CAMEL-6860 supports parameterize encryption and hash algorithm in PGP Data Formater with thanks to Franz
Project: http://git-wip-us.apache.org/repos/asf/camel/repo Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/4969138e Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/4969138e Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/4969138e Branch: refs/heads/camel-2.12.x Commit: 4969138e39d7303048dd0ad2a3e1223943329206 Parents: fda7077 Author: Willem Jiang <ningji...@apache.org> Authored: Mon Oct 14 16:27:10 2013 +0800 Committer: Willem Jiang <willem.ji...@gmail.com> Committed: Mon Oct 14 16:42:27 2013 +0800 ---------------------------------------------------------------------- .../camel/converter/crypto/PGPDataFormat.java | 45 +++++++++++++++++++- .../crypto/PGPDataFormatDynamicTest.java | 20 +++++++++ .../converter/crypto/PGPDataFormatTest.java | 17 ++++++++ .../crypto/SpringPGPDataFormatTest.xml | 1 + 4 files changed, 81 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/camel/blob/4969138e/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPDataFormat.java ---------------------------------------------------------------------- diff --git a/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPDataFormat.java b/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPDataFormat.java index eab0e71..e6d8921 100644 --- a/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPDataFormat.java +++ b/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPDataFormat.java @@ -84,6 +84,8 @@ public class PGPDataFormat extends ServiceSupport implements DataFormat { public static final String SIGNATURE_KEY_RING = "CamelPGPDataFormatSignatureKeyRing"; public static final String SIGNATURE_KEY_USERID = "CamelPGPDataFormatSignatureKeyUserid"; public static final String SIGNATURE_KEY_PASSWORD = "CamelPGPDataFormatSignatureKeyPassword"; + public static final String ENCRYPTION_ALGORITHM = "CamelPGPDataFormatEncryptionAlgorithm"; + public static final String SIGNATURE_HASH_ALGORITHM = "CamelPGPDataFormatSignatureHashAlgorithm"; private static final Logger LOG = LoggerFactory.getLogger(PGPDataFormat.class); @@ -109,6 +111,19 @@ public class PGPDataFormat extends ServiceSupport implements DataFormat { private boolean armored; private boolean integrity = true; + + /** Digest algorithm for signing (marshal). + * Possible values are defined in {@link HashAlgorithmTags}. + * Default value is SHA1. + */ + private int hashAlgorithm = HashAlgorithmTags.SHA1; + + /** + * Symmetric key algorithm for encryption (marschal). + * Possible values are defined in {@link SymmetricKeyAlgorithmTags}. + * Default value is CAST5. + */ + private int algorithm = SymmetricKeyAlgorithmTags.CAST5; public PGPDataFormat() { } @@ -144,6 +159,14 @@ public class PGPDataFormat extends ServiceSupport implements DataFormat { protected String findSignatureKeyPassword(Exchange exchange) { return exchange.getIn().getHeader(SIGNATURE_KEY_PASSWORD, getSignaturePassword(), String.class); } + + protected int findAlgorithm(Exchange exchange) { + return exchange.getIn().getHeader(ENCRYPTION_ALGORITHM, getAlgorithm(), Integer.class); + } + + protected int findHashAlgorithm(Exchange exchange) { + return exchange.getIn().getHeader(SIGNATURE_HASH_ALGORITHM, getHashAlgorithm(), Integer.class); + } public void marshal(Exchange exchange, Object graph, OutputStream outputStream) throws Exception { PGPPublicKey key = PGPDataFormatUtil.findPublicKey(exchange.getContext(), findKeyFileName(exchange), @@ -158,7 +181,7 @@ public class PGPDataFormat extends ServiceSupport implements DataFormat { outputStream = new ArmoredOutputStream(outputStream); } - PGPEncryptedDataGenerator