Re: Camel-Crypto ElGamal encryption works in mvn camel:run but not in Karaf/OSGi

Tue, 02 Apr 2013 14:03:09 -0700 

UPDATE:

I use Java 1.6.0_43 for the following:

cmueller$ cd workspaceCamel/camel/components/camel-crypto/

remove the @Ignore annotation on
org.apache.camel.converter.crypto.PGPDataFormatElGamalTest.java

cmueller$ mvn clean test -Dtest=PGPDataFormatElGamalTest
...
Tests run: 3, Failures: 0, Errors: 0, Skipped: 0

[INFO]
------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO]
------------------------------------------------------------------------

This makes sure the used JDK supports the strong encryption.



cp pubring-ElGamal.gpg ${KARAF_HOME}/etc/pubring-ElGamal.gpg

and start Karaf 2.2.10:

cmueller$ ./karaf clean
karaf@root> features:chooseurl camel 2.10.4
adding feature url
mvn:org.apache.camel.karaf/apache-camel/2.10.4/xml/features
karaf@root> features:install camel-spring
karaf@root> features:install camel-crypto
karaf@root> install -s
mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.bcprov-jdk16/1.46_2

Update the keyFileName property in context.xml (attached) so it matches
your environment.

cp context.xml ${KARAF_HOME}/deploy/context.xml

But I got the following exception:
org.bouncycastle.openpgp.PGPException: exception encrypting session key
    at org.bouncycastle.openpgp.PGPEncryptedDataGenerator.open(Unknown
Source)[77:org.apache.servicemix.bundles.bcpg-jdk16:1.46.0.2]
    at org.bouncycastle.openpgp.PGPEncryptedDataGenerator.open(Unknown
Source)[77:org.apache.servicemix.bundles.bcpg-jdk16:1.46.0.2]
    at
org.apache.camel.converter.crypto.PGPDataFormat.marshal(PGPDataFormat.java:86)[78:org.apache.camel.camel-crypto:2.10.4]
    at
org.apache.camel.processor.MarshalProcessor.process(MarshalProcessor.java:59)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:99)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:72)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:99)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.interceptor.TraceInterceptor.process(TraceInterceptor.java:91)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.RedeliveryErrorHandler.processErrorHandler(RedeliveryErrorHandler.java:334)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:220)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.RouteContextProcessor.processNext(RouteContextProcessor.java:46)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.interceptor.DefaultChannel.process(DefaultChannel.java:308)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.Pipeline.process(Pipeline.java:117)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.Pipeline.process(Pipeline.java:80)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.RouteContextProcessor.processNext(RouteContextProcessor.java:46)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.UnitOfWorkProcessor.processAsync(UnitOfWorkProcessor.java:150)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProcessor.java:117)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.RouteInflightRepositoryProcessor.processNext(RouteInflightRepositoryProcessor.java:48)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:99)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:72)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:99)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:86)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.component.timer.TimerConsumer.sendTimerExchange(TimerConsumer.java:135)[71:org.apache.camel.camel-core:2.10.4]
    at
org.apache.camel.component.timer.TimerConsumer$1.run(TimerConsumer.java:63)[71:org.apache.camel.camel-core:2.10.4]
    at java.util.TimerThread.mainLoop(Timer.java:512)[:1.6.0_43]
    at java.util.TimerThread.run(Timer.java:462)[:1.6.0_43]
Caused by: java.lang.SecurityException: JCE cannot authenticate the
provider BC
    at javax.crypto.Cipher.getInstance(DashoA13*..)[:1.6]
    at
org.bouncycastle.openpgp.PGPEncryptedDataGenerator$PubMethod.addSessionInfo(Unknown
Source)[77:org.apache.servicemix.bundles.bcpg-jdk16:1.46.0.2]
    ... 38 more
Caused by: java.util.jar.JarException: Cannot parse
mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.bcpg-jdk16/1.46_2
    at javax.crypto.SunJCE_c.a(DashoA13*..)[:1.6]
    at javax.crypto.SunJCE_b.b(DashoA13*..)[:1.6]
    at javax.crypto.SunJCE_b.a(DashoA13*..)[:1.6]
    ... 40 more

Will dig further into it...

Best,
Christian



On Tue, Feb 5, 2013 at 9:07 PM, Christian Müller <
christian.muel...@gmail.com> wrote:

