NIABYRUp3c-l8n0"
}

 
 Pass #10: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91ad90sQfxi2ORhxJB2BHq7Ov2m",
    "clientSessionId": "Plhs_rHUngo7uY7SZhmJLSwGvFySrFw7",
    "attestation": "1jP5Oy2lLy5scj55uBMJKjyoPfvLVEtHPdMcNXj0CLY"
}


Deployed key[36] CN=KeyGen2 CloneKeyProtection, E=john.doe@example.com
Deployed key[37] CN=KeyGen2 CloneKeyProtection, E=john.doe@example.com


Begin Test (StrongRSAPreferences:1)
4096 over 2048 RSA key preference
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91b160QpU0BAXq0d1Fee4fIrxZy",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage",
    "clientCapabilityQuery": ["http://xmlns.webpki.org/sks/algorithm#rsa4096","http://xmlns.webpki.org/sks/algorithm#rsa2048"]
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91b160QpU0BAXq0d1Fee4fIrxZy",
    "clientCapabilities": [
        {
            "type": "http://xmlns.webpki.org/sks/algorithm#rsa4096",
            "supported": false
        },
        {
            "type": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "supported": true
        }
    ]
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91b160QpU0BAXq0d1Fee4fIrxZy",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:47Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "N51y1luJIPIKsb5FYAkldndDMc3ltrlBifW-XFOUmSQ",
            "y": "9VRh45thdYLS-_w2rGcf04VL4ckdwUkwGPQh6g3vcjA"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91b160QpU0BAXq0d1Fee4fIrxZy",
    "clientSessionId": "lvMpU6VRYqQh2myuU4jWya_RmFsewapA",
    "serverTime": "2016-01-13T19:58:47Z",
    "clientTime": "2016-01-13T20:58:47+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "EP1ZjV_B19G3Qk07JR72p4XV0w-NtBmP11xfvF8ejUQ",
            "y": "-KwhzQzXYZSoNLhK5cV9pbmNnSl-LMzb_oVYUpeV4tg"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "Jtf-jkMX6AgZb0dZK0s9_VPBHT94luv8e2mmmoWb01VeUxrSY5WHdg8hoiCIydLgOcpCIPvtFJTkaaVqFqn_SWOCzD2jWdTI71iqGRJ__oBY3kvlSvPbIgG5NIHNRB5L0f-WB2ksofOiahtzLx8o-N2BgLEgWNMnBVbk058K6H4",
    "signature": {
        "algorithm": "HS256",
        "value": "UTHxP0DnGwSOgHvf-Qsi4PlJzu-uvyb4Gg-oNaWunrE"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91b160QpU0BAXq0d1Fee4fIrxZy",
    "clientSessionId": "lvMpU6VRYqQh2myuU4jWya_RmFsewapA",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "Ncxc8ieuFVWiJcLdljhhdWUOUX61b-7h5YI6_fE6czE"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91b160QpU0BAXq0d1Fee4fIrxZy",
    "clientSessionId": "lvMpU6VRYqQh2myuU4jWya_RmFsewapA",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "1HKrK60D_aGvPs6iNomPhqtw4GzC68XTkbU5eM5vgKNoomlxujQPsFuaeQxfYnj_oHTvT1Mg1rMKdNVkA8xipdzBh2rZ9CMu8bmlJQM5CnVnHeGXGvb0YLjy8KED9HnAtOA8qaemkGB8SuNn55v0Oxx_lpd_5sdDf09_2dJdQcD1_7MjBf6KQGCIMSHXioqYpEOrv7O2HZ0QAVK9nabXm-oibKIy1xZt0If509Msxg5VynfeG3IiUJc5W1pw6dccBOCHfnD2xgYjtCnzTHXYPaZlfgdhRxyDJr3POCAo7_C-pCTwwqciEyzrVKVBLK3G9lbA6TLW5q62Fu0L7vwUoQ",
                "e": "AQAB"
            },
            "attestation": "vhbFuKN6WjVvDBlk8GhQdWqZyvSdjrs4JObadKbcb7k"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91b160QpU0BAXq0d1Fee4fIrxZy",
    "clientSessionId": "lvMpU6VRYqQh2myuU4jWya_RmFsewapA",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDbDCCAlSgAwIBAgIGAVI8kbKcMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0N1oXDTQxMDExMzE5NTg0N1owTDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJTAjBgNVBAMTHEtleUdlbjIgU3Ryb25nUlNBUHJlZmVyZW5jZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUcqsrrQP9oa8-zqI2iY-Gq3DgbMLrxdORtTl4zm-Ao2iiaXG6NA-wW5p5DF9ieP-gdO9PUyDWswp01WQDzGKl3MGHatn0Iy7xuaUlAzkKdWcd4Zca9vRguPLwoQP0ecC04Dypp6aQYHxK42fnm_Q7HH-Wl3_mx0N_T3_Z0l1BwPX_syMF_opAYIgxIdeKipikQ6u_s7YdnRABUr2dpteb6iJsojLXFm3Qh_nT0yzGDlXKd94bciJQlzlbWnDp1xwE4Id-cPbGBiO0KfNMddg9pmV-B2FHHIMmvc84ICjv8L6kJPDCpyITLOtUpUEsrcb2VsDpMtbmrrYW7Qvu_BShAgMBAAGjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH_BAQDAgOIMB0GA1UdDgQWBBQ4NVIIonpOFrRqbKyOEQOn2vkHAjAfBgNVHSMEGDAWgBRZXCF2vVvvaakHecbUVh7jS1yIVTANBgkqhkiG9w0BAQsFAAOCAQEAI65tPMRguXHDdoYftSBghiRN7Y_k_88BeOfEfNCVLJX14uI48WqS83Fu3ZYaD9JunI66VSQqXVfIOV7tD3NJ5F5SQ0OiNUwXI8jOILpc7eKYGwXlieRFdK-udpqKDrwTA_iJZPslHD15e2rCDx8yM0gKP5t1J7n1qlNNz8QcYNVu62KCFW3X2QA522guyujsgXgkSIEeZOfdoglA0ayg88ukVUCeJSplzn92kxMrGyFcYBLtBMNVryi23lAyHuhkP7coqZgsNXMYM3VXSi9q_Dnhl0W6FfRo76MpLKmbcgZx6qP7wdYReFkEFBHYsxfCiWRnXlCCvi1zsCjQ9co0rA"
            ],
            "mac": "E6q47s_ul-6e6GaZuNIGXkglUZJGtcKgFRc-3zYkghA"
        }
    ],
    "nonce": "v_41BDxugz7xRjlz-YHnDY_I2c-gXwDwzIKfFwsl6UE",
    "mac": "mQCWH5NSrhgeLazcaFjXaHtSYAMcTq2Ay0kQ4jCG7PI"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91b160QpU0BAXq0d1Fee4fIrxZy",
    "clientSessionId": "lvMpU6VRYqQh2myuU4jWya_RmFsewapA",
    "attestation": "UK4itM-q5L9HZ11MWm20ZjEufz9ckSQ7Kmv00K-Rf_g"
}


