001/** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.camel.model.dataformat; 018 019import javax.xml.bind.annotation.XmlAccessType; 020import javax.xml.bind.annotation.XmlAccessorType; 021import javax.xml.bind.annotation.XmlAttribute; 022import javax.xml.bind.annotation.XmlRootElement; 023 024import org.apache.camel.CamelContext; 025import org.apache.camel.model.DataFormatDefinition; 026import org.apache.camel.spi.DataFormat; 027import org.apache.camel.spi.Metadata; 028 029/** 030 * PGP data format is used for encrypting and decrypting of messages using Java Cryptographic Extension and PGP. 031 */ 032@Metadata(firstVersion = "2.9.0", label = "dataformat,transformation,security", title = "PGP") 033@XmlRootElement(name = "pgp") 034@XmlAccessorType(XmlAccessType.FIELD) 035public class PGPDataFormat extends DataFormatDefinition { 036 @XmlAttribute 037 private String keyUserid; 038 @XmlAttribute 039 private String signatureKeyUserid; 040 @XmlAttribute 041 private String password; 042 @XmlAttribute 043 private String signaturePassword; 044 @XmlAttribute 045 private String keyFileName; 046 @XmlAttribute 047 private String signatureKeyFileName; 048 @XmlAttribute 049 private String signatureKeyRing; 050 @XmlAttribute 051 private Boolean armored; 052 @XmlAttribute @Metadata(defaultValue = "true") 053 private Boolean integrity; 054 @XmlAttribute 055 private String provider; 056 @XmlAttribute 057 private Integer algorithm; 058 @XmlAttribute 059 private Integer compressionAlgorithm; 060 @XmlAttribute 061 private Integer hashAlgorithm; 062 @XmlAttribute 063 private String signatureVerificationOption; 064 065 public PGPDataFormat() { 066 super("pgp"); 067 } 068 069 @Override 070 protected void configureDataFormat(DataFormat dataFormat, CamelContext camelContext) { 071 if (keyUserid != null) { 072 setProperty(camelContext, dataFormat, "keyUserid", keyUserid); 073 } 074 if (signatureKeyUserid != null) { 075 setProperty(camelContext, dataFormat, "signatureKeyUserid", signatureKeyUserid); 076 } 077 if (password != null) { 078 setProperty(camelContext, dataFormat, "password", password); 079 } 080 if (signaturePassword != null) { 081 setProperty(camelContext, dataFormat, "signaturePassword", signaturePassword); 082 } 083 if (keyFileName != null) { 084 setProperty(camelContext, dataFormat, "keyFileName", keyFileName); 085 } 086 if (signatureKeyFileName != null) { 087 setProperty(camelContext, dataFormat, "signatureKeyFileName", signatureKeyFileName); 088 } 089 if (signatureKeyRing != null) { 090 setProperty(camelContext, dataFormat, "signatureKeyRing", signatureKeyRing); 091 } 092 if (armored != null) { 093 setProperty(camelContext, dataFormat, "armored", armored); 094 } 095 if (integrity != null) { 096 setProperty(camelContext, dataFormat, "integrity", integrity); 097 } 098 if (provider != null) { 099 setProperty(camelContext, dataFormat, "provider", provider); 100 } 101 if (algorithm != null) { 102 setProperty(camelContext, dataFormat, "algorithm", algorithm); 103 } 104 if (compressionAlgorithm != null) { 105 setProperty(camelContext, dataFormat, "compressionAlgorithm", compressionAlgorithm); 106 } 107 if (hashAlgorithm != null) { 108 setProperty(camelContext, dataFormat, "hashAlgorithm", hashAlgorithm); 109 } 110 if (signatureVerificationOption != null) { 111 setProperty(camelContext, dataFormat, "signatureVerificationOption", signatureVerificationOption); 112 } 113 } 114 115 public String getSignatureKeyUserid() { 116 return signatureKeyUserid; 117 } 118 119 /** 120 * User ID of the key in the PGP keyring used for signing (during encryption) or signature verification (during decryption). 121 * During the signature verification process the specified User ID restricts the public keys from the public 122 * keyring which can be used for the verification. If no User ID is specified for the signature verficiation 123 * then any public key in the public keyring can be used for the verification. Can also be only a part of a user ID. 124 * For example, if the user ID is "Test User <[email protected]>" then you can use the 125 * part "Test User" or "<[email protected]>" to address the User ID. 126 */ 127 public void setSignatureKeyUserid(String signatureKeyUserid) { 128 this.signatureKeyUserid = signatureKeyUserid; 129 } 130 131 public String getSignaturePassword() { 132 return signaturePassword; 133 } 134 135 /** 136 * Password used when opening the private key used for signing (during encryption). 137 */ 138 public void setSignaturePassword(String signaturePassword) { 139 this.signaturePassword = signaturePassword; 140 } 141 142 public String getSignatureKeyFileName() { 143 return signatureKeyFileName; 144 } 145 146 /** 147 * Filename of the keyring to use for signing (during encryption) or for signature verification (during decryption); 148 * must be accessible as a classpath resource (but you can specify a location in the file system by using the "file:" prefix). 