public class PGPKeyAccessDataFormat
extends org.apache.camel.support.ServiceSupport
implements org.apache.camel.spi.DataFormat, org.apache.camel.spi.DataFormatName
PGPPublicKeyAccessor
and
PGPSecretKeyAccessor
to access the keys for encryption/signing and
decryption/signature verification. These interfaces allow caching of the keys
which can improve the performance.
If you want to provide the key access via keyrings in the format of a byte
array or file, then you should use the class PGPDataFormat
.
Modifier and Type | Field and Description |
---|---|
static String |
COMPRESSION_ALGORITHM |
static String |
ENCRYPTION_ALGORITHM |
static String |
KEY_USERID |
static String |
KEY_USERIDS |
static String |
NUMBER_OF_ENCRYPTION_KEYS
During encryption the number of asymmetric encryption keys is set to this
header parameter.
|
static String |
NUMBER_OF_SIGNING_KEYS
During signing the number of signing keys is set to this header
parameter.
|
static String |
SIGNATURE_HASH_ALGORITHM |
static String |
SIGNATURE_KEY_USERID |
static String |
SIGNATURE_KEY_USERIDS |
static String |
SIGNATURE_VERIFICATION_OPTION_IGNORE
Signature verification option "required": Used during unmarshaling.
|
static String |
SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED
Signature verification option "no signature allowed": Used during
unmarshaling.
|
static String |
SIGNATURE_VERIFICATION_OPTION_OPTIONAL
Signature verification option "optional": Used during unmarshaling.
|
static String |
SIGNATURE_VERIFICATION_OPTION_REQUIRED
Signature verification option "required": Used during unmarshaling.
|
Constructor and Description |
---|
PGPKeyAccessDataFormat() |
Modifier and Type | Method and Description |
---|---|
protected List<org.bouncycastle.openpgp.PGPSignatureGenerator> |
createSignatureGenerator(org.apache.camel.Exchange exchange,
OutputStream out) |
protected List<String> |
determineEncryptionUserIds(org.apache.camel.Exchange exchange) |
protected List<String> |
determineSignaturenUserIds(org.apache.camel.Exchange exchange) |
protected void |
doStart() |
protected void |
doStop() |
protected int |
findAlgorithm(org.apache.camel.Exchange exchange) |
protected int |
findCompressionAlgorithm(org.apache.camel.Exchange exchange) |
protected String |
findFileName(org.apache.camel.Exchange exchange) |
protected int |
findHashAlgorithm(org.apache.camel.Exchange exchange) |
protected String |
findKeyUserid(org.apache.camel.Exchange exchange) |
protected List<String> |
findKeyUserids(org.apache.camel.Exchange exchange) |
protected String |
findSignatureKeyUserid(org.apache.camel.Exchange exchange) |
protected List<String> |
findSignatureKeyUserids(org.apache.camel.Exchange exchange) |
int |
getAlgorithm() |
boolean |
getArmored() |
int |
getCompressionAlgorithm() |
String |
getDataFormatName() |
String |
getFileName()
Returns the file name for the literal packet.
|
int |
getHashAlgorithm() |
boolean |
getIntegrity() |
String |
getKeyUserid() |
List<String> |
getKeyUserids() |
String |
getProvider() |
PGPPublicKeyAccessor |
getPublicKeyAccessor() |
PGPSecretKeyAccessor |
getSecretKeyAccessor() |
protected org.bouncycastle.openpgp.PGPOnePassSignature |
getSignature(org.apache.camel.Exchange exchange,
org.bouncycastle.openpgp.PGPOnePassSignatureList signatureList) |
String |
getSignatureKeyUserid() |
List<String> |
getSignatureKeyUserids() |
String |
getSignatureVerificationOption() |
protected org.bouncycastle.openpgp.PGPSignature |
getSignatureWithKeyId(long keyID,
org.bouncycastle.openpgp.PGPSignatureList sigList) |
boolean |
isWithCompressedDataPacket() |
void |
marshal(org.apache.camel.Exchange exchange,
Object graph,
OutputStream outputStream) |
void |
setAlgorithm(int algorithm)
Symmetric key algorithm for encryption (marshaling).
