Modified: websites/production/camel/content/crypto.html
==============================================================================
--- websites/production/camel/content/crypto.html (original)
+++ websites/production/camel/content/crypto.html Wed Feb 19 11:19:47 2014
@@ -86,9 +86,8 @@
<tbody>
<tr>
<td valign="top" width="100%">
-<div class="wiki-content maincontent"><h2
id="Crypto-Crypto">Crypto</h2><p><strong>Available as of Camel 2.3</strong><br
clear="none"> <strong>PGP Available as of Camel 2.9</strong></p><p>The Crypto
<a shape="rect" href="data-format.html">Data Format</a> integrates the Java
Cryptographic Extension into Camel, allowing simple and flexible encryption and
decryption of messages using Camel's familiar marshall and unmarshal formatting
mechanism. It assumes marshalling to mean encryption to cyphertext and
unmarshalling to mean decryption back to the original plaintext. This data
format implements only symmetric (shared-key) encryption and decyption.</p><h3
id="Crypto-Options">Options</h3><div class="confluenceTableSmall">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Description </p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>algorithm</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>DES/CBC/PKCS5Padding</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> The JCE algorithm name indicating the cryptographic
algorithm that will be used. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>algorithmParameterSpec</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>
<code>java.security.spec.AlgorithmParameterSpec</code> </p></td><td colspan="1"
rowspan="1" class="con
fluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>A JCE AlgorithmParameterSpec used to initialize the
Cipher. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>bufferSize</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>Integer</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>2048</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> the size of the buffer used in the
signature process. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>cryptoProvider</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> The name of the JCE Security
Provider that should be used. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>initializa
tionVector</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>byte[]</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> A byte array containing the Initialization
Vector that will be used to initialize the Cipher. </p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>inline</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>boolean</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>false</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> Flag indicating that the configured IV
should be inlined into the encrypted data stream. </p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>macAlgorithm</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>String</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</co
de> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The JCE
algorithm name indicating the Message Authentication algorithm.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>shouldAppendHMAC</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>boolean</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> Flag indicating that a Message
Authentication Code should be calculated and appended to the encrypted
data.</p></td></tr></tbody></table>
-</div><h3 id="Crypto-BasicUsage">Basic Usage</h3><p>At its most basic all that
is required to encrypt/decrypt an exchange is a shared secret key. If one or
more instances of the Crypto data format are configured with this key the
format can be used to encrypt the payload in one route (or part of one) and
decrypted in another. For example, using the Java DSL as follows:</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
+<div class="wiki-content maincontent"><h2
id="Crypto-Crypto">Crypto</h2><p><strong>Available as of Camel 2.3</strong><br
clear="none"> <strong>PGP Available as of Camel 2.9</strong></p><p>The Crypto
<a shape="rect" href="data-format.html">Data Format</a> integrates the Java
Cryptographic Extension into Camel, allowing simple and flexible encryption and
decryption of messages using Camel's familiar marshall and unmarshal formatting
mechanism. It assumes marshalling to mean encryption to cyphertext and
unmarshalling to mean decryption back to the original plaintext. This data
format implements only symmetric (shared-key) encryption and decyption.</p><h3
id="Crypto-Options">Options</h3><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Descri
ption </p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>algorithm</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>DES/CBC/PKCS5Padding</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The JCE algorithm
name indicating the cryptographic algorithm that will be used.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>algorithmParameterSpec</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>java.security.spec.AlgorithmParameterSpec</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>A JCE
AlgorithmParameterSpec used to initialize the Cipher. </p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>bufferSize</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd
"><p> <code>Integer</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>2048</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> the size of the buffer used in the signature process.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>cryptoProvider</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> The name of the JCE Security Provider that
should be used. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>initializationVector</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>byte[]</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> A byte array
containing the Initialization Vector that will be
used to initialize the Cipher. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>inline</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>boolean</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>false</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Flag indicating
