KeyGen2 JUnit Test
Begin Test (CryptoPreferences:1)
4096 over 2048 RSA key preference
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584732202ad5a9c22bc46c942" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities>
<RSASupport KeySizes="4096 2048"/>
</BasicCapabilities>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584732202ad5a9c22bc46c942" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities>
<RSASupport KeySizes="2048"/>
</BasicCapabilities>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584732202ad5a9c22bc46c942" ServerTime="2012-02-16T05:37:12+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BCiGO2mr5KTsLqwWJI3mcl+hpJv3qi00annJ3BwqWnszgBWwGiBSCaAvpwBZRqUtYOeHt1vRmuaY3/i9+muuA/Q=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="MLDCktHKVEvybU6DJAGFXf0w6RLWESjmCebyeI6shwvk+UiPbzq7le1Yvzlxjp/hWlxpvoLY7Qc5469DKG1rELn/dRJKO+kP3rlrX96951b+mI2Cjt4pdrxCUWF/59q9urdc77GeCmjHN07GXfCDZsQjiHfrM68ondDjMt5sZRk=" ClientTime="2012-02-16T05:37:12+01:00" ID="C-1358473230be99b1af4f45524f" ServerSessionID="S-13584732202ad5a9c22bc46c942" ServerTime="2012-02-16T05:37:12+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BM1QelKha0NsLs1gw5NQesyOdxFAmEuiswI8ItmU/eMwWOEF5cktZ2J9k4ZOdWBAhZMIjKYp89tC1oabGWglvgA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-1358473230be99b1af4f45524f">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>YKq4uKUuLhooEp8IhcdTQStD5hiujQVSTr0p+27+/7s=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>QbD+6WVgUeCkurpbM1oojVlsuBxGYotZs+P1dAmpegM=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-1358473230be99b1af4f45524f" ID="S-13584732202ad5a9c22bc46c942" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="mSu+dikoZa/BXVGQeHF67oLkp+39SG+cDiHfxY1ea28=">
<RSA KeySize="2048"/>
</KeyEntry>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-1358473230be99b1af4f45524f" ServerSessionID="S-13584732202ad5a9c22bc46c942" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="xwGfBzCbOka6av3EcT9dyDDn5yof5jCjXRSXfbxHEnw=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>iJmgCStp117a8CMwrghhiDrfII0b5L632ivvqoWYjo1SEJ0FaB6ZrCr3m7NHu9E9X7BtDbZNF0GoNf5V5f2iTfZywiGggurFKMNlBObamZe8CQTf0NAYec3nK4dImNDWf5FzBFhuaOtc4yNTV709wXUh9khk5NAl1Vue9wNO3Rtz/Ah3KzRAoYlM75B69QVTJHmpvxffEdeR/7LZmnjidEdn3xU6U1dngQYsZfpt2MHIZJrnIkKV77gSlnzTCPtn8ce/UG9RhTwfStuM2miG3fPf7BNg/HOCf1xS/U1lmow65RggIo4g+u5Bp2CKd6vRYhGqrW/aZACOX1kUbQXqrQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-1358473230be99b1af4f45524f" ID="S-13584732202ad5a9c22bc46c942" MAC="Zy2IIVltIB+gb1ICx5JkSgj9pxWYquZxhK7VTttuIhw=" Nonce="LtL82R26J2BcTjgOV4GofDGGOtluzWkP6CMkGDZ6MPs=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="cKcZtc8r/sZIuTKH7kW+EjgPj3Mb2sobCfV8+/gMrF4=">
<ds:X509Data>
<ds:X509Certificate>MIIDZzCCAk+gAwIBAgIGATWEcygKMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxM1oXDTM3MDIxNjA0MzcxM1owRzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIDAeBgNVBAMTF0pVbml0IENyeXB0b1ByZWZlcmVuY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJmgCStp117a8CMwrghhiDrfII0b5L632ivvqoWYjo1SEJ0FaB6ZrCr3m7NHu9E9X7BtDbZNF0GoNf5V5f2iTfZywiGggurFKMNlBObamZe8CQTf0NAYec3nK4dImNDWf5FzBFhuaOtc4yNTV709wXUh9khk5NAl1Vue9wNO3Rtz/Ah3KzRAoYlM75B69QVTJHmpvxffEdeR/7LZmnjidEdn3xU6U1dngQYsZfpt2MHIZJrnIkKV77gSlnzTCPtn8ce/UG9RhTwfStuM2miG3fPf7BNg/HOCf1xS/U1lmow65RggIo4g+u5Bp2CKd6vRYhGqrW/aZACOX1kUbQXqrQIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUGuovIgZ14fOvqZduYuzHpv+H1QswHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBAJo0Ksq/xKwLYYK8ip/h4Cs2yS7u15hPcvHWaosB3HpQlu5GJI7/OH2t96jdv+0YG3mouI23TUmVxRLPU8ROcy8tZKcO/lv1t7iBEJ4ZmV58ji369dRcfpi5SwFXg7X8dD0TSCNC6pRXEm31aT5qKhMBfxiYW/1HLKUQXahQO6C9hgnLxziG0CtPdK2Ouki6RVmM5gPBYyQX6qykXvSzAwWAnTrEsCdBRfh1YbDU6RQoFFYKgOVmUpAzEfuJBdZawxnYKE7C4pCTQCcuRyF/4IUCqLGqtv3tx06jyWJL3QZRmC8JrIaBaIv4DXhdFgFmFZ0Q2bpYJNCgJI7D55L8NkI=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="6VVh9b9CIv89jWvrGoCMden3b8bmMopFMH5ffx6+UcI=" ID="C-1358473230be99b1af4f45524f" ServerSessionID="S-13584732202ad5a9c22bc46c942" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[1] CN=JUnit CryptoPreferences, E=john.doe@example.com
Begin Test (ImagePreferences:1)
Client shows one image preference
PIN Protection
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584732887df835453e5e15f70" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584732887df835453e5e15f70" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
<ImagePreference Height="120" MIMEType="image/png" Type="http://xmlns.webpki.org/keygen2/1.0#logotype.card" Width="200"/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584732887df835453e5e15f70" ServerTime="2012-02-16T05:37:14+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BBzxomrnvKjb+Zao4O9m1k4PPctZUMZs5/I7QqFvhU2Kdau9p3H5IN0OZCknV0Idxv4OtOpc9uuw9N+o7DaCRL8=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="SHK52G78XUdaVwZRU9FaMyA4b/bMrJopfkD+JeT0UFuC89kTmugMD3k7RsNYhni8HBL7eon2Jfx2QdBWoaZspyKCdFUaJ0OGH/eIZ1MY4Q9oHb5eG+4xHzKDzFIhTMkmABrFjsr50849Rj85IMKI98B/rPeqlEFxSBo3dM8lMvk=" ClientTime="2012-02-16T05:37:14+01:00" ID="C-135847328a65eec3749032b7f1c" ServerSessionID="S-13584732887df835453e5e15f70" ServerTime="2012-02-16T05:37:14+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BLah4clvhFKv+BeX/uGPz5g6C/1Hf/N5VKu9j6L/a6c94db9WkfZ5woLuZG5BLTKSYJN09xPHx4jJ7fPJI4DDRg=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-135847328a65eec3749032b7f1c">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>/3RiStsiKuJJfwtfsSI3/n+h10UyRjSdMm9Y9wcymzY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>0YL3HXZMf20U+OFPH5/RyI5SgTIj2p2HycEVnU8l5KQ=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-135847328a65eec3749032b7f1c" ID="S-13584732887df835453e5e15f70" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="gHPzo7YbQPodCXlnKyOEW0kNC5xZLon8ct6DZ4/cpHM=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="JnyyoowfhsN44RTs+i2TjJcs4dXrmBlrJPMEKKGVX60=">
<RSA KeySize="2048"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-135847328a65eec3749032b7f1c" ServerSessionID="S-13584732887df835453e5e15f70" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="NECbZutuPuOadV1KnZJOpiHaoBfH5CVt16bPwHcEJS8=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>85t5uhcet6EXW8KmRu8nrEeBjXofq5nwRXikon5bRi4PZEPX5C7KASsiTN3LS+RRZnZxxtPayy0CTA95nCXUDBga0mcsTw4APgDW/asWPhBzcLq1SbfwNE92GAJ4bXyeOqCIVJHxZJGpumqshk/DtbLVz84V7U08ujO2MOfwLOd41bO/N3Ql4TkuWhSySrRjK+EFoWRn6NdPq5KKpnv83mAx/9JaRBs+wn68H2w13Kmm/zUvVgL3jnbtUtw3Cj+Y7u+ldFUhHpMt7Fm7MeaexwAD64tlWS/Bhi3rJxalyhPtj04ZRZKJoiTrUQ5+bE9AhDg/QtrKEq4GPteAWl0msw==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-135847328a65eec3749032b7f1c" ID="S-13584732887df835453e5e15f70" MAC="Eq704w5L1k37I0Qk1XapiHmeTam2Llq0P9Zgv5+Fms0=" Nonce="qnwHdsE0zjKVR2uRV37GL1eT7Pmg8NWUP3ZZfRSIJnc=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="fiYXJ0wQeRnfXQW+EXHTaZrZjaZ+suhU8VeQqBhKE0g=">
<ds:X509Data>
<ds:X509Certificate>MIIDZjCCAk6gAwIBAgIGATWEcyocMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxNFoXDTM3MDIxNjA0MzcxNFowRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFkpVbml0IEltYWdlUHJlZmVyZW5jZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzm3m6Fx63oRdbwqZG7yesR4GNeh+rmfBFeKSifltGLg9kQ9fkLsoBKyJM3ctL5FFmdnHG09rLLQJMD3mcJdQMGBrSZyxPDgA+ANb9qxY+EHNwurVJt/A0T3YYAnhtfJ46oIhUkfFkkam6aqyGT8O1stXPzhXtTTy6M7Yw5/As53jVs783dCXhOS5aFLJKtGMr4QWhZGfo10+rkoqme/zeYDH/0lpEGz7CfrwfbDXcqab/NS9WAveOdu1S3DcKP5ju76V0VSEeky3sWbsx5p7HAAPri2VZL8GGLesnFqXKE+2PThlFkomiJOtRDn5sT0CEOD9C2soSrgY+14BaXSazAgMBAAGjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgOIMB0GA1UdDgQWBBQhNYZCCnOlldeyWxNapp+OrTJVozAfBgNVHSMEGDAWgBQAfp3TTGjZutv58oPYDV14K+1hLTANBgkqhkiG9w0BAQsFAAOCAQEAmRKZsfddptW6as8mvbX0dpd27E1wlaZHq5aUVhRt4PrSjPJtsmq+pyKI1dxATCeNOenaPr/oBjUldWiTyqhzZj079pBw35pAJjwPz73VCXZ2dXcjYLLVGo2Er14h6VvhE1PF3faYdmyQUHid99KcbeECZd/QI4hCHupdlxdknF1K922ebLjZmAABVv+kH0QM1ALQmxJjdc+uIfRD96GMtFp62qTgaErTN3QlRTn+DoEPE2PT00IQBNL5eLG4/q3AwVBxIwi1z6ERHE+VviZGtNq9SXy+ekR9PSy1SF4N/8nIzXcByVZkr8ND1fRXkRdMOHhz5wvhQU84mp6U/6OW4g==</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="YtGGVvbRhChKpwgh5MPgzytbdjaMGYeOws3cbu8QCE8=" ID="C-135847328a65eec3749032b7f1c" ServerSessionID="S-13584732887df835453e5e15f70" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[2] CN=JUnit ImagePreferences, E=john.doe@example.com
Begin Test (PINPatterns:1)
PIN Protection
PIN patterns
ECC Key
HTTPS server certificate
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584732a7af365ab45be4891a6" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584732a7af365ab45be4891a6" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584732a7af365ab45be4891a6" ServerTime="2012-02-16T05:37:14+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BDaLc9jcUC4eSao2sJ+qyCmvw3JkXCaBqLwHGm0Kt7FpoGIKwshneFVRf6BjfFTuMTLecZckfB8+V+/wuh4NTTU=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="bvCpN+aTbCwvRaM73D+CVlMIikLSvUr1VeCkjzJDMe7DEiwX20C9bAs6aNZkHKsLzDYyvLR2Awt+6yJgGkgNMy9dzcWCuSJ/DGwX7b61plPp+9CbqIFWdaENoM7xhQ/z3L8Xekn1Cc3U1RH/QgbYxz+u/PkNnUE0B0IQfs0v9aQ=" ClientTime="2012-02-16T05:37:14+01:00" ID="C-13584732a8a11277f10118a02db" ServerCertificateFingerprint="HwKCofkqkTFXRmyyb/CnWhAcTbQF7w8rl1OqCwyM4TM=" ServerSessionID="S-13584732a7af365ab45be4891a6" ServerTime="2012-02-16T05:37:14+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJ6hwaXeTCjWSMd2AXZZ+Hzo1SwdLi58sV34Qc8XREaQFxq6yl47/2JgWyY2eS90ZVUfbaNrYr5Z4he1cRdiZUA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584732a8a11277f10118a02db">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>9sDEFgG1QPSB2iT/UxEiijSduJjkwwqEONgou1vAUbk=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>PLJKJj/DyFu+r9/Yldohlr1E5HrjRZElbO1uITpIS94=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584732a8a11277f10118a02db" ID="S-13584732a7af365ab45be4891a6" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="h99jQiXXIEen1IT8liuWm3VsVuRC6nejOJDSQ6GI3SA=" MaxLength="8" MinLength="4" PatternRestrictions="three-in-a-row sequence" RetryLimit="3">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="lKewg4CcZ9xz7V5ju4jsIWPlWysoM0A3xZMvWbKuD3E=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584732a8a11277f10118a02db" ServerSessionID="S-13584732a7af365ab45be4891a6" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="BghZWsTjTP0hRr8+zXy+uGB2MyUu5iA1kdkqnq8MuNs=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BHBPgkQqXgnIApDT4XEP81na1LRmaRtedYafIt2RwPlj8rqfnotLMintr2pTA2W6o7efJmf9pRZyQvz95wE9SY8=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584732a8a11277f10118a02db" ID="S-13584732a7af365ab45be4891a6" MAC="UUWVVh6GpiycNqzEGzuOjwtBHwb1Sqb0BOGodk3DK8Y=" Nonce="DPoQe7ABYdPbEYJoZoMbLPpZi9GdG7coICZE7lgTihw=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="ewVEm/Qv1f6jrVXiWZt1xNRmz+vwA39LPjTDSlLYZCU=">
<ds:X509Data>
<ds:X509Certificate>MIICljCCAX6gAwIBAgIGATWEcyrnMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxNFoXDTM3MDIxNjA0MzcxNFowQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUpVbml0IFBJTlBhdHRlcm5zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcE+CRCpeCcgCkNPhcQ/zWdrUtGZpG151hp8i3ZHA+WPyup+ei0syKe2valMDZbqjt58mZ/2lFnJC/P3nAT1Jj6NdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFIceE+pTSZpCl3GM4GRsJV44plCEMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQB5yQ2vhy3JUh1hOd+j6sMKOEN4VoaY9/6SXR/vOwMtP9DA7YZ6De/3i0Fk2Fn/VOUMO9xL7Rgasu3PjFpXY2eyZtDa/56VrhYh29NH6mggiI+H7qeNJscu1S1MHz2Y3kUxouB4VduC7Lm0dgn15mLTo08kcMXhDxK4n0jZqtdgr2gf0pIbC+9NicRLz5nvr40AS88iV4Ry5tofrytz12iLCes9EtO47p1iO9oEcooieJdxeZjxYun0beioCKKjTEF3PL5LWXnUGF1oTlBR7L0Uy/Q2JdjxYKNKwZSIZ3Cmrddw2qd4q+E8oAK4/HiwnnM52KPx7o2uMudxjZ8e3ihr</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="un7BMa0sbGPlyAQTqnxaVW3FgAWxG1SCJwxPnQ9AuX8=" ID="C-13584732a8a11277f10118a02db" ServerSessionID="S-13584732a7af365ab45be4891a6" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[3] CN=JUnit PINPatterns, E=john.doe@example.com
Begin Test (ServerCertificate:1)
PIN Protection
ECC Key
HTTPS server certificate
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584732b45e70c324c64764642" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584732b45e70c324c64764642" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584732b45e70c324c64764642" ServerTime="2012-02-16T05:37:14+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BPgHT+bhf3Xszaxd4v2RXRTI6BP6f2CcYfo3hxnPLtHeEiXCB9C1lMZct9+30MqhG69ehLXx3mX4GxvBE5Um0Hw=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="iKLBIpre6kjgyotKxrYgNMy4/yHTXYxXbkR18plOdMHSZIwLzw+rgh3PoqDR6ii0Atr//CmtHDDZPxKdzTvRj5hbBPVFdeLMC5wUFzvynXp9lotO7ZKMRfliuQSPO0AEfAO2+n/+4ip0WJAo1LFP+n4CSOikpbRSTMpo3oVL2oQ=" ClientTime="2012-02-16T05:37:14+01:00" ID="C-13584732b64314f1d73379c8754" ServerCertificateFingerprint="HwKCofkqkTFXRmyyb/CnWhAcTbQF7w8rl1OqCwyM4TM=" ServerSessionID="S-13584732b45e70c324c64764642" ServerTime="2012-02-16T05:37:14+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJJwrPeSC9/pYmJpqzL1OrPMvqc3mojn/4OB+6Dxhn0/wKp9m4WaQYTetJOtUpPhP65AdkOzvpNG3eOkWWELWHY=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584732b64314f1d73379c8754">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>0uvpJysGx/oFsAe/Dl7iQe3iHkNK4lFpaf4fw4QRWkg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>6QcdZGIxfboK3xUmuZVRqaWAnHoxcTfi30Y5S6XmkEk=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584732b64314f1d73379c8754" ID="S-13584732b45e70c324c64764642" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="MWfFCDNzHoIhT9XlHoeo+nJBOz3xlVJyfwzIwWC06Vc=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="S5PLm4xIRKgV0eyY70n4YOTyz2uvchT+eTSujDKysrw=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584732b64314f1d73379c8754" ServerSessionID="S-13584732b45e70c324c64764642" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="Oh4v10X8jr1537ogrLf+3yoC/jjNnEpIeLEsMBvdK3o=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BGOLDB/HcfdTa/2w9fbySqN3dxLagazqQnh/4JeieyJlqrmdT6+1KvQeHtV9FROLgPktFQrLoKn1yEPZCWpwqnY=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584732b64314f1d73379c8754" ID="S-13584732b45e70c324c64764642" MAC="AF3FJKnRbt75qhYUVH4ei2q4jt/5O9JhNE0vDk6TwbA=" Nonce="uPXtuejkNs0Gp9w231r9XfeFTIgRBXMNv4Zars9pm6U=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="NgEm3Ih5Mrdm/vuQqbOaNLJH/vts6zQviSZ9IhTp5ps=">
<ds:X509Data>
<ds:X509Certificate>MIICnDCCAYSgAwIBAgIGATWEcyvCMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxNFoXDTM3MDIxNjA0MzcxNFowRzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIDAeBgNVBAMTF0pVbml0IFNlcnZlckNlcnRpZmljYXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEY4sMH8dx91Nr/bD19vJKo3d3EtqBrOpCeH/gl6J7ImWquZ1Pr7Uq9B4e1X0VE4uA+S0VCsugqfXIQ9kJanCqdqNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFH+rqFY9vK+SXf+6MyxSgFjYizdjMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQCWPAq2IqmTJsIFvEki5o72I21DD8qjqLPvOzsPBOsSCd1x6RSy4osK4twDq2CMWTeGnTiPJlp3mschuBonD7btYhYeX1sRYhMet4brnr+bGEmxUbWQX5ItfkGHKO0A3nf1FveA/Vk6he9DZ9CM5ORs2NG6gLvrJ69Z4wKiqbPSKlcP3+v39/+SFIw2WYwiH9K6PBCU+H6M4Ry3wB1yvuWTIwFgtr8TPoRLepW02Vrpx5s5p5o3LDs3OHPRVmqYtoqEtHWwd/LEhq5Sl6AUPnMUZz6VmOFOwJRSWzihtwR25sspc3Za9OEci7YvdGAg7J4uJY+fHbOkYKXHOI69/IY1</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="4SgfB1HJPLYNsHwXr0dFTRwPHNfi8dEnOGTnd/6gqtQ=" ID="C-13584732b64314f1d73379c8754" ServerSessionID="S-13584732b45e70c324c64764642" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[4] CN=JUnit ServerCertificate, E=john.doe@example.com
Begin Test (ServerSeed:1)
PIN Protection
Fixed PIN
Server Seed
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584732c2fd8b10f3f2fa8c0ef" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584732c2fd8b10f3f2fa8c0ef" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584732c2fd8b10f3f2fa8c0ef" ServerTime="2012-02-16T05:37:14+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BD7iRkbQIYzrVibqcezE8JCtkeDD1Tj8ovoaIsp0P81z2siHn/Jnscs3Yk4lwoiKjVi63cmsiF2CeewswEKTWG0=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="XOeEEgdW+tdCnTVVO6/75AqDvPU0ZpqjPmuPZFyeoAYvQ7Mk4/I3LAS3EgtYM0x/oKlTBh3pieNXJXwWwCaeJWqf+AnNuqyZUOO+NHAP5vimSO3RQvHdEIDiBUWRkj+XzTAc4Zr1fX0PRAeKrhEFquQGApOvpFHmKBtwLlZEVTk=" ClientTime="2012-02-16T05:37:14+01:00" ID="C-13584732c3e3f7271368f43b5a3" ServerSessionID="S-13584732c2fd8b10f3f2fa8c0ef" ServerTime="2012-02-16T05:37:14+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BO8R5vZEv31B2Noqe9z7q8BgwGOKmVGkaVI71NG4jm2wHTwWQHVsE0sjdiv+kddXmzkUoToO5TdqJl2RSkZEjHo=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584732c3e3f7271368f43b5a3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>QsGmM8x6U0XppxeNHbZLqiFaMdVFpGQRwigkrgZJDsM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>nVKB+cC5Kq/aSgpbMjDVs+PM0d17UkSywmy8ppSRvFE=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584732c3e3f7271368f43b5a3" ID="S-13584732c2fd8b10f3f2fa8c0ef" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="n5v1wnF37Oyu/itZ75k5pFGzZPy3Tb1OCdp/sQokj1I=" MaxLength="8" MinLength="4" RetryLimit="3" UserModifiable="false">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="wq1GORJgRFNs8S0VZC8tWm2imzYluzPUFm1HbweOrw4=" ServerSeed="2Z1heClssSNLZlxLDb2cJxvuCohOZqpUVrh1IIoozX8=">
<RSA KeySize="2048"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584732c3e3f7271368f43b5a3" ServerSessionID="S-13584732c2fd8b10f3f2fa8c0ef" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="tWgxAB20jvPciWIb+Edh+wPQL+oVV2ET5hup3fs64SA=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>h67vabduWC+Kfpl1qqS7duTOZAeNh72bRS581BNquvO6bZ3Nl6W/t1RxCRfqI7uXZhFVTvOlrKwtpQKjaLT3fxFehhpuTqqsxOm+RpiV3ftkWVyd+uKBhQH7HJWIMoyPBN2MoK71lYnB94MAzV0InymFiTrwNuGdMB9B9xecznHY3QwGYQUgHFkWH8W2ItYfxwGR5IeeypFlnO3fSqdNODTLIphsHcrgbgzj7hdORUvcmfCICKUQXkEOD4tAgfCuTnxaqBzciw5E1/gCM+xRyWn38kgpMN2/8J+j0LFh2q3MZZVePVJf9H/ZpVYsjVLKNGZuR7Ko6/btlU8YqaI3gQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584732c3e3f7271368f43b5a3" ID="S-13584732c2fd8b10f3f2fa8c0ef" MAC="Hup2CHbORkXukR2vbDLFC5kKQCQIUhc606M3I7tIm/8=" Nonce="x+MSuRJZ+ONPLv6gtkCYOBXXqrHWZ4y6y9qbSvUtQ0A=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="I9w6RBhV/zAyW+qS2MiW5/SxqgJ7t++2nty2l+WgFDM=">
<ds:X509Data>
