Assuming you’re your STS client cooperates with an STS concerning symmetric keys by supplying some entropy nad requesting “combined” entropy, the RSTR that comes back is processed before one gets the GenericXMLSecurityToken back. The token’s securitykeys do contain the client-side calculation of the combined process, given server-entropy signalled in the RSTR. There is NO need to go to the RSTR to get these keys. One goes to the GenericXMLSecurityToken.
point #2 shows the token variable – the client’s view of the response. At #1 ,we see the code to get the returned/computed proofkey.
point #3 shows an example RP – using WIF libraries to do what a typically WIF RP will do to also get the proof keys (by unwrapping them). Obviously, the WIF libraries have done all the wor leaving securitykeys available in the SAML token.