...
Note a crypto:sign
endpoint is typically defined in one route and the complimentary crypto:verify
in another, though for simplicity in the examples they appear one after the other. It goes without saying that both signing and verifying should be configured identically.
Options
Div | ||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||||||||||||
Wiki Markup | ||||||||||||||||||||||||||||||||||||||||||||||||
{div:class=confluenceTableSmall}
|| Name || Type || Default || Description ||
| {{algorithm}} | {{String}} | {{SHA1WithDSA}} | The name of the JCE Signature algorithm that will be used. |
| {{alias}} | {{String}} | {{null}} | An alias name that will be used to select a key from the keystore. |
| {{bufferSize}} | {{Integer}} | {{2048}} | the size of the buffer used in the signature process. |
| {{certificate}} | {{Certificate}} | {{null}} | A Certificate used to verify the signature of the exchange's payload. Either this or a Public Key is required. |
| {{keystore}} | {{KeyStore}} | {{null}} | A reference to a JCE Keystore that stores keys and certificates used to sign and verify. |
| {{provider}} | {{String}} | {{null}} | The name of the JCE Security Provider that should be used. |
| {{privateKey}} | {{PrivateKey}} | {{null}} | The private key used to sign the exchange's payload. |
| {{publicKey}} | {{PublicKey}} | {{null}} | The public key used to verify the signature of the exchange's payload. |
| {{secureRandom}} | {{secureRandom}} | {{null}} | A reference to a {{SecureRandom}} object that will be used to initialize the Signature service. |
| {{password}} | {{char[]}} | {{null}} | The password for the keystore. |
| {{clearHeaders}} | {{String}} | {{true}} | Remove camel crypto headers from Message after a verify operation (value can be {{"true"}}/{{"false"}}). |
{div} |
Using
1) Raw keys
The most basic way to way to sign and verify an exchange is with a KeyPair as follows.
...