Apply suggestions from the review

ballerina/modules/soap11/soap11.bal

@@ -53,15 +53,16 @@ public isolated client class Client {
     # + path - The resource path
     # + return - If successful, returns the response. Else, returns an error
     remote isolated function sendReceive(xml|mime:Entity[] body, string action,
-                                         map<string|string[]> headers = {}, string path = "") returns xml|mime:Entity[]|Error {
+                                         map<string|string[]> headers = {}, string path = "")
+        returns xml|mime:Entity[]|Error {
         do {
             xml securedBody;
-            xml response;
             xml mimeEntity = body is xml ? body : check body[0].getXml();
             lock {
                 xml envelope = body is xml ? body.clone() : mimeEntity.clone();
                 securedBody = check soap:applySecurityPolicies(self.inboundSecurity.clone(), envelope.clone());
             }
+            xml response;
             if body is mime:Entity[] {
                 body[0].setXml(securedBody);
                 response = check soap:sendReceive(body, self.soapClient, action, headers, path, false);

ballerina/modules/soap11/tests/http_soap_service.bal

@@ -22,7 +22,7 @@ const crypto:KeyStore serverKeyStore = {
     password: KEY_PASSWORD
 };
 crypto:PrivateKey serverPrivateKey = check crypto:decodeRsaPrivateKeyFromKeyStore(serverKeyStore, KEY_ALIAS,
-                                                                                KEY_PASSWORD);
+                                                                                  KEY_PASSWORD);
 crypto:PublicKey serverPublicKey = check crypto:decodeRsaPublicKeyFromTrustStore(serverKeyStore, KEY_ALIAS);
 
 service / on new http:Listener(9090) {
@@ -34,27 +34,29 @@ service / on new http:Listener(9090) {
     }
 
     resource function post getSamePayload(http:Request request) returns http:Response|error {
-        http:Response response = new;
         xml payload = check request.getXmlPayload();
+        http:Response response = new;
         response.setPayload(payload);
         return response;
     }
 
     resource function post getSecuredPayload(http:Request request) returns http:Response|error {
-        http:Response response = new;
         xml payload = check request.getXmlPayload();
-        xml applyOutboundConfig = check soap:applyOutboundConfig({
-            verificationKey: clientPublicKey,
-            signatureAlgorithm: soap:RSA_SHA256,
-            decryptionAlgorithm: soap:RSA_ECB,
-            decryptionKey: serverPrivateKey
-        }, payload);
-        xml securedEnv = check soap:applySecurityPolicies({
-            signatureAlgorithm: soap:RSA_SHA256,
-            encryptionAlgorithm: soap:RSA_ECB,
-            signatureKey: serverPrivateKey,
-            encryptionKey: clientPublicKey
-        }, applyOutboundConfig);
+        xml applyOutboundConfig = check soap:applyOutboundConfig(
+            {
+                verificationKey: clientPublicKey,
+                signatureAlgorithm: soap:RSA_SHA256,
+                decryptionAlgorithm: soap:RSA_ECB,
+                decryptionKey: serverPrivateKey
+            }, payload);
+        xml securedEnv = check soap:applySecurityPolicies(
+            {
+                signatureAlgorithm: soap:RSA_SHA256,
+                encryptionAlgorithm: soap:RSA_ECB,
+                signatureKey: serverPrivateKey,
+                encryptionKey: clientPublicKey
+            }, applyOutboundConfig);
+        http:Response response = new;
         response.setPayload(securedEnv);
         return response;
     }

ballerina/modules/soap12/soap12.bal

@@ -53,15 +53,16 @@ public isolated client class Client {
     # + path - The resource path
     # + return - If successful, returns the response. Else, returns an error
     remote isolated function sendReceive(xml|mime:Entity[] body, string? action = (),
-                                         map<string|string[]> headers = {}, string path = "") returns xml|mime:Entity[]|Error {
+                                         map<string|string[]> headers = {}, string path = "")
+        returns xml|mime:Entity[]|Error {
         do {
             xml securedBody;
-            xml response;
             xml mimeEntity = body is xml ? body : check body[0].getXml();
             lock {
                 securedBody = body is xml ? check soap:applySecurityPolicies(self.inboundSecurity.clone(), body.clone())
                     : check soap:applySecurityPolicies(self.inboundSecurity.clone(), mimeEntity.clone());
             }
+            xml response;
             if body is mime:Entity[] {
                 body[0].setXml(securedBody);
                 response = check soap:sendReceive(body, self.soapClient, action, headers, path);

ballerina/modules/soap12/tests/http_soap_service.bal

@@ -34,28 +34,29 @@ service / on new http:Listener(9090) {
     }
 
     resource function post getSamePayload(http:Request request) returns http:Response|error {
-        http:Response response = new;
         xml payload = check request.getXmlPayload();
+        http:Response response = new;
         response.setPayload(payload);
         return response;
     }
 
