XML Decryption Service (com.ibi.agents.XDXMLDecryptionAgent)

Syntax:

com.ibi.agents.XDXMLDecryptionAgent

iIT Service Object:

format: XML Decryption

Description: Decrypts data with the rules of XML Encryption.

Parameters:

Parameter

Description

XML Namespace Provider

The provider for the mapping between the XML namespace prefix and the namespace URI. If left blank, the XPath expression in the Processed Elements property and the attribute declarations in the ID Attributes property cannot contain namespaces.

XPath Syntax

Determines which syntax level of the XPath should be used. The default option selects the syntax level as set in the console global settings.

Processed Elements

The XPath expression returning the elements to be processed. The result must be a node set consisting of independent EncryptedData, EncryptedKey, and/or ReferenceList elements. If left blank, the agent will search throughout the document for all elements named EncryptedData in the namespace http://www.w3.org/2001/04/xmlenc#.

Remove Processed Elements

Determines whether the processed elements are removed from the document after being processed. EncryptedData elements are always replaced. EncryptedKey and ReferenceList elements are removed only when this property is true.

ID Attributes

A space-separated list of attributes that are considered type ID. The value of an ID attribute can be used in a same-document reference with a URI of the form #idvalue.

Each attribute declaration has the form ns:*/@ns1:attrib or @ns1:attrib where ns: and ns1: are optional. If used, the ns and ns1 prefixes must be declared in the XML Namespace Provider.

The form @ns1:attrib means an Attribute named attrib in XML Namespace ns1. The form ns:*/@ns1:attrib is similar except the attribute must also appear on an element of any name in the XML Namespace ns. The default value is xml:id ds:*/@Id xenc:*/@Id wsu:Id.

JCE Provider

The JCE provider that supplies the cryptographic needs.

KeyStore Provider *

The provider for the keystore containing the key encryption key.

Key Encryption Key Alias

The alias for keystore entry holding the key that will be used to decrypt the symmetric key. When left empty, the Key Encryption Key is resolved based on the information in the KeyInfo element.

Key Encryption Key Password

The password for the keystore entry holding the key that will be used to decrypt the symmetric key. If left blank, the password for accessing the keystore will be used.

Enforce KeyUsage Extension

If on, verify certificates used for encryption allow the keyEncipherment KeyUsage extension.

Edges:

The following table lists the available Line Edges for the XML Decryption Service (com.ibi.agents.XDXMLDecryptionAgent).

Line Edge

Description

OnError

An exception occurred during execution.

OnSuccess

The operation was successful.

OnFailure

A fail condition occurred during execution.

OnParseError

Could not parse a document.

OnFailedOperation

Could not perform the operation requested.