[
https://issues.apache.org/jira/browse/CAMEL-4061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13049010#comment-13049010
]
Claus Ibsen commented on CAMEL-4061:
------------------------------------
Back in the days when using Java security you could hit issues when key lengths
got too big. Well there was some US export restrictions upon the JDK so you had
to install an add-on to your JDK/JRE so it could support keys with bigger
lengths.
And the JDK wasn't so informative when you had such a situation so it could
take a while to figure it out. So anything I see something with security and
key length issues then I think about that.
> Add asymmetric encryption support to the XMLSecurity component
> --------------------------------------------------------------
>
> Key: CAMEL-4061
> URL: https://issues.apache.org/jira/browse/CAMEL-4061
> Project: Camel
> Issue Type: Improvement
> Reporter: Rich Newcomb
> Assignee: Hadrian Zbarcea
> Attachments: 2011.06.06-CAMEL-4061-camel-core-2.7.x.patch,
> 2011.06.06-CAMEL-4061-xmlsecurity-2.7.x.patch, recipient.ks, sender.ts
>
>
> Enhance the camel-xmlsecurity data format to support asymmetric key
> encryption algorithms.
> This enhancement provides the following capabilities:
> 1. Expands the xmlsecurity data format API with a public method that accepts
> a key transport algorithm and recipient key alias
> 2. Supports the RSA 1.5 and RSA OAEP asymmetric key encryption algorithms
> 3. Alternatively allows the recipient public key alias to be defined within a
> message exchange or in camel context
> 4. Allows key store and trust store information to be defined in the camel
> context
> Example configuration:
> {code}
> // context properties for encryption
> contextProps.put(XMLSecurityDataFormat.XML_ENC_TRUST_STORE_URL,
> getClass().getClassLoader().getResource("sender.ts").toString());
> contextProps.put(XMLSecurityDataFormat.XML_ENC_TRUST_STORE_PASSWORD,
> "password");
> contextProps.put(XMLSecurityDataFormat.XML_ENC_RECIPIENT_ALIAS, "recipient");
>
> // context properties for decryption
> contextProps.put(XMLSecurityDataFormat.XML_ENC_KEY_STORE_URL,
> getClass().getClassLoader().getResource("recipient.ks").toString());
> contextProps.put(XMLSecurityDataFormat.XML_ENC_KEY_STORE_PASSWORD,
> "password");
> contextProps.put(XMLSecurityDataFormat.XML_ENC_KEY_STORE_ALIAS, "recipient");
>
> context.addRoutes(new RouteBuilder() {
> public void configure() {
> from("direct:start")
> .marshal().secureXML("//privatenode", true, "some-pub-key-alias",
> XMLCipher.AES_256, XMLCipher.RSA_v1dot5).to("mock:encrypted")
> .unmarshal().secureXML("//privatenode", true,
> "somet-pub-key-alias",XMLCipher.AES_256,XMLCipher.RSA_v1dot5).to("mock:decrypted")
>
> }
> });
> {code}
>
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
