2.2.2.4 Wrapping

The Wrapping structure consists of X.509 certificates of type base64-encoded strings and an encryption TransportKey. This wrapping involves the authenticated encryption of concatenation of the ingress and egress keys.

<xs:element name="Wrapping" type="Wrapping_T" />
  <xs:complexType name="Wrapping_T">
     <xs:sequence>
        <xs:element name="Id" type="xs:unsignedInt" />
        <xs:element name="SigningCertificate" type="Certificate_T" />
        <xs:element name="SigningCertificateSignature" type="SigningCertificateSignature_T" />
        <xs:element name="EncryptionCertificate" type="Certificate_T" />
        <xs:element name="EncryptionCertificateSignature" type="EncryptionCertificateSignature_T" />
        <xs:element name="TransportKey" type="TransportKey_T" />
     </xs:sequence>
  </xs:complexType>

Id: A 32-bit unsigned integer that contains the wrapping ID.

SigningCertificate: Signing certificate of type Certificate_T as defined in section 2.2.3.11.

SigningCertificateSignature: Signing certificate signature as defined in section 2.2.2.12.

EncryptionCertificate: Encryption certificate of type Certificate_T as defined in section 2.2.3.11.

EncryptionCertificateSignature: Encryption certificate signature as defined in section 2.2.2.13.

TransportKey: Encrypted transport key as defined in section 2.2.2.14.