> Still on my to do list...
>
> Sent from a mobile device
> Am 05.02.2013 00:07 schrieb "Patel, Gaurav" <gaurav.pa...@amd.com>:
>
> Was anyone able to reproduce?
>>
>> I've run the scenario on ServiceMix, Karaf + Camel and FuseESB (linux and
>> windows) all to the same effect: no key spec.  I've even tried installing
>> Bouncy Castle and the unlimited security policy against my JDK/JRE and not
>> putting anything into Karaf/lib/ext and nothing changes.  Should I ask this
>> question to the Karaf DL instead of the Camel one?
>>
>> Gaurav
>>
>>
>> -----Original Message-----
>> From: Christian Müller [mailto:christian.muel...@gmail.com]
>> Sent: Monday, January 28, 2013 5:30 PM
>> To: users@camel.apache.org
>> Subject: Re: Camel-Crypto ElGamal encryption works in mvn camel:run but
>> not in Karaf/OSGi
>>
>> I'm trying to reproduce the issue...
>>
>> Best,
>> Christian
>>
>> On Mon, Jan 28, 2013 at 5:38 PM, Patel, Gaurav <gaurav.pa...@amd.com>
>> wrote:
>>
>> > Karaf version 2.2.10
>> > Camel 2.10.3
>> >
>> > What's odd to me is that a certain types of keys work in Karaf but the
>> > other ones do not.  It's not a complete failure where I can't get
>> > camel-crypto working on Karaf, just ElGamal keys.
>> >
>> > Is there a way I can setup debug logging to see what the error is
>> > beyond the stack trace?
>> >
>> > Gaurav
>> >
>> >
>> > -----Original Message-----
>> > From: Claus Ibsen [mailto:claus.ib...@gmail.com]
>> > Sent: Saturday, January 26, 2013 4:26 AM
>> > To: users@camel.apache.org
>> > Subject: Re: Camel-Crypto ElGamal encryption works in mvn camel:run
>> > but not in Karaf/OSGi
>> >
>> > Hi
>> >
>> > You should tell which Karaf version you use.
>> > But OSGi can be tricky to get working.
>> >
>> >
>> > On Thu, Jan 24, 2013 at 7:04 PM, Patel, Gaurav <gaurav.pa...@amd.com>
>> > wrote:
>> > > I have camel 2.10.3 installed and am using the example
>> > pubring-ElGamal.gpg from
>> >
>> 'components\camel-crypto\src\test\resources\org\apache\camel\component\crypto'
>> > in camel-crypto and user 'sd...@nowhere.net'.
>> > >
>> > > When I run the camel route with mvn camel:run, the RSA encryption
>> > > works
>> > perfectly as well as the DSA + ElGamal encryption.  When I move this
>> > exact route to Karaf, the RSA encryption continues to work but the DSA
>> > + ElGamal gives the following stack trace:
>> > >
>> > > org.bouncycastle.openpgp.PGPException: exception encrypting session
>> > > key
>> > at org.bouncycastle.openpgp.PGPEncryptedDataGenerator.open(Unknown
>> > Source) at
>> > org.bouncycastle.openpgp.PGPEncryptedDataGenerator.open(Unknown
>> > Source) at
>> > org.apache.camel.converter.crypto.PGPDataFormat.marshal(PGPDataFormat.
>> > java:86)
>> > at
>> > org.apache.camel.processor.MarshalProcessor.process(MarshalProcessor.j
>> > ava:59)
>> > at
>> > org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncPr
>> > ocessorBridge.process(AsyncProcessorConverterHelper.java:61)
>> > at
>> > org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelpe
>> > r.java:73)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.processNext(Delegate
>> > AsyncProcessor.java:99)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyn
>> > cProcessor.java:90)
>> > at
>> > org.apache.camel.management.InstrumentationProcessor.process(Instrumen
>> > tationProcessor.java:73)
>> > at
>> > org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelpe
>> > r.java:73)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.processNext(Delegate
>> > AsyncProcessor.java:99)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyn
>> > cProcessor.java:90)
>> > at
>> > org.apache.camel.processor.interceptor.TraceInterceptor.process(TraceI
>> > nterceptor.java:91)
>> > at
>> > org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelpe
>> > r.java:73)
>> > at
>> > org.apache.camel.processor.RedeliveryErrorHandler.processErrorHandler(
>> > RedeliveryErrorHandler.java:334)
>> > at
>> > org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryEr
>> > rorHandler.java:220)
>> > at
>> > org.apache.camel.processor.RouteContextProcessor.processNext(RouteCont
>> > extProcessor.java:45)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyn
>> > cProcessor.java:90)
>> > at
>> > org.apache.camel.processor.interceptor.DefaultChannel.process(DefaultC
>> > hannel.java:303)
>> > at
>> > org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelpe
>> > r.java:73) at
>> > org.apache.camel.processor.Pipeline.process(Pipeline.java:117) at
>> > org.apache.camel.processor.Pipeline.process(Pipeline.java:80) at
>> > org.apache.camel.processor.RouteContextProcessor.processNext(RouteCont
>> > extProcessor.java:45)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyn
>> > cProcessor.java:90)
>> > at
>> > org.apache.camel.processor.UnitOfWorkProcessor.processAsync(UnitOfWork
>> > Processor.java:150)
>> > at
>> > org.apache.camel.processor.UnitOfWorkProcessor.process(UnitOfWorkProce
>> > ssor.java:117)
>> > at
>> > org.apache.camel.processor.RouteInflightRepositoryProcessor.processNex
>> > t(RouteInflightRepositoryProcessor.java:48)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyn
