Hi Noam,

The crypto:encrypt function returns the result as a string, so you'll
need to wrap it with an additional element:

  return <record>{
    <CK>{ crypto:encrypt(...) }</CK>, ...
  }</record>

However, the returned string will contain non-ASCII characters, so it
may not be what you expect, so you could possibly encode it as Base64:

  convert:string-to-base64( ... )

Hope this helps,
Christian