GetEncryptingKey is used to request a key that can be used to encrypt a KeyCredential.

This Method shall be called from an encrypted SecureChannel and from a Client that has access to the SecurityAdmin Role (see 8.2).

Signature

GetEncryptingKey(

[in] String credentialId

[in] String requestedSecurityPolicyUri

[out] ByteString publicKey

[out] String revisedSecurityPolicyUri

);

Argument

Description

credentialId

The unique identifier associated with the KeyCredential.

requestedSecurityPolicyUri

The SecurityPolicy used to encrypt the secret.

If not specified the Server chooses a suitable default.

publicKey

The Public Key used to encrypt the secret.

The format depends on the SecurityPolicyUri.

revisedSecurityPolicyUri

The SecurityPolicy used to encrypt the secret.

It also specifies the contents of the publicKey.

This may be different from the requestedSecurityPolicyUri.

Method Result Codes (defined in Call Service)

Result Code

Description

Bad_InvalidArgument

The credentialId is not valid.

Bad_UserAccessDenied

The current user does not have the rights required.

Bad_SecurityModeInsufficient

The SecureChannel is not encrypted.

Table 97 specifies the AddressSpace representation for the GetEncryptingKey Method.

Table 97 – GetEncryptingKey Method AddressSpace Definition

Attribute

Value

BrowseName

0:GetEncryptingKey

References

NodeClass

BrowseName

DataType

TypeDefinition

ModellingRule

0:HasProperty

Variable

0:InputArguments

0:Argument[]

0:PropertyType

Mandatory

0:HasProperty

Variable

0:OutputArguments

0:Argument[]

0:PropertyType

Mandatory