<ds:X509Certificate>MIIDYDCCAkigAwIBAgIGATWEcy0JMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxNVoXDTM3MDIxNjA0MzcxNVowQDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGTAXBgNVBAMTEEpVbml0IFNlcnZlclNlZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHru9pt25YL4p+mXWqpLt25M5kB42HvZtFLnzUE2q687ptnc2Xpb+3VHEJF+oju5dmEVVO86WsrC2lAqNotPd/EV6GGm5OqqzE6b5GmJXd+2RZXJ364oGFAfsclYgyjI8E3YygrvWVicH3gwDNXQifKYWJOvA24Z0wH0H3F5zOcdjdDAZhBSAcWRYfxbYi1h/HAZHkh57KkWWc7d9Kp004NMsimGwdyuBuDOPuF05FS9yZ8IgIpRBeQQ4Pi0CB8K5OfFqoHNyLDkTX+AIz7FHJaffySCkw3b/wn6PQsWHarcxllV49Ul/0f9mlViyNUso0Zm5Hsqjr9u2VTxipojeBAgMBAAGjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgOIMB0GA1UdDgQWBBR7xgqbNh9xaPJoXfX5mXEef+sF7TAfBgNVHSMEGDAWgBQAfp3TTGjZutv58oPYDV14K+1hLTANBgkqhkiG9w0BAQsFAAOCAQEAIFeJ89b3li7oPi4T3loJuhFeMrA9qOOcwv5bDo232YyIxG+kKOXp/MGtX1SL0dUFgHmNZN6gq4zRMUL6fRHcrvkoGejnJImGVW2aTzMBDFJkRd8MrJQqUsMOYuvkiOfxGX5gDaloVBj6JGd2+q7CQNav/TId5xq1gK96tFQyyuSs/DUsJrozVQpSxSeFMYzyBhiqVinmeKRTQxpA48/GcJ/Nje9Ef4ZzN8fHCRbdNCOnudvMEBFAmfH5ozphDRpxNmPJdjsl88itJl16v6SSHfRd5qe2Tnt1A46xnlprSArHHsJtnkX7rSqrI8HiQRrUZ+sa4FNeusrIjgiSmr/D8g==</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="NMrctO5P0a2fey8tag5giZCEXhxs3wEbU3TI4/fzOcU=" ID="C-13584732c3e3f7271368f43b5a3" ServerSessionID="S-13584732c2fd8b10f3f2fa8c0ef" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[5] CN=JUnit ServerSeed, E=john.doe@example.com
Begin Test (MultipleKeys:1)
PIN Protection
Multiple keys
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584732d579bb8d14f22d5b9ef" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584732d579bb8d14f22d5b9ef" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584732d579bb8d14f22d5b9ef" ServerTime="2012-02-16T05:37:15+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BDgyOZSciYYz5VXaSU1Si73A8PbzkNXIg6muCZwRR7/TznUjzyN5ErK/T0CnegRXxQ5+2cr+R3QgjRdtH87p1co=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="TFZ0qF/ruv1yBzQaEh97ZEMO5H033t9ut7edoYqSDd3jNEWUeYjlJj7AQcq9XctUuAnmGiFjs2HiQCb2Rqt2Rq4kRCkWEo/XbqMGdsnjHy2onjSBQA8EpOHjbTlQH4mJYp08UU8k2Yix/087XJMR8VDzYazKN5Ip3UjlG8Yg7so=" ClientTime="2012-02-16T05:37:15+01:00" ID="C-13584732d67c58c970bb5dc765" ServerSessionID="S-13584732d579bb8d14f22d5b9ef" ServerTime="2012-02-16T05:37:15+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BCXyp0hqVWvmpOl3rEWHsFwzY8vPzj5UEbNY61WaLcqCJXyfkuTYyCmSaggLnN6olOvGdTnHq7b88VT86KlVinU=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584732d67c58c970bb5dc765">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>iYaloSI4624giiNKd+M3BeQVe7wEOYtt3o+SUXQXpio=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>NfZOCzdu92wabshbUFDQ2v9ViST7n2YMWR43Df6l1+Y=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584732d67c58c970bb5dc765" ID="S-13584732d579bb8d14f22d5b9ef" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="XxwtTgRNU3Snw9yUX7sD3sVxllJORmnpSVThkmO26ak=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="YRECmVYDlLu87sp6hhjVW3XswYkQuMBXZeDXSlqYeWE=">
<RSA KeySize="2048"/>
</KeyEntry>
<KeyEntry AppUsage="signature" ID="Key.2" MAC="JnvAxrssVFORMYZPf8HWcV2qZSWKArF537SAoUHxbhk=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584732d67c58c970bb5dc765" ServerSessionID="S-13584732d579bb8d14f22d5b9ef" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="z8yhu1+2ql9qde596UCs5Oh/RCFt82ky9WL7DATwhvg=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>uO/CBF1ObYpqn6ruH5Uwjn6bJafS+58TKb6BuZBn9FcbIguPY2Esof5s/m9RDVLW/l6m5CWl3EsoKkuQL/yR//J7RtGLMBVL1b7hsrUhsmpoaZ6VnYD1WQAuuDLbEhlnwT9A2m3f9vwnlAptFAHT2rr3cMhPtsBiGCF4cHip7YHc8rXekgeB25ZlkuLpEvkay+Tl4UBwl7IzZqarc4UTpuR+xVVMwAQDd/51UM5hgJdYnSW22ujuKyNVQWLCKEp3TGLmWWMgKhguzzHIzZ/QPAd76mDEA2ln9A83ERo3iLo0DGqygKBOWAx0fg0cewbyo2kpq8y76h4bQedT+Mw5Ew==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
<PublicKey Attestation="CU8w0PNzN8yluFZUhr9jL1nWSH/kiXdC5+ymL4q834U=" ID="Key.2">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BAkOULCsVcE0nD6JRUihaLmOgqicDTaXzZkXqmVpNM21+a4wwvmsW/O3L77hj6nUhqnYN7aJMIzCSEBkoC3QdWs=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584732d67c58c970bb5dc765" ID="S-13584732d579bb8d14f22d5b9ef" MAC="HGOwRw3i2K2aUYd2Y/zJlQGEzzxJJbjWuHu7jfzXbso=" Nonce="LQDxCDycpXoKh9eZbl/L7CSAJGqH9QfjqUk6PpXoEDk=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="wNZwGCSAv5PNjWjbF2+c872GCRcil1beXlL6AAWXCo8=">
<ds:X509Data>
<ds:X509Certificate>MIIDYjCCAkqgAwIBAgIGATWEcy5RMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxNVoXDTM3MDIxNjA0MzcxNVowQjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGzAZBgNVBAMTEkpVbml0IE11bHRpcGxlS2V5czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALjvwgRdTm2Kap+q7h+VMI5+myWn0vufEym+gbmQZ/RXGyILj2NhLKH+bP5vUQ1S1v5epuQlpdxLKCpLkC/8kf/ye0bRizAVS9W+4bK1IbJqaGmelZ2A9VkALrgy2xIZZ8E/QNpt3/b8J5QKbRQB09q693DIT7bAYhgheHB4qe2B3PK13pIHgduWZZLi6RL5Gsvk5eFAcJeyM2amq3OFE6bkfsVVTMAEA3f+dVDOYYCXWJ0lttro7isjVUFiwihKd0xi5lljICoYLs8xyM2f0DwHe+pgxANpZ/QPNxEaN4i6NAxqsoCgTlgMdH4NHHsG8qNpKavMu+oeG0HnU/jMORMCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFICySsAaGTKMNVZamrp0QMkszQX3MB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQB2HkulO/fSNbMk0gOhdktpPqTuNLO04qZ+YoS0ovyF/18T7ccUhiq2n/Tl0IxqUEVs83zrS6FOTgs2WCcqVfxJUOzjOEp7nzJ9u1ZpOzX2+DNGCRvbBE4LF8dBlmEmjrhekNUjF6tDqc6uOtliJHiNAU7CHkjZxsF+AcW3WFcQ755nJ+1MNUwf+gH5YTnQK3NhcEY+3bVUVDDJOlvxXVI67rWo8zF73OTxbBUIEIYlI+ZvA74aBBOpUVPhOBULIpt82JtUiAitnthbsBm9lFBJURMjS5muu68Xwzkrp9y1Ry3S4Z9J7z/44CC4W5cR7mEVeWOooayCWUl4DCEMvNJf</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
<CertificatePath ID="Key.2" MAC="d3Fmk48dYquEdfY3gvvJrlREg3P+oL86OfamS5o6g7U=">
<ds:X509Data>
<ds:X509Certificate>MIIClzCCAX+gAwIBAgIGATWEcy5gMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxNVoXDTM3MDIxNjA0MzcxNVowQjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGzAZBgNVBAMTEkpVbml0IE11bHRpcGxlS2V5czBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAkOULCsVcE0nD6JRUihaLmOgqicDTaXzZkXqmVpNM21+a4wwvmsW/O3L77hj6nUhqnYN7aJMIzCSEBkoC3QdWujXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgQwMB0GA1UdDgQWBBSzl29Scr+7aLUQPHBh1c2EFH/LcDAfBgNVHSMEGDAWgBQAfp3TTGjZutv58oPYDV14K+1hLTANBgkqhkiG9w0BAQsFAAOCAQEAKVfzZQV/5xCE9TOHsOFzIlj+ib2C14167oUrNCtNseECFDKHJnBXyV6zrggxjFEs3gM0DJCg9PT5JOMQgjdJeR4sHY3oUIUL0dE57XidM5vcL+nyCJciPE5slPIFx8mBf+jTS494B7tZZuWfNXMkKVOSRExpF6umv0jgs361lwIgC4VlcuXI55AKl6LmWlpOY1ObPZDxxUgiKXvHL4sqWjMolY3xt7QWR7Euaoj1DDwtW+1vzQ50/qSWfUjmDYWE7LG9eNWxzRiiEPhkmLIfBdIjIbvyyeufff1hFsykojpMqBeMK4LtqssbgI0BvQfxA/2l2V4AVjzzPFtS/uB+3Q==</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="oGUdBuhy4eODjkmHuLrU54qh4KGgkaN/LQVma4IsDs4=" ID="C-13584732d67c58c970bb5dc765" ServerSessionID="S-13584732d579bb8d14f22d5b9ef" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[6] CN=JUnit MultipleKeys, E=john.doe@example.com
Deployed key[7] CN=JUnit MultipleKeys, E=john.doe@example.com
Begin Test (EncryptedExtension:1)
PIN Protection
ECC Key
Server Seed
PropertyBag
Encrypted Extension
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584732ecedcfc63fd9efc63f4" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584732ecedcfc63fd9efc63f4" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584732ecedcfc63fd9efc63f4" ServerTime="2012-02-16T05:37:15+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BEkkQiZhYU1ETGR4CSd8II/glfNb7bXEYNFBgeaQoQpsUElce/qtdNaEQQNkwZZ3Hm+B0ItcaLf7DxrzRu05i4U=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="M0TY3QqmabRajhKht/3DJl92BF+ANx5jvccE2EJSy/gLgvRqBjSntjOkuhiaqDVbiEgXKz8ZiOqducIf4rQmP+0d8jqV8pSBSXrlwpP9fL7bCejGC2Ar1Jz5RZxpm4t+OOWgReHHgOMyByrsEDgxwn3s8o0IDlrKAo0ozvhsQGs=" ClientTime="2012-02-16T05:37:15+01:00" ID="C-13584732edde89c2955d38102dc" ServerSessionID="S-13584732ecedcfc63fd9efc63f4" ServerTime="2012-02-16T05:37:15+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BOqCBA6y7hvAZ0DJYhm6vqwOhowGZZ7u8P4agdSuYehhVbsQ3SyyXQu6w80G4LFiTkM8fy3QcUZutoM4rGzWOks=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584732edde89c2955d38102dc">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>L8WxPk+tqdBspimx2IpRnqJxa0X4LD9uNz/e3SxviV0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>sYQM9zsm66jLHDYDmeusAGXvWSVzIRdgDDBRz0+9/Tc=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584732edde89c2955d38102dc" ID="S-13584732ecedcfc63fd9efc63f4" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="YT5QtTP/mxh8lAKQh3f0POyVVl6THQUBROU8WCriWbs=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="Lg8FELObyfyRuH4+GdnAzW8uZGeXFqkuxO/kwBPezFA=" ServerSeed="Fo4gJif/0Z/bU6Zk36vJ/VjfCsegpCa1HgT8Xo2POcM=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584732edde89c2955d38102dc" ServerSessionID="S-13584732ecedcfc63fd9efc63f4" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="t4G1imRldzwU35bF/XbLd5J6SzB0aXEnHGq+wSEA4tM=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BNb0QzneK1ErAO17+Mzt2SMiGSZm4IVkjlcUVHFgewKpIrlRVW5zhHptZtaqmr+YWtVXgktgV7xAta3lewWHCTI=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584732edde89c2955d38102dc" ID="S-13584732ecedcfc63fd9efc63f4" MAC="d1g8YAbBTIoVmkRjmVECSKWVxcLk5Pq6eF/QOAbSmBI=" Nonce="anQ7euEgod1yS5uG3/8VjBicN4hP/0wem+SqnQUesCk=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="PhB1Z9R2osZaAzXclxbT7ldHcnUq6Y+nFwzMyHaf3k4=">
<ds:X509Data>
<ds:X509Certificate>MIICnTCCAYWgAwIBAgIGATWEcy87MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxNVoXDTM3MDIxNjA0MzcxNVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEpVbml0IEVuY3J5cHRlZEV4dGVuc2lvbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABNb0QzneK1ErAO17+Mzt2SMiGSZm4IVkjlcUVHFgewKpIrlRVW5zhHptZtaqmr+YWtVXgktgV7xAta3lewWHCTKjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgOIMB0GA1UdDgQWBBS50p7mllpmbXCPDHMcEmt3NdlNXjAfBgNVHSMEGDAWgBQAfp3TTGjZutv58oPYDV14K+1hLTANBgkqhkiG9w0BAQsFAAOCAQEAW8ehDzPN/Ms6iu2PURvjKTD5IT41T/IUWakEFL6iR1pZzvFe30g1jezcKpBrVyT/SKWPEu73yq7XF3Xk7RvnR9pqtil5bUp1C44jHnySEpL1dZ+fRgpWNlPegdDBomcvRX7Ys7VBF+MYrs9OccUO43/pMXQj/NtfqNX+iowz3L7wRTOxCdwhDQq4ObJG3ZZ4dgMqn0+7xcTRw0qEIboO06zwrq6oN2vw4Puxd/+oPz+SE+kuJa1Murq3QRxEEIG89zRefm3voriIT+JhEdV3artCAN+YfwhhD/2kXY/Sxu8r1M28iAfiipYJ1Sm6AocdM+AuCoYezGSvOHmIlEWsPw==</ds:X509Certificate>
</ds:X509Data>
<PropertyBag MAC="PRRabX7U+zNXizT//i+LseMUNewHkFACMxpApk4VRlM=" Type="http://host/prop">
<Property Name="main" Value="234"/>
<Property Name="a" Value="fun" Writable="true"/>
</PropertyBag>
<EncryptedExtension MAC="Gh4lHNqhvDjEKaA7zDY7GgMZXBnQJE9S7url1BiFa40=" Type="http://host/ee">m1M0s+xysr10ABZcOYzvyAg3S2yX2h1yqO+BMf03XlE=</EncryptedExtension>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="5Xiodgf65R3AQ+iLuXGr6HOEmlNXnO/XJvixytAQ0iw=" ID="C-13584732edde89c2955d38102dc" ServerSessionID="S-13584732ecedcfc63fd9efc63f4" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[8] CN=JUnit EncryptedExtension, E=john.doe@example.com
Begin Test (InputMethod:1)
PUK Protection
PIN Protection
PIN Input Method
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584732fa8be7d7803fec4f59c" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584732fa8be7d7803fec4f59c" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584732fa8be7d7803fec4f59c" ServerTime="2012-02-16T05:37:15+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BFDZJVP+z/pMImrX8Y2x7d/Zn64tnwI+GP18bz2n1uKj6gbZCZbT52UjrNoReCgxeJA2OUJRymuVNz4/+I62Ti0=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="Kja54ziLvreSh5+KL0eAKC+UZPHDRDi12he0neWnAdGDsKozkYTU37gTLC5zpq+2lj5asyDoP/H43Y2AcXGv9g/8n1o8X/yfyoioMW2AnP7HBN6B/6FRQxKURXSy49dnQopQA517aWZUBHMT4YhPEi25qmjcogpD/7V1gc3dm+Q=" ClientTime="2012-02-16T05:37:15+01:00" ID="C-13584732fb8453259df665ee97" ServerSessionID="S-13584732fa8be7d7803fec4f59c" ServerTime="2012-02-16T05:37:15+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BEtSxL76FnLjgpt9txP/fOjQLd1sppO1cyrcyy5rF0VTEDVC+er9/4TcarvoSB3I63q4o5Q4Ldm2cUeJdd/2mRw=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584732fb8453259df665ee97">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>A+6a+ROvwvA+S1mjpDDHJg46B5cMbipLWdPfHJ60oRc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>4ZMdHJsSexb4aMwxyrPFOLLhXYSDYupPKcEnlKsAr50=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584732fb8453259df665ee97" ID="S-13584732fa8be7d7803fec4f59c" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PUKPolicy Format="numeric" ID="PUK.1" MAC="mhpqdrSAniYdCCLUGY9B5ekFy4a2Nnp3FeabE2rrcP8=" RetryLimit="3" Value="w0uYJbNuJ7UzknwWTxafl1+rh30Q5ZOx4cRsh1IEfCk=">
<PINPolicy Format="numeric" ID="PIN.1" InputMethod="programmatic" MAC="51kLC0E/v0AbvRW4/dk1p2STcrf2wG4yHX5KDvTWHu8=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="BItCx3MBmpKyy3EbOIPCjrw6N7F1rkHIz9mUJtknnNg=">
<RSA KeySize="2048"/>
</KeyEntry>
</PINPolicy>
</PUKPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584732fb8453259df665ee97" ServerSessionID="S-13584732fa8be7d7803fec4f59c" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="FQrjn6QYOA+Wb5MAn2e1/Bqvpt0jLX8Tm3A53mO/dGk=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>rx4GlP4SZMigInZo1GUBYwivpmONWaiKxiJrokf26sg+DoPD2GtETSqSqTMngfmn3X8AH36C9HBf0aEiTVp+haYryRtd+TpOvl4Q2/kgZnWQNx9lg8EC9dS5Ybeb4EOHQk3oG59/xTY+LkiXeVn5LL0f3u+HTl3I1igTcE2muBTSJK3CwVzlrCkIxO98mOLO1TbDuq4MQne1ulRBK5IP0If8QNRlESnOla+GiPbj1gwjcq6BZuilvgQLiRTwca8NVLXfSDQ/AW0jBs+/P44YqDX3VmvAI/VVtlVrtepDarmql+wfen/9JMX9YhoYE0Lupld8yK3wiyqHK38WhhBC5Q==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584732fb8453259df665ee97" ID="S-13584732fa8be7d7803fec4f59c" MAC="hAgezmCocazpFrKEIxK+PkjeoFNf81MpyH3NHFSCy6c=" Nonce="UFgd6dDeLljIitPp1kdRHTz2i0owrXZEHQ3kFdB66Zo=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="ZhvZB0cgCrjshG43DMSKMheCDR7loqF3FjNNKdUmOGc=">
<ds:X509Data>
<ds:X509Certificate>MIIDYTCCAkmgAwIBAgIGATWEczCCMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxNloXDTM3MDIxNjA0MzcxNlowQTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUpVbml0IElucHV0TWV0aG9kMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx4GlP4SZMigInZo1GUBYwivpmONWaiKxiJrokf26sg+DoPD2GtETSqSqTMngfmn3X8AH36C9HBf0aEiTVp+haYryRtd+TpOvl4Q2/kgZnWQNx9lg8EC9dS5Ybeb4EOHQk3oG59/xTY+LkiXeVn5LL0f3u+HTl3I1igTcE2muBTSJK3CwVzlrCkIxO98mOLO1TbDuq4MQne1ulRBK5IP0If8QNRlESnOla+GiPbj1gwjcq6BZuilvgQLiRTwca8NVLXfSDQ/AW0jBs+/P44YqDX3VmvAI/VVtlVrtepDarmql+wfen/9JMX9YhoYE0Lupld8yK3wiyqHK38WhhBC5QIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUhOFMpaSN6rorEeVz+FYFt9R4jVUwHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBAAp0DuPesnQ2SNwVxgbavtN7NOySbDTwFu0fh8IWkMeaGFBY8Fg5WW+uHynTUvrH+ZRgK1UX5C+q3Iv3S1TgnO2ybWe+11zSz0DZS4P3moIMuvON3QB3HtjoZwP16xYnSdme4U1SeWr6pbqfmE/ehbklaYr/orPLbQ0a6kFLxFKEo99sQSEGOEloCx788rSxi6B+XwtuUmWo9Ql83nXCxH1yPj//tXo/aSUK9QSEf3j8kOE4L0mjZrD+PpCSElKk/nFW5wjAHU4uKhcMNKzlBED0JdFVJf2gpE4hI5yCu0XuuDPEToe1ijt0L2jvC5ml2IoyzbqaZKL2Y7jlq9r/bRk=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="JcXGwlaH5O//T/7hXLbugoTqkgoFinLBsRFosH6knvk=" ID="C-13584732fb8453259df665ee97" ServerSessionID="S-13584732fa8be7d7803fec4f59c" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[9] CN=JUnit InputMethod, E=john.doe@example.com
Begin Test (PropertyBag:1)
PIN Protection
PropertyBag
Symmetric Key
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-135847330c1cbd7f536d1d3ca17" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-135847330c1cbd7f536d1d3ca17" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-135847330c1cbd7f536d1d3ca17" ServerTime="2012-02-16T05:37:16+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BOuuOfoxEczzE8n8pfEj6TlqKPnaLLa8CqFUL7RBZQ9m4bvwoYQt1Vk0GCZy5ujem+JTZfwfPPx6gwxpudbUL8c=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="MDbBveSrEgC4BLVysz06rDXVXHUO/XVzOHq0E52M5U5J/m9sfRN7GSBbQW9wEtCS0ZSSHLeiZLL5UDgE0MijuJ6VQfrB743cQ4nhzPM385pkCXLXlauJouQZm4TwOMucMGhrDxBSo1w9fmaxJ6mVf8s2/ZDPRYStyV+okG+LVK8=" ClientTime="2012-02-16T05:37:16+01:00" ID="C-135847330d0f22adb2295b34f63" ServerSessionID="S-135847330c1cbd7f536d1d3ca17" ServerTime="2012-02-16T05:37:16+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJ/t4T/iU8D4/yfdWv3dhXPAPZcHy+9XMbkH5UxZvbuqjDefOrpWd0fJiU4wUxFtiOkmqtKYNwAtpFopXtgO1ws=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-135847330d0f22adb2295b34f63">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>dPQ2BdKOrslatgy8AgMXE+eR2GYtuHTZB3hWCurqoWo=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>ZXk4y7xQekcDirQQeYkhMlF3VAw0YQilekeZ4vUXtms=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-135847330d0f22adb2295b34f63" ID="S-135847330c1cbd7f536d1d3ca17" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="SiWvUCVrdZEQg893KSTzsORCILIuanchrKPKOOm/0eE=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" EndorsedAlgorithms="http://www.w3.org/2000/09/xmldsig#hmac-sha1" ID="Key.1" MAC="8tbKISLrHhl1PfSRJKHZGdD9/LftsIrGXfA9CO3mzFs=">
<RSA KeySize="2048"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-135847330d0f22adb2295b34f63" ServerSessionID="S-135847330c1cbd7f536d1d3ca17" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="Fj08CxaE5nnR7I+mEJzdgfxkbg45FWZ4WAt+jBYwPAM=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>364FXgHEgMSBCNpquZDzKi8BlhAO3oNpDjvRXOpVVu5QDx07Ie9QkA7pJprG4FbC1ZTg4ajx4Vt5gW6W/uXsG1VMubJ4LGBfvlGQ4f1Pdc8C99tf9Pdwnn3ABa4qZpGpTne59dc5vziDRmfWjV7inLwV9hbr9TZqculnAc5Xzb9yzPJYO5l8ge1M6tlUdPJUp0SteiWzDZ4vRyFrrvhCChre7YwfhJm44VygZjsDkxiLT/uJyqkuUAar4hZbTTJXIToZksI8JSU9Yy/Nq7SXKV5xUiaglnWvC3PGH87oiyTLpSi2mD5pJC7AfM+/M3xYxphoQ7lKXeXs4/KgD6cILw==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-135847330d0f22adb2295b34f63" ID="S-135847330c1cbd7f536d1d3ca17" MAC="RbEYagrqjJwq5oZaSY0DoPey4yQ1sIJtu6akif/p1lI=" Nonce="f6/pLWTc4BcZFyaWDlhj5yhMYXh826rvvXmVx2Hg/lM=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="svZI4xrhhbkKUaP0cHTasdx3e7/h9Ic1JZ+KS4X4QCw=">
<ds:X509Data>
<ds:X509Certificate>MIIDFDCCAfygAwIBAgIGATWEczG6MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxNloXDTM3MDIxNjA0MzcxNlowUzEQMA4GA1UECxMHT1RQIEtleTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGjAYBgNVBAMTEUpVbml0IFByb3BlcnR5QmFnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA364FXgHEgMSBCNpquZDzKi8BlhAO3oNpDjvRXOpVVu5QDx07Ie9QkA7pJprG4FbC1ZTg4ajx4Vt5gW6W/uXsG1VMubJ4LGBfvlGQ4f1Pdc8C99tf9Pdwnn3ABa4qZpGpTne59dc5vziDRmfWjV7inLwV9hbr9TZqculnAc5Xzb9yzPJYO5l8ge1M6tlUdPJUp0SteiWzDZ4vRyFrrvhCChre7YwfhJm44VygZjsDkxiLT/uJyqkuUAar4hZbTTJXIToZksI8JSU9Yy/Nq7SXKV5xUiaglnWvC3PGH87oiyTLpSi2mD5pJC7AfM+/M3xYxphoQ7lKXeXs4/KgD6cILwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAz7t3slTsFdoXiIoRRT8kH3BUdLKSTuswARUv90OOnQKH7ypn3qKVI5TfSJWB7LDMMzhdgSX5nNjcBLEsMxc6p5dQLZRUSh/MpENB48tbE2tqiGGMErU8Eb2bG2OWZ3ugr3SpxheOa61znS27245/Fqpsj3JXJtMNj3xVBtS6h2k9OChTdERAOB7WdsZPvDAaTH/1pcJxPQ7AvHYXf85QdURiUCCUpqFCACeKboSf+y9/WF2rfO9BXVWPHKXEDCFrzB6h2oXYQlkBO0cb0NQRCiGpdL7Y+MQf3fiVyiuQaCc3ENE6FuKnSWuImILueOZ1JyRp7gJBngobHnuGvGrDe</ds:X509Certificate>