Deployed key[38] CN=KeyGen2 StrongRSAPreferences, E=john.doe@example.com


Begin Test (DeleteKey:1)
Updatable Session
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:47Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "WdluZJ77MZ5_sVocugFlbC9UV_y8SHsffQN7rB_b8Sw",
            "y": "MPEo2wXO90ZjoZypczp7Vp0GZlKf0mmBgDAJQbgqG6E"
        }
    },
    "keyManagementKey": {
        "publicKey": {
            "type": "RSA",
            "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
            "e": "AQAB"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa",
    "clientSessionId": "oITfdzpACya2Q_BHPXeRP1dg3gNo7AMw",
    "serverTime": "2016-01-13T19:58:47Z",
    "clientTime": "2016-01-13T20:58:47+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "dElwyJt1nQ1SLABhdf2j7totRYUJ1yEh4Lj5JpMtz-M",
            "y": "6xvQncdAqpAU3nZ3PXuBlrSt-f35qWnD3E7L4DkgzZY"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "imOPezR4RmnEpgjLldhIdr6jL1AU6k7NX7cVyLSp1-B_KQheiacpVxm8WJToEuAk6Sm-DAz3yqUAz1bUP1ki0_X_Ds1RZ3opdBPP_btiPD76WPNGdsh6uaToPzOzR_3sngyM6mp5CmuBnDvDvJTJOMfQk4BLGCSvNHE976WkLsE",
    "signature": {
        "algorithm": "HS256",
        "value": "Pw4MOXPJ7-he3VeoVEv2g5WdXOpE6-ErcDHjVwVdXWQ"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa",
    "clientSessionId": "oITfdzpACya2Q_BHPXeRP1dg3gNo7AMw",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "icP74JxapmVWilIFxikeKhoBlVK7zI7OtNfJh3sLErg"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa",
    "clientSessionId": "oITfdzpACya2Q_BHPXeRP1dg3gNo7AMw",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "i3J6Zlg5nDWhHdUTp_DzDx4wVGY5E9w7ggjLh17GwWcgd2OillSvGyglR3YevL_ckqXzQyxi7LpwK1ElPQ6unJ9xZxRnyiyN_3x_exxsViOWMN_OXltdu63w0Cb-tHVVz8MR8cZRcT7Vi5Z-r9pZbDq68g9HWwA5yggfo52ABVZsbuuKejViDdk3yoF-9mRjeWIGradgy8iBCKQy0kY7g4vsmCAijm4bTJZDY83TkzrqLP-ZKXW4qaQ5oeHHcY-q1GRRlmMfa04T1Fni_aAYXsYN4CcviHqHa8jlsCD0RqUmAUYWbaGXcjyIStlI954KtJHvHJtTuUKB-0RbvRYk3w",
                "e": "AQAB"
            },
            "attestation": "4GL-IhIw64gjHcg-p1vW5ZwThYLI1xaT58rGKhb1bF8"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa",
    "clientSessionId": "oITfdzpACya2Q_BHPXeRP1dg3gNo7AMw",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDYTCCAkmgAwIBAgIGAVI8kbNyMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0N1oXDTQxMDExMzE5NTg0N1owQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgRGVsZXRlS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3J6Zlg5nDWhHdUTp_DzDx4wVGY5E9w7ggjLh17GwWcgd2OillSvGyglR3YevL_ckqXzQyxi7LpwK1ElPQ6unJ9xZxRnyiyN_3x_exxsViOWMN_OXltdu63w0Cb-tHVVz8MR8cZRcT7Vi5Z-r9pZbDq68g9HWwA5yggfo52ABVZsbuuKejViDdk3yoF-9mRjeWIGradgy8iBCKQy0kY7g4vsmCAijm4bTJZDY83TkzrqLP-ZKXW4qaQ5oeHHcY-q1GRRlmMfa04T1Fni_aAYXsYN4CcviHqHa8jlsCD0RqUmAUYWbaGXcjyIStlI954KtJHvHJtTuUKB-0RbvRYk3wIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUf4B0Y4WkC921aawb7KxOMJi6ZVEwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAGf-B7iknC0yTduX6Ye5OPGHZIbrKkvkBMGIG-4o65Bk3GUiq8p6xet9qH5NmEEvbJ4R2xJHzpiP3eXeq5g8MYk-ZC7ob251hDsZU5ONCphklPkYd-WxAgo4KUkEXZrIp7xZgDHkkkf-HbWkrSUankM2tHpVLvN3H9y6CbWu6Wm-PUQwR1p5SD1Hk3kqFQSHXxX1h1EUzCx_789DjnJET7esa-_sQn_M0Io_R-rM2xm5J2etk1Vlo2A2Kj4FzaL4VJdaOryrXXqZFQ3JP0v8TUo1Of2HMtBN3ldRYqAJZiQvj3Rb4J9kVH69hUNgvGFERd_FbAMuu9Fa9Ui2zKg0cYs"
            ],
            "mac": "C8Kosv33kxTOHr6Kg7WF_hKXjPTDsCuNKNlslG5EidA"
        }
    ],
    "nonce": "cxATdOygQfFZzcDjRYJk3VTFpxIh7sKnt7zfFj6qhq4",
    "mac": "0eklLVjJmMfRUR1lybEHbCqGibKuIpXx2efo8gyRs_0"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa",
    "clientSessionId": "oITfdzpACya2Q_BHPXeRP1dg3gNo7AMw",
    "attestation": "jM93CsR4yxs0mfp_Z0o07WkdgWtYYx4--4XLlBVG_CE"
}


