org.apache.camel.converter.crypto

Class PGPDataFormat

java.lang.Object

org.apache.camel.support.ServiceSupport

org.apache.camel.converter.crypto.PGPKeyAccessDataFormat

org.apache.camel.converter.crypto.PGPDataFormat

All Implemented Interfaces:

PGPPublicKeyAccessor, PGPSecretKeyAccessor, org.apache.camel.Service, org.apache.camel.ShutdownableService, org.apache.camel.spi.DataFormat, org.apache.camel.spi.DataFormatName, org.apache.camel.StatefulService, org.apache.camel.SuspendableService

public class PGPDataFormat
extends PGPKeyAccessDataFormat
implements PGPPublicKeyAccessor, PGPSecretKeyAccessor

PGPDataFormat uses the bouncy castle libraries to enable encryption and decryption in the PGP format.

See also PGPKeyAccessDataFormat.

Field Summary

Fields

Modifier and Type	Field and Description
static String	ENCRYPTION_KEY_RING
static String	KEY_FILE_NAME
static String	KEY_PASSWORD
static String	SIGNATURE_KEY_FILE_NAME
static String	SIGNATURE_KEY_PASSWORD
static String	SIGNATURE_KEY_RING

Fields inherited from class org.apache.camel.converter.crypto.PGPKeyAccessDataFormat

COMPRESSION_ALGORITHM, ENCRYPTION_ALGORITHM, KEY_USERID, KEY_USERIDS, NUMBER_OF_ENCRYPTION_KEYS, NUMBER_OF_SIGNING_KEYS, SIGNATURE_HASH_ALGORITHM, SIGNATURE_KEY_USERID, SIGNATURE_KEY_USERIDS, SIGNATURE_VERIFICATION_OPTION_IGNORE, SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED, SIGNATURE_VERIFICATION_OPTION_OPTIONAL, SIGNATURE_VERIFICATION_OPTION_REQUIRED

Fields inherited from class org.apache.camel.support.ServiceSupport

shutdown, shuttingdown, started, starting, stopped, stopping, suspended, suspending

Constructor Summary

Constructors

Constructor and Description
PGPDataFormat()

Method Summary

Modifier and Type	Method and Description
List<PGPSecretKeyAndPrivateKeyAndUserId>	determineSecretKeysWithPrivateKeyAndUserId(org.apache.camel.Exchange exchange, String sigKeyFileName, List<String> sigKeyUserids, String sigKeyPassword, byte[] sigKeyRing)
Map<String,String>	determineSignatureKeyUserId2Password(List<String> sigKeyUserids, String sigKeyPassword)
protected byte[]	findEncryptionKeyRing(org.apache.camel.Exchange exchange)
protected String	findKeyFileName(org.apache.camel.Exchange exchange)
protected String	findKeyPassword(org.apache.camel.Exchange exchange)
protected String	findSignatureKeyFileName(org.apache.camel.Exchange exchange)
protected String	findSignatureKeyPassword(org.apache.camel.Exchange exchange)
protected byte[]	findSignatureKeyRing(org.apache.camel.Exchange exchange)
byte[]	getEncryptionKeyRing()
List<org.bouncycastle.openpgp.PGPPublicKey>	getEncryptionKeys(org.apache.camel.Exchange exchange, List<String> useridParts) Returns the encryption keys for the given user ID parts.
String	getKeyFileName()
PGPPassphraseAccessor	getPassphraseAccessor()
String	getPassword()
org.bouncycastle.openpgp.PGPPrivateKey	getPrivateKey(org.apache.camel.Exchange exchange, long keyId) Returns the private key with a certain key ID.
org.bouncycastle.openpgp.PGPPublicKey	getPublicKey(org.apache.camel.Exchange exchange, long keyId, List<String> userIdParts) Returns the public key with a certain key ID.
String	getSignatureKeyFileName()
byte[]	getSignatureKeyRing()
String	getSignaturePassword()
List<PGPSecretKeyAndPrivateKeyAndUserId>	getSignerKeys(org.apache.camel.Exchange exchange, List<String> useridParts) Returns the signer keys for the given user ID parts.
void	setEncryptionKeyRing(byte[] encryptionKeyRing) Keyring used for encryption/decryption as byte array.
void	setKeyFileName(String keyFileName) Filename of the keyring that will be used for the encryption/decryption, classpathResource.
void	setPassphraseAccessor(PGPPassphraseAccessor passphraseAccessor) Alternative way to provide the passphrases.
void	setPassword(String password) Password used to open the private key in secret keyring for decryption (unmarshaling).
void	setPublicKeyAccessor(PGPPublicKeyAccessor publicKeyAccessor)
void	setSecretKeyAccessor(PGPSecretKeyAccessor secretKeyAccessor)
void	setSignatureKeyFileName(String signatureKeyFileName) Filename of the signature keyring that will be used, classpathResource.
void	setSignatureKeyRing(byte[] signatureKeyRing) Keyring used for signing/verifying as byte array.
void	setSignaturePassword(String signaturePassword) Password used to open the signature private key during marshaling.