</ds:X509Data>
<SymmetricKey MAC="bWJvkPZl/K1MSyIugXzFLy3l1NQJSMM/SeKyVn6Eqvs=">eXreqQ8GD2LUzuN4XzXOdcbwPIc0QgQ3/lQYhekEQ2bObK6And7SWDaVXK7JZuxG</SymmetricKey>
<PropertyBag MAC="mk0aqa3SVyvaHDQg2yzPM3wxI0hacl+oNjJ9uIcVDYo=" Type="http://host/prop">
<Property Name="main" Value="234"/>
<Property Name="a" Value="fun" Writable="true"/>
</PropertyBag>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="TjqXUJsJEyW31BIoMLMimbf0L253C692W+CXdaLKqiA=" ID="C-135847330d0f22adb2295b34f63" ServerSessionID="S-135847330c1cbd7f536d1d3ca17" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[10] CN=JUnit PropertyBag, E=john.doe@example.com, OU=OTP Key
Begin Test (ImportSymmetricKey:1)
PIN Protection
Symmetric Key
Encryption Key
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584733208d578a3e08fa0926f" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584733208d578a3e08fa0926f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584733208d578a3e08fa0926f" ServerTime="2012-02-16T05:37:16+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BHCViXsgXQpJiB+t1ZT7cljQFN3LBq9rIdERUbmIoM2bDIiCqYRIps74/Y7m3ZyPxJC5uKiTzC2+sNN5/iZlOw0=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="TDXl6ZN2E81k1yz8wOx9aVcv8N7NfWz+Eb8UOE1eot7MU8bW0EsssBpCI5xDGnz1bqjNklxbXFub9pqMvz4Cwp/Kze6ON8FYAt4nOftkb2Lg7XdwesnKjz1bs+CnFrDZhHDx5W63hhcuM6C20/qFL7VCwA4lr4VKqTRWXxAqPOM=" ClientTime="2012-02-16T05:37:16+01:00" ID="C-13584733218618f5ee112da6240" ServerSessionID="S-13584733208d578a3e08fa0926f" ServerTime="2012-02-16T05:37:16+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BBDDHFq6YJCB2ugW/CnR++0rBRAOwap4pCDAkfI6P0LvId+Ev2LeVhrqMnXwa3HSYmg4lUpKqxKqtOQPV2uhvbk=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584733218618f5ee112da6240">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>W4JSaZaOTMne5wFgKk+AitGNZCHrXbxS0pMrpI06f5M=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>mo814nKdBC1eVSodn0xPFhky/snkWKU7T0F1SqjcM8E=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584733218618f5ee112da6240" ID="S-13584733208d578a3e08fa0926f" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="cvAVb4mcLGnUNtXWWgnOMo01QFfoJRR/x5rQvTKLUdA=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="encryption" EndorsedAlgorithms="http://www.w3.org/2001/04/xmlenc#aes256-cbc" ID="Key.1" MAC="Uy1E6J7W7vH0tXhoBJ6pLfg5+Be+n9f7/BG1d6TqcK8=">
<RSA KeySize="2048"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584733218618f5ee112da6240" ServerSessionID="S-13584733208d578a3e08fa0926f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="iXKuTkgE720mf7AO9C41vdNpMV8jIbpeNc81FLkT+t8=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>wSs7psqHO9Csi+35FwtbNckB1wz0lNxWaQmvfxn+Du7+wWTHGmUwhHF79ROxfdhRiRbrBinuuyXs1SKAseGD3o0ARTtB2T7oyKaftmd8f0ghmxYxfIlAA6oZZrPjm2lyJayaJh9zNaefRacm5ojMIeMzmAVg9KGGSeqB1qzdV0hLuUplXWZzmBToidSquRPaEz5lUVOnpsWXiHyGhLCEMfdac+kCypyzXTIq4cIdRuvHqzJrC0G2Zt9Vq7Uh0d/KFs8udmeYy4l+3Zrhngi7a7fDIicuQDNkHd39tkQ35++gkv0Txp5rKq/N8now8hosIJN27GeD3SDyIoUwsSZL6w==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584733218618f5ee112da6240" ID="S-13584733208d578a3e08fa0926f" MAC="xBlfKt6Cv8xU+2wy9LYcAkF18sseF39mSGEiu/yEyhk=" Nonce="Ic8oSaH38t/dMzIESOBdC29E6TroVgFFNcsmhsnVw80=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="OHVxW9LgPPa3LUvxFUwcoRon3HhnbfRzpw5wl4Cv6YU=">
<ds:X509Data>
<ds:X509Certificate>MIIDaDCCAlCgAwIBAgIGATWEczRKMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxN1oXDTM3MDIxNjA0MzcxN1owSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEpVbml0IEltcG9ydFN5bW1ldHJpY0tleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMErO6bKhzvQrIvt+RcLWzXJAdcM9JTcVmkJr38Z/g7u/sFkxxplMIRxe/UTsX3YUYkW6wYp7rsl7NUigLHhg96NAEU7Qdk+6Mimn7ZnfH9IIZsWMXyJQAOqGWaz45tpciWsmiYfczWnn0WnJuaIzCHjM5gFYPShhknqgdas3VdIS7lKZV1mc5gU6InUqrkT2hM+ZVFTp6bFl4h8hoSwhDH3WnPpAsqcs10yKuHCHUbrx6syawtBtmbfVau1IdHfyhbPLnZnmMuJft2a4Z4Iu2u3wyInLkAzZB3d/bZEN+fvoJL9E8aeayqvzfJ6MPIaLCCTduxng90g8iKFMLEmS+sCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBDAwHQYDVR0OBBYEFLgDFEvMoO2tDQk2yB65u46h5XewMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQA7+sxW2tphi7dCXZK75A42YAIWoIh2VpxSZemXWMUsQNfAi14rDbtkVO3BucsUIsjaAwQ7KIS+aKGlaNOqNTeQP19X6spIMnHXRJ5sn4O77ASaRO6X5oilOhnzRJqd6aNmkvz20ExZmDAaNWj4KyWMyEwh3nuyalDMdxtKPFLB74lt8TzdqkYYC1N37kgpbbMcqYamH9TooNXBQANCGXIxCECBwyquc9n0DYgG1aM55TVnMADh5KpDv+/tCpYPUNUjgSXJtmeboHPyw5kiZhGqhOUctXCDN+C5P8M5WIjk5sK+A5W5z/yPZMzs+IE1f2ZXVRuNhhUqWlJoTuivNuHi</ds:X509Certificate>
</ds:X509Data>
<SymmetricKey MAC="REnn9UXSq1Thw97vucIIqm/i8AnJzp7EGBe4FIsVPKY=">W7CSn4OJfwu+eolcP+XOkrXYgV+y7sv9L3LNMjrlLIVFY3jSV7DAyzGuQFY7+xtjgtkTQJJqhJrbwYWsvrRlLQ==</SymmetricKey>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="xO7LZjnuKdfdhDJWllkE1HXtY+Eu4aotMYANqvYVlJo=" ID="C-13584733218618f5ee112da6240" ServerSessionID="S-13584733208d578a3e08fa0926f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[11] CN=JUnit ImportSymmetricKey, E=john.doe@example.com
Begin Test (DevicePIN:1)
Device PIN
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-1358473347838583180ecd9f350" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-1358473347838583180ecd9f350" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-1358473347838583180ecd9f350" ServerTime="2012-02-16T05:37:17+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BP3jPdnLJX/Tk5eq3+zNjnGCBiMVBrSPkrk4BPBN4QlQn5Y6MQg0T5caynJNjox6yg7LO0VN2VPKrJTWZXuyP2c=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="F1eJtrtcSQcyZ8VXvLcW8BaYnfv4d/JAlj93/4ZXwPhfy72yqBRXHmUpRQcbL59J2S0BU+XzKfzmC72+hUBDAnS/rsvFkeIBoOhULJLPNEGO2EFRBjm4Bh7Co0FTQAevCrdMeir2lkAvh0nRu7h/6y7dHJ5U9CeDu9Tsf64rJeo=" ClientTime="2012-02-16T05:37:17+01:00" ID="C-13584733498e775f6562a27eb0b" ServerSessionID="S-1358473347838583180ecd9f350" ServerTime="2012-02-16T05:37:17+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BNMTiCRhEjrisQQN8Wf3YOtWjpsxB4tYI8XX09msk0nl1+HOkXaM/ePmy6wuNzJi4JEg5iwgJj5MJXqZtYAbVOw=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584733498e775f6562a27eb0b">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>7oMmhKXAEQCXBT8TVCqmhPXdVVUgzSy/0Q4w6Jcigd0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Hea7hYmHzPxCReSkxkI/ydfShueJJaFNx51zCR4AEYo=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584733498e775f6562a27eb0b" ID="S-1358473347838583180ecd9f350" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<DevicePINProtection>
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="VJtNyhsThLbSpKWyoi8676wyE0y/7zXUbsCla5LinEs=">
<RSA KeySize="2048"/>
</KeyEntry>
</DevicePINProtection>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584733498e775f6562a27eb0b" ServerSessionID="S-1358473347838583180ecd9f350" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="0vVjErdy+Q3yicq0JjxrKXz7GWYPiRQehO7jwyNTmo4=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>hzNCG57Ux8vz9pC46EYtOBJQLLY7AwROzDrHI+gQkp46gxorBanSoeN9t/DGwI3iFnSlFjveyQ0DN2IYSiyriGEHqxZhiTEnCWnHzRP3TGyv8RTy1w/PKbVpoRDOg+3zZOzDyDHrcnXrCPc9Y2cDwTy4WKoFd9loyk3YCLiB0mZU1MewtLC7q1qTmCc+wJmV6bal5oSM7YPuhd6su7cfgkpKnjCTfKYHUtnkjriNIcesy+TLMmb2oUlLN6MJ9iK6fMowveBqu+WiE4J8Sxvld5K1XycIB8e7Q0xn+bn/ZqGC+iJGunQLjONZUurwPxpgaOmKrQ3FmdRLR75cerJFSQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584733498e775f6562a27eb0b" ID="S-1358473347838583180ecd9f350" MAC="sXHtjZULEsustbfAyRX5r3h+chismEXizMgDgB2ZZzQ=" Nonce="8v/XF2pcX09zK2Cx6FWgQe2xrDxHzVHmjUTVuuZOcgc=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="RkXNNv2GI01we2BQGYRde75Jfv60SkAReQiOk0UlMa0=">
<ds:X509Data>
<ds:X509Certificate>MIIDXzCCAkegAwIBAgIGATWEczYOMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxN1oXDTM3MDIxNjA0MzcxN1owPzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGDAWBgNVBAMTD0pVbml0IERldmljZVBJTjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIczQhue1MfL8/aQuOhGLTgSUCy2OwMETsw6xyPoEJKeOoMaKwWp0qHjfbfwxsCN4hZ0pRY73skNAzdiGEosq4hhB6sWYYkxJwlpx80T90xsr/EU8tcPzym1aaEQzoPt82Tsw8gx63J16wj3PWNnA8E8uFiqBXfZaMpN2Ai4gdJmVNTHsLSwu6tak5gnPsCZlem2peaEjO2D7oXerLu3H4JKSp4wk3ymB1LZ5I64jSHHrMvkyzJm9qFJSzejCfYiunzKML3garvlohOCfEsb5XeStV8nCAfHu0NMZ/m5/2ahgvoiRrp0C4zjWVLq8D8aYGjpiq0NxZnUS0e+XHqyRUkCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFKJriIVTYLTirbuiA54GULQRhwY/MB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQB1ZAjV1/M/yfBGS6k+1K5MOT6vfqIwisqmoX+eT8ye4OQFuUIjYkxn8aoK1STUGzsZHHTXWnIebo/zpsHUaq/pOr4vtORN3nRI6tr5M6acz+yvW1Hr2C/4BpWtrbxhih1qZRjUJz9r04TCCXi88ArffJhapmPudxChuBajKe5DLlBQJb9bLbmX49enpXY0kbw5F1oEh1v9Hpht0ZMI9KA1EzwufT9Ew8N5hFeU/nPYyfe16R57LLTj1EeQ0cMyOKIIyg6VdRXT9YvcwCiIk3nOStAgS+unjEOu6sNVQxIgnUnmm4HHrMWACdkWXw/sdwg2jq2atNy6WPxEJ6V5nlm2</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="NlYkAWAIAULBZ+ZcxGXmZ9cazIEiUhDjM5XMe8h/vAM=" ID="C-13584733498e775f6562a27eb0b" ServerSessionID="S-1358473347838583180ecd9f350" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[12] CN=JUnit DevicePIN, E=john.doe@example.com
Begin Test (PresetPIN:1)
PIN Protection
PIN Input Method
Preset PIN
Enable PIN Caching
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-1358473364ceecf085457d16cad" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-1358473364ceecf085457d16cad" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-1358473364ceecf085457d16cad" ServerTime="2012-02-16T05:37:17+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BOV/SIkUL1XxEWpz8rlI9r663SIrhi80BPbpKW+zsduoJG1u8a7z7myMawfGyvk+4Ctuu/7UlZ8g/LTfweRp8cY=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="RcgtvbUIX4nhpM3JfhqSZhxxR1TkXM3UAWSCXa6E+Ylyc6qc2shmxV9JgG6pHSIpgExEwMu3+B79yHuiTje41vvRfKnL7R/Pn3VmJDvIYZ3agG79tMycFf6aQuos8Ae2eG3hng7Lrkg49Fni8UGzfkihrWWrMq8tecOfE65qWUw=" ClientTime="2012-02-16T05:37:17+01:00" ID="C-1358473365cd55d28953b15c500" ServerSessionID="S-1358473364ceecf085457d16cad" ServerTime="2012-02-16T05:37:17+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BILr0q3aYAvvOGWG7p6V+kh/LZxM7H4rGLOk6EsqPcvXA0rFW3CZOsB3npJZsHQ4Wd17sKtPt98OaGV4hDtIce0=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-1358473365cd55d28953b15c500">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>GFa6VmGUwkofnANuxQ4CaZhtLSh16z8Zs98pfMMoVPs=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>1mJ4dplq7CVmRw88T37JHm8PnagYo+KnQ3hgN+Eisvk=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-1358473365cd55d28953b15c500" ID="S-1358473364ceecf085457d16cad" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" InputMethod="trusted-gui" MAC="UgsFfKUZaCdm/fZ5LaCrwSQ/GbJKRcSSp/r14v7NYos=" MaxLength="8" MinLength="4" RetryLimit="3">
<PresetPIN Value="/8iwz4lWjfBvej/sHbZmfRtya1+i6y80zZbVTE4YPuc=">
<KeyEntry AppUsage="authentication" EnablePINCaching="true" ID="Key.1" MAC="XWL2j02OLHocSLSYJRwh3NV3O3op0wa6FwWB4FLwPes=">
<RSA KeySize="2048"/>
</KeyEntry>
</PresetPIN>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-1358473365cd55d28953b15c500" ServerSessionID="S-1358473364ceecf085457d16cad" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="4qNuN8jh8OsTETriAPyPyfxpIZMfw8bseWSJU8Y3rWk=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>hcFvxa9fn6CHmxY9kL7jXCdNkwFWP5dCco8+9YfinRsH8hbv+J+yiz3Ju4jie3AsOV1Oki5cS52HrHb0IF/dSzhrDzowKX/vW+UKMJPZPf0Qs3xlaBcWKKurEwlzpvogWzu9jnEoVNn4/b3emqo+ho3Qz6MImIMyMJHiwKWY2j52ckfwxnhRMM82q4dKIW5zt/HF3hkwH9XB4D2LKyBbCPud/eQ1GnMdQ4H6ZpRI0vhks5PzmvSN4W1oJYRcw4uskv33INeoI4Q83B3e9cOpdiZJnWLUNFrqtA/BaCwTym8bUvmsh3k6lun96XPAp1FBr3U1zaDksYm1ht8jv11KUQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-1358473365cd55d28953b15c500" ID="S-1358473364ceecf085457d16cad" MAC="W0A9Gkm6+aokCTdUumYPZPrRMQMncAR47DGzLokFkyg=" Nonce="p2PqSA2rq3NdgigAh5Dr3rvqd4OkhCrNiBk0MrAmXw4=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="bIxMBF20U0muFck8US2rKpufWIIW3CEKOU6TxB4vZfI=">
<ds:X509Data>
<ds:X509Certificate>MIIDXzCCAkegAwIBAgIGATWEczc2MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxN1oXDTM3MDIxNjA0MzcxN1owPzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGDAWBgNVBAMTD0pVbml0IFByZXNldFBJTjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIXBb8WvX5+gh5sWPZC+41wnTZMBVj+XQnKPPvWH4p0bB/IW7/ifsos9ybuI4ntwLDldTpIuXEudh6x29CBf3Us4aw86MCl/71vlCjCT2T39ELN8ZWgXFiirqxMJc6b6IFs7vY5xKFTZ+P293pqqPoaN0M+jCJiDMjCR4sClmNo+dnJH8MZ4UTDPNquHSiFuc7fxxd4ZMB/VweA9iysgWwj7nf3kNRpzHUOB+maUSNL4ZLOT85r0jeFtaCWEXMOLrJL99yDXqCOEPNwd3vXDqXYmSZ1i1DRa6rQPwWgsE8pvG1L5rId5Opbp/elzwKdRQa91Nc2g5LGJtYbfI79dSlECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFGwyf07EMbqwwP1+y6zW3lbshCPtMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQA1HWmRE8zvxX1eEa6TjAmgnjCoIDxHAuvBt404g+9TFgAAv7uDJix5XcCKCHnSn54u8JBbFE06SmFNAOKLxhIqAaqO1mqfguMUgGwsQNeKShV2B8UmZaY6zjlGwn6IcKN3ITR+o84X9QnJ0T/TRNHIqoCpWrkNyKmtT3WxSv0fzDKRpVf+nHiiBjVv26HPR3qusQFy4spmhSkWz3+QkqKRLoVs3jkbulXKKOzow0FZIWrqg61uQM3kDpexW+R9yfGnaax7gzBtWj+0BZQjpHqXM4JIQHVm8uT9N6C/14LngZa/HucXD0IX5xTPUc/uN5Rr/ldsYwSKA7iobijxlCHe</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="wugIVy5J3/2MRjiYdclxk2Ci1G0Vt0FQLrEgRQjxcmo=" ID="C-1358473365cd55d28953b15c500" ServerSessionID="S-1358473364ceecf085457d16cad" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[13] CN=JUnit PresetPIN, E=john.doe@example.com
Begin Test (CloneKeyProtection:1)
PIN Protection
Preset PIN
Updatable session
ECC KMK
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-1358473376560821b68d2652dd2" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-1358473376560821b68d2652dd2" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-1358473376560821b68d2652dd2" ServerTime="2012-02-16T05:37:17+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJw2CF69HhOn1gQmThIHi0B3T6LsoWp0igj8ZRWDAcbSxSgyaen6gzQkw4qvfA5PVme4ro5dFpqD6vQzUDi8jho=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
<KeyManagementKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</KeyManagementKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="NPESZlQHTaex/yGbHpSoVuurrbRp6jLVgktxo0ZmZb3IgNWSQsHNfzKU1mi6kk0LM3/ZSKuJixewN/pblEM3ogeWJS99ky/k8crFW+Tm9BOVLcxsZBrg1cuQHch4EoEyjxnQpz86DVhTLcql7WKA+0YN5eoRjM//YZ4jdF+puws=" ClientTime="2012-02-16T05:37:17+01:00" ID="C-135847337755112e7a6a90a6f55" ServerSessionID="S-1358473376560821b68d2652dd2" ServerTime="2012-02-16T05:37:17+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BC8XdUScer0yqFC31cOqacRuxTf5GEIMeSgJmOznkzCG/db579t4VYlCuRrmBP0JJ3nCUU/5EfJSplsVRgtIypg=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-135847337755112e7a6a90a6f55">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>uthtvHwbIn6jdYY85Y80i/8D2ld0hKUOvX1kvUTHFFg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>RurAyWe61WRGLifM3dFWL1v23+zDChprfqf1a/gNZkA=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-135847337755112e7a6a90a6f55" ID="S-1358473376560821b68d2652dd2" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" Grouping="shared" ID="PIN.1" MAC="tL4qX7viKABNEFgYRWbOX0sBA2ymhuhdewamyGvDIF0=" MaxLength="8" MinLength="4" RetryLimit="3">
<PresetPIN Value="hf/mNxPUTdn6YfxvTqmzdGaz3pUXCa0QuE7peMVlFqo=">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="cvJw+zxVPkJibEjLd4VxZtUmJJJw3UvOb9zj3m/Jmrc=">
<RSA KeySize="2048"/>
</KeyEntry>
</PresetPIN>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-135847337755112e7a6a90a6f55" ServerSessionID="S-1358473376560821b68d2652dd2" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="5HQPo8Gdsmd4IcQ/oO05MfeFy2ipMUzAO7vCc1wdQ7s=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>lR5i+/5ZNvLWK9msb+KtamcUzfbWJwbR/qGyBS7Aq8rbVHht4hYc22ryWF/eMiftvLb8+4NXw3tLt7m49gg9lgS0NwhEde4mlFo3Hi/0e/R41jmgIJAZ0FOy9rgN5LZCMCpMPalaziX3pV6Mk2bhGnAx8hJk9XCLXJy1IP+ZODjGj6OSTrU8juUEKsnMLXy8gakW4XaLiUx2HxJE5eLmOX1gT3z2NnGG0+Q7Pb0JyAPaOHDYhgmcnv/SGvQ2cd1wSEmW3/tU75JvbYuD2Lr8I+8AVJrOHroljTt7FNZ8bZGvq6hF/veaFfbVVpA3vxIH2Dz30qGx2fzLZKJsf6GviQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-135847337755112e7a6a90a6f55" ID="S-1358473376560821b68d2652dd2" MAC="Bs30nInAeUmfWer4T7Vckzim2dTRE3LHoePGgVAMYU8=" Nonce="puYHh02tkCSbT9exN8Ux1yTSeDRHX5PP0GAU9unXPuY=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="/dTytCGUFG/kA10Vk1ZUK0/c726CJei904cV8byNjsQ=">
<ds:X509Data>
<ds:X509Certificate>MIIDaDCCAlCgAwIBAgIGATWEczgwMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxOFoXDTM3MDIxNjA0MzcxOFowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEpVbml0IENsb25lS2V5UHJvdGVjdGlvbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJUeYvv+WTby1ivZrG/irWpnFM321icG0f6hsgUuwKvK21R4beIWHNtq8lhf3jIn7by2/PuDV8N7S7e5uPYIPZYEtDcIRHXuJpRaNx4v9Hv0eNY5oCCQGdBTsva4DeS2QjAqTD2pWs4l96VejJNm4RpwMfISZPVwi1yctSD/mTg4xo+jkk61PI7lBCrJzC18vIGpFuF2i4lMdh8SROXi5jl9YE989jZxhtPkOz29CcgD2jhw2IYJnJ7/0hr0NnHdcEhJlt/7VO+Sb22Lg9i6/CPvAFSazh66JY07exTWfG2Rr6uoRf73mhX21VaQN78SB9g899Khsdn8y2SibH+hr4kCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFDxZjGJEaxYjLVzvYsKCFNJVhyWPMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQCQnoaSCMd8y24J/3d3fjPBo5ZrhLxsECdwg2EnxolCy97S27wC0twQ9uWAMW1KdPnxNSbxAJabhqt+6Hov+FAbrCjlRGCA8ABojAqD6ikwhzaiaKnOxEWCRr8Pe3Fud2s7nphOo0z7Mts+6PZ+5fS/0sSLMX3QB6bHFTL36KdztTCK9o7miL9Z6oKBnqK2kIa4Q0iK5lqedL42sN/JF/3v0WIiFsu36WnZPeKRZ+t6RgMOorCi3bRX2ZkrPBQIM98L/HKyBsrtAkBlv8hj7wvj9PXiVO9ip0Hj0ev8xjdjKnjJu1tfN00DKM91c5Dm/unUtbDhZ8EpYijkOD3E0Dfp</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="UD404UgDI17hObfL3Ula/SaCAL0H1bwRrK7eC3v4RjQ=" ID="C-135847337755112e7a6a90a6f55" ServerSessionID="S-1358473376560821b68d2652dd2" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[14] CN=JUnit CloneKeyProtection, E=john.doe@example.com
Begin Test (CloneKeyProtection:2)
CloneKeyProtection
ECC KMK