Deployed key[39] CN=KeyGen2 DeleteKey, E=john.doe@example.com


Begin Test (DeleteKey:2)
DeleteKey
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:47Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "Oh7u3Hcx5v-J7I0w61VzZFPpcdgWJevPuhDQq3HJRhs",
            "y": "2Doi-wBATrxBTEPHKtRjqpTD6swjFGaf5FPxDhs6nPo"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1",
    "clientSessionId": "BqFBPjjPfhWm3zwp3CbfjdNn7H7c22K3",
    "serverTime": "2016-01-13T19:58:47Z",
    "clientTime": "2016-01-13T20:58:47+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "QDmToYePUVre87XDtjMl9X_04F9CL64JhndY1LiY-sw",
            "y": "sXGXXPYl0nIbpzgEIWOrX9fQFYYeFUFXAiW8eK2dmL0"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "EVSIRR1NgdXPkvy9-pTecPkLekh5msl3-VfRhuaVg9qnjKAAaRBMu2HT60SYm_tsQUr-du5F-rLVN7CPq95A_ARJwP1PBTz5JRgh9YTOIzcDt1JpFf2qhm2bqt6eFSI4NXMP3vgmVwve4fW_jmZAoIuAKdWrjliYCnK02U4tbGQ",
    "signature": {
        "algorithm": "HS256",
        "value": "6YrLKqx_-TLk1k7iC9iPq5qovSNW9WxM0AAwXWaS_XU"
    }
}

 
 Pass #5: CredentialDiscoveryRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryRequest",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1",
    "clientSessionId": "BqFBPjjPfhWm3zwp3CbfjdNn7H7c22K3",
    "submitUrl": "http://issuer.example.com/credisc",
    "lookupSpecifiers": [
        {
            "id": "Lookup.1",
            "nonce": "ksv6mq5RQ5iHKZ1B3VATUDwofeLOigyOj5j-Tl1vK1U",
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "hHj-GNUckX5PG0VlwOJYRtc8vtT8WpCdOxG51X3v11t-y7u8D6ugpWzccbVG4yhDIWR2Aoom2A_we2-Hw3xJKnR79JlqWMrjQZ_pY5OlrfK_DlzvTJsNux_JMK2UlQ5i2-5MluIRe5Uc0XLiQQcfYfk7BA4BTjWbImuF1vGSGFZxr-8_5ZKR-oooF8mllYcHNZbpnNXTJOEmO8e4VFFPaLKN9HoikAQ25HyzQRyAVRvh6wKtf9836p_WuKs-Q2H7HT7h7b_JD3ovDmZb0RrFhLBXT_JzYN_hvYcrZ24Oc6CPaeWsq-6VXKRDDFpcwce4Tj_dPd80MD0P6X5AfwxeTw",
                    "e": "AQAB"
                },
                "value": "E4sPJik2bznD6cmQ9CRrV9pcHyJmMpgCKkdsuOfL5B4VTeHkIqTjaw6Sv1grMahUPx_r6mg-KieKTdwwGZjqjLQluz1ZDAT8bAmyBuzgrSrPvYQqLhm3E0ZM1VFyJdKMGjsSdMT86Eff4rFPoQBOiBlP7Ou1EYrkWM8Kx6heL1VOHkKDtXcyoSxHxCIMw82o9PT2aSer-YpmDn_LZyzpdIxwz_KS2vnvd6g0iuaiOrG-fpVf54Fbr7wJ8TdffsNcGa1TtnJqUXZgh_gXSqDC1yiScZUNYcVFB-jj29nWFbC4hR8DRwhIDZ0tVV3VsNqEvYgNtpitMeIl2VZ5WsSpTg"
            }
        },
        {
            "id": "Lookup.2",
            "nonce": "ksv6mq5RQ5iHKZ1B3VATUDwofeLOigyOj5j-Tl1vK1U",
            "searchFilter": {
                "emailRegEx": "\\Qjohn.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "ogIrKhsa88Lxsci-9QIsUbsK50El5wW_fX_JCQLzmduNwVVvKYYo1To8neqX-aVKeXXQRSsbOLJbj3BOiVeeSQ"
            }
        },
        {
            "id": "Lookup.3",
            "nonce": "ksv6mq5RQ5iHKZ1B3VATUDwofeLOigyOj5j-Tl1vK1U",
            "searchFilter": {
                "emailRegEx": "\\Qjane.doe@example.com\\E"
            },
            "signature": {
                "algorithm": "ES256",
                "publicKey": {
                    "type": "EC",
                    "curve": "P-256",
                    "x": "lNxNvAUEE8t7DSQBft93LVSXxKCiVjhbWWfyg023FCk",
                    "y": "LmTlQxXB3LgZrNLmhOfMaCnDizczC_RfQ6Kx8iNwfFA"
                },
                "value": "Yr85qq7jgk5nI6MjCrSQtB08-_roBbJl90nUu29BhHnjHf4YMIEhV2Uo-tmhUPu9yOtXXTr9wMxC4Ke1u1QQYw"
            }
        },
        {
            "id": "Lookup.4",
            "nonce": "ksv6mq5RQ5iHKZ1B3VATUDwofeLOigyOj5j-Tl1vK1U",
            "searchFilter": {
                "fingerPrint": "sVNedtvlG3cMhuVupbgRa-aXPcbfsx3m3hIR9gMlmwY",
                "issuerRegEx": "\\QCN=Root CA\\E",
                "serialNumber": "123",
                "subjectRegEx": "\\QCN=John,2.5.4.5=#1303313233\\E",
                "emailRegEx": "\\Qjohn.doe@example.com\\E",
                "policyRules": ["5.4.8","-5.4.9"],
                "keyUsageRules": ["-keyCertSign"],
                "extendedKeyUsageRules": ["1.3.6.1.5.5.7.3.2","1.3.6.1.5.5.7.3.4"],
                "issuedBefore": "2016-01-13T19:57:07Z",
                "issuedAfter": "2016-01-13T19:58:47Z",
                "grouping": "shared",
                "appUsage": "universal"
            },
            "signature": {
                "algorithm": "RS256",
                "publicKey": {
                    "type": "RSA",
                    "n": "kCNcOpatALB21jHrPIv1BgXlUJ5W8y9jfFci45G09x1zRz1E41lkBJYaEcxQNsT2h_vlf3nIK9g5Inr65vgeciLHQC-KFlpoGfSlTEnzq5eY8vON6egAOeQh5T-I_L9blNUqXsSDFHoA3DT5QcEkXNDz1_rqkNUk0YNJFIIuAWqe1OSEcU76dOmnRV1OAY6_OTC-1Wd4_teuLepi58BeUQoSTJTu2lbs-k8MZ1qnmcrYxTnou-NnYG1_Uhz1b8rS7WxaeFf1RaBIWjly2YjrnT76VcFXZX4BNALYhhxFq3wO-AVOV4TBOlF843Jd8tyHN9OGBspqNo75jsAZIucG9w",
                    "e": "AQAB"
                },
                "value": "MAz9rl9VfaM7K8KBUTkZKDrMzHmnQeLC6JDQzaUohQjxHh3LhwzJ62vknNkILJJFc2rujM6Im-yyxrKiUj5pFatrxX9IXBG2I4NOVfi49tO4bF26t5BHA-e7oeQW2FKwgCYc9tLCA0qbamseKtXV7SAKMXpe0IQHQK4pjFVokwvsOuHxy1xZQ4scr_BLZqaMtvBGTgsRqfxcV75DEF3YmThxy870KTjp_B9Y5QHPH8tO1CxV6_xfkiUqF2i5BRPXFeD4bpPbO-4_wNXy11leHE4xBx6aI8gfR1fZ0YKWocwe5Demo3ITVeHBGoUWyxYmMCi6xOS6ULGKnv0v0bpvIw"
            }
        }
    ]
}