encGen = new PGPEncryptedDataGenerator(new JcePGPDataEncryptorBuilder(SymmetricKeyAlgorithmTags.CAST5) + PGPEncryptedDataGenerator encGen = new PGPEncryptedDataGenerator(new JcePGPDataEncryptorBuilder(findAlgorithm(exchange)) .setWithIntegrityPacket(integrity).setSecureRandom(new SecureRandom()).setProvider(getProvider())); encGen.addMethod(new JcePublicKeyKeyEncryptionMethodGenerator(key)); OutputStream encOut = encGen.open(outputStream, new byte[BUFFER_SIZE]); @@ -224,7 +247,7 @@ public class PGPDataFormat extends ServiceSupport implements DataFormat { int algorithm = sigSecretKey.getPublicKey().getAlgorithm(); PGPSignatureGenerator sigGen = new PGPSignatureGenerator( - new JcaPGPContentSignerBuilder(algorithm, HashAlgorithmTags.SHA1).setProvider(getProvider())); + new JcaPGPContentSignerBuilder(algorithm, findHashAlgorithm(exchange)).setProvider(getProvider())); sigGen.init(PGPSignature.BINARY_DOCUMENT, sigPrivateKey); sigGen.setHashedSubpackets(spGen.generate()); sigGen.generateOnePassVersion(false).encode(out); @@ -425,6 +448,24 @@ public class PGPDataFormat extends ServiceSupport implements DataFormat { public void setProvider(String provider) { this.provider = provider; } + + + + public int getHashAlgorithm() { + return hashAlgorithm; + } + + public void setHashAlgorithm(int hashAlgorithm) { + this.hashAlgorithm = hashAlgorithm; + } + + public int getAlgorithm() { + return algorithm; + } + + public void setAlgorithm(int algorithm) { + this.algorithm = algorithm; + } @Override protected void doStart() throws Exception { http://git-wip-us.apache.org/repos/asf/camel/blob/4969138e/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatDynamicTest.java ---------------------------------------------------------------------- diff --git a/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatDynamicTest.java b/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatDynamicTest.java index d28316c..af8d8c5 100644 --- a/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatDynamicTest.java +++ b/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatDynamicTest.java @@ -19,16 +19,34 @@ package org.apache.camel.converter.crypto; import java.util.HashMap; import java.util.Map; +import org.bouncycastle.bcpg.HashAlgorithmTags; +import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags; + public class PGPDataFormatDynamicTest extends PGPDataFormatTest { // setup a wrong userid + @Override protected String getKeyUserId() { return "wrong"; } // setup a wrong password + @Override protected String getKeyPassword() { return "wrong"; } + + + //setup wrong algorithm + @Override + protected int getAlgorithm() { + return -5; + } + + //setup wrong hash algorithm + protected int getHashAlgorithm() { + return -5; + } + // override wrong userid and password with correct userid and password in the headers protected Map<String, Object> getHeaders() { @@ -37,6 +55,8 @@ public class PGPDataFormatDynamicTest extends PGPDataFormatTest { headers.put(PGPDataFormat.SIGNATURE_KEY_USERID, "sd...@nowhere.net"); headers.put(PGPDataFormat.KEY_PASSWORD, "sdude"); headers.put(PGPDataFormat.SIGNATURE_KEY_PASSWORD, "sdude"); + headers.put(PGPDataFormat.ENCRYPTION_ALGORITHM, SymmetricKeyAlgorithmTags.AES_128); + headers.put(PGPDataFormat.SIGNATURE_HASH_ALGORITHM, HashAlgorithmTags.SHA512); return headers; } } http://git-wip-us.apache.org/repos/asf/camel/blob/4969138e/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatTest.java ---------------------------------------------------------------------- diff --git a/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatTest.java