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-1358473386e9f14319221521d3e" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-1358473386e9f14319221521d3e" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-1358473386e9f14319221521d3e" ServerTime="2012-02-16T05:37:18+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJuMd902N9Wq6VmjnDr6F1dw6WHPjsiwsXBVHXJJEP1QD02lp/iWkq3qz2lfZNbPLpjXI2aosGlj88ul2c7MGWI=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="mn5YY/TZknebu0+GQUWzniL6h7Z1JQNfQiNsHm5rAQLNZAUA/qv0dbpAi4Ln+Wstxa90vzAeB5eEjH3cTJ3g66pjeJYCIv9RH+S1r6mYJAHoALGt5EBbRdIv0hi3HccPak9ooLFGLEbo48S8L9SV6fBWXu9ECNAjK4JX7QCm9VY=" ClientTime="2012-02-16T05:37:18+01:00" ID="C-1358473387eb6f9d2e00a5996c9" ServerSessionID="S-1358473386e9f14319221521d3e" ServerTime="2012-02-16T05:37:18+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BMnAzHGEoN5jExXa2/iOjLkG0b5dGZ20MoopA3HV5Yu9NGYMyJo/zyJGunYKudwfg7jVgjVaiVNFYreAetfItVY=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-1358473387eb6f9d2e00a5996c9">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>FtJZY/JS/+AMNf/0OsLECWSjJjpRwqQF/cjW4Ua+WHc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>qf7MRuurrVwLou3wftxXMHa++kP0icNAUiD/m7QcAo4=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: CredentialDiscoveryRequest |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryRequest ClientSessionID="C-1358473387eb6f9d2e00a5996c9" ID="S-1358473386e9f14319221521d3e" SubmitURL="http://issuer.example.com/credisc" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<LookupSpecifier ID="Lookup.1" Nonce="sjZXlUH7KB+54oq3BpG6Y1FQ0LbkDyml+WAs4xwDDDY=">
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>Y4JHiIQzbRdQIUXvq80NMwXlm1erUzOFgTb+qzJ6DU0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>VY3eaQ4zJno/WSbYCTXPZa0WwBHmk19alHOd+PXW8ihZSntiKus9MDCpCi6xik6anaKX0T/d0Vaw66dC+4wXvab/Ft6NC3HS2voayFyweXNkPEY5mgjfei8YErq5Hc6wxtbyZTw7xz+Gnc8iqRXoUartn8CBi+9i3mW5CT30t+I=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>xBV+G+LJh1Bh75OUkVDDAbK1d5a+TKdQVmVsjlHInWpe5h9/ZzJ/pb3CcdUH1xsRWJEPPkbxYN15Hq5kG6tJ3GYkRX1AX0knf6BWXsMSxF0LqRbDuTd2DEzeDdB27TI+KKJPAGAqMuvigXu9mgyOTHq0C5Mx7L1LFbRctpkNxeU=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.2" Nonce="sjZXlUH7KB+54oq3BpG6Y1FQ0LbkDyml+WAs4xwDDDY=">
<SearchFilter Email="john.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.2">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>rKvmX05caTJl+8FbSOE9iMGRy/UnXyYbucu5lyomWgc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEUCIQCWsVxkXqB4U+p9+GYTIqNa4NVvaMhAIWGq5DzDP+PfkQIgQyOf6yNylYXVcgCycxDjHOB7cWVGXEtIlxS6Iik2q3o=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.3" Nonce="sjZXlUH7KB+54oq3BpG6Y1FQ0LbkDyml+WAs4xwDDDY=">
<SearchFilter Email="jane.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>inwqF4anVKqeLZHg3kgJnzgiTX11hpvj5EDoCg8rCvs=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEYCIQC9swUyPhkZ6AKOKxYmGMsE5Jp2V5HH6+2ehQ3ujtkTWwIhAIV41T4KEyGcMC68wSomVl/9CvyQgqSM16IT3TdyaQqx</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.4" Nonce="sjZXlUH7KB+54oq3BpG6Y1FQ0LbkDyml+WAs4xwDDDY=">
<SearchFilter Email="john.doe@example.com" ExcludedPolicies="1.3.4 34.90" IssuedAfter="2012-02-16T05:37:18+01:00" IssuedBefore="2012-02-16T05:35:38+01:00" Policy="5.4.8" Serial="123" Subject="CN=John"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>7rjirgnMf1tyNbC9KW3NXjDeOrhg1fG3Sf7BNmAhuY0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Z+j1casjFl3cUlB1QQfalNAzoz2+jjXZuK4vGbhbA38LOuhxeLItYt66GSHCi5B5zMHha8y+YNi5Z+LsB+kLQj7Xog90G2O+LKX4JNDNdPo8UssrpvXjuncCR9BoF0bEcgWRB1DQsTcSJ0Iu4sr1uqUJHlNyJ6ZmBYLlT0R5/p0zicFMkc+BcEs3EYTLrx6FXimiPGXjIhx5VLIxC8B5iLghquU78GmCHUSPQ2HTSE6Jkws/SlPFTIQQNqZsbbujdYkcj4utMHzmEL8mGb546HBNAo293151IFBR9DYeL6VBWpILvl0s2IF0pVg08AbT06+3MYvQmVXOsE+KxeUcZw==</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>nU9zexF+jmgH2UUPaN9GoX4ENcA6wCNU5HHZnzt8uD9kT8fz5OpuvuBU7hMXzw7mHoVX5DIFc1mLiWGD9HnhQCTXGyFcjlKJ3AaRpwwJ1nTvBMkD+etTM4CxwO1qBK6ypLFELrwfMT5fiP3ZnxzAHkbxV1rQ6maQ+StZSuqo8tYPRKJdQ9Q8UP/8MjdK5ei8ue7kCdS0rzx67ENRASjKavqVTEVwU78ADRkBI+GsnZSdCNK+54URubmTaKXM2YHYk0BTv2X9ttBXW+ojGBz4wQPkcO9v2n2fxXjknHNtuaz1PMwn+izd0HomVOae0iV4aWxQJMY4k/fv5xUNIME0gw==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
</CredentialDiscoveryRequest>
| Pass #6: CredentialDiscoveryResponse |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryResponse ID="C-1358473387eb6f9d2e00a5996c9" ServerSessionID="S-1358473386e9f14319221521d3e" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<LookupResult ID="Lookup.1"/>
<LookupResult ID="Lookup.2">
<MatchingCredential CertificateFingerprint="cNLeRvAE0cldgc/ivKFNK5N1Voc2pUBDejPBGMYZZKo=" ClientSessionID="C-135847337755112e7a6a90a6f55" ServerSessionID="S-1358473376560821b68d2652dd2"/>
</LookupResult>
<LookupResult ID="Lookup.3"/>
<LookupResult ID="Lookup.4"/>
</CredentialDiscoveryResponse>
| Pass #7: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-1358473387eb6f9d2e00a5996c9" ID="S-1358473386e9f14319221521d3e" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="dGzbbnPJGTvp1vVbYYf0d0w4ZSp3eC81/KeDMioHe9M=">
<RSA KeySize="2048"/>
</KeyEntry>
</KeyCreationRequest>
| Pass #8: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-1358473387eb6f9d2e00a5996c9" ServerSessionID="S-1358473386e9f14319221521d3e" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="R45q/DOGmWswmqSU4Y5jwKQPhfY9xYU0opxwXRP7tCY=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>uaobcdduvddGjLtRSMt0jmmWaWF832DsrHipX2kGD272uJkuOq8Seevjh+0klAwTdZ5Wl5uoJIPMHQXPPXIg9nfeagBDXHbhgvEJjBGY/k5AKhDpEn1sE8PHB48tZK8S9bkHktrqp4Z7sgFG9/P1MeBo6GEcjDNrFblOxMLsb6FUlC2j0j7UwPgjCQlmIGJ3KG5/917uJ0Bt3tKiVzxMgROpSsQFhBOFBrbGVzDFP29TmooSDynmKtlrzeBlhjX6Xz99gngKZjF0pHIxX8om44grgpwSI+ksLM8XhtLwAca+ooX4ye8WWTclaKVRhlHYEU6DWNYXgpIb3SFYyYnTZQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #9: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-1358473387eb6f9d2e00a5996c9" ID="S-1358473386e9f14319221521d3e" MAC="wnCocqkVmmI5WapbhGmVDD+m6Shv5eTN0ERuMDiydNY=" Nonce="IxnYE4FrlYOwFlVHaAubB/ES6Y1S7Qo2KY/AuASSGB4=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="IAzn40QY/ss8zvsZWmabKvTckhSnJ3uarKsv8XU66J8=">
<ds:X509Data>
<ds:X509Certificate>MIIDaDCCAlCgAwIBAgIGATWEcz3bMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcxOVoXDTM3MDIxNjA0MzcxOVowSDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xITAfBgNVBAMTGEpVbml0IENsb25lS2V5UHJvdGVjdGlvbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALmqG3HXbr3XRoy7UUjLdI5plmlhfN9g7Kx4qV9pBg9u9riZLjqvEnnr44ftJJQME3WeVpebqCSDzB0Fzz1yIPZ33moAQ1x24YLxCYwRmP5OQCoQ6RJ9bBPDxwePLWSvEvW5B5La6qeGe7IBRvfz9THgaOhhHIwzaxW5TsTC7G+hVJQto9I+1MD4IwkJZiBidyhuf/de7idAbd7Solc8TIETqUrEBYQThQa2xlcwxT9vU5qKEg8p5irZa83gZYY1+l8/fYJ4CmYxdKRyMV/KJuOIK4KcEiPpLCzPF4bS8AHGvqKF+MnvFlk3JWilUYZR2BFOg1jWF4KSG90hWMmJ02UCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFNNLrRi48K/jPbRrqX1fbuLTmxTBMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQAp6fJ/Vq0QuAKcsBmPIX/4hGaJbVKF9gvN8Q21Aj9k7kTZQT8H8FP3HLWRM9Tsmp5iGMpfYjCR3d6T+4XA5xjmVTcvA6mKna2yc1ZyU1+7WnPdHIYHKSrNiUNX4tZ7t+0Vx075yWqY4upKLf6zR9/w8DfVz28/nkyF0VG9T5FUJxYRLrlfcvmXPW4mJvnPFZWZnfAa9zOBzYzhUBMuj+zmoWFCOiSiEO4HIzuxR+Z3i9f+wpJ32eLeANDNLF93TauQvURwr6Mkv9pYpCGR2013j1p2UWNNWSI7PtoxuVtx1gPAKC1C5LucGVeuxtMqG+86H4ocdkkaJ2VbA9z/KIgz</ds:X509Certificate>
</ds:X509Data>
<CloneKeyProtection Authorization="MEYCIQChW8r9ibibBMoc4L5HOAP15jHeQ4Y1HUPk9m7g9XhUdQIhAJCNLrdXCcQSZ077pbAKKpn3utSrTt5PMnLrENy2ErFA" CertificateFingerprint="cNLeRvAE0cldgc/ivKFNK5N1Voc2pUBDejPBGMYZZKo=" ClientSessionID="C-135847337755112e7a6a90a6f55" MAC="dlbRwjPjZ7p4BmmdnZE7638XbqnG05PNql2vBQXxCkw=" ServerSessionID="S-1358473376560821b68d2652dd2"/>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #10: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="57erh8Uhgffl3PW/IzIApkdat2JA89efjQhQ++M/f8s=" ID="C-1358473387eb6f9d2e00a5996c9" ServerSessionID="S-1358473386e9f14319221521d3e" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[14] CN=JUnit CloneKeyProtection, E=john.doe@example.com
Deployed key[15] CN=JUnit CloneKeyProtection, E=john.doe@example.com
Begin Test (UpdateKey:1)
PIN Protection
Preset PIN
Updatable session
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584733e3839ba1e998ba180c2" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584733e3839ba1e998ba180c2" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584733e3839ba1e998ba180c2" ServerTime="2012-02-16T05:37:19+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BPBBRDD1WQi8LQF6uX39Q4zVhWzSlc/jZ1NvTWCTLC2vTGA5Wm58W6bx/KM6FX73Hi/McONPGRXy7Z3crRClH68=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
<KeyManagementKey>
<ds:RSAKeyValue>
<ds:Modulus>xBV+G+LJh1Bh75OUkVDDAbK1d5a+TKdQVmVsjlHInWpe5h9/ZzJ/pb3CcdUH1xsRWJEPPkbxYN15Hq5kG6tJ3GYkRX1AX0knf6BWXsMSxF0LqRbDuTd2DEzeDdB27TI+KKJPAGAqMuvigXu9mgyOTHq0C5Mx7L1LFbRctpkNxeU=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</KeyManagementKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="mjDuDQdOKuLZPC8Fvm8klMKbOMkN/tibnUvnjcWwfA/6Gka/cAg3fWIo04odcyjBSQMMu8AxBGpahh6983FO5FI6AAlv9gs2oJDEEyVpIKgxu52gUFz6R1VIv7DPulQVKFErGZPOiuOQPP9wBYdpZ6MB4ZqH29PKB4ZKUhCWCFI=" ClientTime="2012-02-16T05:37:19+01:00" ID="C-13584733e58f88994179c2a7ab8" ServerSessionID="S-13584733e3839ba1e998ba180c2" ServerTime="2012-02-16T05:37:19+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BDa3CaiOBuhQo4bSwQjIt/e3bv6RKJrakl9HonBQhk+UcCkElM6QDJeZ8sEUhM+klVNBu2ggDIEAeH+tx5ebbYo=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584733e58f88994179c2a7ab8">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>jEVdblxC2GelQDjV7riLZhLpfX3iC6/rsf1S0u9oUCo=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>jaPCmnkTQezRk6l0IWq1kofRFR6jXustlTS33IR1jRg=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584733e58f88994179c2a7ab8" ID="S-13584733e3839ba1e998ba180c2" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" Grouping="shared" ID="PIN.1" MAC="EJsxJBmK5VZFN0sOBTKYRhel28Km/Vg6CmJH4W4VdpA=" MaxLength="8" MinLength="4" RetryLimit="3">
<PresetPIN Value="Hs+6mdhtflFsw/WUwahPNtn+xWXny9X44WxqkdbTUPg=">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="kjo4br1geh3Bsr8xlLfqGIj04ISrf+upN1e32i1aF+4=">
<RSA KeySize="2048"/>
</KeyEntry>
</PresetPIN>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584733e58f88994179c2a7ab8" ServerSessionID="S-13584733e3839ba1e998ba180c2" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="V+K49TCmzPPmupkq1Op45lfysiEkJHyQmLHuS6eYBao=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>nQ5P95jlantZjKG/hvyWJq4vU7rO3FF0YiCByGVi6/pYPyLjwcYOR7j86F+x3nL1euR4w7XQ81FIAEQOVhX1YHUbeFVIy1px0bksE+jHLZqF8kawKUp3ZAFiN6d0//4vW7GWI17vJnhJ6wpdcXhjglEjSVMZfdb60ikuyq0hIVykZ506SL/wnOdTfxnMagHjvgcccbBh5CUpyFcVeNO0BYZwGZ7m5TLU/kRIdyyIb+JYLzoMT1xpviylJ5t60DQltOGVYz72PxbflpgK6eE3P526FF4BXJO8oE+9aNRhWwPwodipshrMXl5NUPi6/Gzbj0sLlymcB49gwkpH4ck7BQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584733e58f88994179c2a7ab8" ID="S-13584733e3839ba1e998ba180c2" MAC="J/EtzPznRW1xvVh21RqwljzUPk+tjVxnQCTG9A9ILvc=" Nonce="Frb7HObxRBpqjWPoP1tLWWluL8M/42AxUnNuZ8E6GLA=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="hnblRXX9S9BhUrp/iC4nbjHRcafPKQdukuu9itWZC7o=">
<ds:X509Data>
<ds:X509Certificate>MIIDXzCCAkegAwIBAgIGATWEc0E1MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyMFoXDTM3MDIxNjA0MzcyMFowPzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGDAWBgNVBAMTD0pVbml0IFVwZGF0ZUtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0OT/eY5Wp7WYyhv4b8liauL1O6ztxRdGIggchlYuv6WD8i48HGDke4/Ohfsd5y9XrkeMO10PNRSABEDlYV9WB1G3hVSMtacdG5LBPoxy2ahfJGsClKd2QBYjendP/+L1uxliNe7yZ4SesKXXF4Y4JRI0lTGX3W+tIpLsqtISFcpGedOki/8JznU38ZzGoB474HHHGwYeQlKchXFXjTtAWGcBme5uUy1P5ESHcsiG/iWC86DE9cab4spSebetA0JbThlWM+9j8W35aYCunhNz+duhReAVyTvKBPvWjUYVsD8KHYqbIazF5eTVD4uvxs249LC5cpnAePYMJKR+HJOwUCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFFcPokdXHDDJ7vvE5Vbze5dBy/ODMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQB2Gprxf/p7eltVH92DnRMvr4py6Uz7sKbWgBEistJib8scAf8UGS1AWTZaPI5GT44UDWZY8x0YM+3zDZaKNNkd9zY9bf/Sd5NvP2W1Bv0AdNT8JO9KBz26FQot3GUcTv+NU/LEaF5ChojMWvw2MFDo6uOhdCslScAc4iGO5A7DYArLGP0dQUf+z+YzgycERFlcsbPmjY7X1RNBjAActn4zYW6TiEBr6EffhQJNCi62PRL23K/jdvrtdFkioJtRJcXHH5ynU57abEOoTEuKr9wDOczca13m30Lprphklt0EdYRfNjxkPZYOh1S3+0vet4UC/w2h3lGPwZtjGhgqbTZW</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="kECGik9DeGWnAqruO2+Mgm+iYoy4dc3MhDgfT++OhMo=" ID="C-13584733e58f88994179c2a7ab8" ServerSessionID="S-13584733e3839ba1e998ba180c2" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[16] CN=JUnit UpdateKey, E=john.doe@example.com
Begin Test (UpdateKey:2)
UpdateKey
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-1358473417370960413f4fe108f" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-1358473417370960413f4fe108f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-1358473417370960413f4fe108f" ServerTime="2012-02-16T05:37:20+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BOfqvINlGNSfCQl7oEiZNZOstnmZ8DCu4deHYUqVZ8iqECBmJzUATEbAfhxVV0TI1pc8md696M1Q87+OMpH5Wfg=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="MOwESy2OTHZAYZUOC8iY76v1/F2yxQLzrs+E5DmH0sKjePBtXDOIu1VbRn+vZAh8xEJlE+xxXt/zsw7hhBKdmjMSoHNWkwmAnWEYnoBXixCA95z/USTYAWoZgF3bK95UYtK+Oa/LTBDcWkq/lQ7QR3xuCeDhQhKMf/xwlWdrr0g=" ClientTime="2012-02-16T05:37:20+01:00" ID="C-13584734183e21d4d49d54b248d" ServerSessionID="S-1358473417370960413f4fe108f" ServerTime="2012-02-16T05:37:20+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BIiq0OA5dGewpInz3C9rUdBGLtCr5CQUP8cjYjorjEsYS8eHntdK/UxPkWQW5gBPXMRDJEKxHiQkEc2lslqe1Mo=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734183e21d4d49d54b248d">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>gZ1T5WR5khBD37eUj1thHG4qeovBC30eT4N+Wyv6/qU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>mr3ruWaaTSlZ36K+TNdKnvuzXh7VUKguSCYLRG9minU=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: CredentialDiscoveryRequest |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryRequest ClientSessionID="C-13584734183e21d4d49d54b248d" ID="S-1358473417370960413f4fe108f" SubmitURL="http://issuer.example.com/credisc" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<LookupSpecifier ID="Lookup.1" Nonce="CkSpIgCEyaZ/+h3iiBBy0v+DNobK5Tgg+xlDczK3rr8=">
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>0iZ3pbbNTVj/q6jvfJyPhTko+Gi/LKzh3fSnZCrtLNE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>c6uF3UMSP6xslyV0b7tj36aY34tnFL1KJRH2Zzesy3UbXeRnY8kgtNteZM4Wc3L1P++SGzaRTLkjF7aQXGZrkDWFDraY8dpws5QywYKSMmcPBpqguRyGye/Jqfk++uxQbDtj4GtkLeAG4ISKezEC3xUGgZ8X+WMdwhQiIt+s9t8=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>xBV+G+LJh1Bh75OUkVDDAbK1d5a+TKdQVmVsjlHInWpe5h9/ZzJ/pb3CcdUH1xsRWJEPPkbxYN15Hq5kG6tJ3GYkRX1AX0knf6BWXsMSxF0LqRbDuTd2DEzeDdB27TI+KKJPAGAqMuvigXu9mgyOTHq0C5Mx7L1LFbRctpkNxeU=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.2" Nonce="CkSpIgCEyaZ/+h3iiBBy0v+DNobK5Tgg+xlDczK3rr8=">
<SearchFilter Email="john.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.2">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>QW0xfR2tSzuij5NTmLEvdhRLz1MobIZIWTft7AX4yyA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEMCHzfSMVGl2AldSWiB7w9Vi/pfPVpI/lDwO4uKOtKeEKgCIEct5NhqP2iy+3dEkXsc1/2/+3LetJ2Bm9REnLt7/jdZ</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.3" Nonce="CkSpIgCEyaZ/+h3iiBBy0v+DNobK5Tgg+xlDczK3rr8=">
<SearchFilter Email="jane.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>LLPeMq7k8e2GLt2AA4WhxjoFrPDFQ6BWe5blGfI7U80=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEYCIQDSGuWrnHlzy28ABq/KVhs90fvjuMsKgMgQu77BQMxReAIhAL0UlU4okXgYLo9NF/y6M+28HiQMccAqVlO8qjln9bSY</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.4" Nonce="CkSpIgCEyaZ/+h3iiBBy0v+DNobK5Tgg+xlDczK3rr8=">
<SearchFilter Email="john.doe@example.com" ExcludedPolicies="1.3.4 34.90" IssuedAfter="2012-02-16T05:37:20+01:00" IssuedBefore="2012-02-16T05:35:40+01:00" Policy="5.4.8" Serial="123" Subject="CN=John"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>8pDdvGhXCN3MTyuNgXTWQlSrz5HU+fhW1XzzzRaki4c=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>LyLY1wocGmhzd37D3fP4kfZRJ4sTBvIIAzG7Tc0Ja7MF4UxL1HUp7ZIpknh0kLMvD5a1N+HmthitUKbosPZkoEOddE95rtqlPE4RNHg0aMrPkxRYjAa7J4BuGkyXnsJPBbeBoC43tFzmxBub5Fp8SeTKYWXnUSYIHwYKiqigGTj5WsT9iC63Dk4Vqx32B6onpqyglseUDEpwo/9yVh2MLKc9x8eLlGMUkeyg5Yi++O4Dxw0Rze+nuq78tuapewqn165YDwly3XtV/oWyZ5eEgXyzLyqrqc/27/YSaDzc7QD03iaKXJN3JAiWOqMpC/pFF6rOTAqNpa83pNZadrUCAA==</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>nU9zexF+jmgH2UUPaN9GoX4ENcA6wCNU5HHZnzt8uD9kT8fz5OpuvuBU7hMXzw7mHoVX5DIFc1mLiWGD9HnhQCTXGyFcjlKJ3AaRpwwJ1nTvBMkD+etTM4CxwO1qBK6ypLFELrwfMT5fiP3ZnxzAHkbxV1rQ6maQ+StZSuqo8tYPRKJdQ9Q8UP/8MjdK5ei8ue7kCdS0rzx67ENRASjKavqVTEVwU78ADRkBI+GsnZSdCNK+54URubmTaKXM2YHYk0BTv2X9ttBXW+ojGBz4wQPkcO9v2n2fxXjknHNtuaz1PMwn+izd0HomVOae0iV4aWxQJMY4k/fv5xUNIME0gw==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
</CredentialDiscoveryRequest>
| Pass #6: CredentialDiscoveryResponse |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryResponse ID="C-13584734183e21d4d49d54b248d" ServerSessionID="S-1358473417370960413f4fe108f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<LookupResult ID="Lookup.1">
<MatchingCredential CertificateFingerprint="EBHuUdWHgiEsJQtlvDr5biSRmHZHyHFoJN+k7f2M7JQ=" ClientSessionID="C-13584733e58f88994179c2a7ab8" ServerSessionID="S-13584733e3839ba1e998ba180c2"/>
</LookupResult>
<LookupResult ID="Lookup.2"/>
<LookupResult ID="Lookup.3"/>
<LookupResult ID="Lookup.4"/>
</CredentialDiscoveryResponse>
| Pass #7: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734183e21d4d49d54b248d" ID="S-1358473417370960413f4fe108f" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="4HP+pYgFtV0QCba2V0CqyIpOcbPQOQS84TydhgRqKMQ=">
<RSA KeySize="2048"/>
</KeyEntry>
</KeyCreationRequest>
| Pass #8: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734183e21d4d49d54b248d" ServerSessionID="S-1358473417370960413f4fe108f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="ipoar6XdTfSxl0M8ClMGUzxsz+VH8wxUbZvXKHMeITo=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>sMN0L68BlQSZ6RaawWvhaPp74OOwmv2dsN0Npi6RxAYEhykl1yWcV6Wmkw8N1ZkPGiYXNpJ+pUJoYj/EQUlSalAWZl0gX8VoV4mT3Vbq1mNCN1dPrTTlAzQeFZIW6+8Wfn6RuzbNmcGOPdvT324BYNiszbS8S0oEQFfcBgtRTlbYN/G9Qrr8CEV4wnzyVkxPmMXIkdzPBAYHFUCD9JM94BRkVAApxUmpSfx+Hu8C9AohAl4Y/QlSemOSPjzvsiUvrYWso21R+agd+aCvba8pPZL/AIEnFO9DlvChzpQHtBiDQ+2Ehv5PkVKS1Qn4HXtJTbHuYQsGPmOA6aGs+oB4jQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #9: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734183e21d4d49d54b248d" ID="S-1358473417370960413f4fe108f" MAC="Cm2ZitkxNFja5ihkHfpT1HwSGb4psBrLstDk4ct4c94=" Nonce="CbCXXLDEmb53jwGLhjrle1/PWIOZSJT2IwGGZFpJ8Uo=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="K9L7ug+4ZJn/Y/ARSCwzcrkP8z2clg8VV2m7npvMB7U=">
<ds:X509Data>