 
 Pass #6: CredentialDiscoveryResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "CredentialDiscoveryResponse",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1",
    "clientSessionId": "BqFBPjjPfhWm3zwp3CbfjdNn7H7c22K3",
    "lookupResults": [
        {
            "id": "Lookup.1",
            "matchingCredentials": [
                {
                    "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa",
                    "clientSessionId": "oITfdzpACya2Q_BHPXeRP1dg3gNo7AMw",
                    "certificatePath": [
                        "MIIDYTCCAkmgAwIBAgIGAVI8kbNyMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0N1oXDTQxMDExMzE5NTg0N1owQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgRGVsZXRlS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3J6Zlg5nDWhHdUTp_DzDx4wVGY5E9w7ggjLh17GwWcgd2OillSvGyglR3YevL_ckqXzQyxi7LpwK1ElPQ6unJ9xZxRnyiyN_3x_exxsViOWMN_OXltdu63w0Cb-tHVVz8MR8cZRcT7Vi5Z-r9pZbDq68g9HWwA5yggfo52ABVZsbuuKejViDdk3yoF-9mRjeWIGradgy8iBCKQy0kY7g4vsmCAijm4bTJZDY83TkzrqLP-ZKXW4qaQ5oeHHcY-q1GRRlmMfa04T1Fni_aAYXsYN4CcviHqHa8jlsCD0RqUmAUYWbaGXcjyIStlI954KtJHvHJtTuUKB-0RbvRYk3wIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUf4B0Y4WkC921aawb7KxOMJi6ZVEwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAGf-B7iknC0yTduX6Ye5OPGHZIbrKkvkBMGIG-4o65Bk3GUiq8p6xet9qH5NmEEvbJ4R2xJHzpiP3eXeq5g8MYk-ZC7ob251hDsZU5ONCphklPkYd-WxAgo4KUkEXZrIp7xZgDHkkkf-HbWkrSUankM2tHpVLvN3H9y6CbWu6Wm-PUQwR1p5SD1Hk3kqFQSHXxX1h1EUzCx_789DjnJET7esa-_sQn_M0Io_R-rM2xm5J2etk1Vlo2A2Kj4FzaL4VJdaOryrXXqZFQ3JP0v8TUo1Of2HMtBN3ldRYqAJZiQvj3Rb4J9kVH69hUNgvGFERd_FbAMuu9Fa9Ui2zKg0cYs"
                    ]
                }
            ]
        },
        {
            "id": "Lookup.2",
            "matchingCredentials": [
                {
                    "serverSessionId": "1523c91872d4UhXJfxcmVILMOSHwL_Q6",
                    "clientSessionId": "mnXzdw6UI7J-_v80C2fhp3OC0G7PMSD6",
                    "certificatePath": [
                        "MIIDbjCCAlagAwIBAgIGAVI8kYjEMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTgzNloXDTQxMDExMzE5NTgzNlowTjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xJzAlBgNVBAMTHktleUdlbjIgVXBkYXRlS2V5TWFuYWdlbWVudEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAICQmQermrOoj-VAj5rJNPpbbwlwlWHGBNbJAVSR6Dd4dStiS6ygZTnB-q_708_PZe0B1-AI232jEITI1qZGqnluO-UuLb-oOD68IGrkQDI8yiMXHkCL8O1-EOV54lcXu1wyNG3fxT6zenaiz_UiuBgF4lMxnYe0yVmpSFQL0vqX7Wdbl6FnBIxNJnIGN-CXDEwjDeaaCNMlen68vbzs4HWCtRN1LzbCNc9mP-RDVojI0vK8KX8M2v4oOuKCgWLQpQ1_Z7X5aR68CWjBO8CEt1HyMFSWKjWycpI1bAQXFGc1luVt46skiZGPJOz15HlsgM4-7Jpcommp5F5EuyZvkqECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFKFR87PkcSliMGn3tTfC-Pfi4d6oMB8GA1UdIwQYMBaAFFlcIXa9W-9pqQd5xtRWHuNLXIhVMA0GCSqGSIb3DQEBCwUAA4IBAQA88OuUj2x40uRImZ81KTBSPRt-O7Yf9GlsnAh4f75k0kiv18obsudl5FewYBo5jfa6LEwm0fmcTVlFW7oFhdWQ-Hi5-RUv6C5H4FEe0DFMr_0scAI1Phiu9fLWnf88yDfBX9fpD_ldZ-Llgm9YVTGLztk0-PyexUYLJbpPVUu5qGp5bXroIKCPIZj9DYQ1WqaiH7GAGQTKFyS7rbtiyP27UXo7avgRCRVmUWlRidvNM39sUFxKYWyEEqXohloxiozTMabnx60uA4ICZJWkNfbbYVixtxtaEP08ki2f-WvZQHVPV44cuNhTXakj695ZaMnSyxos01OT4gPHNQlYuT57"
                    ]
                }
            ]
        },
        {
            "id": "Lookup.3",
            "matchingCredentials": []
        },
        {
            "id": "Lookup.4",
            "matchingCredentials": []
        }
    ]
}

