...
Wiki Markup |
---|
{snippet:id=key-in-header|lang=java|url=camel/trunk/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/CryptoDataFormatTest.java} |
Wiki Markup |
---|
{snippet:id=header-key|lang=xml|url=camel/trunk/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringCryptoDataFormatTest.xml} |
PGP Message
The PGP Data Formater can create and decrypt/verify PGP Messages of the following PGP packet structure (entries in brackets are optional and ellipses indicate repetition, comma represents sequential composition, and vertical bar separates alternatives):
Public Key Encrypted Session Key ..., Symmetrically Encrypted Data | Sym. Encrypted and Integrity Protected Data, (Compressed Data,) (One Pass Signature ...,) Literal Data, (Signature ...,)
Since Camel 2.16.0 the Compressed Data packet is optional, before it was mandatory.
PGPDataFormat Options
Name | Type | Default | Description |
---|---|---|---|
|
|
| The user ID of the key in the PGP keyring used during encryption. See also option |
|
|
| Since camel 2.12.2: PGP allows to encrypt the symmetric key by several asymmetric public receiver keys. You can specify here the User IDs or parts of User IDs of several public keys contained in the PGP keyring. If you just have one User ID, then you can also use the option |
|
|
| Password used when opening the private key (not used for encryption). |
|
|
| Filename of the keyring; must be accessible as a classpath resource (but you can specify a location in the file system by using the "file:" prefix). |
|
|
| Since camel 2.12.1: encryption keyring; you can not set the keyFileName and encryptionKeyRing at the same time. |
|
|
| Since Camel 2.11.0; optional User ID of the key in the PGP keyring used for signing (during encryption) or signature verification (during decryption). During the signature verification process the specified User ID restricts the public keys from the public keyring which can be used for the verification. If no User ID is specified for the signature verficiation then any public key in the public keyring can be used for the verification. Can also be only a part of a user ID. For example, if the user ID is "Test User <test@camel.com>" then you can use the part "Test User" or "<test@camel.com>" to address the User ID. |
|
|
| Since Camel 2.12.3: optional list of User IDs of the key in the PGP keyring used for signing (during encryption) or signature verification (during decryption). You can specify here the User IDs or parts of User IDs of several keys contained in the PGP keyring. If you just have one User ID, then you can also use the option |
|
|
| Since Camel 2.11.0: optional password used when opening the private key used for signing (during encryption). |
|
|
| Since Camel 2.11.0: optional filename of the keyring to use for signing (during encryption) or for signature verification (during decryption); must be accessible as a classpath resource (but you can specify a location in the file system by using the "file:" prefix). |
|
|
| Since camel 2.12.1: signature keyring; you can not set the signatureKeyFileName and signatureKeyRing at the same time. |
|
|
| Since camel 2.12.2: symmetric key encryption algorithm; possible values are defined in |
|
|
| Since camel 2.12.2: compression algorithm; possible values are defined in |
|
|
| Since camel 2.12.2: signature hash algorithm; possible values are defined in |
|
|
| This option will cause PGP to base64 encode the encrypted text, making it available for copy/paste, etc. |
|
|
| Adds an integrity check/sign into the encryption file. |
|
| Since Camel 2.12.2: provides passphrases corresponding to user Ids. If no passpharase can be found from the option | |
|
|
| Since Camel 2.13.0: controls the behavior for verifying the signature during unmarshaling. There are three values possible:
|
| String | "_CONSOLE" | Since camel 2.15.0: Sets the file name for the literal data packet. Can be overwritten by the header {@link Exchange#FILE_NAME}. " |
withCompressedDataPacket | boolean | true | Since Camel 2.16.0: Indicator whether the PGP Message shall be created with or without a Compressed Data packet. If the value is set to false, then no Compressed Data packet is added and the compressionAlgorithm value is ignored. Only used for marshaling. |
...