XML Encryption Service

The XML Encryption service invokes the Business Service Handler to interpret and execute activities that are defined in the BPSS.

The following table provides an overview of the XML Encryption service:

Category Description
System name XMLEncryption
Graphical Process Modeler (GPM) categories All Services, Translation
Description Invokes the Business Service Handler to interpret and execute activities defined in the BPSS.
Business usage Usage examples:
  • Encrypts primary document or specified document using the document ID.
  • Decrypts primary document or specified document using the document ID.
Usage example You have a business process that needs to XML-encrypt a document as part of the security requirements.
Preconfigured? No
Requires third-party files? No
Platform availability All supported Sterling B2B Integrator platforms
Related services No
Application requirements No
Initiates business processes? No
Invocation Not applicable
Business process context considerations No
Returned status values None
Restrictions No
Persistence level System default
Testing considerations None

Output from Service to Business Process

The following table describes the output from the XML Encryption service to the business process:

Parameter Description
wfc Encrypted/Decrypted document will be stored in the Primary Doc if no incomingDoc value was specified. Optional.
encryptedEnvelope/incomingDoc The document ID for the encrypted/decrypted doc will be stored in a valid ebXML node structure if the incomingDoc node was specified. Optional.

Output from Business Process to Service

The following table describes the output from the business process to the XML Encryption service:

Parameter Description
incomingDoc The ebXML node structure containing the multiple documents. Valid value is valid ebXML node structure containing the document ids. If not entered, primary document will be encrypted/decrypted. Optional.
alias The alias name of the public/private key used in encryption/decryption. Required.
encMode The mode of operation. Valid values are ENCRYPT and DECRYPT. Required.
encType The type of operation. Currently, only DOCUMENT is supported. Valid value is DOCUMENT. Required.

Output Parameters

This section contains examples of using output parameters for the XML Encryption service.

Output Parameters – Encryption of multiple documents

Encryption of multiple documents can only be done if the input node follows the ebXML MIME node structure. The following is an example of how you would invoke the service:

<operation name="ValidateDoc"> 
   <participant name="XMLEncryption"/> 
   <output message="validateDoc"> 
     <assign to="incomingDoc" from="ebXMLMessage/mime:message"/> 
     <assign to="alias"from="string(cpa/tp:CollaborationProtocolAgreement/tp:
              PartyInfo[1]/tp:Certificate[@tp:certId=//EncryptCertId/text()]/
              ds:KeyInfo/ds:KeyName)"/> 
     <assign to="encMode" from="'ENCRYPT'"/> 
     <assign to="encType" from="'DOCUMENT'"/>
     <assign to="." from="*" />
   </output> 
   <input message="validateDocResponse"> 
     <assign to="ebXMLMessage" from="encryptedEnvelope/incomingDoc/node()"/> 
   </input> 
</operation>

Output Parameters – Encryption using the Primary Document

The following example illustrates how to invoke the service for encryption using the primary document:

<operation name="ValidateDoc"> 
   <participant name="XMLEncryption"/> 
   <output message="validateDoc"> 
      <assign to="alias" from="'SomePublicKeyName'"/> 
      <assign to="encMode" from="'ENCRYPT'"/> 
      <assign to="encType" from="'DOCUMENT'"/> 
      <assign to="." from="*" />   
   </output> 
   <input message="validateDocResponse"> 
      <assign to="." from="*"/> 
   </input> 
</operation>

Output Parameters – Decryption of Multiple Documents

Decryption of multiple documents can only be done if the input node follows the ebXML mime node structure. The following example shows how you would invoke the service: 

<operation name="ValidateDoc"> 
   <participant name="XMLEncryption"/> 
   <output message="validateDoc"> 
      <assign to="incomingDoc" from="InboundMIME/mime:message"/> 
      <assign to="alias" from="string(cpa/tp:CollaborationProtocolAgreement/
                            tp:PartyInfo[1]/tp:Certificate[@tp:certId=
                            //DecryptCertId/text()]/ds:KeyInfo/ds:KeyName)"/> 
      <assign to="encMode" from="'DECRYPT'"/> 
      <assign to="encType" from="'DOCUMENT'"/> 
      <assign to="." from="*" />   
   </output> 
   <input message="validateDocResponse"> 
      <assign to="InboundMIME" from="encryptedEnvelope/incomingDoc/node()"/> 
   </input> 
</operation>

Output Parameters – Decryption using the Primary Document

For decryption using the primary document, the following is an example of how you would invoke the service:

<operation name="ValidateDoc"> 
   <participant name="XMLEncryption"/> 
   <output message="validateDoc"> 
      <assign to="alias" from="'SomePrivateKeyName'"/> 
      <assign to="encMode" from="'DECRYPT'"/> 
      <assign to="encType" from="'DOCUMENT'"/> 
      <assign to="." from="*" />   
   </output> 
   <input message="validateDocResponse"> 
      <assign to="." from="*"/> 
   </input> 
</operation>

Implementing the XML Encryption Service

To implement the XML Encryption service for use in a business process:
  1. Create an XML Encryption service configuration. For information, see Managing Services and Adapters.
  2. Use the XML Encryption service in a business process.