 
 Pass #7: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1",
    "clientSessionId": "BqFBPjjPfhWm3zwp3CbfjdNn7H7c22K3",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "ABCJ2Lj4xj6SQbmdabmWI7MwB081TLh95N4Yooe5nTY"
        }
    ]
}

 
 Pass #8: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1",
    "clientSessionId": "BqFBPjjPfhWm3zwp3CbfjdNn7H7c22K3",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "lHbREaPubAXXO0ObfE0GoX-IqmGW4SpG-qo2Pfiw9j9jS50X676BUXYfdponMOg4iQIm-w7bPUVFnNv3ql8UHpUKNncI0m27HwDUoWifJHLAnwSIJaWjplmoWwIHXzYrrexRmENM_SbZ0igFYrdbGF3XP6Yt4axSDbsWQA84I6QHbHvkYAgVbVRMZbQYb-VHgU1V92k-Dtqbn9eEyanVtL3FOVKFgZEwby9f_5TqLhqYXds5Kn-ppzTPOKPr-zhOoZKl_2nQZJ2MYWpBTb8Votp0ychyc-eGiT-WB5cuMXntlLLvxZkdD88XJRkTsVRX6O7gBWeMpOpTf-OQF_SqnQ",
                "e": "AQAB"
            },
            "attestation": "N8kbXZj0qkzbRuocSfvOzhNl581hoJaoo5q_GSq2VUA"
        }
    ]
}

 
 Pass #9: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1",
    "clientSessionId": "BqFBPjjPfhWm3zwp3CbfjdNn7H7c22K3",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDYTCCAkmgAwIBAgIGAVI8kbUdMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0OFoXDTQxMDExMzE5NTg0OFowQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgRGVsZXRlS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHbREaPubAXXO0ObfE0GoX-IqmGW4SpG-qo2Pfiw9j9jS50X676BUXYfdponMOg4iQIm-w7bPUVFnNv3ql8UHpUKNncI0m27HwDUoWifJHLAnwSIJaWjplmoWwIHXzYrrexRmENM_SbZ0igFYrdbGF3XP6Yt4axSDbsWQA84I6QHbHvkYAgVbVRMZbQYb-VHgU1V92k-Dtqbn9eEyanVtL3FOVKFgZEwby9f_5TqLhqYXds5Kn-ppzTPOKPr-zhOoZKl_2nQZJ2MYWpBTb8Votp0ychyc-eGiT-WB5cuMXntlLLvxZkdD88XJRkTsVRX6O7gBWeMpOpTf-OQF_SqnQIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUxP0xlQOIvayyrxsk8anfwUsrG9EwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAA71jwvtyGO2RtOPyWuY_u1McX7v1cms9MtEjlyoHHlH_I-124SaibWCAtgQ8jZFdrlrnzneVvKXCEtwC8QUj7B61iUVBZuOZKSQUqU_sGSqOqG4ybgNsqiWb3Z3wo9WZMrmb0NDEeDhhvFFZnEHdU3OT-Iomw79pAdTCsHLP6kyyurLTD1f5ny-hDKKQoqGs71fRrzayERAoKMVBzeNf-T8NbN117gRJb-s-mGpaGFB3IjCAGyObTgTPpFKuItAP8kXM-Op_0WAqAyRUq379i6TC_uijFIxSysp6mPn2qUWkplbdhOFnW-xeYcjwl9XU1PFaJMIN3rxnOIX7Odr_OE"
            ],
            "mac": "UFdQiObiaxDTSbxD7ZzRv-bMYqvakINt6qeqPoui0fY"
        }
    ],
    "deleteKeys": [
        {
            "fingerPrint": "jNY-ViN94trXmInVuiXt9mn4z7ZbBvvlZAai9m2FNK0",
            "serverSessionId": "1523c91b2acfRhMX3sYB_aaXHCYQ2ZVa",
            "clientSessionId": "oITfdzpACya2Q_BHPXeRP1dg3gNo7AMw",
            "authorization": "MGTaJZNrVSBuwQ2DZFBt1oFh3T7LJ4X_2L3KG4ZObCtnyJMVhxvlrOJgMvIrTbRc4oeZQr_FayqODylI1PJO4Cv-cFktHFCYtPJKOWFK5UyurCoxIfQjufkh9l7ScL3ZxX3_amclGyxVY0u_WxF5NHok_hr8c6Bh2DxD0vkJid3g4Qi679XY4wTGJRu46dLmvZ0oyY1kYErCGYuyKmQCcb6e1qjUohgMv-lBoXyk-d95kUhPCqQVdypGQ5MZmWmXOej9vazKdepKqBT_5YjiNmN-BsFaRiH0mjiDjAuFG07pywzyUHDxSVXRIpWda9dx280ELn3oV56A4C6_bdzLEw",
            "mac": "JD75JsjQ72zdVZNHGFAW3ugOSoSdgzlg2z-WT4rbznQ"
        }
    ],
    "nonce": "g_x3gvHQHE_FYmTjh2YA0aASpsJ2Wby3kJtPsy1V_EA",
    "mac": "ML8XuJ6pbfsY3iWTKidiaJqMcsIQPOXLzCI3emqs6_4"
}