that the configured IV should be inlined into the encrypted data stream.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>macAlgorithm</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> The JCE algorithm name indicating the
Message Authentication algorithm. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>shouldAppendHMAC</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <cod
e>boolean</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
Flag indicating that a Message Authentication Code should be calculated and
appended to the encrypted data.</p></td></tr></tbody></table>
+<h3 id="Crypto-BasicUsage">Basic Usage</h3><p>At its most basic all that is
required to encrypt/decrypt an exchange is a shared secret key. If one or more
instances of the Crypto data format are configured with this key the format can
be used to encrypt the payload in one route (or part of one) and decrypted in
another. For example, using the Java DSL as follows:</p><div class="code panel
pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[
KeyGenerator generator = KeyGenerator.getInstance("DES");
@@ -232,10 +231,10 @@ from("direct:key-in-header-decrypt&
<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><![CDATA[
<crypto id="nokey" algorithm="DES" />
]]></script>
-</div></div><h3 id="Crypto-PGPDataFormatOptions">PGPDataFormat
Options</h3><div class="confluenceTableSmall">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Description </p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>keyUserid</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The user ID of
the key in the PGP keyring used during encryption. See also option
<code>keyUserids</code>. Can also be only a part of a user ID. For example, if
the user ID is "Test User <t...@camel.com>" then you can use the part
"Test User" or "<t...@camel.com>" to address the user ID.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<p> <code>keyUserids</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>List<String></code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel
2.12.2</strong>: PGP allows to encrypt the symmetric key by several asymmetric
public receiver keys. You can specify here the User IDs or parts of User IDs of
several public keys contained in the PGP keyring. If you just have one User
ID, then you can also use the option <code>keyUserid</code>. The User ID
specified in <code>keyUserid</code> and the User IDs in <code>keyUserids</code>
will be merged together and the corresponding public keys will be used for the
encryption. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>password</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd">
<p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> Password used when opening the private key (not used
for encryption). </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>keyFileName</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> Filename of the keyring; must
be accessible as a classpath resource (but you can specify a location in the
file system by using the "file:" prefix). </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>encryptionKeyRing</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>byte[]</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since camel 2.12.1</strong>; encryption
keyring; you can not set the keyFileName and encryptionKeyRing at the same
time. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signatureKeyUserid</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>;
optional User ID of the key in the PGP keyring used for signing (during
encryption) or signature verification (during decryption). During the signature
verification process the specified User ID restricts the public keys from the
public keyring which can be used for the verification. If no User ID is
specified for the signature verficiation then any public key in the public
keyring can be used for the verification. Can also be only a part of a user ID.
For example, if the user ID is "Test User <t...@camel.com>" then you can
use the part "Te
st User" or "<t...@camel.com>" to address the User ID.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signatureKeyUserids</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>List<String></code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel
2.12.3</strong>; optional list of User IDs of the key in the PGP keyring used
for signing (during encryption) or signature verification (during decryption).
You can specify here the User IDs or parts of User IDs of several keys
contained in the PGP keyring. If you just have one User ID, then you can also
use the option <code>keyUserid</code>. The User ID specified in
<code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be
merged together and the corresponding keys will be used for the signing or
signature verification. If the specified User IDs refer
ence several keys then for each key a signature is added to the PGP result
during the encryption-signing process. In the decryption-verifying process the
list of User IDs restricts the list of public keys which can be used for
signature verification. If the list of User IDs is empty then any public key in
the public keyring can be used for the signature verification.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signaturePassword</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>;
optional password used when opening the private key used for signing (during
encryption). </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>signatureKeyFileName</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>
String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<strong>Since Camel 2.11.0</strong>; optional filename of the keyring to use
for signing (during encryption) or for signature verification (during
decryption); must be accessible as a classpath resource (but you can specify a
location in the file system by using the "file:" prefix). </p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>signatureKeyRing</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>byte[]</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since camel 2.12.1</strong>; signature