>> > cProcessor.java:90)
>> > at
>> > org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelpe
>> > r.java:73)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.processNext(Delegate
>> > AsyncProcessor.java:99)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyn
>> > cProcessor.java:90)
>> > at
>> > org.apache.camel.management.InstrumentationProcessor.process(Instrumen
>> > tationProcessor.java:73)
>> > at
>> > org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelpe
>> > r.java:99)
>> > at
>> > org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyn
>> > cProcessor.java:86)
>> > at
>> > org.apache.camel.component.jms.EndpointMessageListener.onMessage(Endpo
>> > intMessageListener.java:104)
>> > at
>> > org.springframework.jms.listener.AbstractMessageListenerContainer.doIn
>> > vokeListener(AbstractMessageListenerContainer.java:560)
>> > at
>> > org.springframework.jms.listener.AbstractMessageListenerContainer.invo
>> > keListener(AbstractMessageListenerContainer.java:498)
>> > at
>> > org.springframework.jms.listener.AbstractMessageListenerContainer.doEx
>> > ecuteListener(AbstractMessageListenerContainer.java:467)
>> > at
>> > org.springframework.jms.listener.AbstractPollingMessageListenerContain
>> > er.doReceiveAndExecute(AbstractPollingMessageListenerContainer.java:32
>> > 5)
>> > at
>> > org.springframework.jms.listener.AbstractPollingMessageListenerContain
>> > er.receiveAndExecute(AbstractPollingMessageListenerContainer.java:263)
>> > at
>> > org.springframework.jms.listener.DefaultMessageListenerContainer$Async
>> > MessageListenerInvoker.invokeListener(DefaultMessageListenerContainer.
>> > java:1058)
>> > at
>> > org.springframework.jms.listener.DefaultMessageListenerContainer$Async
>> > MessageListenerInvoker.executeOngoingLoop(DefaultMessageListenerContai
>> > ner.java:1050)
>> > at
>> > org.springframework.jms.listener.DefaultMessageListenerContainer$Async
>> > MessageListenerInvoker.run(DefaultMessageListenerContainer.java:947)
>> > at
>> > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecu
>> > tor.java:886)
>> > at
>> > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.
>> > java:908) at java.lang.Thread.run(Thread.java:662) Caused by:
>> > org.bouncycastle.openpgp.PGPException: exception constructing public
>> > key at org.bouncycastle.openpgp.PGPPublicKey.getKey(Unknown Source) at
>> > org.bouncycastle.openpgp.PGPEncryptedDataGenerator$PubMethod.addSessio
>> > nInfo(Unknown
>> > Source) ... 46 more Caused by:
>> java.security.spec.InvalidKeySpecException:
>> > key spec not recognised at
>> > org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi.eng
>> > ineGeneratePublic(Unknown
>> > Source) at
>> > org.bouncycastle.jcajce.provider.asymmetric.elgamal.KeyFactorySpi.engi
>> > neGeneratePublic(Unknown
>> > Source) at java.security.KeyFactory.generatePublic(KeyFactory.java:298)
>> ...
>> > 48 more
>> > >
>> > > I'm using the jre.properties.cxf (moved to jre.properties) and have
>> > > this
>> > in my config.properties:
>> > > # configure karaf security providers
>> > > org.apache.karaf.security.providers =
>> > org.bouncycastle.jce.provider.BouncyCastleProvider
>> > >
>> > > # javax.transaction is needed to avoid class loader constraint
>> > > violation
>> > when using javax.sql
>> > >
>> > org.osgi.framework.bootdelegation=org.apache.karaf.jaas.boot,sun.*,com
>> > .sun.*,javax.transaction,javax.transaction.*,org.bouncycastle*
>> > >
>> > > I've also loaded bcprov-jdk16-1.46.jar into lib/ext since I'm using
>> > > Java
>> > SDK 1.6.
>> > >
>> > > Any suggestions/ideas on what could be wrong?
>> > >
>> > > Gaurav
>> > >
>> >
>> >
>> >
>> > --
>> > Claus Ibsen
>> > -----------------
>> > Red Hat, Inc.
>> > FuseSource is now part of Red Hat
>> > Email: cib...@redhat.com
>> > Web: http://fusesource.com
>> > Twitter: davsclaus
>> > Blog: http://davsclaus.com
>> > Author of Camel in Action: http://www.manning.com/ibsen
>> >
>> >
>> >
>>
>>
>> --
>>
>>

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
  xsi:schemaLocation="
       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
       http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
    ">

    <bean id="elGamal" class="org.apache.camel.converter.crypto.PGPDataFormat">
        <property name="keyFileName" value="file:///Applications/apache-karaf-2.2.10/etc/pubring-ElGamal.gpg" />
        <property name="keyUserid" value="sd...@nowhere.net" />
        <property name="password" value="sdude" />
    </bean>

  <camelContext id="camel" xmlns="http://camel.apache.org/schema/spring";>
    <route>
        <from uri="timer://foo?fixedRate=true&amp;period=5000" />
        <setBody><constant>Hi Alice, Be careful Eve is listening, signed Bob</constant></setBody>
        <to uri="log:com.mycompany.order?level=INFO" />
        <marshal ref="elGamal" />
        <to uri="log:com.mycompany.order?level=INFO" />
        <unmarshal ref="elGamal" />
        <to uri="log:com.mycompany.order?level=INFO" />
    </route>
  </camelContext>
</beans>

Reply via email to