-
Id is the unique identifier for the element. InterSystems IRIS generates this automatically.
-
<EncryptionMethod> indicates the algorithm that was used to encrypt this data.
In InterSystems IRIS, you can specify this algorithm. See Specifying the Block Encryption Algorithm.
-
<CipherData> carries the encrypted data, as the value in the <CipherValue> element. In this example, the value MLwR6hvKE0gon[parts omitted]8njiQ== is the encrypted data.
-
(Not included in the example) <KeyInfo> identifies the symmetric key. In this case, <KeyInfo> includes a <SecurityTokenReference> element, which includes a reference to a symmetric key in one of the following forms:
-
A reference to a <DerivedKeyToken> earlier in the WS-Security header.
-
A reference to an implied <DerivedKeyToken>. For example:
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<SecurityTokenReference xmlns="[parts omitted]oasis-200401-wss-wssecurity-secext-1.0.xsd"
s01:Nonce="mMDk0zn8V7WTsFaIjUJ7zg=="
xmlns:s01="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512">
<Reference URI="#Id-93F97220-568E-47FC-B3E1-A2CF3F70B29B"></Reference>
</SecurityTokenReference>
</KeyInfo>
In this case, the URI attribute in <Reference> points to the <EncryptedKey> element used to generate the <DerivedKeyToken>, and the Nonce attribute indicates the nonce value that was used.
In both cases, this derived key was used to encrypt the data that is carried in this <EncryptedData> element.
The <KeyInfo> element is included if the encryption uses a top-level <ReferenceList> element; see <ReferenceList>.