Methods inherited from class org.apache.camel.converter.crypto.PGPKeyAccessDataFormat

createSignatureGenerator, determineEncryptionUserIds, determineSignaturenUserIds, doStart, doStop, findAlgorithm, findCompressionAlgorithm, findFileName, findHashAlgorithm, findKeyUserid, findKeyUserids, findSignatureKeyUserid, findSignatureKeyUserids, getAlgorithm, getArmored, getCompressionAlgorithm, getDataFormatName, getFileName, getHashAlgorithm, getIntegrity, getKeyUserid, getKeyUserids, getProvider, getPublicKeyAccessor, getSecretKeyAccessor, getSignature, getSignatureKeyUserid, getSignatureKeyUserids, getSignatureVerificationOption, getSignatureWithKeyId, isWithCompressedDataPacket, marshal, setAlgorithm, setArmored, setCompressionAlgorithm, setFileName, setHashAlgorithm, setIntegrity, setKeyUserid, setKeyUserids, setProvider, setSignatureKeyUserid, setSignatureKeyUserids, setSignatureVerificationOption, setWithCompressedDataPacket, unmarshal

Methods inherited from class org.apache.camel.support.ServiceSupport

doResume, doShutdown, doSuspend, getStatus, getVersion, isRunAllowed, isStarted, isStarting, isStopped, isStopping, isStoppingOrStopped, isSuspended, isSuspending, isSuspendingOrSuspended, resume, shutdown, start, stop, suspend

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

KEY_FILE_NAME

public static final String KEY_FILE_NAME

See Also:

Constant Field Values

ENCRYPTION_KEY_RING

public static final String ENCRYPTION_KEY_RING

See Also:

Constant Field Values

KEY_PASSWORD

public static final String KEY_PASSWORD

See Also:

Constant Field Values

SIGNATURE_KEY_FILE_NAME

public static final String SIGNATURE_KEY_FILE_NAME

See Also:

Constant Field Values

SIGNATURE_KEY_RING

public static final String SIGNATURE_KEY_RING

See Also:

Constant Field Values

SIGNATURE_KEY_PASSWORD

public static final String SIGNATURE_KEY_PASSWORD

See Also:

Constant Field Values

Constructor Detail

PGPDataFormat

public PGPDataFormat()

Method Detail

findKeyFileName

protected String findKeyFileName(org.apache.camel.Exchange exchange)

findEncryptionKeyRing

protected byte[] findEncryptionKeyRing(org.apache.camel.Exchange exchange)

findKeyPassword

protected String findKeyPassword(org.apache.camel.Exchange exchange)

findSignatureKeyFileName

protected String findSignatureKeyFileName(org.apache.camel.Exchange exchange)

findSignatureKeyRing

protected byte[] findSignatureKeyRing(org.apache.camel.Exchange exchange)

findSignatureKeyPassword

protected String findSignatureKeyPassword(org.apache.camel.Exchange exchange)

determineSecretKeysWithPrivateKeyAndUserId

public List<PGPSecretKeyAndPrivateKeyAndUserId> determineSecretKeysWithPrivateKeyAndUserId(org.apache.camel.Exchange exchange,
                                                                                           String sigKeyFileName,
                                                                                           List<String> sigKeyUserids,
                                                                                           String sigKeyPassword,
                                                                                           byte[] sigKeyRing)
                                                                                    throws IOException,
                                                                                           org.bouncycastle.openpgp.PGPException,
                                                                                           NoSuchProviderException

Throws:

IOException

org.bouncycastle.openpgp.PGPException

NoSuchProviderException

determineSignatureKeyUserId2Password

public Map<String,String> determineSignatureKeyUserId2Password(List<String> sigKeyUserids,
                                                               String sigKeyPassword)

setKeyFileName

public void setKeyFileName(String keyFileName)

Filename of the keyring that will be used for the encryption/decryption, classpathResource. Alternatively you can provide the keyring also as byte array; see method setEncryptionKeyRing(byte[]).

getKeyFileName

public String getKeyFileName()

setPassword

public void setPassword(String password)

Password used to open the private key in secret keyring for decryption (unmarshaling). See also setPassphraseAccessor(PGPPassphraseAccessor).