 
 Pass #10: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91b384uCX8a8oSkN0Loq3_XJ3I1",
    "clientSessionId": "BqFBPjjPfhWm3zwp3CbfjdNn7H7c22K3",
    "attestation": "J4_n6iTxwISTxUPqUGRH7GRkL6nKJv_9UCuNNRrK4uA"
}


Deployed key[40] CN=KeyGen2 DeleteKey, E=john.doe@example.com


Begin Test (ImportSymmetricKey:1)
PIN Protection
Symmetric Key
Encryption Key
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91b52cY4a6fRw51iHd1nMAQZI_K",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage"
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91b52cY4a6fRw51iHd1nMAQZI_K"
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91b52cY4a6fRw51iHd1nMAQZI_K",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:48Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "9WfWwkewIPnCcVRcKUnsO_T216RxlpFk66fzs4JxJrM",
            "y": "ASBRqKKVSHrUSx2TtapjSe2RuVNo3pdR4UalZ-Z2WD8"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91b52cY4a6fRw51iHd1nMAQZI_K",
    "clientSessionId": "O7H5US0DJFqYEJk8aX-iPHQvmMyfnLNt",
    "serverTime": "2016-01-13T19:58:48Z",
    "clientTime": "2016-01-13T20:58:48+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "Z9FncL7XHN_IkmElmogBiFD8GrnP2yiQxZd7ETtPC_M",
            "y": "wdDkMw5hYj3K27q4OZrtFscSXwgPX6AaUS3TTu4steo"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "bWb8KsUgKpXbxl5DmDpc1HZU9_CLsWD1RunQ9aaFfVu7d7K0gx--5TwyHWcXwC3GPdwLg5qj1ygOR_2W3xWYbwzSe-oCLtEyXwAZApPGUKCxPFdtJY51xPcDfCw2gO6YjyXEi-QBssEpSqjoWvbloTGNA_SPRi31QfzNxDTXojQ",
    "signature": {
        "algorithm": "HS256",
        "value": "nSrtISfypmkn-DmE-6kMGjhhGs45ff2rw4M65rkb_Ss"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91b52cY4a6fRw51iHd1nMAQZI_K",
    "clientSessionId": "O7H5US0DJFqYEJk8aX-iPHQvmMyfnLNt",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "pinPolicySpecifiers": [
        {
            "id": "PIN.1",
            "minLength": 4,
            "maxLength": 8,
            "retryLimit": 3,
            "format": "numeric",
            "mac": "TnX_vdyHG3_jx_c7YbNw7Nu9eI8gQhhreEusBe9f4NE",
            "keyEntrySpecifiers": [
                {
                    "id": "Key.1",
                    "appUsage": "encryption",
                    "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
                    "endorsedAlgorithms": ["http://www.w3.org/2001/04/xmlenc#aes256-cbc"],
                    "mac": "42R0MuoHogU0whqbo5jByhmj91WWVZx1dw_KovNTFLA"
                }
            ]
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91b52cY4a6fRw51iHd1nMAQZI_K",
    "clientSessionId": "O7H5US0DJFqYEJk8aX-iPHQvmMyfnLNt",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "3b97hIkKCPtG4faNrj3yPKcxRvn1QAPtwOkWlstvksaBzbulosWyYBiUG1Y2oBz9GvSG1NdAcHEFs-ARnIxOuopvfuACP2jt3zxcS_0UWxloZThAEKRQ6zN_bKjFX0HxWwwhY4C3yg8s_Zv2WHGjsyDx0BjNBBo21YIRgRIIl2taAgQR-6A3bI5vmQiXqBeQUX2IpILh4xdLHX_2WYtccBCw5gesQpgbMy4AP5gSGGij5tlulZdx2Tz-M7-1QUZRKUnamDZ5rvAuMU_Pfx_XtYotip5Y9dQCJVw4-QwsZtrowYyn4hXIy2c-ECXsdIdUkVY4xyMH3D42ao4NT9XQ7Q",
                "e": "AQAB"
            },
            "attestation": "vUg1wMg_EZowXZg6GTPwwGgzxzauUwtaGNrbjC6fQTg"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91b52cY4a6fRw51iHd1nMAQZI_K",
    "clientSessionId": "O7H5US0DJFqYEJk8aX-iPHQvmMyfnLNt",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDajCCAlKgAwIBAgIGAVI8kbZ0MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0OFoXDTQxMDExMzE5NTg0OFowSjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIzAhBgNVBAMTGktleUdlbjIgSW1wb3J0U3ltbWV0cmljS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b97hIkKCPtG4faNrj3yPKcxRvn1QAPtwOkWlstvksaBzbulosWyYBiUG1Y2oBz9GvSG1NdAcHEFs-ARnIxOuopvfuACP2jt3zxcS_0UWxloZThAEKRQ6zN_bKjFX0HxWwwhY4C3yg8s_Zv2WHGjsyDx0BjNBBo21YIRgRIIl2taAgQR-6A3bI5vmQiXqBeQUX2IpILh4xdLHX_2WYtccBCw5gesQpgbMy4AP5gSGGij5tlulZdx2Tz-M7-1QUZRKUnamDZ5rvAuMU_Pfx_XtYotip5Y9dQCJVw4-QwsZtrowYyn4hXIy2c-ECXsdIdUkVY4xyMH3D42ao4NT9XQ7QIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIEMDAdBgNVHQ4EFgQU_VB5Nqmo-n5Xdib5kIYHQy_Fr6MwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBAEev_ijGzpDdRvHfHdAruk7yBXe6JEcN45qMGoAUBwd4xGIWEKZl6NKpzDSfA7eYD7rucI65zOGIDlA7KfVCxmE7umT5sz_rz_B-zo9E6-F6Nd662N86XaJPyWq8WQDsPmmBuZ0_kTfu1Y72wo4uqNZdVWLZFWDl5Ws7g3GvGmqtp1w6YbaZUYYJ-gGBnoWy1dkMmPjB-7PSqE4_ubuPnR5lkdIM6z31w73KJ22K9fU7UD8sGBr0Lu9uqGWyf7uzo6KVu2tOfd0UZ0_-D-Zx_LOxrd10VQpAPILJA97KwlrieaxehBcJl6_1pBCuvhocobs-eQqFRaNqQMi4xwlqLIE"
            ],
            "mac": "Y4cjzb4D2L_DPfq4_Z0HuZeY0rMe83Vg2vy_8SdVn3o",
            "importSymmetricKey": {
                "encryptedKey": "ilpTve6MzyxvFRBMcORfi6Hba1giB-sYimmCHONMfyfORiBUaH3mQdQtZYjoTK3w6TYVJirOVM14G7FRL7SGSg",
                "mac": "7JgPUiLidiK4hDFNJa6VtOZWww3MW90Bgt-_drJwi-Y"
            }
        }
    ],
    "nonce": "MrIfRiiPjTEgSdPPS-9sYzuNkneLVgYW620hV2d488Y",
    "mac": "hwUFtbNFHT0WV5zXAGhWcQnKcRWeudtPWHdTmMZFlwk"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91b52cY4a6fRw51iHd1nMAQZI_K",
    "clientSessionId": "O7H5US0DJFqYEJk8aX-iPHQvmMyfnLNt",
    "attestation": "AHYUOxTQhbdP1rLrXjcMAc5zoDxGnQHIIoaIDaSiVyw"
}