keyring; you can not set the signatureKeyFileName and signatureKeyRing at the
same time. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>algorithm</code> </
p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>SymmetricKeyAlgorithmTags.CAST5</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>;
symmetric key encryption algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags</code>; for example 2 (=
TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7 (= AES_128). Only
relevant for encrypting. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>compressionAlgorithm</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>
<code>CompressionAlgorithmTags.ZIP</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>; compression
algorithm; possible values are defined in <code>org.bouncycastle.bcpg.C
ompressionAlgorithmTags</code>; for example 0 (= UNCOMPRESSED), 1 (= ZIP), 2
(= ZLIB), 3 (= BZIP2). Only relevant for encrypting. </p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>hashAlgorithm</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>HashAlgorithmTags.SHA1</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>: signature hash
algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.HashAlgorithmTags</code>; for example 2 (= SHA1), 8
(= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only relevant for
signing. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>armored</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>boolean</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>false</code> </p></td><td colsp
an="1" rowspan="1" class="confluenceTd"><p> This option will cause PGP to
base64 encode the encrypted text, making it available for copy/paste, etc.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>integrity</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>boolean</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>true</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> Adds an integrity check/sign into the
encryption file. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>passphraseAccessor</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <a shape="rect"
class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since
Camel 2.12.2</strong>; provides passphrases corresponding to user Ids. If no
passpharase can be found from the option <code>password</code> or
<code>signaturePassword</code> and from the headers
<code>CamelPGPDataFormatKeyPassword</code> or
<code>CamelPGPDataFormatSignatureKeyPassword</code> then the passphrase is
feteched from the passphrase accessor. You provide a bean which implements the
interface <a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessorDefault.java";
rel="nofollow">PGPPassphraseAccessorDefault</a>. The
passphrase accessor is especially useful in the decrypt case; see chapter
'PGP Decrypting/Verifying of Messages Encrypted/Signed by Different
Private/Public Keys' below. </p></td></tr></tbody></table>
+</div></div><h3 id="Crypto-PGPDataFormatOptions">PGPDataFormat
Options</h3><table class="confluenceTable"><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Description </p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>keyUserid</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The user ID of
the key in the PGP keyring used during encryption. See also option
<code>keyUserids</code>. Can also be only a part of a user ID. For example, if
the user ID is "Test User <t...@camel.com>" then you can use the part
"Test User" or "<t...@camel.com>" to address the u
ser ID. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>keyUserids</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>List<String></code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel
2.12.2</strong>: PGP allows to encrypt the symmetric key by several asymmetric
public receiver keys. You can specify here the User IDs or parts of User IDs of
several public keys contained in the PGP keyring. If you just have one User
ID, then you can also use the option <code>keyUserid</code>. The User ID
specified in <code>keyUserid</code> and the User IDs in <code>keyUserids</code>
will be merged together and the corresponding public keys will be used for the
encryption. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>password</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <co
de>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
Password used when opening the private key (not used for encryption).
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>keyFileName</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> Filename of the keyring; must be
accessible as a classpath resource (but you can specify a location in the file
system by using the "file:" prefix). </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>encryptionKeyRing</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>byte[]</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1
" class="confluenceTd"><p> <strong>Since camel 2.12.1</strong>; encryption
keyring; you can not set the keyFileName and encryptionKeyRing at the same
time. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signatureKeyUserid</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>;
optional User ID of the key in the PGP keyring used for signing (during
encryption) or signature verification (during decryption). During the signature
verification process the specified User ID restricts the public keys from the
public keyring which can be used for the verification. If no User ID is
specified for the signature verficiation then any public key in the public
keyring can be used for the verification. Can also be only a part of a user ID.
For example, if the
user ID is "Test User <t...@camel.com>" then you can use the part "Test
User" or "<t...@camel.com>" to address the User ID. </p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signatureKeyUserids</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>List<String></code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel
2.12.3</strong>; optional list of User IDs of the key in the PGP keyring used
for signing (during encryption) or signature verification (during decryption).
