Modified: websites/production/camel/content/book-dataformat-appendix.html ============================================================================== --- websites/production/camel/content/book-dataformat-appendix.html (original) +++ websites/production/camel/content/book-dataformat-appendix.html Fri Mar 14 10:20:20 2014 @@ -3396,7 +3396,7 @@ from("jms://queue:customerServiceQu </dependency> ]]></script> </div></div> -<h2 id="BookDataFormatAppendix-Crypto">Crypto</h2><p><strong>Available as of Camel 2.3</strong><br clear="none"> <strong>PGP Available as of Camel 2.9</strong></p><p>The Crypto <a shape="rect" href="data-format.html">Data Format</a> integrates the Java Cryptographic Extension into Camel, allowing simple and flexible encryption and decryption of messages using Camel's familiar marshall and unmarshal formatting mechanism. It assumes marshalling to mean encryption to cyphertext and unmarshalling to mean decryption back to the original plaintext. This data format implements only symmetric (shared-key) encryption and decyption.</p><h3 id="BookDataFormatAppendix-Options.6">Options</h3><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Descriptio n </p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>algorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>DES/CBC/PKCS5Padding</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The JCE algorithm name indicating the cryptographic algorithm that will be used. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>algorithmParameterSpec</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>java.security.spec.AlgorithmParameterSpec</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>A JCE AlgorithmParameterSpec used to initialize the Cipher. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>bufferSize</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p > <code>Integer</code> </p></td><td colspan="1" rowspan="1" > class="confluenceTd"><p> <code>2048</code> </p></td><td colspan="1" > rowspan="1" class="confluenceTd"><p> the size of the buffer used in the > signature process. </p></td></tr><tr><td colspan="1" rowspan="1" > class="confluenceTd"><p> <code>cryptoProvider</code> </p></td><td > colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> > </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> > <code>null</code> </p></td><td colspan="1" rowspan="1" > class="confluenceTd"><p> The name of the JCE Security Provider that should > be used. </p></td></tr><tr><td colspan="1" rowspan="1" > class="confluenceTd"><p> <code>initializationVector</code> </p></td><td > colspan="1" rowspan="1" class="confluenceTd"><p> <code>byte[]</code> > </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> > <code>null</code> </p></td><td colspan="1" rowspan="1" > class="confluenceTd"><p> A byte array containing the Initialization Vector > that will be used to initialize the Cipher. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>inline</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>boolean</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>false</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Flag indicating that the configured IV should be inlined into the encrypted data stream. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>macAlgorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The JCE algorithm name indicating the Message Authentication algorithm. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>shouldAppendHMAC</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>bo olean</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Flag indicating that a Message Authentication Code should be calculated and appended to the encrypted data.</p></td></tr></tbody></table> +<h2 id="BookDataFormatAppendix-Crypto">Crypto</h2><p><strong>Available as of Camel 2.3</strong><br clear="none"> <strong>PGP Available as of Camel 2.9</strong></p><p>The Crypto <a shape="rect" href="data-format.html">Data Format</a> integrates the Java Cryptographic Extension into Camel, allowing simple and flexible encryption and decryption of messages using Camel's familiar marshall and unmarshal formatting mechanism. It assumes marshalling to mean encryption to cyphertext and unmarshalling to mean decryption back to the original plaintext. This data format implements only symmetric (shared-key) encryption and decyption.</p><h3 id="BookDataFormatAppendix-Options.6">Options</h3><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1" class="conf luenceTh"><p> Description </p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>algorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>DES/CBC/PKCS5Padding</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The JCE algorithm name indicating the cryptographic algorithm that will be used. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>algorithmParameterSpec</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>java.security.spec.AlgorithmParameterSpec</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>A JCE AlgorithmParameterSpec used to initialize the Cipher. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>bufferSize</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>Integer</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>2048</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> the size of the buffer used in the signature process. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>cryptoProvider</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The name of the JCE Security Provider that should be used. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>initializationVector</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>byte[]</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> A byte array containing the Initialization Vector that will be used to initialize the Cipher. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>inline</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>boolean</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>false</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Flag indicating that the configured IV should be inlined into the encrypted data stream. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>macAlgorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The JCE algorithm name indicating the Message Authentication algorithm. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>shouldAppendHMAC</code> </p></td><td colspan="1" rowspan="1" class="co nfluenceTd"><p> <code>boolean</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Flag indicating that a Message Authentication Code should be calculated and appended to the encrypted data.