Page tree
Skip to end of metadata
Go to start of metadata

Encrypts one or several elements of an XML document.

N.B.: Using this node requires the XML Firewall license option.


  • Display name: The name of the node as it will appear in the Workflow. Replaces the term “XML Encrypt”.
  • XML Document: the document to encrypt
  • Key Store: the keystore profile containing the keys
  • Key Name: the name of the key to use
  • Encryption Algorithm: the encryption algorithm to use 
  • Encrypt whole document: if “Yes”, the node will encrypt the root of the document, if “No”, then the user must enter an XPath with its XML Namespace to indicate which node to encrypt.

Provided Attributes

  • xml.encrypt.nb_nodes: The number of encrypted elements. The value of this attribute is 1 when an entire document is encrypted; it can be greater when an XPath expression selects several XML nodes.
  • xml.encrypt.failure: Boolean set to “True” when an error is raised during encrypting. An error message is then available in the xml.encrypt.err_message attribute.
  • xml.encrypt.err_message: the error message when the xml.encrypt.failure attribute is True

Encryption algorithms

Data are encrypted using the algorithm chosen in the Encryption Algorithmparameter:

  • AES-CBC-128 (weak)
  • AES-CBC-192 (weak)
  • AES-CBC-256 (weak)
  • 3DES (weak)
  • AES-GCM-128
  • AES-GCM-192
  • AES-GCM-256

The encryption key is then encrypted using the RSA 1.5 algorithm.

Use cases

Implementing a SAMLv2 Service Provider

Connecting to a SAMLv2 Service Provider