|
void |
setArmored(boolean armored)
Sets if the encrypted file should be written in ascii visible text (for
marshaling).
|
void |
setCompressionAlgorithm(int compressionAlgorithm)
Compression algorithm used during marshaling.
|
void |
setFileName(String fileName)
Sets the file name for the literal data packet.
|
void |
setHashAlgorithm(int hashAlgorithm)
Digest algorithm for signing (marshaling).
|
void |
setIntegrity(boolean integrity)
Whether or not to add an integrity check/sign to the encrypted file for
marshaling.
|
void |
setKeyUserid(String keyUserid)
User ID, or more precisely user ID part, of the key used for encryption.
|
void |
setKeyUserids(List<String> keyUserids)
Keys User IDs, or more precisely user ID parts, used for determining the
public keys for encryption.
|
void |
setProvider(String provider)
Java Cryptography Extension (JCE) provider, default is Bouncy Castle
("BC").
|
void |
setPublicKeyAccessor(PGPPublicKeyAccessor publicKeyAccessor) |
void |
setSecretKeyAccessor(PGPSecretKeyAccessor secretKeyAccessor) |
void |
setSignatureKeyUserid(String signatureKeyUserid)
Userid, or more precisely user ID part, of the signature key used for
signing (marshal) and verifying (unmarshal).
|
void |
setSignatureKeyUserids(List<String> signatureKeyUserids)
User IDs, or more precisely user ID parts, used for signing and
verification.
|
void |
setSignatureVerificationOption(String signatureVerificationOption)
Signature verification option.
|
void |
setWithCompressedDataPacket(boolean withCompressedDataPacket)
Indicator that Compressed Data packet shall be added during encryption.
|
Object |
unmarshal(org.apache.camel.Exchange exchange,
InputStream encryptedStream) |
public static final String KEY_USERID
public static final String KEY_USERIDS
public static final String SIGNATURE_KEY_USERID
public static final String SIGNATURE_KEY_USERIDS
public static final String ENCRYPTION_ALGORITHM
public static final String SIGNATURE_HASH_ALGORITHM
public static final String COMPRESSION_ALGORITHM
public static final String SIGNATURE_VERIFICATION_OPTION_OPTIONAL
public static final String SIGNATURE_VERIFICATION_OPTION_REQUIRED
PGPException
is thrown. One of the contained
signatures is verified.public static final String SIGNATURE_VERIFICATION_OPTION_IGNORE
public static final String SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED
PGPException
is thrown.public static final String NUMBER_OF_ENCRYPTION_KEYS
public static final String NUMBER_OF_SIGNING_KEYS
public String getDataFormatName()
getDataFormatName
in interface org.apache.camel.spi.DataFormatName
protected String findKeyUserid(org.apache.camel.Exchange exchange)
protected String findSignatureKeyUserid(org.apache.camel.Exchange exchange)
protected List<String> findSignatureKeyUserids(org.apache.camel.Exchange exchange)
protected int findCompressionAlgorithm(org.apache.camel.Exchange exchange)
protected int findAlgorithm(org.apache.camel.Exchange exchange)
protected int findHashAlgorithm(org.apache.camel.Exchange exchange)
protected String findFileName(org.apache.camel.Exchange exchange)
public void marshal(org.apache.camel.Exchange exchange, Object graph, OutputStream outputStream) throws Exception
marshal
in interface org.apache.camel.spi.DataFormat
Exception
protected List<String> determineEncryptionUserIds(org.apache.camel.Exchange exchange)
protected List<String> determineSignaturenUserIds(org.apache.camel.Exchange exchange)
protected List<org.bouncycastle.openpgp.PGPSignatureGenerator> createSignatureGenerator(org.apache.camel.Exchange exchange, OutputStream out) throws Exception
Exception
public Object unmarshal(org.apache.camel.Exchange exchange, InputStream encryptedStream) throws Exception
unmarshal
in interface org.apache.camel.spi.DataFormat
Exception
protected org.bouncycastle.openpgp.PGPSignature getSignatureWithKeyId(long keyID, org.bouncycastle.openpgp.PGPSignatureList sigList)
protected org.bouncycastle.openpgp.PGPOnePassSignature getSignature(org.apache.camel.Exchange exchange, org.bouncycastle.openpgp.PGPOnePassSignatureList signatureList) throws Exception
Exception
public void setArmored(boolean armored)
public boolean getArmored()