Deployed key[41] CN=KeyGen2 ImportSymmetricKey, E=john.doe@example.com


Begin Test (DevicePIN:1)
Device PIN
Abort URL option
 
 Pass #1: InvocationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationRequest",
    "serverSessionId": "1523c91b684zwAfEWDr-vSX5fj-h-Bal",
    "submitUrl": "http://issuer.example.com/invocation",
    "action": "manage",
    "abortUrl": "http://issuer.example.com/abort",
    "clientCapabilityQuery": ["http://xmlns.webpki.org/keygen2/clientattr#device-pin-support"]
}

 
 Pass #2: InvocationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "InvocationResponse",
    "serverSessionId": "1523c91b684zwAfEWDr-vSX5fj-h-Bal",
    "clientCapabilities": [
        {
            "type": "http://xmlns.webpki.org/keygen2/clientattr#device-pin-support",
            "supported": true
        }
    ]
}

 
 Pass #3: ProvisioningInitializationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationRequest",
    "serverSessionId": "1523c91b684zwAfEWDr-vSX5fj-h-Bal",
    "submitUrl": "http://issuer.example.com/provsess",
    "serverTime": "2016-01-13T19:58:48Z",
    "sessionKeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#session.1",
    "sessionKeyLimit": 50,
    "sessionLifeTime": 10000,
    "serverEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "qIxlnhI3d-XK4zzrX6Gf2yXJdhS2-4nlm0fn0wz2srQ",
            "y": "4fzNzZH7DBsLWltvCe7HWj2zWTMUaWLMUdMY37L3s_0"
        }
    }
}

 
 Pass #4: ProvisioningInitializationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningInitializationResponse",
    "serverSessionId": "1523c91b684zwAfEWDr-vSX5fj-h-Bal",
    "clientSessionId": "RzM0i61DxrMoR2O6ikA_xl4Lkxrp5btg",
    "serverTime": "2016-01-13T19:58:48Z",
    "clientTime": "2016-01-13T20:58:48+01:00",
    "clientEphemeralKey": {
        "publicKey": {
            "type": "EC",
            "curve": "P-256",
            "x": "RQjC5UBQBZ1u3-TeRsh2BYONj_UckfIR8pO2d6wjTS0",
            "y": "xnnP2xp-NzK2vgd63jo980Vz98qWjt7exKbn38C3lUc"
        }
    },
    "deviceId": {
        "certificatePath": [
            "MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj_UB6CK4devyqKQeDQvu_w0Ja9C-4wwttR88BtsutxfQ7Q67AIfzPM6Wz18-GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV-6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA_gwHQYDVR0OBBYEFFvpX8X_0clsSvnO_oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0_MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi-hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7-RwsRv_WBN9v-wICBgF3S_-c-5V8JD_FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn-Ucd4SI0AdckJb8A8nozj6otCNA_7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX-J-ofWY-xtVD5cD1Gcn7KNdcJfLt"
        ]
    },
    "attestation": "ViruW24VwrxON3KWUtPT7h6ng_4z-uWknclCJumZrIJAsgILTges_jpVbgrZiJWz9rhIL2MXGLSD_nEq3x1VOnnYVEO-uY1g7g4weWhwVp44rSgeSCRLS2j1NrZzFEXTV9_hsXF6oNrNk1MirFJnHMU9Qe5Ob14rDSyp76B0Ic0",
    "signature": {
        "algorithm": "HS256",
        "value": "lzKtl1QRFppDMOXJ2w2o6EMZkwpHBk37Exy4rJOwCiI"
    }
}