<ds:X509Certificate>MIIDXzCCAkegAwIBAgIGATWEc0PEMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyMFoXDTM3MDIxNjA0MzcyMFowPzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGDAWBgNVBAMTD0pVbml0IFVwZGF0ZUtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALDDdC+vAZUEmekWmsFr4Wj6e+DjsJr9nbDdDaYukcQGBIcpJdclnFelppMPDdWZDxomFzaSfqVCaGI/xEFJUmpQFmZdIF/FaFeJk91W6tZjQjdXT6005QM0HhWSFuvvFn5+kbs2zZnBjj3b099uAWDYrM20vEtKBEBX3AYLUU5W2DfxvUK6/AhFeMJ88lZMT5jFyJHczwQGBxVAg/STPeAUZFQAKcVJqUn8fh7vAvQKIQJeGP0JUnpjkj4877IlL62FrKNtUfmoHfmgr22vKT2S/wCBJxTvQ5bwoc6UB7QYg0PthIb+T5FSktUJ+B17SU2x7mELBj5jgOmhrPqAeI0CAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFLbrJChflnOK9+IwC8NpgZRT4o6aMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQAacwJaRXjfQjdLy4+mJkU7nTDtWe9b1KBMCBCQrEX1sYDOpxwPWNJeKd7/h5GUYUH76W9wJch1ag2paofL8astKMiOAzTpNO9Fi+Y3OphPCfyJwEU9E1O4Rixr3b4nZHHKbDCTHOYn0OzS7s/NjumcItK146zbgEm+0v30mRcx9xFmTBN59ZxhqHR/nciRx6ntin1/CqZuP7jhlya3rfrqismsyi9hBuwJuxrQeKesX5P+t0Hrvmipu0cAQ+FNlFiXIZT6JaR4XelAlkXfPRyx6EGS3qHg+PJeo+q1ZtM84/XgAjf3gSP/hfArRTtICCiFmdSh1HSQU2EPdCGFDzFI</ds:X509Certificate>
</ds:X509Data>
<UpdateKey Authorization="Y/JDlv70JG6NMt58FPtXxNj0h3t02sA3LJiI+v8wAp0mojZg6PZcZMnGWL7gaqhva57cC+woIkgSWVD0L/CLLhWRqEuy1TcxR2w9ZSqmGiOfVNMNyyOCdarCLAed1qLgMfFYYNHgPahKsD3a6HLGqWu7bTrm/y8N0+hTORtk9Ts=" CertificateFingerprint="EBHuUdWHgiEsJQtlvDr5biSRmHZHyHFoJN+k7f2M7JQ=" ClientSessionID="C-13584733e58f88994179c2a7ab8" MAC="KzES44LZqM5XvBqLrGUz7C/ZrTq/eiX6jBg6QG8+Hi0=" ServerSessionID="S-13584733e3839ba1e998ba180c2"/>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #10: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="lR6Z/RX7Acm47yDR+I4w3LoAYD5zXBB4GSx6drqIvQo=" ID="C-13584734183e21d4d49d54b248d" ServerSessionID="S-1358473417370960413f4fe108f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[16] CN=JUnit UpdateKey, E=john.doe@example.com
Begin Test (DeleteKey:1)
Updatable session
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734402262b564df307c5f" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734402262b564df307c5f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734402262b564df307c5f" ServerTime="2012-02-16T05:37:21+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BH7jo8D4TqAAZzwfgwI7HWKP3Htp3K2+MfnFRDUD6ABtkUW792WPuc7SqnrBikTd6Q76K9Q+gRFwAbruU43ZZFI=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
<KeyManagementKey>
<ds:RSAKeyValue>
<ds:Modulus>xBV+G+LJh1Bh75OUkVDDAbK1d5a+TKdQVmVsjlHInWpe5h9/ZzJ/pb3CcdUH1xsRWJEPPkbxYN15Hq5kG6tJ3GYkRX1AX0knf6BWXsMSxF0LqRbDuTd2DEzeDdB27TI+KKJPAGAqMuvigXu9mgyOTHq0C5Mx7L1LFbRctpkNxeU=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</KeyManagementKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="OjUeeXlexKU0od+6NunzrReWX4M/qkKyTCsysE6aMnjLxJolDdip/KSoXVtwYa6lZaqu3mAY8mAmpuJqD/+8+TUKSCj+02z1sNlju9oTQQ7E8j5PPkKS+YqyHP8xCGI/0SRNFZJA2DSmGdnB6oQuNxYoatCJFwEpki+UrcQEC/M=" ClientTime="2012-02-16T05:37:21+01:00" ID="C-13584734412d4b546d52518d65b" ServerSessionID="S-13584734402262b564df307c5f" ServerTime="2012-02-16T05:37:21+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BI8su9dCnBCy+z34UejmO1Ku6v2gT1nGbJdqVeYqbsz3YQgML684kB8lfruodfn2y0MgQxiKsa87dN2uNOSLdAU=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734412d4b546d52518d65b">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>X0lODOh6cnwbeo/jSHTPzkrzu0DZ1JtzN0tWdWkkV9o=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>pQ5kI10PmT4m+iHK/T30C8Z69gBYMKUOiCFnkyHirIw=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734412d4b546d52518d65b" ID="S-13584734402262b564df307c5f" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="2r5gwBqwJ77lyPZlnnwZj/emSiklTYxNIlzIi1CI9fE=">
<RSA KeySize="2048"/>
</KeyEntry>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734412d4b546d52518d65b" ServerSessionID="S-13584734402262b564df307c5f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="wdv5r5j4vR0dlzezG1VQjQziZK1j5oA7zdqZ8nrLjok=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>rGs11WVdWItWiwNMs2KqXLJ1JKhcYUSXk2FenRlQ8+xyGUwzoKX+ws8zDr5LySK4vY2W3siFj44q3BQfWGrqu5BxMTqzlPfdSM0rwT6UUtrvNzhtB+eSfstBZFiidH4Nm07Kh7IAJzVueKBspRuMEL/M/sf1DG+MQ48va/euhX1l3cKq/cTaG5HujLAL4yQrcw7MIFcRaKgAhGnN0cdP4Zk6tiNWHuDOcyQH5gyLj1t6nsaEV/HcLcDKHk27fCYO4aYKt0JkZINqEZyxAkbVivC5ezsaCcVMaYyB7BGMuhqAatcUV9w1d2e3rER1YDB8SAWVlzsJ08b0Or/jHcTyrw==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734412d4b546d52518d65b" ID="S-13584734402262b564df307c5f" MAC="HMfJf7YEsy4OSmHlgHtb6PUQ1sybouc0+r81G0ahydw=" Nonce="WA6g+85wvZFhijfsVZsothv6k4KVhYvrDPjIoZZmy7s=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="KX/zUje0JMZ8HSa3cJOv3NSXQ/tmOrlmUcRyOFulqfg=">
<ds:X509Data>
<ds:X509Certificate>MIIDXzCCAkegAwIBAgIGATWEc0b/MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyMVoXDTM3MDIxNjA0MzcyMVowPzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGDAWBgNVBAMTD0pVbml0IERlbGV0ZUtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxrNdVlXViLVosDTLNiqlyydSSoXGFEl5NhXp0ZUPPschlMM6Cl/sLPMw6+S8kiuL2Nlt7IhY+OKtwUH1hq6ruQcTE6s5T33UjNK8E+lFLa7zc4bQfnkn7LQWRYonR+DZtOyoeyACc1bnigbKUbjBC/zP7H9QxvjEOPL2v3roV9Zd3Cqv3E2huR7oywC+MkK3MOzCBXEWioAIRpzdHHT+GZOrYjVh7gznMkB+YMi49bep7GhFfx3C3Ayh5Nu3wmDuGmCrdCZGSDahGcsQJG1YrwuXs7GgnFTGmMgewRjLoagGrXFFfcNXdnt6xEdWAwfEgFlZc7CdPG9Dq/4x3E8q8CAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFES8KgtuY0FL+jz7jLEcDm8dtwT5MB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQCUdAuehwlfWNNt3HisdprJsRgGGd8xY6z6cNU2fe8lDhQPrxLfekaLFqvgKIHOsY0hxz8XnBgEpKco1g4KiEL9MVkjl91HdacfpfBSsooIole/Fdl6+bEKhb5k8E1Ghlve2/J2VcO781kaVCSHZeGhtg2H3sT8j7Fq9Y4aJ2FB/CFklY6LMw8Lgc3R3A0gS/eBpV9zpW9RH20AJZkbjAmZ5LOf70D0cSetmGd7hKVQ8gtVqV6wLTZXdzPY5enGpeeGlTL6iA+ds8sd8/6pcxZGq9T3zoMVyqlgf/PwP/Mp/gIEnvThv4s7ENGp8P96KassCdXDC6shyYGc/Aif6HMc</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="mCaQ/I4RsVYFnWOmHYwO4vk33TpRvjtvZHUunPVcdkw=" ID="C-13584734412d4b546d52518d65b" ServerSessionID="S-13584734402262b564df307c5f" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[18] CN=JUnit DeleteKey, E=john.doe@example.com
Begin Test (DeleteKey:2)
DeleteKey
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-1358473472e33f6e4b98c2d10d1" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-1358473472e33f6e4b98c2d10d1" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-1358473472e33f6e4b98c2d10d1" ServerTime="2012-02-16T05:37:21+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BHL9sHdEeae3wFRwjXuhtGqmxt9MXKAit/csjoMhNaHXdQ0fBbJuyZv52Nx3gUNSGVHl5wklIk7NeHcvyfYdPL0=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="VgZiJJADfGLSAhzDyy5N1U3vJD+k/BXMWi5miPrOIfoPD/yCsrpEt5q8xQI2gJIB8AlauVhkSidVb/ctx7BgCGdVsFHcjpycLoFO9XI68QIz2m3uMtHx6SlArScZ8Y/Rhc6mgJm/pcfUyMd9KLujqtol9FC2DamC/dGoIPd5iVs=" ClientTime="2012-02-16T05:37:21+01:00" ID="C-1358473474d8d4d7a34c66fb737" ServerSessionID="S-1358473472e33f6e4b98c2d10d1" ServerTime="2012-02-16T05:37:21+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BAEuLQJNUt076zl7v7lyZsTbzBPrtO6I3SJ3cj6beM/xLrkwu6FIxi3gatCqI0Nboeu9Cz32MiPetwPU4EvzyIs=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-1358473474d8d4d7a34c66fb737">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>laggwQvuf+RKLccMOi9zv2CcAiJ9JXrawR+oyhqRJHM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>n1fm5KB5j/wuax4JXtKz9mIIADuaLJky83BBsmHFzpM=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: CredentialDiscoveryRequest |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryRequest ClientSessionID="C-1358473474d8d4d7a34c66fb737" ID="S-1358473472e33f6e4b98c2d10d1" SubmitURL="http://issuer.example.com/credisc" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<LookupSpecifier ID="Lookup.1" Nonce="VvhUNEg7hmKEZFFK2CqFf4zZFuJXTGxEhvSXIXSAUkY=">
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>+R/I0WYfvhHY0SgXnqWkraNOlm3p5hApQTsdi9NaIAU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>nwYYMR3RMSjx6Z4K0F0zntpHvG6C7Yd2YeOz2bay5YR8ZL3ztWOhTuT/yYnrUrAd5LpEjc5O0d9OroGobawrOMhM/eyGjbs8ZDYEel+7oUUM7AFPo2t3BRykkuewukcJ7bR99QwnqzWRi1Frc+o6TTt7/vujiMC1y98NEFVirFo=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>xBV+G+LJh1Bh75OUkVDDAbK1d5a+TKdQVmVsjlHInWpe5h9/ZzJ/pb3CcdUH1xsRWJEPPkbxYN15Hq5kG6tJ3GYkRX1AX0knf6BWXsMSxF0LqRbDuTd2DEzeDdB27TI+KKJPAGAqMuvigXu9mgyOTHq0C5Mx7L1LFbRctpkNxeU=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.2" Nonce="VvhUNEg7hmKEZFFK2CqFf4zZFuJXTGxEhvSXIXSAUkY=">
<SearchFilter Email="john.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.2">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>+vvDZAfsfU4LZw5FpL9dXi1dmEaxaAcv5Lf7+jVLHpc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEQCICqMhF4EloqEKkVpyDo8m3jIadX5489oxmjXBnjEkMLSAiBpjEpOLie3zbvVwtN6XvrhtN3QFcHRgiykBRZLBgl1Xg==</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.3" Nonce="VvhUNEg7hmKEZFFK2CqFf4zZFuJXTGxEhvSXIXSAUkY=">
<SearchFilter Email="jane.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>ndhEuClHb3aALf1hMfX91G8SGWqPMPyoEDRpl+JDk1k=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEQCIHRH8TLa0SSfQb+PQaez8z627NJwVSqFly1XDCOsR/aDAiAOsAKUwIdX5Yzp7KgmMEuPvVe8aydNwtM/dZ3p01sICg==</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.4" Nonce="VvhUNEg7hmKEZFFK2CqFf4zZFuJXTGxEhvSXIXSAUkY=">
<SearchFilter Email="john.doe@example.com" ExcludedPolicies="1.3.4 34.90" IssuedAfter="2012-02-16T05:37:21+01:00" IssuedBefore="2012-02-16T05:35:41+01:00" Policy="5.4.8" Serial="123" Subject="CN=John"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>vhuMBFGeGup2DpNM6vccEpFJIoRdrRTGrgPf1UGMS80=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>GsL4cGDZkvMTg2yHwPY9gjhs78wYhZ51XJcH0CmxFA1WPNd+R66w3DHgsQuXovwXTJyvhmfmvzvbCLQ/qEGWfS3tS1G4u20gvm0GHHp2uhgD1MnrATy9j5Bqvbt940iz2J2jV8b3scu42OWi+PcuZKpCQqs87qlidBalSZh6q1v75q5DvtCiOgA8MTrhtHp8JopEFxsb6IEiDfa8jKi3Xo69s7GfaXYjldY3lKyTAPn8gjhtjrih3QrsJ3xSvmF2DOwo8UqVLkFP2qrcSpdmDMreJFkoelw8SaN7cZ2L7dptrKpzCovJ3FKAnAnSKLadzNeoc8sLS2+t/MnXezPMEQ==</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>nU9zexF+jmgH2UUPaN9GoX4ENcA6wCNU5HHZnzt8uD9kT8fz5OpuvuBU7hMXzw7mHoVX5DIFc1mLiWGD9HnhQCTXGyFcjlKJ3AaRpwwJ1nTvBMkD+etTM4CxwO1qBK6ypLFELrwfMT5fiP3ZnxzAHkbxV1rQ6maQ+StZSuqo8tYPRKJdQ9Q8UP/8MjdK5ei8ue7kCdS0rzx67ENRASjKavqVTEVwU78ADRkBI+GsnZSdCNK+54URubmTaKXM2YHYk0BTv2X9ttBXW+ojGBz4wQPkcO9v2n2fxXjknHNtuaz1PMwn+izd0HomVOae0iV4aWxQJMY4k/fv5xUNIME0gw==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
</CredentialDiscoveryRequest>
| Pass #6: CredentialDiscoveryResponse |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryResponse ID="C-1358473474d8d4d7a34c66fb737" ServerSessionID="S-1358473472e33f6e4b98c2d10d1" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<LookupResult ID="Lookup.1">
<MatchingCredential CertificateFingerprint="cz8MpFaWR2eHNhacBz3pFLlhlFhr5fdfgII8HyLR1+E=" ClientSessionID="C-13584734412d4b546d52518d65b" ServerSessionID="S-13584734402262b564df307c5f"/>
</LookupResult>
<LookupResult ID="Lookup.2"/>
<LookupResult ID="Lookup.3"/>
<LookupResult ID="Lookup.4"/>
</CredentialDiscoveryResponse>
| Pass #7: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-1358473474d8d4d7a34c66fb737" ID="S-1358473472e33f6e4b98c2d10d1" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="LL3Bfyxm8yaVsNq8gqLABpPvE7JwstQ1bk+oci+DX1Y=">
<RSA KeySize="2048"/>
</KeyEntry>
</KeyCreationRequest>
| Pass #8: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-1358473474d8d4d7a34c66fb737" ServerSessionID="S-1358473472e33f6e4b98c2d10d1" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="ZOBFhO2jeoNW5WrzZIwukCpf8wfQojvEKnM2+xe0v0k=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>qK1cNWtuyzc0COvPSlppvTjK7htw2CXkh+xyPKuR8LvHeVNn0y03O70VUDKnxPuzqdOYIJ8+KkvxiZ1qbJ/D9G60HGwUh4K5V5/ywBQ5gloZg0nOJPzu4wi2CNC52zeZyO4hV03XHR6M/fpmlCBesIqJV/AG49uz2SsAd39Cc3P4ZtQb8SwEdP/G9pHm8vufuQPs/3B5XxESwqnYPuVD1v7MG3rX1bAJtIQ+pPfTcKLMlVpkuPx2AvxjpFmSGhCskLuRIA9IpSBKBMLipeweq7QqMOKWYRT3EXUeqLiEddQ2P+2gyn7fz6uzuhivYFBg1VuzaEA79i/NTpmM2S7gZQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #9: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-1358473474d8d4d7a34c66fb737" ID="S-1358473472e33f6e4b98c2d10d1" MAC="ttADTOHXyZn6FqFCdCt2YYBEd7iylWQCh8YEIh+8ueQ=" Nonce="mH9QZeSDSzmaVAXrw6G1i5TfmuSsLr5YTDzDcncrkxc=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="QdohZ+b4ir8CpmF/ot599TgLD+FgH2hPGan98h3Cq78=">
<ds:X509Data>
<ds:X509Certificate>MIIDXzCCAkegAwIBAgIGATWEc0oLMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyMloXDTM3MDIxNjA0MzcyMlowPzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGDAWBgNVBAMTD0pVbml0IERlbGV0ZUtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKitXDVrbss3NAjrz0paab04yu4bcNgl5IfscjyrkfC7x3lTZ9MtNzu9FVAyp8T7s6nTmCCfPipL8Ymdamyfw/RutBxsFIeCuVef8sAUOYJaGYNJziT87uMItgjQuds3mcjuIVdN1x0ejP36ZpQgXrCKiVfwBuPbs9krAHd/QnNz+GbUG/EsBHT/xvaR5vL7n7kD7P9weV8REsKp2D7lQ9b+zBt619WwCbSEPqT303CizJVaZLj8dgL8Y6RZkhoQrJC7kSAPSKUgSgTC4qXsHqu0KjDilmEU9xF1Hqi4hHXUNj/toMp+38+rs7oYr2BQYNVbs2hAO/YvzU6ZjNku4GUCAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFAnvbF/1jwfQCO94cSsbM0tyP0ohMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQAl/CuGINGAQAw4Y9HbHNfbGpYLmOPnWSC4RqlUjemDBeHI2Zn2vt02yq2sM0+BOlKVLHlougurLsQOQrOrRDxnBPxgF0fdhnZJNafZFFZUKdt5yehjKqMR5GGyqnHyk7eONoPYpbg53xSsDdgprSa/5ran4s5N8ybxj6u486B+HYpeHYflduTqCCdReYQ5wQdyn5VrKl/L7+mwoKanlHVhjsdxjeVAu2z15SefVUOo/nf7lo36debFi8ZQfwetqzSN+MOBRAJlYBWv2pkwaiLeMrAeu+ctqydyTwnSqZ6xKy+xxVKAUosjs6UOBgrHyNXLzuOrgDc8bbxnKTxvcPml</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
<DeleteKey Authorization="pYRAlDAAbfXznu71GPZNdV0x2A5Qw9prjAkgIH/yb3vaNiUHKX1e2IwKk7AQBpBHvy9wWeZiZAADqXEXb7QSjrnfT7O/sneA5jm7VhYC2HQHt3tuWNwfOgwqSG154YJA434KcODQ+QDemmwToty5JrYfO1514SCl+YVLeIQgJ1M=" CertificateFingerprint="cz8MpFaWR2eHNhacBz3pFLlhlFhr5fdfgII8HyLR1+E=" ClientSessionID="C-13584734412d4b546d52518d65b" MAC="R2levU+yT8ogB9Odtzl17Qsyl90nLVzuqVKzj/nohSg=" ServerSessionID="S-13584734402262b564df307c5f"/>
</ProvisioningFinalizationRequest>
| Pass #10: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="R7iP3SaiDMc6jhmAnS1Ps5ToSFsG1xtnw/lcgxxPaTM=" ID="C-1358473474d8d4d7a34c66fb737" ServerSessionID="S-1358473472e33f6e4b98c2d10d1" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[19] CN=JUnit DeleteKey, E=john.doe@example.com
Begin Test (RestorePrivateKey:1)
PIN Protection
Private Key Restore
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734a49ab7cafdcd03247a7" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734a49ab7cafdcd03247a7" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734a49ab7cafdcd03247a7" ServerTime="2012-02-16T05:37:22+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BCfau6l3WvJ+PnglJ64fh4fx4iC3U0+T7hao7IfyIrSvA67F39FTR6j8yQlnniviboVoT21jgY2SHi3M4NjvsYM=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="OIV8yTOP+t8hlCgO+LM+WYdbVEFFwnLCsF997UmP5qCRHjKDu6UhM9epxg3dfnQVmtMih/ckc52mTClmMjIxdPu+0AvXRU6TQ0Nz6ZwtkAyFTTaj5l70BX7nmz5pNoLB43s36PRW1tP3THs0DNSFxLzH+TVPQxfxAUitu+IdViU=" ClientTime="2012-02-16T05:37:22+01:00" ID="C-13584734a59ec4e654ee867b1af" ServerSessionID="S-13584734a49ab7cafdcd03247a7" ServerTime="2012-02-16T05:37:22+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BHlBlhF8bPzNIkmpj7Gg0DwhLdU7mvxiZp+IIXZTHMh1i/M5CYl/3oGN3FgwJtw9eBlC22yNMhV195nzXdK9ffE=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734a59ec4e654ee867b1af">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>Lpf5BLVQiRmxr7x0h1KiyScHZalYtEWJKl3mxPjaFt0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>XU4l3rRuQsgtJPtonKKA+1+PbxoBscWbFhHi34qOd6c=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734a59ec4e654ee867b1af" ID="S-13584734a49ab7cafdcd03247a7" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="Z+HzNvkxDi1KysUS1Y6jr9EYGj28tcX5NYVUtOtzHUE=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="+MeOZ9iyeBnJv/9gpCeHhMjngW0Bp3MiRfiSols3S2M=">
<RSA KeySize="2048"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734a59ec4e654ee867b1af" ServerSessionID="S-13584734a49ab7cafdcd03247a7" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<PublicKey Attestation="aDDXtgHp1/7D3N+rajIIKmbGtdiHbRlsWQBGrA7P96s=" ID="Key.1">
<ds:RSAKeyValue>
<ds:Modulus>nrA9fl3Gf1fZVlmMF1i3XEvElBaMV3kPLYaEDGqlKqlc/llC7GIwHjNSm9PJ9/8FaKikDOCR4gL9Vfq5HYq3qFb+06PyWV6X2UcZzFe714p+XrE3Mw/16JqKOlGNPTHOEIpUjTRY3rUrh2vppz8lMT+T77P2Yj4lVxC99Xox3Q4hKhuWe0lWFwNbn7Ak0TGAX/3QFk4JqUI3YnXy9OxI1iTau/4vJjfVW1iZNpNMu1FIoO7Y5qD3S/vjmykEbDfqbmNT2cxlv+ujnTP2LrTPLStyc1y48QWOcYeR8llOe3FmhD9rLn/OfBTGW7Zbe996dKf0+94VeDn48j1eurBdkw==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734a59ec4e654ee867b1af" ID="S-13584734a49ab7cafdcd03247a7" MAC="C0o0o7GpitSZrJNoXDPVvaBqwhmK/rBuKqG+SaBX67g=" Nonce="3YP5/po57sXb6n8cndpn88m5LR3dBHw+tQnQRLXbblI=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="dhsawaWs+ekkgybTarIK4upQ76Pe1KrXsPF06mBubww=">
<ds:X509Data>
<ds:X509Certificate>MIIC4zCCAcugAwIBAgIGATWEc0tDMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyMloXDTM3MDIxNjA0MzcyMlowRzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xIDAeBgNVBAMTF0pVbml0IFJlc3RvcmVQcml2YXRlS2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCphH5Z262lU/XXT4WxmsKpPJewALX0VMbvWlC2Zfgk7HuACy+wb5qDUVCB1mfdFMsdq4iETmoAAt+KnpncVMoZl6F6hh5xVxMkMBqvr7b8cRTguycquygVsWldIXeIAvHO2sTCV3OybOdNR/itWHfPAThSSEBq91XEe/c/0hd21wIDAQABo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUcGW6R6a2BHnQdYEn/MaAUfZ9vOswHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBABivRZdvBqGXXLdHBUzl6f/fcKYXUj2hBk28jib+0YAF/TyJY2TYcW3ONMtZphUMpl4AeGV8Tye8orwkGGbiquBWHAxrqEHvr61crR+IGHjADMQWwSghN2B5gk00OEQ9d2m15dWG/HxaWsZbqRGFjXp2s2NxU2p+aLIN4I5hsAo83DAx/sT6PKNEe0Nymfpt5Zqrkdd6I4C8eALowsb+a91PLrpbKtQdl3/JLCztZw3Wfii+GYNvp2YoaVYjNE552iklylIq0k0VTGvzepQpujo6zSTVAAi/fuO+WKCbE5KAecjoeZA3suhNanfmFMvMvtnlNeZlLdf9P7mtvFtfPVw=</ds:X509Certificate>
</ds:X509Data>
<PrivateKey MAC="6cFODG4acTLbHTsV2Qf0LwiuBenA3ocEFl4IvJH3H0A=">UNxZ8HeIZg4NobVCoGdIN4Bag6TGGNlSGVLrgBQjMN8KEyssrCH+20E4nRzMlq7A5EwF879ppAcSO1oV8ENWb+UsuNluB9C3qYYFmjtCcoOB61f6JtHV5fg4DFiXUf5BN+LG4uQIiTwnQlf4WG2NuSdH4UUE6+/sHYcN4wwqueRhw/xfA+yGlslN0M21eK44PfiuBOhtmpYKuAth/mI5/D3rbxxmStT6d/PqycClNFxdZF5a3ugF9U8DJfP+dyCrJasJzj556ysc6buRBokfxxaodv2OWXH5fyfo64ZhJmfAnluKWKp0hibw9c82d+OP2x/5lycheCAHCF2lXHcizGTmeXVBerbM1xidNJd9UVD95o3a9GNLy/qXepUSHBNPr0OZbQ4gZDRp+IY/jJ68cPlng3owjL4dGc6oEXdS0zyZckyV/fhY5LTqCBZFckNBUGK5Cp3ucL1O3Gyf9T9veTsp6XFbrYf29YH7PhLgOFub9zEDJaIdlaXw/+HDaPglVvViw9nz+m9ql5W9Xvw1Rv6jhBEPWjfYzoy03kDwQXTJGOO1xBFIEzT6BuUq8fEx+c0MfedekKYYIpx11ZTpg818+SL4v1aQ17GxxCop2jDjPz5D7Sx9qB/j76PiDtV/qP7PUZEZSMrT4pZOvu7uWgnmEMtumWMmLxSegSC5DPXvw0J4610Fyg1C2eHunkGy9MERXIWCUyBTixMByUgCL5+iFh5NeGN2fkultauIn7FMkaNbodajx5m2lrQ2YcH+452B/L9vXVStWuctDe6mDljL+8ItEJOInpIR0gOzLTZhfyP6wP37TOK1PUy95UDVgxnpxUo1YzE0Ay+p1M5mkeJzKAtnHvuSww5SyeImkEM=</PrivateKey>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="UleANQjnz7QINvwlZDTCzrMDUje0qY4TMltcVZ4iQjc=" ID="C-13584734a59ec4e654ee867b1af" ServerSessionID="S-13584734a49ab7cafdcd03247a7" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[20] CN=JUnit RestorePrivateKey, E=john.doe@example.com