b/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatTest.java index 8424ac4..e890d53 100644 --- a/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatTest.java +++ b/components/camel-crypto/src/test/java/org/apache/camel/converter/crypto/PGPDataFormatTest.java @@ -22,6 +22,8 @@ import java.io.InputStream; import org.apache.camel.builder.RouteBuilder; import org.apache.camel.util.IOHelper; +import org.bouncycastle.bcpg.HashAlgorithmTags; +import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags; import org.junit.Test; public class PGPDataFormatTest extends AbstractPGPDataFormatTest { @@ -49,6 +51,14 @@ public class PGPDataFormatTest extends AbstractPGPDataFormatTest { protected String getProvider() { return "BC"; } + + protected int getAlgorithm() { + return SymmetricKeyAlgorithmTags.TRIPLE_DES; + } + + protected int getHashAlgorithm() { + return HashAlgorithmTags.SHA256; + } @Test public void testEncryption() throws Exception { @@ -105,6 +115,7 @@ public class PGPDataFormatTest extends AbstractPGPDataFormatTest { pgpEncrypt.setKeyFileName(keyFileName); pgpEncrypt.setKeyUserid(keyUserid); pgpEncrypt.setProvider(getProvider()); + pgpEncrypt.setAlgorithm(getAlgorithm()); PGPDataFormat pgpDecrypt = new PGPDataFormat(); pgpDecrypt.setKeyFileName(keyFileNameSec); @@ -133,6 +144,9 @@ public class PGPDataFormatTest extends AbstractPGPDataFormatTest { pgpSignAndEncrypt.setSignatureKeyUserid(keyUserid); pgpSignAndEncrypt.setSignaturePassword(keyPassword); pgpSignAndEncrypt.setProvider(getProvider()); + pgpSignAndEncrypt.setAlgorithm(getAlgorithm()); + pgpSignAndEncrypt.setHashAlgorithm(getHashAlgorithm()); + PGPDataFormat pgpVerifyAndDecrypt = new PGPDataFormat(); pgpVerifyAndDecrypt.setKeyFileName(keyFileNameSec); @@ -154,6 +168,7 @@ public class PGPDataFormatTest extends AbstractPGPDataFormatTest { pgpEncryptByteArray.setEncryptionKeyRing(getPublicKeyRing()); pgpEncryptByteArray.setKeyUserid(keyUserid); pgpEncryptByteArray.setProvider(getProvider()); + pgpEncryptByteArray.setAlgorithm(SymmetricKeyAlgorithmTags.DES); PGPDataFormat pgpDecryptByteArray = new PGPDataFormat(); pgpDecryptByteArray.setEncryptionKeyRing(getSecKeyRing()); @@ -172,6 +187,8 @@ public class PGPDataFormatTest extends AbstractPGPDataFormatTest { pgpSignAndEncryptByteArray.setSignatureKeyUserid(keyUserid); pgpSignAndEncryptByteArray.setSignaturePassword(keyPassword); pgpSignAndEncryptByteArray.setProvider(getProvider()); + pgpSignAndEncryptByteArray.setAlgorithm(SymmetricKeyAlgorithmTags.BLOWFISH); + pgpSignAndEncryptByteArray.setHashAlgorithm(HashAlgorithmTags.RIPEMD160); PGPDataFormat pgpVerifyAndDecryptByteArray = new PGPDataFormat(); pgpVerifyAndDecryptByteArray.setKeyUserid(keyUserid); http://git-wip-us.apache.org/repos/asf/camel/blob/4969138e/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringPGPDataFormatTest.xml ---------------------------------------------------------------------- diff --git a/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringPGPDataFormatTest.xml b/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringPGPDataFormatTest.xml index e511126..38d8c39 100644 --- a/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringPGPDataFormatTest.xml +++ b/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringPGPDataFormatTest.xml @@ -53,6 +53,7 @@ <bean id="encryptBean" class="org.apache.camel.converter.crypto.PGPDataFormat"> <property name="keyUserid" value="sd...@nowhere.net"/> <property name="encryptionKeyRing" ref="pubKeyRing"/> + <property name="algorithm" value="7"/> <!-- AES128 algorithm --> </bean> <bean id="decryptBean" class="org.apache.camel.converter.crypto.PGPDataFormat">