getPassword

public String getPassword()

setSignatureKeyFileName

public void setSignatureKeyFileName(String signatureKeyFileName)

Filename of the signature keyring that will be used, classpathResource.

getSignatureKeyFileName

public String getSignatureKeyFileName()

setSignaturePassword

public void setSignaturePassword(String signaturePassword)

Password used to open the signature private key during marshaling.

getSignaturePassword

public String getSignaturePassword()

getEncryptionKeyRing

public byte[] getEncryptionKeyRing()

setEncryptionKeyRing

public void setEncryptionKeyRing(byte[] encryptionKeyRing)

Keyring used for encryption/decryption as byte array. Alternatively you can also provide the keyring as a file; see method setKeyFileName(String).

getSignatureKeyRing

public byte[] getSignatureKeyRing()

setSignatureKeyRing

public void setSignatureKeyRing(byte[] signatureKeyRing)

Keyring used for signing/verifying as byte array. Alternatively you can also provide the keyring as a file; see method setSignatureKeyFileName(String).

getPassphraseAccessor

public PGPPassphraseAccessor getPassphraseAccessor()

setPassphraseAccessor

public void setPassphraseAccessor(PGPPassphraseAccessor passphraseAccessor)

Alternative way to provide the passphrases. Especially useful for the unmarshal (decryption) case . If no passphrase can be found from the parameter password or signaturePassword or from the header SIGNATURE_KEY_PASSWORD or KEY_PASSWORD then we try to get the password from the passphrase accessor. This is especially useful in the decrypt case, where we chose the private key according to the key Id stored in the encrypted data.

getEncryptionKeys

public List<org.bouncycastle.openpgp.PGPPublicKey> getEncryptionKeys(org.apache.camel.Exchange exchange,
                                                                     List<String> useridParts)
                                                              throws Exception

Description copied from interface: PGPPublicKeyAccessor

Returns the encryption keys for the given user ID parts. This method is used for encryption.

Specified by:

getEncryptionKeys in interface PGPPublicKeyAccessor

Parameters:

exchange - exchange, can be null

useridParts - parts of User IDs, must not be null

Returns:

list of public keys, must not be null

Throws:

Exception

getSignerKeys

public List<PGPSecretKeyAndPrivateKeyAndUserId> getSignerKeys(org.apache.camel.Exchange exchange,
                                                              List<String> useridParts)
                                                       throws Exception

Description copied from interface: PGPSecretKeyAccessor

Returns the signer keys for the given user ID parts. This method is used for signing.

Specified by:

getSignerKeys in interface PGPSecretKeyAccessor

Parameters:

exchange - exchange, can be null

useridParts - parts of User IDs, can be null or empty, then an empty list must be returned

Returns:

list of secret keys with their private keys and User Ids which corresponds to one of the useridParts, must not be null, can be empty

Throws:

Exception

getPrivateKey

public org.bouncycastle.openpgp.PGPPrivateKey getPrivateKey(org.apache.camel.Exchange exchange,
                                                            long keyId)
                                                     throws Exception

Description copied from interface: PGPSecretKeyAccessor

Returns the private key with a certain key ID. This method is used for decrypting.

Specified by:

getPrivateKey in interface PGPSecretKeyAccessor

Parameters:

exchange - exchange, can be null

keyId - key ID

Returns:

private key or null if the key cannot be found

Throws:

Exception

getPublicKey

public org.bouncycastle.openpgp.PGPPublicKey getPublicKey(org.apache.camel.Exchange exchange,
                                                          long keyId,
                                                          List<String> userIdParts)
                                                   throws Exception

Description copied from interface: PGPPublicKeyAccessor

Returns the public key with a certain key ID. This method is used for verifying the signature. The given User IDs are provided to filter the public key, further. If the User ID parts list is empty, then any public key can be returned which has the specified key ID. If the User ID parts list is not empty then the returned key must have a User ID which contains at least one User ID part.

Specified by:

getPublicKey in interface PGPPublicKeyAccessor

Parameters:

exchange - exchange

keyId - key ID

userIdParts - parts of User IDs, must not be null, but can be empty

Returns:

public key or null if the key cannot be found

Throws:

Exception

setPublicKeyAccessor

public void setPublicKeyAccessor(PGPPublicKeyAccessor publicKeyAccessor)

Overrides:

setPublicKeyAccessor in class PGPKeyAccessDataFormat

setSecretKeyAccessor

public void setSecretKeyAccessor(PGPSecretKeyAccessor secretKeyAccessor)

Overrides:

setSecretKeyAccessor in class PGPKeyAccessDataFormat