     resource function post getSecuredPayload(http:Request request) returns http:Response|error {
-        http:Response response = new;
         xml payload = check request.getXmlPayload();
-        xml applyOutboundConfig = check soap:applyOutboundConfig({
-            verificationKey: clientPublicKey,
-            signatureAlgorithm: soap:RSA_SHA256,
-            decryptionAlgorithm: soap:RSA_ECB,
-            decryptionKey: serverPrivateKey
-        }, payload);
-
-        xml securedEnv = check soap:applySecurityPolicies({
-            signatureAlgorithm: soap:RSA_SHA256,
-            encryptionAlgorithm: soap:RSA_ECB,
-            signatureKey: serverPrivateKey,
-            encryptionKey: clientPublicKey
-        }, applyOutboundConfig);
+        xml applyOutboundConfig = check soap:applyOutboundConfig(
+            {
+                verificationKey: clientPublicKey,
+                signatureAlgorithm: soap:RSA_SHA256,
+                decryptionAlgorithm: soap:RSA_ECB,
+                decryptionKey: serverPrivateKey
+            }, payload);
+        xml securedEnv = check soap:applySecurityPolicies(
+            {
+                signatureAlgorithm: soap:RSA_SHA256,
+                encryptionAlgorithm: soap:RSA_ECB,
+                signatureKey: serverPrivateKey,
+                encryptionKey: clientPublicKey
+            }, applyOutboundConfig);
+        http:Response response = new;
         response.setPayload(securedEnv);
         return response;
     }

ballerina/modules/wssec/encryption.bal

@@ -24,18 +24,8 @@ isolated class Encryption {
         self.nativeEncryption = newEncryption();
     }
 
-    isolated function encryptData(string dataString, EncryptionAlgorithm encryptionAlgorithm,
-                         crypto:PublicKey|crypto:PrivateKey key) returns byte[]|Error {
-        byte[] data = dataString.toBytes();
-        do {
-            return check crypto:encryptRsaEcb(data, key);
-        } on fail var e {
-            return error(e.message());
-        }
-    }
-
     public isolated function decryptData(byte[] cipherText, EncryptionAlgorithm encryptionAlgorithm,
-                                crypto:PublicKey|crypto:PrivateKey key) returns byte[]|Error {
+                                         crypto:PublicKey|crypto:PrivateKey key) returns byte[]|Error {
         do {
             return check crypto:decryptRsaEcb(cipherText, key);
         } on fail var e {

ballerina/modules/wssec/ws_security_methods.bal

@@ -136,7 +136,8 @@ public isolated function applyUsernameToken(xml envelope, *UsernameTokenConfig u
 # + envelope - The SOAP envelope
 # + symmetricBinding - The `SymmetricBindingConfig` record with the required parameters
 # + return - A `xml` type of SOAP envelope if the security binding is successfully added or else `wssec:Error`
-public isolated function applySymmetricBinding(xml envelope, *SymmetricBindingConfig symmetricBinding) returns xml|Error {
+public isolated function applySymmetricBinding(xml envelope, *SymmetricBindingConfig symmetricBinding)
+    returns xml|crypto:Error|Error {
     Document document = check new (envelope);
     WSSecurityHeader wsSecurityHeader = check addSecurityHeader(document);
     string securedEnvelope = envelope.toBalString();
@@ -153,8 +154,8 @@ public isolated function applySymmetricBinding(xml envelope, *SymmetricBindingCo
     }
     if encryptionAlgorithm is EncryptionAlgorithm {
         Encryption encryption = check new ();
-        byte[] encryptData = check encryption.encryptData((envelope/<soap:Body>/*).toString(), encryptionAlgorithm
-                                                          , symmetricBinding.symmetricKey);
+        byte[] encryptData = check crypto:encryptRsaEcb((envelope/<soap:Body>/*).toString().toBytes(),
+                                                         symmetricBinding.symmetricKey);
         Encryption encryptionResult = check addEncryption(encryption, encryptionAlgorithm, encryptData);
         WsSecurity wsSecurity = new;
         securedEnvelope = check wsSecurity.applyEncryptionOnlyPolicy(wsSecurityHeader, encryptionResult);
@@ -169,7 +170,7 @@ public isolated function applySymmetricBinding(xml envelope, *SymmetricBindingCo
 # + envelope - The SOAP envelope
 # + asymmetricBinding - The `AsymmetricBindingConfig` record with the required parameters
 # + return - A `xml` type of SOAP envelope if the security binding is successfully added or else `wssec:Error`
-public isolated function applyAsymmetricBinding(xml envelope, *AsymmetricBindingConfig asymmetricBinding) returns xml|Error {
+public isolated function applyAsymmetricBinding(xml envelope, *AsymmetricBindingConfig asymmetricBinding) returns xml|crypto:Error|Error {
     Document document = check new (envelope);
     WSSecurityHeader wsSecurityHeader = check addSecurityHeader(document);
     string securedEnvelope = envelope.toBalString();
@@ -194,8 +195,7 @@ public isolated function applyAsymmetricBinding(xml envelope, *AsymmetricBinding
         if encryptionKey !is crypto:PublicKey {
             return error Error("Encryption key cannot be nil");
         }
-        byte[] encryptData = check encryption.encryptData((envelope/<soap:Body>/*).toString(), encryptionAlgorithm,
-                                                          encryptionKey);
+        byte[] encryptData = check crypto:encryptRsaEcb((envelope/<soap:Body>/*).toString().toBytes(), encryptionKey);
         Encryption encryptionResult = check addEncryption(encryption, encryptionAlgorithm, encryptData);
         WsSecurity wsSecurity = new;
         securedEnvelope = check wsSecurity.applyEncryptionOnlyPolicy(wsSecurityHeader, encryptionResult);

ballerina/soap_utils.bal

@@ -42,7 +42,7 @@ public isolated function getReadOnlyClientConfig(ClientConfig original) returns
 } external;
 
 public isolated function applySecurityPolicies(wssec:InboundSecurityConfig|wssec:InboundSecurityConfig[] security,
-                                               xml envelope) returns xml|wssec:Error {
+                                               xml envelope) returns xml|crypto:Error|wssec:Error {
     if security is wssec:TimestampTokenConfig {
         return wssec:applyTimestampToken(envelope, security);
     } else if security is wssec:UsernameTokenConfig {