public void setIntegrity(boolean integrity)
public boolean getIntegrity()
public void setKeyUserid(String keyUserid)
#setKeyUserids(List)
.public String getKeyUserid()
public void setKeyUserids(List<String> keyUserids)
setKeyUserid(String)
. The User ID specified
in setKeyUserid(String)
and in this method will be merged
together and the public keys which have a User ID which contain a value
of the specified User IDs the will be used for the encryption. Be aware
that you may get several public keys even if you specify only one User
Id, because there can be several public keys which have a User ID which
contains the specified User ID.public void setSignatureKeyUserid(String signatureKeyUserid)
setSignatureKeyUserids(List)
.public String getSignatureKeyUserid()
public void setSignatureKeyUserids(List<String> signatureKeyUserids)
In the signing case, the User IDs specify the private keys which are used
for signing. If the result are several private keys then several
signatures will be created. If you just have one signature User ID, then
you can also use the method setSignatureKeyUserid(String)
or
this method. The User ID specified in
setSignatureKeyUserid(String)
and in this method will be merged
together and the private keys which have a User Id which contain one
value out of the specified UserIds will be used for the signature
creation. Be aware that you may get several private keys even if you
specify only one User Id, because there can be several private keys which
have a User ID which contains the specified User ID.
In the verification case the User IDs restrict the set of public keys
which can be used for verification. The public keys used for verification
must contain a User ID which contain one value of the User ID list. If
you neither specify in this method and nor specify in the method
setSignatureKeyUserid(String)
any value then any public key in
the public key ring will be taken into consideration for the
verification.
If you just have one User ID, then you can also use the method
setSignatureKeyUserid(String)
. The User ID specified in
setSignatureKeyUserid(String)
and in this method will be merged
together and the corresponding public keys represent the potential keys
for the verification of the message.
public String getProvider()
public void setProvider(String provider)
public int getCompressionAlgorithm()
public void setCompressionAlgorithm(int compressionAlgorithm)
CompressionAlgorithmTags
. Default value is ZIP.public int getHashAlgorithm()
public void setHashAlgorithm(int hashAlgorithm)
HashAlgorithmTags
. Default value is SHA1.public int getAlgorithm()
public void setAlgorithm(int algorithm)
SymmetricKeyAlgorithmTags
. Default value is CAST5.public PGPPublicKeyAccessor getPublicKeyAccessor()
public void setPublicKeyAccessor(PGPPublicKeyAccessor publicKeyAccessor)
public PGPSecretKeyAccessor getSecretKeyAccessor()
public void setSecretKeyAccessor(PGPSecretKeyAccessor secretKeyAccessor)
public String getSignatureVerificationOption()
public boolean isWithCompressedDataPacket()
public void setWithCompressedDataPacket(boolean withCompressedDataPacket)
setCompressionAlgorithm(int)
is ignored.public void setSignatureVerificationOption(String signatureVerificationOption)
SIGNATURE_VERIFICATION_OPTION_OPTIONAL
,
SIGNATURE_VERIFICATION_OPTION_REQUIRED
,
SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED
, and
SIGNATURE_VERIFICATION_OPTION_IGNORE
. The default
value is SIGNATURE_VERIFICATION_OPTION_OPTIONAL
signatureVerificationOption
- signature verification optionIllegalArgumentException
- if an invalid value is enteredpublic String getFileName()
null
.public void setFileName(String fileName)
Exchange.FILE_NAME
. The default value is "_CONSOLE".
"_CONSOLE" indicates that the message is considered to be
"for your eyes only". This advises that the message data is unusually
sensitive, and the receiving program should process it more carefully,
perhaps avoiding storing the received data to disk, for example.
Only used for marshaling.
fileName
- IllegalArgumentException
- if fileName is null
protected void doStart() throws Exception
doStart
in class org.apache.camel.support.ServiceSupport
Exception
Apache Camel