Begin Test (ExportProtection:1)
ECC Key
Export Protection
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734b811feb4fced08adb15" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734b811feb4fced08adb15" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734b811feb4fced08adb15" ServerTime="2012-02-16T05:37:22+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BGVetTdEoWbGlCTvqMYuTJ6xzfHmjPQA7ngmFZfhgCJeOvLmINhOQtClsmDQZS/ie3UQN1KshpqEIqclG+5INg8=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="VlhzvPzxcZ27rzQg/4P6+pIEFQhSSwutmM5F7oeS2Ma6ikNRcTkNeYJ6YIPq+ut0XNZaGAHzUUURNv5jxS8cqERvogdWpI2G9PjpckrpTM+06RqvbQAv96YFgpGnsj+QG18PfQ2Gnn2evp5cjKxGIMqg901M+r1Aotj0GwVpMJI=" ClientTime="2012-02-16T05:37:22+01:00" ID="C-13584734b91b533e12902f917a6" ServerSessionID="S-13584734b811feb4fced08adb15" ServerTime="2012-02-16T05:37:22+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BPPdh3mXEZzeiyJhB/4U8NK4yf2w6Fw1C/WqjJE8++/2Fo5DR0tV101l/OdXKwfz4jO+Pk89keiQUs0Vsj/gHHQ=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734b91b533e12902f917a6">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>1z/1eJMZ5iurp0RzBwVRoUyegDd7/G4VLNxoMHbmCSU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Qbp6Fxs7fP+ldI8+IJSSsV9jv3HBHRBe6bI9EbbLVW8=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734b91b533e12902f917a6" ID="S-13584734b811feb4fced08adb15" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<KeyEntry AppUsage="authentication" ExportProtection="none" ID="Key.1" MAC="aU24ww2+XG389PVzSiE+YTh+B6lathW2b88nKRQfnig=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734b91b533e12902f917a6" ServerSessionID="S-13584734b811feb4fced08adb15" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="+2wCcnCLMXmQ5swfbIHPmr1ILQ0tUDm87UkLMq5YvNY=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BLSPUXZKJU3/lW1SxCHIshqZVuuWVHo0QgX2DoyIUiN8lQvolRlsmKyu2Ro3TjPcqxGiDWoTLTsg8zzucTH2Ffw=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734b91b533e12902f917a6" ID="S-13584734b811feb4fced08adb15" MAC="9C9HN7YOlG+8XKYEJm2mefAPJXBRM5rSnGfqkAxfSPc=" Nonce="kHu0GjxUJBU8MSXI4IQlLNO4x6G7J4fU6QPdp7J7lR4=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="TXohZp1/x6d3uNY57Frjg9xxJGFmUnrve0GK9F/Z6n8=">
<ds:X509Data>
<ds:X509Certificate>MIICmzCCAYOgAwIBAgIGATWEc0vPMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyM1oXDTM3MDIxNjA0MzcyM1owRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFkpVbml0IEV4cG9ydFByb3RlY3Rpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS0j1F2SiVN/5VtUsQhyLIamVbrllR6NEIF9g6MiFIjfJUL6JUZbJisrtkaN04z3KsRog1qEy07IPM87nEx9hX8o10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUU9eykcMLDoVZrVhU+xPpoZG7M00wHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBAGWEermkXINX9z36Z1fuLh5mFaCZ/UmCgu0+7SOxTkbtkTSioxi16SBpO5TyIUxeF+nJIFJAixEyut7poJhG0RQk9GESTbv3UpYLilhxrCTkR8WfYvHqUkDqw3gNL9R6h/xRyZk/WSb8EIGhb/eX9oIaA0uAMcKKqujp/PwEVMUYvhKOXvO1dmijqI3knBposs6pa7JrMzsbnA9zHlS7w/4S2qS6plKPZ5epepuPP5pEApSB8WYBOJUV2Ibgf8ANmyqv6fpmptf5QZUNHdBotEAFigbLeAzxQj32cjYv1yGnWnFeuuw9/w0j2DNYEepoBZnbtib7RTEEPm2nskCPx20=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="gMWBezDirMAH8SSkw66BcPpU9nyWP7x4iJOjwK2rxuk=" ID="C-13584734b91b533e12902f917a6" ServerSessionID="S-13584734b811feb4fced08adb15" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[21] CN=JUnit ExportProtection, E=john.doe@example.com
Begin Test (ExportProtection:2)
PIN Protection
ECC Key
Export Protection
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734c0ea13a53e2e27f6ffa" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734c0ea13a53e2e27f6ffa" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734c0ea13a53e2e27f6ffa" ServerTime="2012-02-16T05:37:23+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BGps6I7UDgZ1wGfm8FMO3njvBbT5whGPzuBD7x97BiYjtum+fUL2nqWlF3/mbkk83hSq7Qy5l8PG7bK5wz8RmxQ=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="FJaOc9s+SBSqhFjSsEPg+N1i//MpvPq2MLETxn7qS9h/UZILaBODSQTnm99JmxvBmjZWSqHg2dIvOcv1m1il9CzMGPYvfV0mVQKVw4EvX7bJzoisafFmOGp+Bj7Lx+YIudUgf+84AJJ3K1AY060OFbwzmXA09Myr5AjzkldrL8Q=" ClientTime="2012-02-16T05:37:23+01:00" ID="C-13584734c2d10d0345e3a73949f" ServerSessionID="S-13584734c0ea13a53e2e27f6ffa" ServerTime="2012-02-16T05:37:23+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BPG6ha3Xzo7xg8B99AtHxjxcSoaxsVAP0EM8ApzokbClsonM7Wp3Q8r4uhPduKWMdVrLJJBSwIn5bC1RZvb5vOo=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734c2d10d0345e3a73949f">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>m/ifQsYIKsrMjRvWagEmz3F0ss9jXMjwAA2af1nzF2w=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>jvco+oG1D2WqRKYega4fkPo2XLzF3WUQIVxUgvI5/pA=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734c2d10d0345e3a73949f" ID="S-13584734c0ea13a53e2e27f6ffa" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="yFdwAypXrO8TM+s4j8ZMjwLKA6X4PFFSAkjWyJK81Ko=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ExportProtection="pin" ID="Key.1" MAC="MOwpuDRMJLueb1pPSBfXAsxQVVFN/kJ1BNW9dljeayc=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734c2d10d0345e3a73949f" ServerSessionID="S-13584734c0ea13a53e2e27f6ffa" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="3skV3qWG21NbAhz+omBgh7sEoiN+iR0a3Kyex1NKRuE=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BIN7Pv/X3VuQ+qpH5IjGBHZvHmACpSVrXF9Nf0T5ZO0lNNI+bD8iWFh3LjiRIqiDvPdT9RDHRb7U85y6bl4iaWQ=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734c2d10d0345e3a73949f" ID="S-13584734c0ea13a53e2e27f6ffa" MAC="rFk9spaakbsmRaz9/uCzsDs6xQ/GyhGzgJhkwgcTkNw=" Nonce="pHkVtMvIQSgo5wbyaQpPzhAF5AFaIlLnFFLca98702E=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="PFkLE36+6aX6UwIJrQcGqtiX/hlTEf4hV4C9wdSNH+k=">
<ds:X509Data>
<ds:X509Certificate>MIICmzCCAYOgAwIBAgIGATWEc0xrMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyM1oXDTM3MDIxNjA0MzcyM1owRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFkpVbml0IEV4cG9ydFByb3RlY3Rpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASDez7/191bkPqqR+SIxgR2bx5gAqUla1xfTX9E+WTtJTTSPmw/IlhYdy44kSKog7z3U/UQx0W+1POcum5eImlko10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUuAPbMypwcwGmAfdvgcJvX19xAJgwHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBABXzISyxgw9jbIqndd6haZ273yoEza/Os7jHmIrPpdRiMnEVOnGSdhNpCXwuJqoNPjDCq1I6MzKJ6WI4UGD61OlI6MenTryT+kxBBRlbv0cbkAyaNx/C+RerRXlv+gSZA0riS69owNVMscGPaCyk9Rm9RIhALW03cuOCXSLd/xsQaX5jTX0WldYNh+gveG6PAY9Ujwxd04eDakln7GU53YdndKMWXgPnEE54vZROgCyfTZL70ODsWguoka2O+TVqrWkEeV2KsBBRK3agS8tycAlZJXajmijZRR/u2XS7Cu+6QsNA1E1287lnByUMNfNVfPszjmqfbL2sYg4C+XYKXmA=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="lkC8YmznybP/sD0DgdWk8/+w9RI7mKmqjAS2rUyieUk=" ID="C-13584734c2d10d0345e3a73949f" ServerSessionID="S-13584734c0ea13a53e2e27f6ffa" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[22] CN=JUnit ExportProtection, E=john.doe@example.com
Begin Test (ExportProtection:3)
PUK Protection
PIN Protection
ECC Key
Export Protection
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734caabe33e8da86ed088a" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734caabe33e8da86ed088a" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734caabe33e8da86ed088a" ServerTime="2012-02-16T05:37:23+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BLXExKl+nDKvqwBDjzx9ejsferJomX02cApYkKebYekm7w7KH4dcft1GMayMgGO0G4zSgshJEdwlH6RZG1k4alo=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="J1aT1u+ArMhLedwC6P07UL4ZYt/4+4wO3erHjolwSerslztLxVR6XS3aczWYizGb9I7HiNymKfC/m9yVXXZs0PFg7phXlwrXSavEZC5PkQXonw1IBbpag3tq7oUW+KmDR2tYTYsrgLzSDO3Cu2SZXhFNffIuCKWTSR7DBifCVOM=" ClientTime="2012-02-16T05:37:23+01:00" ID="C-13584734cb9fc63c6de796fbd8" ServerSessionID="S-13584734caabe33e8da86ed088a" ServerTime="2012-02-16T05:37:23+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BAC+/S8bcog3R838EGvGBhm/GJegZNa7IRZ7UpH5G0FxB0poRNJdpa/ktX/0iTwBl+Bykpi0n0bQ3loeZTPm4b0=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734cb9fc63c6de796fbd8">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>mTPLSiitBcdBHHYYwe2JWLIlPtxSr/kWWRpIC/4Ol+Y=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>z+o2i4jvAwxYIRiqLyRpbET+wl/UGU1mDnIAIPMFTLI=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734cb9fc63c6de796fbd8" ID="S-13584734caabe33e8da86ed088a" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PUKPolicy Format="numeric" ID="PUK.1" MAC="u84iYKF6ZoDUDLCc0wMEL6HCyK/bY5gRfX1kvjNxy1E=" RetryLimit="3" Value="2HWZ2pgUNSEgDeO8gL80/pO0Jq2jBKLx33OIX0YMQXI=">
<PINPolicy Format="numeric" ID="PIN.1" MAC="kNtOMkpgm+ABtUEECuH/6llgeiEwm56C7IJcwKKt+Ic=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ExportProtection="puk" ID="Key.1" MAC="rwGx2e5sXx9VTBI94ju4y1K7BqEdlNfkwhS+aJZdRms=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</PUKPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734cb9fc63c6de796fbd8" ServerSessionID="S-13584734caabe33e8da86ed088a" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="PE6qS6rCqplMGdr2Mfqlmpq0vwShaGtL5Q+Ny3gLXJk=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BFyr/qohcXtNEoE6G7NjbHONSzsdVFgOuamonfhJPuy96LQRYNH9ZvUoWP3bh44v6OVSFS1R7sZkU+UktF5FNxc=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734cb9fc63c6de796fbd8" ID="S-13584734caabe33e8da86ed088a" MAC="gRFOTfjcxGydYDET+YkQJSAHXgbfLnTSMQ71JOUN/YA=" Nonce="G4432SZUWCY/Xru+t4tee0NEuS0G2w8SPsbVcJWB/iU=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="0Pz4DVO6kyjaB5imAM2AI6aWvvcGINQnYNfhq/Iwexs=">
<ds:X509Data>
<ds:X509Certificate>MIICmzCCAYOgAwIBAgIGATWEc0z4MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyM1oXDTM3MDIxNjA0MzcyM1owRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFkpVbml0IEV4cG9ydFByb3RlY3Rpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARcq/6qIXF7TRKBOhuzY2xzjUs7HVRYDrmpqJ34ST7svei0EWDR/Wb1KFj924eOL+jlUhUtUe7GZFPlJLReRTcXo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUeAqK3q82h3Hp1YyVdyNi6mEOEp0wHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBAITkhI6b0CRjZm+6s4CrAUfaEc/9HQzCermlLJaOUMkzo6lN0NnaoHMJnXjHmfY2XR+HFENmo9b0pukzAHMa//85t+0iukqlXlrl1xfTsebq5i/T1ipWULJundXYFDLOE9Odr6pS1QqOpN9v/n850SNSVFrpRHG4qtEoBInGr6pLq3ZXCGUgWZe7maSSaGAIOvbg8FmUHYVcAdjhGiGLh+yJ5yVQrmFXVZtpORKxSiN9bMqtmtcmjvDY2C5wuTjN9/HeLtXYkpOVMLPr5MT1BH7IxxedhoxQR28ssyttMmU//zrOOvgCCO5zZSRyBwHNcJCsPbI6QthKkIKPzSVFA1A=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="53mi2crNOyqCkBRRfKZu9ECk+nXP4/UTnrHHRKe8Hrc=" ID="C-13584734cb9fc63c6de796fbd8" ServerSessionID="S-13584734caabe33e8da86ed088a" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[23] CN=JUnit ExportProtection, E=john.doe@example.com
Begin Test (ExportProtection:4)
ECC Key
Export Protection
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734d3664808121265203ea" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734d3664808121265203ea" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734d3664808121265203ea" ServerTime="2012-02-16T05:37:23+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BN0MYeyZDsck3ysLlLrslvY483Ctg/ezZdYOiFseOPACkCygKLDowMqilBo6zafWFUpAAIqJaa6FVb6oMKl4E/M=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="I4L2pC0gBUmjtGfNyN0ltkFGTkJLqpGRG+Z1EJaZ2iXvFEr+k78r1k+9t73u8j/rVLs8RT5Pa5lSuuKMU8Rdsu/BZMyT+/eRUT9f2BWTj6yLd3fkRMoo0KL+4tPbzlibcNyRiQ4OvpOaB7Hw4GW3bq4OXAnPYZQrCA14w22F5Lo=" ClientTime="2012-02-16T05:37:23+01:00" ID="C-13584734d5523459903f74ea2ec" ServerSessionID="S-13584734d3664808121265203ea" ServerTime="2012-02-16T05:37:23+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BGVbscyszRlahGE8KAmadaKm8B31IJ1eDggiiNOn2uD5K/Jga0vWpYpRpqD0m2VkjMlVx90SF8aXt4xFH6TkF8k=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734d5523459903f74ea2ec">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>y+YeWk07/wwHXNZhTjmdSpq7BtGvKAVp+pvfLw6xbAA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>z1MiYyiNfa0zs82o+wCqxqsMsqej14JnDlVqT9ATxGc=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734d5523459903f74ea2ec" ID="S-13584734d3664808121265203ea" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<KeyEntry AppUsage="authentication" ExportProtection="non-exportable" ID="Key.1" MAC="ca0tsC/5i8GClpy+fJJuyggq1F23NqW6s+HOIv+f6r8=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734d5523459903f74ea2ec" ServerSessionID="S-13584734d3664808121265203ea" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="sE6WZqfeulSBUgGJrbD1e/eA2gVNbEntdPu0gf1gnXA=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BMf7uzPTHLS6a1cd2VCQPZ9HbYrbSOnAoOHneGZta5wJqOw4c1GD9QQ5GWIgZlapiUQlmEazlNN+u0AEQ6f9hEY=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734d5523459903f74ea2ec" ID="S-13584734d3664808121265203ea" MAC="87i3GBW9JzNjxj9RXprRHnrB1liQOms36AyKzl5Peec=" Nonce="X59VZZskpQwRGZc8UkWsT8SXH6RdMRPiFzZB90EQnIs=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="ZIXbzA9LauBOpwrY8/WXdtBpotTKSGDb0rFTV4WkjpI=">
<ds:X509Data>
<ds:X509Certificate>MIICmzCCAYOgAwIBAgIGATWEc02EMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyM1oXDTM3MDIxNjA0MzcyM1owRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFkpVbml0IEV4cG9ydFByb3RlY3Rpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATH+7sz0xy0umtXHdlQkD2fR22K20jpwKDh53hmbWucCajsOHNRg/UEORliIGZWqYlEJZhGs5TTfrtABEOn/YRGo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUzXHbW1oyEAjkW3Iql3G6xfuOvMgwHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBAFfmpJT8h4Z3u+NFA6UufEiaHvWAwtjRJ0LUFN8bW0Uwo+ifr62IKDubn/T/zXHcqiwzqwyt3vuJr4G8EVW0TZIB9yamnWVXPJUmS9ZqtROIWAv+3gRD9Y15MmSS+HhOUOPG2lBpUNABq7LfTCS3JtWfSe4IRXyxYopYMiwbBD/TJWQgNiPo1L5L1DwuuerCIWTT6Min/ykbMbbOj8mhzt0oj7mrece3IjPDJVGmjbtzjReEXPTGdU10QyCcBr/qLzgmmjLAIju36AO9EAloIpiASH3PyOP8/iHlq0eYk+Oq7TdgQe/bkBjgacJ+mJG+dKDBSg4ATamh5k54lNNo92U=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="bhxsyk+7JOLfMWNqbaXH+PAqE5R/uv7n8ycVZIU02Yk=" ID="C-13584734d5523459903f74ea2ec" ServerSessionID="S-13584734d3664808121265203ea" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[24] CN=JUnit ExportProtection, E=john.doe@example.com
Begin Test (DeleteProtection:1)
ECC Key
Delete Protection
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734dd2dba086451d49335c" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734dd2dba086451d49335c" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734dd2dba086451d49335c" ServerTime="2012-02-16T05:37:23+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BBaH+sS6qRN6+jhMnNOJjlqCJ4KQ5pXM8UZ97V6ThtgnC1TQXAGNvZAQIQsC5NitDfxAWWuyDpGgAB5LkcMIjek=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="o8ryP7ZvIf1bBtYfnQx0pU4bRyLNlD+MuP4ADGrgbGLUh92irUV0GVdTMBi9XCXDZfLGtTwWrY0g6FBrMkM8vv20zjukK1VtaJDboWIFwftau3acSk/dHgBXcHvRePCmth1SZjBnFCgxcyXlRzXPu+80eVkRUE9fn17CgZx0oWQ=" ClientTime="2012-02-16T05:37:23+01:00" ID="C-13584734de2588a51f77810edca" ServerSessionID="S-13584734dd2dba086451d49335c" ServerTime="2012-02-16T05:37:23+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BHdTVlAcVAPCxW6UGt80b3M31cg11QetVPFBj9ivR3SxjR1o8HsjUA/uUhKJ+WSca6UP2R/6caMqBESyn6Wr7eE=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734de2588a51f77810edca">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>dt70uyz1D514NX+ScniQ06Qif0UorHpZQia/CWxz73c=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Gs2ru0CHjdRx4Ej/oXYgmX+MQUX8DFEg91qA/dj+yuw=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734de2588a51f77810edca" ID="S-13584734dd2dba086451d49335c" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<KeyEntry AppUsage="authentication" DeleteProtection="none" ID="Key.1" MAC="Ue+7h6E4IuVJQQ8SBmiu95gPXFp9Jbq6GvaGidL/8xQ=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734de2588a51f77810edca" ServerSessionID="S-13584734dd2dba086451d49335c" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="W2ZwVeKlPdCvimk6+cqxmJBEJJIw46hgc7qWyRDub80=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BGHjztKHMXMx1sRtBaDesx0rJHWPXL6S/5gsVKZJiNdFaDT34wGsUr5FouwaI+5tdwObZwHuy7NU/w8BsnGyRE8=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734de2588a51f77810edca" ID="S-13584734dd2dba086451d49335c" MAC="1uSO+UjIiJNMF92DSDlXAVyIBm2x97/b1+go9ueALNM=" Nonce="XUoQONpCC8qrJ8cKF5mpnNQkBV6+t1tOThlDs0wOrcQ=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="GzXiPqWURKhRwFXZe9QYPrS/Cc72JZjJcDbXyjHjc4Y=">
<ds:X509Data>
<ds:X509Certificate>MIICmzCCAYOgAwIBAgIGATWEc04gMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyM1oXDTM3MDIxNjA0MzcyM1owRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFkpVbml0IERlbGV0ZVByb3RlY3Rpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARh487ShzFzMdbEbQWg3rMdKyR1j1y+kv+YLFSmSYjXRWg09+MBrFK+RaLsGiPubXcDm2cB7suzVP8PAbJxskRPo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQU+UVnUr6ntb50on6JZkBVFeal4DwwHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBAAfxk6ZgoXn6tOTIno8xWjTBz0qyean4YqwUOPKLnMcXQsFiynPGkLUYyTt9qdyyievjjHg9TVbYva1wogVHzZ1ReJ/N9Ytm2DCkkSR8A2QZGmUqZVSwT/efPJ9EN5BF+QwWAPLyG4Dg9DLkvFMvhOdGIaNBFWs0ZL6MpnuSq+c0kYZhMdy685Xo/Jyj8FN3yxb/woDq7zmsKkx2VGxeLug2YFmb8Oj+GwpnuNOmyj1MyWjW5hijhb6lxcHdGGanN3w32s8rcHGQZacDGK/CnT864sd3CDkNF4ibxNYMPKkFXf/eAvYOiWB+qjw0hXaDp8cC1NIjVR3Dn7KxwEE1Xlk=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="oLB3/EF8UQIYNw1E/1n/fmA0HVz9ZRF987IKBTurzn4=" ID="C-13584734de2588a51f77810edca" ServerSessionID="S-13584734dd2dba086451d49335c" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[25] CN=JUnit DeleteProtection, E=john.doe@example.com
Begin Test (DeleteProtection:2)
PIN Protection
ECC Key
Delete Protection
