SQLData Systems, Inc.
Home | Products | Services | Documents | Support

SQLData XKMS Server v2.0

XML Key Management Specification (http://www.w3.org/2001/XKMS/)  is a  web service interface for exchanging trust information over the Internet. It is a foundation for secure web services and a powerful interface for using public key technology transparently. 

SQLData XKMS Server  is a C++ implementation of the XKMS 2.0 standard. It supports all messages defined in the Key Information Service (XKISS) and the Key Registration Service (XKRSS). The XKMS Server 2.0 is bundled with a certificate authority (CA) and is capable of issuing, validating and revoking certificates synchronously or asynchronously.

SQLData XKMS 2.0 Server is one of the two server implementations that helped to rectify the XKMS 2.0 specification by the W3C XKMS Work Group. It has been thoroughly tested during the interoperability testing and passed all the standard test cases.

We have a live test server at http://soapclient.com/xml/xkms2 for demonstrations and  interoperability tests. You can send XKMS requests directly to the address using either SOAP 1.1 or SOAP 1.2. The following information may be needed to authenticate a request:

  • KeyName: XKMSTester
  • Email Address :  tester@sqldata.com (The UseKeyWith Application 'urn:ietf:rfc:2633')
  • Shared Secret :  password

(Note that the test service requires a two-phase protocol, i.e., it responds to an original request with a nonce and the requester must present the nonce in the follow-on requests.)

Key Features

  • Comprehensive XKMS implementation: The server supports many features defined in the XKMS 2.0 specification. All key related operations are implemented.
  • SOAP 1.1 and SOAP 1.2 supports are built-in and configurable.
  • Integrated with PKI and CA operations.
  • Support both client generated key and server generated key registration
  • Two-phase protocol is implemented.
  • Automatic XML signature verification and message authentication validation.
  • Strong private key encryption.
  • Key store can use any RDBMS. 
  • Client implementation is also available -  we offer a COM XKMS 2.0 client object for interacting with XKMS 2.0 services.
  • Support both synchronous and asynchronous processing.
  • Support compound request and response.
  • Automatic validation of XKMS messages using XKMS 2.0 schema.
  • Support request authentication using WS-Security headers.
  • Include standard XML Signature and XML Encryption for secure key exchanges.
  • Work in Windows NT/2000/2003/XP as an NT service.

XKMS 2.0 Client Sample Code:

SQLData has also implemented a very powerful XKMS 2.0 client. The Client is a COM object that encapsulates the complexity of XKMS messages, and makes XKMS as simple as a couple of function calls. The following samples demonstrate how to use the object in VB script:

1. Key Registration:

    The following code registers a client generated key, the returned X509 certificate is saved in XKMSTester.pem file:

'create a XKMS client object
set myClient = CreateObject ("SQLData.XKMSClient2")
myClient.SetProperty "ServerAddress","http://soapclient.com/xml/xkms2"
'Set key infomation 
myClient.SetKeyInfo "XKMSTester", ""
'This is the pass phrase for revoking the key
myClient.SetProperty "PassPhrase", "Help I Have Revealed My Key"
'add X.509 required info
myClient.AddUseKeyWith "urn:ietf:rfc:2459", _ "C=US;L=Gaithersburg;S=MD;O=SQLData;OU=DEV;CN=XKMS Tester"
'generate the key and register 
myClient.Register "tester@sqldata.com", "password",1
wscript.echo myClient.GetResponse("Envelope")

 2. Key Validation:

The following code check the validity of a key named XKMSTester.

'create an XKMS client object
set myClient = CreateObject ("SQLData.XKMSClient2")
myClient.SetProperty "ServerAddress","http://soapclient.com/xml/xkms2"
'This validate a pre-registered public key
isValid = myClient.Validate ("XKMSTester" ,"", "tester@sqldata.com")
wscript.echo isValid

The XKMS Client can be downloaded at here.

Please contact info2-at-sqldata-dot-com for purchase information.

 

Download | Purchase | ContactFeedback


Send mail to  info2-at-sqldata-dot-com with questions or comments about this web site.
Copyright 1997-2005 SQLData Systems, Inc.
Last modified: August 28, 2009