You can specify here the User IDs or parts of User IDs of several keys
contained in the PGP keyring. If you just have one User ID, then you can also
use the option <code>keyUserid</code>. The User ID specified in
<code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be
merged together and the corresponding keys will be used
for the signing or signature verification. If the specified User IDs
reference several keys then for each key a signature is added to the PGP result
during the encryption-signing process. In the decryption-verifying process the
list of User IDs restricts the list of public keys which can be used for
signature verification. If the list of User IDs is empty then any public key in
the public keyring can be used for the signature verification.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signaturePassword</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>;
optional password used when opening the private key used for signing (during
encryption). </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>signatureKeyFileName<
/code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>String</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>; optional filename
of the keyring to use for signing (during encryption) or for signature
verification (during decryption); must be accessible as a classpath resource
(but you can specify a location in the file system by using the "file:"
prefix). </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signatureKeyRing</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>byte[]</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.1</strong>;
signature keyring; you can not set the signatureKeyFileName and
signatureKeyRing at the same time. </p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>algorithm</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>SymmetricKeyAlgorithmTags.CAST5</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>;
symmetric key encryption algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags</code>; for example 2 (=
TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7 (= AES_128). Only
relevant for encrypting. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>compressionAlgorithm</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>
<code>CompressionAlgorithmTags.ZIP</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>; compress
ion algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.CompressionAlgorithmTags</code>; for example 0 (=
UNCOMPRESSED), 1 (= ZIP), 2 (= ZLIB), 3 (= BZIP2). Only relevant for
encrypting. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>hashAlgorithm</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>HashAlgorithmTags.SHA1</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since
camel 2.12.2</strong>: signature hash algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.HashAlgorithmTags</code>; for example 2 (= SHA1), 8
(= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only relevant for
signing. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>armored</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>boolean</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>false</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> This option will cause PGP to
base64 encode the encrypted text, making it available for copy/paste, etc.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>integrity</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>boolean</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>true</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> Adds an integrity check/sign into the
encryption file. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>passphraseAccessor</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <a shape="rect"
class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a> </p><
/td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since
Camel 2.12.2</strong>; provides passphrases corresponding to user Ids. If no
passpharase can be found from the option <code>password</code> or
<code>signaturePassword</code> and from the headers
<code>CamelPGPDataFormatKeyPassword</code> or
<code>CamelPGPDataFormatSignatureKeyPassword</code> then the passphrase is
fetched from the passphrase accessor. You provide a bean which implements the
interface <a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPPass
phraseAccessor.java" rel="nofollow">DefaultPGPPassphraseAccessor</a>. The
passphrase accessor is especially useful in the decrypt case; see chapter 'PGP
Decrypting/Verifying of Messages Encrypted/Signed by Different Private/Public
Keys' below. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>publicKeyAccessor</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <a shape="rect"
class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPublicKeyAccessor.java";
rel="nofollow">PGPPublicKeyAccessor</a> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Sinace Camel 2.13.0</strong>; provides the
publicKeyAccessor which can be used to help PGPDataFormat to find the PublicKey
and EncryptionKeys. You provide a bean which implements the interface <a
shape="rect"
class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPublicKeyAccessor.java";
rel="nofollow">PGPPublicKeyAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPPublicKeyAccessor.java";
rel="nofollow">DefaultPGPPublicKeyAccessor</a>.</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>secretKeyAccessor</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <a shape="rect"
class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPSecretAccessor.java";
rel="nofollow">PGPSecretKeyAccessor</a> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
cl
ass="confluenceTd"><p> <strong>Sinace Camel 2.13.0</strong>; provides the
secretKeyAccessor which can be used to help PGPDataFormat to find the SecretKey
and DecryptionKeys. You provide a bean which implements the interface <a
shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPSecretKeyAccessor.java";
rel="nofollow">PGPSecretKeyAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPSecretKeyAccessor.java";
rel="nofollow">DefaultPGPSecretKeyAccessor</a>.</p></td></tr></tbody></table>
-</div><h3 id="Crypto-PGPDataFormatMessageHeaders">PGPDataFormat Message
Headers</h3><p>You can override the PGPDataFormat options by applying below
headers into message dynamically.</p><div
class="confluenceTableSmall"></div><div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyFileName</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; filename of the keyring; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionKeyRing</code></p></td><td
colspa
n="1" rowspan="1" class="confluenceTd"><p><code>byte[]</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.1</strong>; the encryption keyring; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserid</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; the User ID of the key in the PGP keyring; will override