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734e6e1bc207bed19278c2" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734e6e1bc207bed19278c2" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734e6e1bc207bed19278c2" ServerTime="2012-02-16T05:37:23+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BPqXgDR82ZRr+vWaWroLuE6pVC+B7MPI2ByfYrCb7aCHZ1Fu9wXFBroi4W147DDJK3aaW2u9Z0WA57/URRXJOhA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="XIw1azpBNhsjmBbXrwAEXIPykoP/0kejTdquhAU4fPHgi79HxVOxWBWxe9/+Ly5krLfgIn7ftc9BNEkw66sieTNyKYPmPnF1edq8VbLUNOgWM33pQMH7PT+AQlHsFpP4+Kz3FvWKJXetE+uQ0dvWEckT84AViLYZncTDoRX7SJ0=" ClientTime="2012-02-16T05:37:23+01:00" ID="C-13584734e7e22aa732381d8d6ca" ServerSessionID="S-13584734e6e1bc207bed19278c2" ServerTime="2012-02-16T05:37:23+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BLlP9eu04X5M6f323hy05CiY0pQ9D9H44Lg62AWKCrTas03HaZCKKQRpgNNCKJY5xi6RQ1gyMU/ZBwOKc+j33Zw=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734e7e22aa732381d8d6ca">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>Nfl9ncHTyFJO4OkbcZvIL5IjDIwtFwn5n/XV2fYzFkI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>AqvBAgCqA3yZpWbUNaXZ/emu2cAvPSE6cQlME8tHlW8=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734e7e22aa732381d8d6ca" ID="S-13584734e6e1bc207bed19278c2" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="Uqb832Pyd1KBVq8vvH0qgoqBU+EUa3+T719CdktxvV8=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" DeleteProtection="pin" ID="Key.1" MAC="uB+E7yuj9c/bAfxNyQdY/B5M2HJgwnM3EEoNbR3ikc4=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734e7e22aa732381d8d6ca" ServerSessionID="S-13584734e6e1bc207bed19278c2" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="RDwx8yWcYxKL+S8mDncYaBODuNbXfBXJYyu/QVi7dQE=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BMYkHAIh+w/8uLlwk5TuCsus/eVaNfFMp48QCKcCkuARAtT6LY3rUb3zjdVfnt51ApO72MMa+DnYCMWDXNglhbI=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734e7e22aa732381d8d6ca" ID="S-13584734e6e1bc207bed19278c2" MAC="efYf92eZ97JVKXj9tolNqAZmKMZOnlQ7DwshTHQAFck=" Nonce="efWqqDyIkbPF/HIgAsg6utkWJ7UTHiMpfdYsm8o9njg=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="Ajxfib/bqpqihP4g/6YzygthW4OosFwqYo3BXxxFhcE=">
<ds:X509Data>
<ds:X509Certificate>MIICmzCCAYOgAwIBAgIGATWEc068MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyM1oXDTM3MDIxNjA0MzcyM1owRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFkpVbml0IERlbGV0ZVByb3RlY3Rpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATGJBwCIfsP/Li5cJOU7grLrP3lWjXxTKePEAinApLgEQLU+i2N61G9843VX57edQKTu9jDGvg52AjFg1zYJYWyo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQU5NGVpe37f4aAzTMxFnkC/Cv3az8wHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBAB47Kt6lObfZXidpB8uCVBLqopzpneyza+k5grLLfaLgDF+RizWGNEcIOLeDJERWJuuTdOIpiFcXyoTz72RQAc+K7ylJjxNOrU4lVeJSp9bach9YLQTcZJtL6FFKL9+pcqc9QIj6FFsgVscliZWhcVStge6+oBwchQfMphsEutVkpmEZaDJG6z8wKBFrioFp5OHCnQjIEiMQDaUL4PoCpfAMewEktH9/VM1jI3UAEi1lyv9scu/5USFYdOC9klkuhflquSqXLflLKfrcZiyehHU3ll4a930HoFXVIlAb3YSm64djJ7YoFyHrsduAVYKz5xYM0EVRY1flCJYOk7YNsek=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="Qulidt3I4SZtTE0Ba3Z0vmIzvIDcEU6eruihtxcmOHg=" ID="C-13584734e7e22aa732381d8d6ca" ServerSessionID="S-13584734e6e1bc207bed19278c2" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[26] CN=JUnit DeleteProtection, E=john.doe@example.com
Begin Test (DeleteProtection:3)
PUK Protection
PIN Protection
ECC Key
Delete Protection
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734efa8fb7e8538cb9abc7" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734efa8fb7e8538cb9abc7" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734efa8fb7e8538cb9abc7" ServerTime="2012-02-16T05:37:23+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BKC+01jTOEW3zpfREvzz5MxNtOAjh6pHESb301gdFk0fStYUWVKrrY4YUUJ0xLBvAilrwYQEbMFRxoSfrpZD+Lg=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="Bnts/qkc++T5MaDYrt4/bY97fA/mkTcaV30a+aZT8e9/JV7WzORG/FoI/GXGYHo1fQ73Hcp6dhVOetg8qHV5OIrv9zl5zQKrEe7CAnxW+kGouH3jg/2Tk6ZZBOEEnSvy7PgiRD9y3e3pqaZ5EUeTBFqwXwfQ/8RE/RQuBsxrZPQ=" ClientTime="2012-02-16T05:37:23+01:00" ID="C-13584734f0ae26080e8ac4da01d" ServerSessionID="S-13584734efa8fb7e8538cb9abc7" ServerTime="2012-02-16T05:37:23+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BDFXPGZkwaPbI2vLvZxJ5Ln1x1Ah7RJVJDkIiFKPGAPhQ9NJcIhJSALBRZjI8knvv8fZwIPgxjJ8mgzsJxKbfag=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734f0ae26080e8ac4da01d">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>h2jcFFc9HJTCGOTkzRrgWJk/lSIMF1gwwSir3usSuA0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>9W6jCrAng2khPWzLiyI0kTjQjs1fwF0FQyMVP7koy60=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734f0ae26080e8ac4da01d" ID="S-13584734efa8fb7e8538cb9abc7" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PUKPolicy Format="numeric" ID="PUK.1" MAC="YEYJp4LOLp3YwwOnU6SRvAok9QVMYjm7EZoJ5shnpwM=" RetryLimit="3" Value="j4K29N8uMuosMHmSgXdxaKKYyu2+PXaDVYCHAHf1m3I=">
<PINPolicy Format="numeric" ID="PIN.1" MAC="eUJt8Q+nFnjEeW11kza7HlMf1ZESG4Vvx5MgBOPEbKc=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" DeleteProtection="puk" ID="Key.1" MAC="q8sBBVWZT5z0qY8J4/GNS20l9rpwW8iL+59LF0S3Wm4=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</PUKPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734f0ae26080e8ac4da01d" ServerSessionID="S-13584734efa8fb7e8538cb9abc7" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="LdVUwC0jXgQwjRZeBWOcf9qHZkYk17wjLj4M8mxq578=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BB7Q9HndaT7zLdyMGT8Ko4buO/r/Zsey5qqava4mqdRKPXZ0vMdDm/NBHTumSk370LOmWwhONr3G24QXUqyBxCU=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734f0ae26080e8ac4da01d" ID="S-13584734efa8fb7e8538cb9abc7" MAC="fQ5j5r3yPqCGNP3Z4xDIMLbj5P3Hd6JD7DUHR3YLCIs=" Nonce="fYaGPFmVz0kzFZQdTovkfo8kHz7a0MOTHqAI+we/7Cs=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="/acIUrure0Orbtlonkq57EN2pn21DQ9amoivotNy/9c=">
<ds:X509Data>
<ds:X509Certificate>MIICmzCCAYOgAwIBAgIGATWEc09IMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyM1oXDTM3MDIxNjA0MzcyM1owRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFkpVbml0IERlbGV0ZVByb3RlY3Rpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQe0PR53Wk+8y3cjBk/CqOG7jv6/2bHsuaqmr2uJqnUSj12dLzHQ5vzQR07pkpN+9CzplsITja9xtuEF1KsgcQlo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUu7fTB3He1tVmriY9POEIWLA6qzMwHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBACZgEF3kIeorv6R3G+NO9APwMBuZKcpgvviSE1WJIOhtHpLdapNXoVy84NH9xrZFzHfsd+6E8MeVVbsuH48XPx7m6bBLGbOnqfBDKoLd1VHJupAekK8O4jO6GZhNMnzgPTmt9ItUiRFsGKwewzOOsKc0pJfSIGz8AwLzVa5RVybuIUh5x1rV3M+eFkikcpR84eBhiEH4AqALgJnBNdfwqXpCxRzQ8fXWKca6+rGnExAy6uRopzX1Me3EJb9yfT9+uVeaQn0arCYAjMM+nEpPDwV9Nq4u+Bf+7QVJMWaF40mw1KU0DjWJbg9zRJhcFLSaaeSaZhKoGplyvJroghqD7eQ=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="MzXWdlxrHhhr2cOGZfgOPHNo8rxxKj/fUVXf35nkqOY=" ID="C-13584734f0ae26080e8ac4da01d" ServerSessionID="S-13584734efa8fb7e8538cb9abc7" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[27] CN=JUnit DeleteProtection, E=john.doe@example.com
Begin Test (DeleteProtection:4)
ECC Key
Delete Protection
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584734f879e243cda7a227d88" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584734f879e243cda7a227d88" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584734f879e243cda7a227d88" ServerTime="2012-02-16T05:37:23+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BCrYtidiKxVpvoviOutgLjE6Ew8IbCy+MuIofXGTuCr3D7bGXrMYuHmzQll53yR9NYR1NlnVIiPO3yTpzAg5QnU=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="HjMnfhPSxn0K8zKy+S0gDZZQXRxERtfdPIIW12qxfErd33BkVjDG/+2A8Eip7Xx9mA+hDt30+x3Sk9XcuAnNKZkGiLgdt7vKNVjR70iYHgoYu+EGLgaY2AnBrzII1vJan3kMiGvfRsADmdKTLpbuYo/vailhlKDJ3ak817JtJvw=" ClientTime="2012-02-16T05:37:23+01:00" ID="C-13584734f9696e9cd7378e31742" ServerSessionID="S-13584734f879e243cda7a227d88" ServerTime="2012-02-16T05:37:23+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BIW9RrWe3DZ4CFceBzV1ySYU1mMMXZTV3MwzwgXlRZUZyj129Z3z2iJpiEQQCB7ASVO75HpPwyjmYXtfpv/o8Qs=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584734f9696e9cd7378e31742">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>pRbdC/zuxDHj1x/z89ZllfJXoZnniuyodsxsnDvWugY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>RRCA/vaQO1kNQfI85V+jSDNmmypQc3QZNPA4j8eWvjw=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584734f9696e9cd7378e31742" ID="S-13584734f879e243cda7a227d88" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<KeyEntry AppUsage="authentication" DeleteProtection="non-deletable" ID="Key.1" MAC="doqLkQICQe3/TgJKKKxfo6xgV8W7w0GJDElHEpVeeXk=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584734f9696e9cd7378e31742" ServerSessionID="S-13584734f879e243cda7a227d88" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="JW/GbM1ADY61HOl69rDwQvva3qyfaBBQl6vXKSWuw1k=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BPy31K6SRkbdGdHA+yRZ78Y8HuNNYpAAbwbWEwe/XvVuo/8fEZf2Vbz8lrKLyKgW1wwV7lO+OwJzfydbiP4ISsk=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584734f9696e9cd7378e31742" ID="S-13584734f879e243cda7a227d88" MAC="KMPgs0Y1UZUKZh4Odei8ehnZZPmq5CcqvlV+ggj4GIE=" Nonce="mYq3nl1FplLBkSWsm1xORpasqU0GpfRsaDC3WzBEzSY=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="o/BICrtPmBFWgf86ySIrexq4YsYrB0nlLdMhpYC+PZs=">
<ds:X509Data>
<ds:X509Certificate>MIICmzCCAYOgAwIBAgIGATWEc0/VMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyNFoXDTM3MDIxNjA0MzcyNFowRjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHzAdBgNVBAMTFkpVbml0IERlbGV0ZVByb3RlY3Rpb24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT8t9SukkZG3RnRwPskWe/GPB7jTWKQAG8G1hMHv171bqP/HxGX9lW8/Jayi8ioFtcMFe5TvjsCc38nW4j+CErJo10wWzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUo1wOHuxkNDtnx3VOc+3ByyEe63cwHwYDVR0jBBgwFoAUAH6d00xo2brb+fKD2A1deCvtYS0wDQYJKoZIhvcNAQELBQADggEBAJCD5ZXDj7jPu0wQD5P/1e0VcL0I/ELqgdyxGzs4qxA61b9x9jBs7duNlUEIi+HL0rxd72CagKGIYkCmUoJ6Y5Z+MXwC2XCgKdFdA/dybAg+z51qFZ2BaPtF6SjWWPhHNVxe9+QOziy3stVYvIf3E36urjNby6rsJ5gTU+wRwLG8U+PoYZAleH0RGpC3gcIm169I3MTITj5z7NrARKL9q/p5L7ShmrJMdgsIGgJvCFU8owvkJ37KYO7mDENv9GFKppWqU8vBnhZpxxMabG7EiFnMN7d0creg+7IV+OHUWyv1/3C9YAgfCxoGKRj0xNPEzpvgtrClCda+QdfFZzuP5pY=</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="mCsWceMI4koZWQYnOmRUdTBcGvY8AFeQPY+5sW0OVyY=" ID="C-13584734f9696e9cd7378e31742" ServerSessionID="S-13584734f879e243cda7a227d88" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[28] CN=JUnit DeleteProtection, E=john.doe@example.com
Begin Test (KeyAgreement:1)
PIN Protection
ECC Key
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-13584735013e3d96e104025ce95" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-13584735013e3d96e104025ce95" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-13584735013e3d96e104025ce95" ServerTime="2012-02-16T05:37:24+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BHnv7Z5wQI7AY0Q9cuxYx6uyKMxjTV/7ZtTvm1IVToAsIYEFl2uqPtqqi3xAAz5d3tg9JDu55/ic3HWItf5mgec=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="cxtZ6myBeNp4bGwEMTSjpXd/yj8zOk9iT51QTQbyhQY1ujfQBk7sLbrNQnSIRUC9xWcZ9lF1j9aCVEvMHrglCyE6QDINzZ3i1UHXptaEriEsbO9xdhdzZ5Cg6MCKusP/WfLQDZvduoNxWgo2CJoScBbp/XhVodmRQsrb5F7Jyu0=" ClientTime="2012-02-16T05:37:24+01:00" ID="C-13584735032a90d8b3c57d7e024" ServerSessionID="S-13584735013e3d96e104025ce95" ServerTime="2012-02-16T05:37:24+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BBxuUX58X0ILxnrvWD0k79isAiBmBkl5ZcKWL0j96YUXCXt24Usi7oNwYM4uaOxw68MK03QHLbtIabeh9QasZac=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584735032a90d8b3c57d7e024">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>v/keAhb/s5/T0tegJA2267XhHktqGuTxpia4HfEIId8=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>skBsn4uYMf1TzzGc4j7wIypNNL50dLDz5ZUY7TBitjU=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584735032a90d8b3c57d7e024" ID="S-13584735013e3d96e104025ce95" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="RnfBQp4rkTgjEymUibsrsrSNypjotKAmUeSI2VFKH/o=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="encryption" EndorsedAlgorithms="http://xmlns.webpki.org/keygen2/1.0#algorithm.ecdh.raw" ID="Key.1" MAC="dAufWGq2SJX7ZGUDFW4rdVXSH0itFZM7L42G1tzFvBU=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584735032a90d8b3c57d7e024" ServerSessionID="S-13584735013e3d96e104025ce95" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="XH+nozYEnGxQY1uV2TSbEVDnWzO9y08xY/AAZnytDjU=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BLYB4QwvV/KBTHWb+RuZMbfEO72IOqB42/4sstnOZ1T78Q3WPF6EUwuz+gXFL0X3F7ub9ZnB4zszH+XUwFD+fIM=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584735032a90d8b3c57d7e024" ID="S-13584735013e3d96e104025ce95" MAC="sTpeB0ti+CQrOafmyUWZUcLSg6/MiTYdAJXYcWXlXg4=" Nonce="AtbwWrVLPegri2HL/kdYfnqH73Ns7vRXO8UtoVhCMGg=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="qbfv/kEQsyKjAMMEcAS0lBVsBTeCrPwVFvHmu1zqJro=">
<ds:X509Data>
<ds:X509Certificate>MIIClzCCAX+gAwIBAgIGATWEc1BxMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyNFoXDTM3MDIxNjA0MzcyNFowQjEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGzAZBgNVBAMTEkpVbml0IEtleUFncmVlbWVudDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLYB4QwvV/KBTHWb+RuZMbfEO72IOqB42/4sstnOZ1T78Q3WPF6EUwuz+gXFL0X3F7ub9ZnB4zszH+XUwFD+fIOjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgQwMB0GA1UdDgQWBBTOs5koU+XWJPcGlkPojTdS/QybujAfBgNVHSMEGDAWgBQAfp3TTGjZutv58oPYDV14K+1hLTANBgkqhkiG9w0BAQsFAAOCAQEAM6bb8VoxfVu2DOzdYwzohYOyWzEZVOFOx3SPeg3qW05P023xmcXVPw2MLKk4jCdcy6k77ZrE97TVBlELZIfm404w08uX1C4pvMiN/VYZeThRQLIi+Sc7v8GL8YDsi82RII+AX4R7slM+qNi9ieAC4yPTizGZ+Xj18wH6LzareOy7lJvy20t+jvmvDpuxMiQfHlXyT4BaZJkZ145Z4m1lONIlQQHonpNfz9muKFNWwLwE86wkV19UQrLeFX1sh19mbThGTmsjMSzQvpQ95HNzYS43wlxC2hxJXgAWHj3oQ6odzwsT6/GTHWUhpIHmcqWjTobXIe9ye7thkvPSvYD2Gg==</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="iBzQJGqmQgy5xrbHD3wUSZCrzz/4VNMQS7egjehFTOM=" ID="C-13584735032a90d8b3c57d7e024" ServerSessionID="S-13584735013e3d96e104025ce95" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[29] CN=JUnit KeyAgreement, E=john.doe@example.com
Begin Test (UnlockKey:1)
PIN Protection
ECC Key
Updatable session
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-135847350bf6f71fd88d652fe33" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-135847350bf6f71fd88d652fe33" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-135847350bf6f71fd88d652fe33" ServerTime="2012-02-16T05:37:24+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJ1+q1Gb94WzhdhuUw2YbDHWJrTX/6GIZByFixnw1mImC74NE0as+fJwEPalUsUBdpTgDW2ygiFkt+Pn7J98TZI=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
<KeyManagementKey>
<ds:RSAKeyValue>
<ds:Modulus>xBV+G+LJh1Bh75OUkVDDAbK1d5a+TKdQVmVsjlHInWpe5h9/ZzJ/pb3CcdUH1xsRWJEPPkbxYN15Hq5kG6tJ3GYkRX1AX0knf6BWXsMSxF0LqRbDuTd2DEzeDdB27TI+KKJPAGAqMuvigXu9mgyOTHq0C5Mx7L1LFbRctpkNxeU=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</KeyManagementKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="OVU9t6xHNu28OAC49F2UIxFQwhlOEAmIcfbvFaH+OKywl2qw7U89GhIoZSTomTDwJ8m2TKdh/1LimkbntYgar7W29XdcB13w2thdLDeO6e6sRqY4h6VcPZye5jlkgEbeiNsOT+c89K9Uvpi8IT9cBEOsPDUp/LzauEMBTIMnoWo=" ClientTime="2012-02-16T05:37:24+01:00" ID="C-135847350de3f0a4141230b327d" ServerSessionID="S-135847350bf6f71fd88d652fe33" ServerTime="2012-02-16T05:37:24+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BFpzcAm2tCsEdJgD8MNWdetZWUkj1yykqy0nhP2qhRonuJV69w+29Ugyxd+69K55SQhCwq6fibZCeb6jDTC5i14=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-135847350de3f0a4141230b327d">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>6qtGvrK4p1wjzUqMHhaDftA8rV6TXzoxE7gDCbyUafQ=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>8z1wtA14Tr7ODBtRY26GHwVhcf1nDPRuBH6fSf7BQoM=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-135847350de3f0a4141230b327d" ID="S-135847350bf6f71fd88d652fe33" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="Vt+uzft60nr1I9k+NIEqDohxQaIcTgFzfMrt3rT49Bg=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="lzPwRFOfu567owpEo2iQBAU4EjPwO3XNMwn3hzKIiq0=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-135847350de3f0a4141230b327d" ServerSessionID="S-135847350bf6f71fd88d652fe33" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="0op6Dl0LGbE3dHuVgckEu6iOR48BoToDMsMV0O+zLyI=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BGKTl7mvueVopSM0o7YaXWRcVkPmDxSOzU5oF4+zEPplsur9EEeYxpGbQ4eX6Hd3DvNJjqh0/p1OdQ4zL82J94k=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-135847350de3f0a4141230b327d" ID="S-135847350bf6f71fd88d652fe33" MAC="rNfS+h38nDjOZSQFc0aP4OzMUCbyTedp6X+XnMP//DI=" Nonce="i8UD+mq4F8DF0VRkGiin9dibrjBJItH0Eirn9zK6118=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="LIvLMJd07asMr3HSuP08H+AgxCMvL13x7hrh3KnwSXY=">
<ds:X509Data>
<ds:X509Certificate>MIIClDCCAXygAwIBAgIGATWEc1ENMA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyNFoXDTM3MDIxNjA0MzcyNFowPzEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xGDAWBgNVBAMTD0pVbml0IFVubG9ja0tleTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGKTl7mvueVopSM0o7YaXWRcVkPmDxSOzU5oF4+zEPplsur9EEeYxpGbQ4eX6Hd3DvNJjqh0/p1OdQ4zL82J94mjXTBbMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgOIMB0GA1UdDgQWBBRb0OsdeFfhdu4xYEi2ukEqajDoszAfBgNVHSMEGDAWgBQAfp3TTGjZutv58oPYDV14K+1hLTANBgkqhkiG9w0BAQsFAAOCAQEAgTiq0ABOF5xWE0oXK3yhpJog5QyJENzkRC2nmEiY6kvxlXajbNspwnvY+0OmKd/INPvz6GGecVNVezW9CZhPspfT/qO3lxmgvKMrrAGAtc9h03Kl0UYREYS4dSO+KNkgjxas0ZrTFKtDHOcyWr3wz2AWCbM/FGhWUvlyd69SkYRi3eY0tX4o6Kn2iVObYxaekSJF4i9gHlVlS1ATIiGjkYlrGluZA26U9nY3xhZZsSy6dQFXugfdS3nNXB37OU59dEhMOslp/pjAvLYHxTWBCfAzchY7T+JnmjhROuHqeJl2zzhcxR7YaGTJOxFcNGwKa3hyIfoKTVqwsLBHzV8x5g==</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="xp9hJUE4y4agb+9JcIQiobdQuCrnuQmIj+Nx75CdHlA=" ID="C-135847350de3f0a4141230b327d" ServerSessionID="S-135847350bf6f71fd88d652fe33" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[30] CN=JUnit UnlockKey, E=john.doe@example.com
Begin Test (UnlockKey:2)
UnlockKey
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="unlock" ID="S-1358473515b7b2d7f472b81dfa0" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-1358473515b7b2d7f472b81dfa0" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-1358473515b7b2d7f472b81dfa0" ServerTime="2012-02-16T05:37:24+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BCPpN1fJhvbVfQ+r2i3LnsrP3TiKGSyB+athkN43s0HvsVt6GFewCJbLs11j1nO7r0BqpmoyIoLCg+ON271o2vY=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="i1mp0NptVH9aWse1JsUglYj4X0pvWEqYtNMIJnd5AlA12Oobb85ZQEM+rUNqI/AzHXJUg3qvBkiACg86wars084uvDl4w0Nmtc+xFVHKHV5fNSYJLa0jDYgbbbMy/QC98fDiXPQNCQgXmzGQ9tN3NEqSBWfNaEH+ronsX4QzuUs=" ClientTime="2012-02-16T05:37:24+01:00" ID="C-1358473516a80d90a1e318b4d83" ServerSessionID="S-1358473515b7b2d7f472b81dfa0" ServerTime="2012-02-16T05:37:24+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BKHBNkq/MOFOm/OI00sUDQlK3fjK7dfWlp0Vg43pQZBk0Eb9oPN5NvyWSEzepXOha1BR56kYJyvNGSBlfwAYgZs=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<DeviceCertificatePath>