 
 Pass #5: KeyCreationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationRequest",
    "serverSessionId": "1523c91b684zwAfEWDr-vSX5fj-h-Bal",
    "clientSessionId": "RzM0i61DxrMoR2O6ikA_xl4Lkxrp5btg",
    "submitUrl": "http://issuer.example.com/keyinit",
    "keyEntryAlgorithm": "http://xmlns.webpki.org/sks/algorithm#key.1",
    "keyEntrySpecifiers": [
        {
            "id": "Key.1",
            "devicePinProtection": true,
            "appUsage": "authentication",
            "keyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
            "mac": "ElcCH4Pe-KdOa7KvxFd27Iz4sbLL8Joj3m9KDXDP5Pk"
        }
    ]
}

 
 Pass #6: KeyCreationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "KeyCreationResponse",
    "serverSessionId": "1523c91b684zwAfEWDr-vSX5fj-h-Bal",
    "clientSessionId": "RzM0i61DxrMoR2O6ikA_xl4Lkxrp5btg",
    "generatedKeys": [
        {
            "id": "Key.1",
            "publicKey": {
                "type": "RSA",
                "n": "tL5iuJSLAllLIXbCTlm3oHRzgzfGaFFrCxOekSbT8EZcQPWTGU-UfnwKe4P43XLPgUJCxQ01bgVYf0s16iQNSIhGPC-t3IS3ThR09zOY2MKgam_NyJgtO_3igPA_Fou7jwO3A5YV83NfizdckqbzAcDgGGoNCJC4swF9KSBPUKlhtM6oMiB4Xwlw9-wfJOUtz53aTJkiLkR_LbtmPElmI0hN8HADoVDlWdfdJ_PH_3fpVi5hIKK0kDcNrpWtH50E_RnTU8Oq44zQzgPQI0uar_MYQh6S3jHJnWDiI8952aHoH2ZOUGjvRTZWeTASpSnH9QSaseQDL5BM84TKxW-4Dw",
                "e": "AQAB"
            },
            "attestation": "kGdJUALE-e0pwBsRqCpIhn9zMPvxWLaahFL3ZS9RZm0"
        }
    ]
}

 
 Pass #7: ProvisioningFinalizationRequest 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationRequest",
    "serverSessionId": "1523c91b684zwAfEWDr-vSX5fj-h-Bal",
    "clientSessionId": "RzM0i61DxrMoR2O6ikA_xl4Lkxrp5btg",
    "submitUrl": "http://issuer.example.com/finalize",
    "issuedCredentials": [
        {
            "id": "Key.1",
            "certificatePath": [
                "MIIDYTCCAkmgAwIBAgIGAVI8kbdNMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk_IsZAEZFgNvcmcxFjAUBgoJkiaJk_IsZAEZFgZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTE2MDExMzE5NTg0OFoXDTQxMDExMzE5NTg0OFowQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUtleUdlbjIgRGV2aWNlUElOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL5iuJSLAllLIXbCTlm3oHRzgzfGaFFrCxOekSbT8EZcQPWTGU-UfnwKe4P43XLPgUJCxQ01bgVYf0s16iQNSIhGPC-t3IS3ThR09zOY2MKgam_NyJgtO_3igPA_Fou7jwO3A5YV83NfizdckqbzAcDgGGoNCJC4swF9KSBPUKlhtM6oMiB4Xwlw9-wfJOUtz53aTJkiLkR_LbtmPElmI0hN8HADoVDlWdfdJ_PH_3fpVi5hIKK0kDcNrpWtH50E_RnTU8Oq44zQzgPQI0uar_MYQh6S3jHJnWDiI8952aHoH2ZOUGjvRTZWeTASpSnH9QSaseQDL5BM84TKxW-4DwIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB_wQEAwIDiDAdBgNVHQ4EFgQUZ_GTGpSHiY1i0d9E0iU7GqLkmQEwHwYDVR0jBBgwFoAUWVwhdr1b72mpB3nG1FYe40tciFUwDQYJKoZIhvcNAQELBQADggEBACrOGDsx-udryrNZzzpp2uEiIn_NDhCI5DFk1pJMP-Z27P8iRO0Pl2tP31XjUjQxUBsYQjzWiM_YADY_SJekBvPoJcZ8pBLElVtHdbp4vpYgr-Eqa3lAkM0_kkpasuiY3DJNz0DvgofKsZzAv0h9Z6HEAgwdQ5RbEGqPLYdiJiIOb8Lfkux0GfTNT5st1pepoMheOLHSgHVR2dS-7_ipKFS-GCKJ63bumJNXW4MUbb0FeYrm-8mkxIJKVV_cO8jKnQpz9YvgI4XTlkZ8cv4L1klj1PdeDG2FwU0xQZlme-aapLS9QWD4BBOgsr0bvkJfLKXPznSbr3r2en_rDwipG7A"
            ],
            "mac": "vGQz1q5IcrCYtAmS3ARLHAHfzbJcoEmKS0bRW4V0idE"
        }
    ],
    "nonce": "DCZMEX1pWuSA5W9QKf0pWjxHscdEkA4Uojet14MiE2k",
    "mac": "wfNGvw4pIVluj29g39ZeeFecnbJIg7Sg_iD9YIjfeq4"
}

 
 Pass #8: ProvisioningFinalizationResponse 

{
    "@context": "http://xmlns.webpki.org/keygen2/beta/20151101",
    "@qualifier": "ProvisioningFinalizationResponse",
    "serverSessionId": "1523c91b684zwAfEWDr-vSX5fj-h-Bal",
    "clientSessionId": "RzM0i61DxrMoR2O6ikA_xl4Lkxrp5btg",
    "attestation": "ZS9olZ1U0nEYVcTahHuRuOQWJf0oxrqCmKvxGmF3bNk"
}


Deployed key[42] CN=KeyGen2 DevicePIN, E=john.doe@example.com


Begin Test (TrustAnchor:1)
TrustAnchor option