existing setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserids</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>List<String></code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: the
User IDs of the key in the PGP keyring; will override ex
isting setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyPassword</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; password used when opening the private key; will override
existing setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyFileName</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the
signature keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyRing</code></p></td><td
colspan="1" rowspan="1" class="c
onfluenceTd"><p><code>byte[]</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the signature
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyUserid</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the
signature key in the PGP keyring; will override existing setting directly on
the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatSignatureKeyUserids</td><td colspan="1"
rowspan="1" class="confluenceTd">List<String></td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since Camel 2.12.3</strong>; the User
IDs of the signature keys in the PGP keyring; will override existing setting
directly on the
PGPDataFormat.</td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyPassword</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when
opening the signature private key; will override existing setting directly on
the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; symmetric key encryption algorithm; will override existing
setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureHashAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd">
<p><code>int</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>; signature hash
algorithm; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatCompressionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; compression algorithm; will override existing setting directly
on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatNumberOfEncryptionKeys</td><td
colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel
2.12.3;  </strong>number of public keys used for encrypting the symmectric
key, set by PGPDataFormat during encryptiion process</td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatNumberOfSigningKeys</td><td colspan="1"
rowspan="1" class="confluenceTd">Integer</td><td colspan="1" rowspan="1"
class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3;
</strong>number of private keys used for creating signatures, set by
PGPDataFormat during signing process</td></tr></tbody></table></div><h3
id="Crypto-EncryptingwithPGPDataFormat">Encrypting with
PGPDataFormat</h3><p>The following sample uses the popular PGP format for
encrypting/decrypting files using the <a shape="rect" class="external-link"
href="http://www.bouncycastle.org/java.html"; rel="nofollow">Bouncy Castle Java
libraries</a>:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
+<p> <br clear="none">
+ </p><h3 id="Crypto-PGPDataFormatMessageHeaders">PGPDataFormat Message
Headers</h3><p>You can override the PGPDataFormat options by applying below
headers into message dynamically.</p> <div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyFileName</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; filename of the keyring; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionKeyRing</code></p></td><td
colspan="1" rowspan="1" class="confl
uenceTd"><p><code>byte[]</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the encryption
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserid</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; the User ID of the key in the PGP keyring; will override
existing setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserids</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>List<String></code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: the
User IDs of the key in the PGP keyring; will override existing setting directly
on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyPassword</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; password used when opening the private key; will override
existing setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyFileName</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the
signature keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyRing</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>byte[]</
code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the signature
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyUserid</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the
signature key in the PGP keyring; will override existing setting directly on
the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatSignatureKeyUserids</td><td colspan="1"
rowspan="1" class="confluenceTd">List<String></td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since Camel 2.12.3</strong>; the User
IDs of the signature keys in the PGP keyring; will override existing setting
directly on the PGPDataFormat.</td></tr><tr><t
d colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyPassword</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when
opening the signature private key; will override existing setting directly on
the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; symmetric key encryption algorithm; will override existing
setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureHashAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><t
d colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; signature hash algorithm; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatCompressionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; compression algorithm; will override existing setting directly
on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatNumberOfEncryptionKeys</td><td
colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel
2.12.3;  </strong>number of public keys used for encrypting the symmectric
key, set by PGPDataFormat during encryptiion process</td></tr><tr><td
colspan="1" rowspan="1" class
="confluenceTd">CamelPGPDataFormatNumberOfSigningKeys</td><td colspan="1"
rowspan="1" class="confluenceTd">Integer</td><td colspan="1" rowspan="1"
class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3;
</strong>number of private keys used for creating signatures, set by
PGPDataFormat during signing process</td></tr></tbody></table></div><h3
id="Crypto-EncryptingwithPGPDataFormat">Encrypting with
PGPDataFormat</h3><p>The following sample uses the popular PGP format for
encrypting/decrypting files using the <a shape="rect" class="external-link"
href="http://www.bouncycastle.org/java.html"; rel="nofollow">Bouncy Castle Java
libraries</a>:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><