XML Encryption Service
The XML Encryption service invokes the Business Service Handler to interpret and execute activities that are defined in the BPSS.
The following table provides an overview of the XML Encryption service:
Category | Description |
---|---|
System name | XMLEncryption |
Graphical Process Modeler (GPM) categories | All Services, Translation |
Description | Invokes the Business Service Handler to interpret and execute activities defined in the BPSS. |
Business usage | Usage examples:
|
Usage example | You have a business process that needs to XML-encrypt a document as part of the security requirements. |
Preconfigured? | No |
Requires third-party files? | No |
Platform availability | All supported Sterling B2B Integrator platforms |
Related services | No |
Application requirements | No |
Initiates business processes? | No |
Invocation | Not applicable |
Business process context considerations | No |
Returned status values | None |
Restrictions | No |
Persistence level | System default |
Testing considerations | None |
Output from Service to Business Process
The following table describes the output from the XML Encryption service to the business process:
Parameter | Description |
---|---|
wfc | Encrypted/Decrypted document will be stored in the Primary Doc if no incomingDoc value was specified. Optional. |
encryptedEnvelope/incomingDoc | The document ID for the encrypted/decrypted doc will be stored in a valid ebXML node structure if the incomingDoc node was specified. Optional. |
Output from Business Process to Service
The following table describes the output from the business process to the XML Encryption service:
Parameter | Description |
---|---|
incomingDoc | The ebXML node structure containing the multiple documents. Valid value is valid ebXML node structure containing the document ids. If not entered, primary document will be encrypted/decrypted. Optional. |
alias | The alias name of the public/private key used in encryption/decryption. Required. |
encMode | The mode of operation. Valid values are ENCRYPT and DECRYPT. Required. |
encType | The type of operation. Currently, only DOCUMENT is supported. Valid value is DOCUMENT. Required. |
Output Parameters
This section contains examples of using output parameters for the XML Encryption service.
Output Parameters – Encryption of multiple documents
Encryption of multiple documents can only be done if the input node follows the ebXML MIME node structure. The following is an example of how you would invoke the service:
<operation name="ValidateDoc">
<participant name="XMLEncryption"/>
<output message="validateDoc">
<assign to="incomingDoc" from="ebXMLMessage/mime:message"/>
<assign to="alias"from="string(cpa/tp:CollaborationProtocolAgreement/tp:
PartyInfo[1]/tp:Certificate[@tp:certId=//EncryptCertId/text()]/
ds:KeyInfo/ds:KeyName)"/>
<assign to="encMode" from="'ENCRYPT'"/>
<assign to="encType" from="'DOCUMENT'"/>
<assign to="." from="*" />
</output>
<input message="validateDocResponse">
<assign to="ebXMLMessage" from="encryptedEnvelope/incomingDoc/node()"/>
</input>
</operation>
Output Parameters – Encryption using the Primary Document
The following example illustrates how to invoke the service for encryption using the primary document:
<operation name="ValidateDoc">
<participant name="XMLEncryption"/>
<output message="validateDoc">
<assign to="alias" from="'SomePublicKeyName'"/>
<assign to="encMode" from="'ENCRYPT'"/>
<assign to="encType" from="'DOCUMENT'"/>
<assign to="." from="*" />
</output>
<input message="validateDocResponse">
<assign to="." from="*"/>
</input>
</operation>
Output Parameters – Decryption of Multiple Documents
Decryption of multiple documents can only be done if the input node follows the ebXML mime node structure. The following example shows how you would invoke the service:
<operation name="ValidateDoc">
<participant name="XMLEncryption"/>
<output message="validateDoc">
<assign to="incomingDoc" from="InboundMIME/mime:message"/>
<assign to="alias" from="string(cpa/tp:CollaborationProtocolAgreement/
tp:PartyInfo[1]/tp:Certificate[@tp:certId=
//DecryptCertId/text()]/ds:KeyInfo/ds:KeyName)"/>
<assign to="encMode" from="'DECRYPT'"/>
<assign to="encType" from="'DOCUMENT'"/>
<assign to="." from="*" />
</output>
<input message="validateDocResponse">
<assign to="InboundMIME" from="encryptedEnvelope/incomingDoc/node()"/>
</input>
</operation>
Output Parameters – Decryption using the Primary Document
For decryption using the primary document, the following is an example of how you would invoke the service:
<operation name="ValidateDoc">
<participant name="XMLEncryption"/>
<output message="validateDoc">
<assign to="alias" from="'SomePrivateKeyName'"/>
<assign to="encMode" from="'DECRYPT'"/>
<assign to="encType" from="'DOCUMENT'"/>
<assign to="." from="*" />
</output>
<input message="validateDocResponse">
<assign to="." from="*"/>
</input>
</operation>
Implementing the XML Encryption Service
- Create an XML Encryption service configuration. For information, see Managing Services and Adapters.
- Use the XML Encryption service in a business process.