149 */ 150 public void setSignatureKeyFileName(String signatureKeyFileName) { 151 this.signatureKeyFileName = signatureKeyFileName; 152 } 153 154 public String getSignatureKeyRing() { 155 return signatureKeyRing; 156 } 157 158 /** 159 * Keyring used for signing/verifying as byte array. 160 * You can not set the signatureKeyFileName and signatureKeyRing at the same time. 161 */ 162 public void setSignatureKeyRing(String signatureKeyRing) { 163 this.signatureKeyRing = signatureKeyRing; 164 } 165 166 public Integer getHashAlgorithm() { 167 return hashAlgorithm; 168 } 169 170 /** 171 * Signature hash algorithm; possible values are defined in org.bouncycastle.bcpg.HashAlgorithmTags; 172 * for example 2 (= SHA1), 8 (= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only relevant for signing. 173 */ 174 public void setHashAlgorithm(Integer hashAlgorithm) { 175 this.hashAlgorithm = hashAlgorithm; 176 } 177 178 public Boolean getArmored() { 179 return armored; 180 } 181 182 /** 183 * This option will cause PGP to base64 encode the encrypted text, making it available for copy/paste, etc. 184 */ 185 public void setArmored(Boolean armored) { 186 this.armored = armored; 187 } 188 189 public Boolean getIntegrity() { 190 return integrity; 191 } 192 193 /** 194 * Adds an integrity check/sign into the encryption file. 195 * <p/> 196 * The default value is true. 197 */ 198 public void setIntegrity(Boolean integrity) { 199 this.integrity = integrity; 200 } 201 202 public String getKeyFileName() { 203 return keyFileName; 204 } 205 206 /** 207 * Filename of the keyring; must be accessible as a classpath resource (but you can specify a location in the file system by using the "file:" prefix). 208 */ 209 public void setKeyFileName(String keyFileName) { 210 this.keyFileName = keyFileName; 211 } 212 213 public String getKeyUserid() { 214 return keyUserid; 215 } 216 217 /** 218 * The user ID of the key in the PGP keyring used during encryption. 219 * Can also be only a part of a user ID. 220 * For example, if the user ID is "Test User <[email protected]>" 221 * then you can use the part "Test User" or "<[email protected]>" to address the user ID. 222 */ 223 public void setKeyUserid(String keyUserid) { 224 this.keyUserid = keyUserid; 225 } 226 227 public String getPassword() { 228 return password; 229 } 230 231 public Integer getAlgorithm() { 232 return algorithm; 233 } 234 235 /** 236 * Symmetric key encryption algorithm; possible values are defined in org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags; 237 * for example 2 (= TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7 (= AES_128). Only relevant for encrypting. 238 */ 239 public void setAlgorithm(Integer algorithm) { 240 this.algorithm = algorithm; 241 } 242 243 public Integer getCompressionAlgorithm() { 244 return compressionAlgorithm; 245 } 246 247 /** 248 * Compression algorithm; possible values are defined in org.bouncycastle.bcpg.CompressionAlgorithmTags; 249 * for example 0 (= UNCOMPRESSED), 1 (= ZIP), 2 (= ZLIB), 3 (= BZIP2). Only relevant for encrypting. 250 */ 251 public void setCompressionAlgorithm(Integer compressionAlgorithm) { 252 this.compressionAlgorithm = compressionAlgorithm; 253 } 254 255 /** 256 * Password used when opening the private key (not used for encryption). 257 */ 258 public void setPassword(String password) { 259 this.password = password; 260 } 261 262 public String getProvider() { 263 return provider; 264 } 265 266 /** 267 * Java Cryptography Extension (JCE) provider, default is Bouncy Castle 268 * ("BC"). Alternatively you can use, for example, the IAIK JCE provider; in 269 * this case the provider must be registered beforehand and the Bouncy 270 * Castle provider must not be registered beforehand. The Sun JCE provider 271 * does not work. 272 */ 273 public void setProvider(String provider) { 274 this.provider = provider; 275 } 276 277 public String getSignatureVerificationOption() { 278 return signatureVerificationOption; 279 } 280 281 /** 282 * Controls the behavior for verifying the signature during unmarshaling. There are 4 values possible: 283 * "optional": The PGP message may or may not contain signatures; if it does contain signatures, then a signature verification is executed. 284 * "required": The PGP message must contain at least one signature; if this is not the case an exception (PGPException) is thrown. A signature verification is executed. 285 * "ignore": Contained signatures in the PGP message are ignored; no signature verification is executed. 286 * "no_signature_allowed": The PGP message must not contain a signature; otherwise an exception (PGPException) is thrown. 287 */ 288 public void setSignatureVerificationOption(String signatureVerificationOption) { 289 this.signatureVerificationOption = signatureVerificationOption; 290 } 291}