<ds:X509Data>
<ds:X509Certificate>MIIC2DCCAcCgAwIBAgIGARTWcc7VMA0GCSqGSIb3DQEBBQUAMEExCzAJBgNVBAYTAlVTMSEwHwYDVQQKExhTZWN1cmUgU2lsaWNvbiBTb2x1dGlvbnMxDzANBgNVBAMTBlRQTSBDQTAgFw0wNzA3MTAxMDAwMDBaGA8yMDUwMDcxMDA5NTk1OVowPDEcMBoGA1UEBRMTU1NTLzA1Njc3NTUzMzMzL0EuMjEcMBoGA1UEAxMTVFBNIEVuZG9yc2VtZW50IEtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqSB2rrEj/UB6CK4devyqKQeDQvu/w0Ja9C+4wwttR88BtsutxfQ7Q67AIfzPM6Wz18+GDVkVkMhmnQZH1ttEjXvro1edMiOknNf3hkFAK2OyDS1L15KAt5UMH0RLA24VOhxjxWrsV+6iqAvePhprP9MbZ6CKRG2Rs1e9q4tnoFECAwEAAaNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA/gwHQYDVR0OBBYEFFvpX8X/0clsSvnO/oJ2DVM98DRdMB8GA1UdIwQYMBaAFCV28erOwVqkpGUdHVMJhrm5QW0/MA0GCSqGSIb3DQEBBQUAA4IBAQALFIHdE24gHXhMTcDeMzhz9wFC9bO48okCAXf3IMpHIt53JbWiMkbii92dCU12wFN5ahAioeyX8SOGIUHeomOjbixSdQHo7VXyRCzHDmH6oi+hDLXKedV4MYzQ37OM3dCTW1tnC04PXxziHUV5Oyceg7+RwsRv/WBN9v+wICBgF3S/+c+5V8JD/FMVMyigRIdgSJtn93268ZjKZpHex4DNZ30wWE7z6WF9xNlkgzMDJZl288bR1s7INK5rn+Ucd4SI0AdckJb8A8nozj6otCNA/7zkFqoIdawCV4OfAGXLIwJBCp85ANJbYyaX+J+ofWY+xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate>
</ds:X509Data>
</DeviceCertificatePath>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-1358473516a80d90a1e318b4d83">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>J4ip+FuEAJyY3ACHDiyeUUWgX3Xjab5JSVar2bpHeaI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>YuAnheVKWgcu/I2OtDtT4xd9OQLTrQPKg2+S+yHRghs=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: CredentialDiscoveryRequest |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryRequest ClientSessionID="C-1358473516a80d90a1e318b4d83" ID="S-1358473515b7b2d7f472b81dfa0" SubmitURL="http://issuer.example.com/credisc" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<LookupSpecifier ID="Lookup.1" Nonce="+RYbx7lE6/h5SzA6B4TkKG5glVwTEQcyPXXRYyyvtMs=">
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>D2oppiXJUDc9AoDAsru5ZupYwhir/Zml6zhC7D5X+GQ=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>E+m4jYuhh2O2Mi47XbrWTo4zA6Kvv6ghGni/LxdxIx3GN0hllbDAiNjn5fMTaUoznIZg0bxI5gDaqkFzbw0vUtpVA3VmsZEQYDbJlKoneC/5v1b5YqwvOfjpCjcsKGHA/QpkMm9NIVoa3y28YAdqHeCEzABC02xVnBRKtOp2zq4=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>xBV+G+LJh1Bh75OUkVDDAbK1d5a+TKdQVmVsjlHInWpe5h9/ZzJ/pb3CcdUH1xsRWJEPPkbxYN15Hq5kG6tJ3GYkRX1AX0knf6BWXsMSxF0LqRbDuTd2DEzeDdB27TI+KKJPAGAqMuvigXu9mgyOTHq0C5Mx7L1LFbRctpkNxeU=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.2" Nonce="+RYbx7lE6/h5SzA6B4TkKG5glVwTEQcyPXXRYyyvtMs=">
<SearchFilter Email="john.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.2">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>961AOo5DR9s1Jvx5b9sppnCjnBYlyHOmIs294JkgXDk=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEYCIQCWXJfmhSwCPuzUQPOubKRRRVzLnVcY8/nVJI6a+BFVSQIhALsFYiIbdn4MjFk0cYwKZYj9TdOeM1O221gW7hTTNvxg</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.3" Nonce="+RYbx7lE6/h5SzA6B4TkKG5glVwTEQcyPXXRYyyvtMs=">
<SearchFilter Email="jane.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>4jKjCJfKXL0QBMRfZKjK45JclKzPfA+O4qeXnQ5FGyw=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEUCIQDQD4gAZmir6nLlr58OvM0ZM5zP99+gkSzdxbm9buYuogIgC86NLLGTaEf7/OAp58ApXys9s1uxt4EyP1EcL7RbK6g=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.4" Nonce="+RYbx7lE6/h5SzA6B4TkKG5glVwTEQcyPXXRYyyvtMs=">
<SearchFilter Email="john.doe@example.com" ExcludedPolicies="1.3.4 34.90" IssuedAfter="2012-02-16T05:37:24+01:00" IssuedBefore="2012-02-16T05:35:44+01:00" Policy="5.4.8" Serial="123" Subject="CN=John"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>167fDQRpcTigaZVtmuW61vgZVpddcsrhVg/ead/CLe8=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>ZOB8ItxjiYDgCqHqYMrpoTNf1Zep7M1ZjhFIf9bWKpsKu9jMbor9Y8XbdpKaGlPhOtJaAwxIi9np5E9nY59fJs+//D5d4fNYc9vfSA+rTGspi7R5fbCN/SZRhL2QAJyIDeWaxwcxOhQMEWa185uJ8sDaUb1Bg2CaTUgFEGOPq5/lEtPKiDyBUNazLLYA7fO12U8CVHzqP1ddnL6Rn7mdO70nZaww72txFRKGlNtCFonvYMp5PBTSPMcxBqha1VUdQLc36g5VitkYrZgqkGf9r1a0y+BI/VaT3Pmn5tuyYiKaes3FkfEu8QaY7PQ4qchRHdfqUGkvvFohMbNQO0IrhQ==</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>nU9zexF+jmgH2UUPaN9GoX4ENcA6wCNU5HHZnzt8uD9kT8fz5OpuvuBU7hMXzw7mHoVX5DIFc1mLiWGD9HnhQCTXGyFcjlKJ3AaRpwwJ1nTvBMkD+etTM4CxwO1qBK6ypLFELrwfMT5fiP3ZnxzAHkbxV1rQ6maQ+StZSuqo8tYPRKJdQ9Q8UP/8MjdK5ei8ue7kCdS0rzx67ENRASjKavqVTEVwU78ADRkBI+GsnZSdCNK+54URubmTaKXM2YHYk0BTv2X9ttBXW+ojGBz4wQPkcO9v2n2fxXjknHNtuaz1PMwn+izd0HomVOae0iV4aWxQJMY4k/fv5xUNIME0gw==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
</CredentialDiscoveryRequest>
| Pass #6: CredentialDiscoveryResponse |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryResponse ID="C-1358473516a80d90a1e318b4d83" ServerSessionID="S-1358473515b7b2d7f472b81dfa0" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<LookupResult ID="Lookup.1">
<MatchingCredential CertificateFingerprint="iBiLVYwG0+fKlzdc70WdfUcR5rZrXdzk/A/wE0n0wGw=" ClientSessionID="C-135847350de3f0a4141230b327d" Locked="true" ServerSessionID="S-135847350bf6f71fd88d652fe33"/>
</LookupResult>
<LookupResult ID="Lookup.2"/>
<LookupResult ID="Lookup.3"/>
<LookupResult ID="Lookup.4"/>
</CredentialDiscoveryResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-1358473516a80d90a1e318b4d83" ID="S-1358473515b7b2d7f472b81dfa0" MAC="k7JIK5EOTn1IL2dOE8xvIVKTKJqCe7knpQcBB+jPigo=" Nonce="CAdBpDFq7M1UpKeAh3pJTwSZq9SGqmnNl4X3xioBW5o=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<UnlockKey Authorization="l8ldId3h5hz0oaWiiDXiu5ydOFofBOmJRhJpBnWbqs8nhYdQqToMXxdnhUswJRTuIpa/rwRhz5FGMKPyjQ+Zn5JAPv8X4VSq+rzCe2U5H8cYOqSYDzWyoQ8e+vMjQ9fG5ZFkuYZyftM8SZUAwsAfiPAox2va6dK3s6FdZk8YOOY=" CertificateFingerprint="iBiLVYwG0+fKlzdc70WdfUcR5rZrXdzk/A/wE0n0wGw=" ClientSessionID="C-135847350de3f0a4141230b327d" MAC="++aC6zsC96rRBtsQRBApp+wYKVu/6nYzw2D2ZvnnFRo=" ServerSessionID="S-135847350bf6f71fd88d652fe33"/>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="cpeaAkOaVW1XpztiB8JuJCnCrvLAkOgWt9xRL0MzXEg=" ID="C-1358473516a80d90a1e318b4d83" ServerSessionID="S-1358473515b7b2d7f472b81dfa0" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[30] CN=JUnit UnlockKey, E=john.doe@example.com
Begin Test (PrivacyEnabled:1)
PIN Protection
Privacy Enabled
ECC Key
Updatable session
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="manage" ID="S-135847352261759f97981b96610" PrivacyEnabled="true" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-135847352261759f97981b96610" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-135847352261759f97981b96610" ServerTime="2012-02-16T05:37:24+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJQKU6Ts1XDomvcNIvkNQ6jyP5Ly1nV3k7uXSv58s8y1kojDS4wmymbZuN+V01ywDQkn5wxZAG5rSDnfAZ3v1OA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
<KeyManagementKey>
<ds:RSAKeyValue>
<ds:Modulus>xBV+G+LJh1Bh75OUkVDDAbK1d5a+TKdQVmVsjlHInWpe5h9/ZzJ/pb3CcdUH1xsRWJEPPkbxYN15Hq5kG6tJ3GYkRX1AX0knf6BWXsMSxF0LqRbDuTd2DEzeDdB27TI+KKJPAGAqMuvigXu9mgyOTHq0C5Mx7L1LFbRctpkNxeU=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</KeyManagementKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="kkLHuAXiZP9aMJp0mrKqgmOSw+N5dUdQQRxCwRjCrUY=" ClientTime="2012-02-16T05:37:24+01:00" ID="C-13584735235d5799977ba9afe4" ServerSessionID="S-135847352261759f97981b96610" ServerTime="2012-02-16T05:37:24+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BEKC3gEEV/IWFrwKWPSB64YGhwcon3oIdvxE8U6SF18pAvWOLXcyUyfwNHksaUCdiZFsAn8aI0k/QJf7vV+7+KY=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-13584735235d5799977ba9afe4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>5gHxQP4j3wS/ngGJjYEaOzjpCIVZmHosmVkBcOzqG4U=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>2OAgtQNJuklrzN8tBSAR5iYZ6kNb1qYszf9xUscO8YA=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: KeyCreationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.k1" ClientSessionID="C-13584735235d5799977ba9afe4" ID="S-135847352261759f97981b96610" SubmitURL="http://issuer.example.com/keyinit" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<PINPolicy Format="numeric" ID="PIN.1" MAC="V9fNb1o9U96QNtrH6Hh1a+Y2yTgQH0M65KEL8o6ra5k=" MaxLength="8" MinLength="4" RetryLimit="3">
<KeyEntry AppUsage="authentication" ID="Key.1" MAC="POK7HSf2o9wcTzbH9tUNlBd6G9XmIJXXf9NB3qUmSh8=">
<EC NamedCurve="urn:oid:1.2.840.10045.3.1.7"/>
</KeyEntry>
</PINPolicy>
</KeyCreationRequest>
| Pass #6: KeyCreationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<KeyCreationResponse ID="C-13584735235d5799977ba9afe4" ServerSessionID="S-135847352261759f97981b96610" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<PublicKey Attestation="JEu2fzvJvmTnms+ehTEkRObByM+2iNtUgCfeNLGRZmU=" ID="Key.1">
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BIRRaZIdHgK7NEPlWDzlJVH0Cvm3/NI1E7ZhB4m+fczv8y92VCtETj6PsDOreAR/HtiP2J5SDcKqT0ufomtCrr4=</ds11:PublicKey>
</ds11:ECKeyValue>
</PublicKey>
</KeyCreationResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-13584735235d5799977ba9afe4" ID="S-135847352261759f97981b96610" MAC="rlJJxnr3+zF4S+UQcYVVkKDGEfhA0vaY30j2HJEr468=" Nonce="ky7tmtr8C7Q0RfWA6C9+I6VMN2PjU5FE+EQba70O1L0=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<CertificatePath ID="Key.1" MAC="knXW+IeBPGI7hAHcczneJ+iQSULpug3XTyycpRjXTAg=">
<ds:X509Data>
<ds:X509Certificate>MIICmTCCAYGgAwIBAgIGATWEc1J0MA0GCSqGSIb3DQEBCwUAMEMxEzARBgoJkiaJk/IsZAEZEwNvcmcxFjAUBgoJkiaJk/IsZAEZEwZ3ZWJwa2kxFDASBgNVBAMTC0RlbW8gU3ViIENBMB4XDTEyMDIxNjA0MzcyNFoXDTM3MDIxNjA0MzcyNFowRDEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VAZXhhbXBsZS5jb20xHTAbBgNVBAMTFEpVbml0IFByaXZhY3lFbmFibGVkMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEhFFpkh0eArs0Q+VYPOUlUfQK+bf80jUTtmEHib59zO/zL3ZUK0ROPo+wM6t4BH8e2I/YnlINwqpPS5+ia0KuvqNdMFswCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0OBBYEFAgbTVY31NA09Uzb4pcnXlsrOBwBMB8GA1UdIwQYMBaAFAB+ndNMaNm62/nyg9gNXXgr7WEtMA0GCSqGSIb3DQEBCwUAA4IBAQAmp1sTVpJCxCRzlxBWzo/QotfK3KcmX6CSh2jzU6VDL52el6+HSBRI/NzW2JiZnu0EShottnglcnXILNt9QClAumofgoZEaCbi1dhaN3juO95jjZc2Ey7uP56JMcE6aFqkoxuSfEDG7zGNgz6iL7TqVSqGOllURh5nFHXSNBFQ72KLfC7M79DffIfYBal8Zxq3+SSDnVPw6KqCt2wEG+Se4NIuq29o3p41xuOOyDNEiyruZ8O1PjVB/ZBLI+eYnnYrM6qGktscN6bWFGSXLCDJhVWFUN7pRpTNcKlhj5bXUyaO0AATCV5hqeAkhawd1TfQ0ZovZmz5NZmd2sz6BK10</ds:X509Certificate>
</ds:X509Data>
</CertificatePath>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="yNjcEOe4DXzCmLdB4mePyA42XU9FX/sdypUDX/5FMv4=" ID="C-13584735235d5799977ba9afe4" ServerSessionID="S-135847352261759f97981b96610" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[31] CN=JUnit PrivacyEnabled, E=john.doe@example.com
Begin Test (PrivacyEnabled:2)
Privacy Enabled
UnlockKey
| Pass #1: PlatformNegotiationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationRequest Action="unlock" ID="S-135847352b2638c07f73abe9b49" PrivacyEnabled="true" SubmitURL="http://issuer.example.com/platform" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<IssuerLogotype Height="150" ImageFingerprint="AAUGBgAFBgYABQYGAAUGBgAFBgYABQYGAAUGBgAFBgY=" LogotypeURL="http://issuer.example.com/images/logo.png" MIMEType="image/png" Width="200"/>
<BasicCapabilities/>
</PlatformNegotiationRequest>
| Pass #2: PlatformNegotiationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<PlatformNegotiationResponse ServerSessionID="S-135847352b2638c07f73abe9b49" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<BasicCapabilities/>
</PlatformNegotiationResponse>
| Pass #3: ProvisioningInitializationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationRequest Algorithm="http://xmlns.webpki.org/keygen2/1.0#algorithm.sks.s1" ID="S-135847352b2638c07f73abe9b49" ServerTime="2012-02-16T05:37:24+01:00" SessionKeyLimit="50" SessionLifeTime="10000" SubmitURL="http://issuer.example.com/provsess" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ServerEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BOQA7sCOSzNgTM6xE/POK/Y+F3lvjFrQSutd6uUqD4XSWAJ61LTRDwCxzhrSJNkh4RIV5kckv4aXyzuJblMWOMU=</ds11:PublicKey>
</ds11:ECKeyValue>
</ServerEphemeralKey>
</ProvisioningInitializationRequest>
| Pass #4: ProvisioningInitializationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningInitializationResponse Attestation="J3Qa8faggxKbij29gBuBvUKuasfrcbj0pdcZJe20FFY=" ClientTime="2012-02-16T05:37:24+01:00" ID="C-135847352c25b5d5835494be181" ServerSessionID="S-135847352b2638c07f73abe9b49" ServerTime="2012-02-16T05:37:24+01:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<ClientEphemeralKey>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BCvt/uiR25HTrdj8IZZuFn/lvvQAg5JicWWT2otFsjBs2apxKjlrMV5YrcIaazQ0p6HhC7sBLflWBUCyRwRlqaI=</ds11:PublicKey>
</ds11:ECKeyValue>
</ClientEphemeralKey>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
<ds:Reference URI="#C-135847352c25b5d5835494be181">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>BI6uK3rRfmi1nAB+AOa2YbGt91PDv+Ipy2RD/CIP7Hc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>BD+HmLIR+UfT+sde5NOpBi6b7yqoY1JdgBXMEjZ+tmY=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>derived-session-key</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</ProvisioningInitializationResponse>
| Pass #5: CredentialDiscoveryRequest |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryRequest ClientSessionID="C-135847352c25b5d5835494be181" ID="S-135847352b2638c07f73abe9b49" SubmitURL="http://issuer.example.com/credisc" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<LookupSpecifier ID="Lookup.1" Nonce="lSf62qKJTBeYWoYY6BzmHfwyDQYvcOfU+NLDWfkYPno=">
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>D4gitbA9EREI9YmFKZ9O82WhMy1RTZnZVPkYEQ5veOM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Xb2pvwX8D4ks+GxLa/dg5+vQot0mC2xW5Z6maNtwhv3jX/7fzMszr0EAoQrrleP5GfPrecd2M6GgqMaFWjO/ONzGY31Y0MvNckYw8vcehdvZaDg+rBf8+AmrVadF0bZ2YCkKDOcjw9fEIpjMSJSOGzbXDI3PCP6Z6e2ac91lhl0=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>xBV+G+LJh1Bh75OUkVDDAbK1d5a+TKdQVmVsjlHInWpe5h9/ZzJ/pb3CcdUH1xsRWJEPPkbxYN15Hq5kG6tJ3GYkRX1AX0knf6BWXsMSxF0LqRbDuTd2DEzeDdB27TI+KKJPAGAqMuvigXu9mgyOTHq0C5Mx7L1LFbRctpkNxeU=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.2" Nonce="lSf62qKJTBeYWoYY6BzmHfwyDQYvcOfU+NLDWfkYPno=">
<SearchFilter Email="john.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.2">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>0t8HHT0BI2uMZJc8QOtR6x64f1BdC+Kgk9EUSEUJJLE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEUCIQCE11wVh+kF5bk/KaK4awQwLiYC6aJiUV9cKolT+NiohgIgPSzBRmrHeOGgpl6syJ/LewWNy7rdPT3f8YTIU/ENCOM=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.3" Nonce="lSf62qKJTBeYWoYY6BzmHfwyDQYvcOfU+NLDWfkYPno=">
<SearchFilter Email="jane.doe@example.com"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:Reference URI="#Lookup.3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>QB5IRoaDfrkfQVefHbspD483PX9/NyYF3gdD3KeRV0w=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEUCIQC0EG4BulGw0k2hffSXQDXjxEybsmuo6L0ft35Qk0RB1AIgcMt89wE78NMQYLv63nPD9jFWBJaAXOaE3eQLCEg53tA=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds11:ECKeyValue>
<ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<ds11:PublicKey>BJTcTbwFBBPLew0kAX7fdy1Ul8SgolY4W1ln8oNNtxQpLmTlQxXB3LgZrNLmhOfMaCnDizczC/RfQ6Kx8iNwfFA=</ds11:PublicKey>
</ds11:ECKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
<LookupSpecifier ID="Lookup.4" Nonce="lSf62qKJTBeYWoYY6BzmHfwyDQYvcOfU+NLDWfkYPno=">
<SearchFilter Email="john.doe@example.com" ExcludedPolicies="1.3.4 34.90" IssuedAfter="2012-02-16T05:37:24+01:00" IssuedBefore="2012-02-16T05:35:44+01:00" Policy="5.4.8" Serial="123" Subject="CN=John"/>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#Lookup.4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>DaM3OD9B7df2/63/CQxTRrzwPdtM0nl/aghW/oTD9sY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Cy4K0EtoLRHDIL86xnhpxnJG+pDadOAFUmgcRa/OOCdGp5DuGmf1jSVr3X9jCCX/7u4yMJpq+qt+hkSy7FVKQz+WcvmbWGpo9RdtWH94Ep2OsTdEkVF4T9Hu9DddHVSjM+fZnAQB/4JM5lETBVOlJlbAt2eAYpw/EdGnbycyJ7XhLSJubtGGu452QjwogJjWGdCksG9XZGGCH5cKndqAoveylvOiL5fm97w7kl7RvhTaPboei5P98SJpZDm6+jUKB/jrZCsXil/vSEGX++2Ku8WrKWOiY2+EIeAUBnEOh5QL9zLn1DZXT2nOZLMAg5WaFOagegmUvJXqQNoKrtgyBQ==</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>nU9zexF+jmgH2UUPaN9GoX4ENcA6wCNU5HHZnzt8uD9kT8fz5OpuvuBU7hMXzw7mHoVX5DIFc1mLiWGD9HnhQCTXGyFcjlKJ3AaRpwwJ1nTvBMkD+etTM4CxwO1qBK6ypLFELrwfMT5fiP3ZnxzAHkbxV1rQ6maQ+StZSuqo8tYPRKJdQ9Q8UP/8MjdK5ei8ue7kCdS0rzx67ENRASjKavqVTEVwU78ADRkBI+GsnZSdCNK+54URubmTaKXM2YHYk0BTv2X9ttBXW+ojGBz4wQPkcO9v2n2fxXjknHNtuaz1PMwn+izd0HomVOae0iV4aWxQJMY4k/fv5xUNIME0gw==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
</LookupSpecifier>
</CredentialDiscoveryRequest>
| Pass #6: CredentialDiscoveryResponse |
<?xml version="1.0" encoding="UTF-8"?>
<CredentialDiscoveryResponse ID="C-135847352c25b5d5835494be181" ServerSessionID="S-135847352b2638c07f73abe9b49" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#">
<LookupResult ID="Lookup.1">
<MatchingCredential CertificateFingerprint="h2hdAtrvcTOQMBAXRVJu63RCV49VryNQI5mXXJMbab4=" ClientSessionID="C-13584735235d5799977ba9afe4" Locked="true" ServerSessionID="S-135847352261759f97981b96610"/>
</LookupResult>
<LookupResult ID="Lookup.2"/>
<LookupResult ID="Lookup.3"/>
<LookupResult ID="Lookup.4"/>
</CredentialDiscoveryResponse>
| Pass #7: ProvisioningFinalizationRequest |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationRequest ClientSessionID="C-135847352c25b5d5835494be181" ID="S-135847352b2638c07f73abe9b49" MAC="OKRJapsT+kr8x1X4rjzTxnuB1sCg53fRkPkKMg3PYkE=" Nonce="U4uEjDw7qmMyeGM1VVjHZC8aunDaXsri+cH0o1lNc/c=" SubmitURL="http://issuer.example.com/finalize" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<UnlockKey Authorization="lEMrEu3j6aMhd+WnK/Bi+Av/GZPnYB+chY8BbtlwsJOIdt+PpdvKLvNjDGUT7/9XAZn0GznB6Wrziqlkf1CDWmGwOc5AK3PkViud7QhHdobZExhQLb5cnSng+2bniVeLGkkgF5fly+e/3h26ThA0aDzD85z9FmSptimpOf2oVh8=" CertificateFingerprint="h2hdAtrvcTOQMBAXRVJu63RCV49VryNQI5mXXJMbab4=" ClientSessionID="C-13584735235d5799977ba9afe4" MAC="ysY1m/comXRopPuTQXOWxxa0/dZ/yjmAQHR2R1DZNM8=" ServerSessionID="S-135847352261759f97981b96610"/>
</ProvisioningFinalizationRequest>
| Pass #8: ProvisioningFinalizationResponse |
<?xml version="1.0" encoding="UTF-8"?>
<ProvisioningFinalizationResponse Attestation="x8um6SEEqztsHe3SCcGkrn6E156ub0hHCLxHwcQ66fs=" ID="C-135847352c25b5d5835494be181" ServerSessionID="S-135847352b2638c07f73abe9b49" xmlns="http://xmlns.webpki.org/keygen2/beta/20110820#"/>
Deployed key[31] CN=JUnit PrivacyEnabled, E=john.doe@example.com