RobRichards\XMLSecLibs\XMLSecurityKey::generateSessionKey PHP Method

    public function generateSessionKey()
    {
        if (!isset($this->cryptParams['keysize'])) {
            throw new Exception('Unknown key size for type "' . $this->type . '".');
        }
        $keysize = $this->cryptParams['keysize'];
        if (function_exists('openssl_random_pseudo_bytes')) {
            /* We have PHP >= 5.3 - use openssl to generate session key. */
            $key = openssl_random_pseudo_bytes($keysize);
        } else {
            /* Generating random key using iv generation routines */
            $key = mcrypt_create_iv($keysize, MCRYPT_RAND);
        }
        if ($this->type === self::TRIPLEDES_CBC) {
            /* Make sure that the generated key has the proper parity bits set.
             * Mcrypt doesn't care about the parity bits, but others may care.
             */
            for ($i = 0; $i < strlen($key); $i++) {
                $byte = ord($key[$i]) & 0xfe;
                $parity = 1;
                for ($j = 1; $j < 8; $j++) {
                    $parity ^= $byte >> $j & 1;
                }
                $byte |= $parity;
                $key[$i] = chr($byte);
            }
        }
        $this->key = $key;
        return $key;
    }

 public function __doRequest($request, $location, $saction, $version)
 {
     $doc = new DOMDocument('1.0');
     $doc->loadXML($request);
     $objWSSE = new WSSESoap($doc);
     /* add Timestamp with no expiration timestamp */
     $objWSSE->addTimestamp();
     /* create new XMLSec Key using AES256_CBC and type is private key */
     $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
     /* load the private key from file - last arg is bool if key in file (true) or is string (false) */
     $objKey->loadKey(PRIVATE_KEY, true);
     /* Sign the message - also signs appropiate WS-Security items */
     $options = array("insertBefore" => false);
     $objWSSE->signSoapDoc($objKey, $options);
     /* Add certificate (BinarySecurityToken) to the message */
     $token = $objWSSE->addBinaryToken(file_get_contents(CERT_FILE));
     /* Attach pointer to Signature */
     $objWSSE->attachTokentoSig($token);
     $objKey = new XMLSecurityKey(XMLSecurityKey::AES256_CBC);
     $objKey->generateSessionKey();
     $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type' => 'public'));
     $siteKey->loadKey(SERVICE_CERT, true, true);
     $options = array("KeyInfo" => array("X509SubjectKeyIdentifier" => true));
     $objWSSE->encryptSoapDoc($siteKey, $objKey, $options);
     $retVal = parent::__doRequest($objWSSE->saveXML(), $location, $saction, $version);
     $doc = new DOMDocument();
     $doc->loadXML($retVal);
     $options = array("keys" => array("private" => array("key" => PRIVATE_KEY, "isFile" => true, "isCert" => false)));
     $objWSSE->decryptSoapDoc($doc, $options);
     return $doc->saveXML();
 }