</p></td></tr></tbody></table></div> <h3 id="BookDataFormatAppendix-BasicUsage">Basic Usage</h3><p>At its most basic all that is required to encrypt/decrypt an exchange is a shared secret key. If one or more instances of the Crypto data format are configured with this key the format can be used to encrypt the payload in one route (or part of one) and decrypted in another. For example, using the Java DSL as follows:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl"> <script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[ KeyGenerator generator = KeyGenerator.getInstance("DES"); @@ -3541,10 +3541,10 @@ from("direct:key-in-header-decrypt& <script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[ <crypto id="nokey" algorithm="DES" /> ]]></script> -</div></div><h3 id="BookDataFormatAppendix-PGPDataFormatOptions">PGPDataFormat Options</h3><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Description </p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>keyUserid</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The user ID of the key in the PGP keyring used during encryption. See also option <code>keyUserids</code>. Can also be only a part of a user ID. For example, if the user ID is "Test User <t...@camel.com>" then you can use the part "Test User" or "<t...@camel.com>" to address the user ID. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>keyUserids</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>List<String></code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>: PGP allows to encrypt the symmetric key by several asymmetric public receiver keys. You can specify here the User IDs or parts of User IDs of several public keys contained in the PGP keyring. If you just have one User ID, then you can also use the option <code>keyUserid</code>. The User ID specified in <code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be merged together and the corresponding public keys will be used for the encryption. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>password</code> </p></td><td colspan="1" rowspan="1" class="confl uenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Password used when opening the private key (not used for encryption). </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>keyFileName</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Filename of the keyring; must be accessible as a classpath resource (but you can specify a location in the file system by using the "file:" prefix). </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>encryptionKeyRing</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>byte[]</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspa n="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.1</strong>; encryption keyring; you can not set the keyFileName and encryptionKeyRing at the same time. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signatureKeyUserid</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>; optional User ID of the key in the PGP keyring used for signing (during encryption) or signature verification (during decryption). During the signature verification process the specified User ID restricts the public keys from the public keyring which can be used for the verification. If no User ID is specified for the signature verficiation then any public key in the public keyring can be used for the verification. Can also be only a part of a user ID. For example, if the user ID is "Test User <t...@camel.com>" then you can use the part "Test User" or "<t...@camel.com>" to address the User ID. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signatureKeyUserids</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>List<String></code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.12.3</strong>; optional list of User IDs of the key in the PGP keyring used for signing (during encryption) or signature verification (during decryption). You can specify here the User IDs or parts of User IDs of several keys contained in the PGP keyring. If you just have one User ID, then you can also use the option <code>keyUserid</code>. The User ID specified in <code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be merged together and the corresponding k eys will be used for the signing or signature verification. If the specified User IDs reference several keys then for each key a signature is added to the PGP result during the encryption-signing process. In the decryption-verifying process the list of User IDs restricts the list of public keys which can be used for signature verification. If the list of User IDs is empty then any public key in the public keyring can be used for the signature verification. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signaturePassword</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>; optional password used when opening the private key used for signing (during encryption). </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signa tureKeyFileName</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>; optional filename of the keyring to use for signing (during encryption) or for signature verification (during decryption); must be accessible as a classpath resource (but you can specify a location in the file system by using the "file:" prefix). </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signatureKeyRing</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>byte[]</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.1</strong>; signature keyring; you can not set the signatureKeyFileName and signatureKeyRing at the same time. </p>< /td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>algorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>SymmetricKeyAlgorithmTags.CAST5</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>; symmetric key encryption algorithm; possible values are defined in <code>org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags</code>; for example 2 (= TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7 (= AES_128). Only relevant for encrypting. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>compressionAlgorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>CompressionAlgorithmTags.ZIP</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.2</s trong>; compression algorithm; possible values are defined in <code>org.bouncycastle.bcpg.CompressionAlgorithmTags</code>; for example 0 (= UNCOMPRESSED), 1 (= ZIP), 2 (= ZLIB), 3 (= BZIP2). Only relevant for encrypting. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>hashAlgorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>HashAlgorithmTags.SHA1</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>: signature hash algorithm; possible values are defined in <code>org.bouncycastle.bcpg.HashAlgorithmTags</code>; for example 2 (= SHA1), 8 (= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only relevant for signing. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>armored</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>boolean</code> </p></td ><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>false</code> ></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> This option >will cause PGP to base64 encode the encrypted text, making it available for >copy/paste, etc. </p></td></tr><tr><td colspan="1" rowspan="1" >class="confluenceTd"><p> <code>integrity</code> </p></td><td colspan="1" >rowspan="1" class="confluenceTd"><p> <code>boolean</code> </p></td><td >colspan="1" rowspan="1" class="confluenceTd"><p> <code>true</code> ></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Adds an >integrity check/sign into the encryption file. </p></td></tr><tr><td >colspan="1" rowspan="1" class="confluenceTd"><p> ><code>passphraseAccessor</code> </p></td><td colspan="1" rowspan="1" >class="confluenceTd"><p> <a shape="rect" class="external-link" >href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java"; > rel="nofollow">PGPPassphraseAc cessor</a> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.12.2</strong>; provides passphrases corresponding to user Ids. If no passpharase can be found from the option <code>password</code> or <code>signaturePassword</code> and from the headers <code>CamelPGPDataFormatKeyPassword</code> or <code>CamelPGPDataFormatSignatureKeyPassword</code> then the passphrase is fetched from the passphrase accessor. You provide a bean which implements the interface <a shape="rect" class="external-link" href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java"; rel="nofollow">PGPPassphraseAccessor</a>. A default implementation is given by <a shape="rect" class="external-link" href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypt o/DefaultPGPPassphraseAccessor.java" rel="nofollow">DefaultPGPPassphraseAccessor</a>. The passphrase accessor is especially useful in the decrypt case; see chapter 'PGP Decrypting/Verifying of Messages Encrypted/Signed by Different Private/Public Keys' below. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signatureVerificationOption</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>"optional"</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.13.0</strong>: controls the behavior for verifying the signature during unmarshaling. There are three values possible:</p> +</div></div><h3 id="BookDataFormatAppendix-PGPDataFormatOptions">PGPDataFormat Options</h3><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Description </p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>keyUserid</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The user ID of the key in the PGP keyring used during encryption. See also option <code>keyUserids</code>. Can also be only a part of a user ID. For example, if the user ID is "Test User <t...@camel.com>" then you can use the part "Test User" or " <t...@camel.com>" to address the user ID. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>keyUserids</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>List<String></code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>: PGP allows to encrypt the symmetric key by several asymmetric public receiver keys. You can specify here the User IDs or parts of User IDs of several public keys contained in the PGP keyring. If you just have one User ID, then you can also use the option <code>keyUserid</code>. The User ID specified in <code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be merged together and the corresponding public keys will be used for the encryption. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>password</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Password used when opening the private key (not used for encryption). </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>keyFileName</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Filename of the keyring; must be accessible as a classpath resource (but you can specify a location in the file system by using the "file:" prefix). </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>encryptionKeyRing</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>byte[]</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</c ode> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.1</strong>; encryption keyring; you can not set the keyFileName and encryptionKeyRing at the same time. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signatureKeyUserid</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>; optional User ID of the key in the PGP keyring used for signing (during encryption) or signature verification (during decryption). During the signature verification process the specified User ID restricts the public keys from the public keyring which can be used for the verification. If no User ID is specified for the signature verficiation then any public key in the public keyring can be used for the verification. Can also be only a part of a user ID. For example, if the user ID is "Test User <t...@camel.com>" then you can use the part "Test User" or "<t...@camel.com>" to address the User ID. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signatureKeyUserids</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>List<String></code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.12.3</strong>; optional list of User IDs of the key in the PGP keyring used for signing (during encryption) or signature verification (during decryption). You can specify here the User IDs or parts of User IDs of several keys contained in the PGP keyring. If you just have one User ID, then you can also use the option <code>keyUserid</code>. The User ID specified in <code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be merged together and the corresponding keys will be used for the signing or signature verification. If the specified User IDs reference several keys then for each key a signature is added to the PGP result during the encryption-signing process. In the decryption-verifying process the list of User IDs restricts the list of public keys which can be used for signature verification. If the list of User IDs is empty then any public key in the public keyring can be used for the signature verification. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signaturePassword</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>; optional password used when opening the private key used for signing (during encryption). </p></td></tr><tr><td colspan="1" rowspan="1" class="confl uenceTd"><p> <code>signatureKeyFileName</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>; optional filename of the keyring to use for signing (during encryption) or for signature verification (during decryption); must be accessible as a classpath resource (but you can specify a location in the file system by using the "file:" prefix). </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signatureKeyRing</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>byte[]</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.1</strong>; signature keyring; you can not set the signatureKeyFileName and signatureKeyRing at the same time. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>algorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>SymmetricKeyAlgorithmTags.CAST5</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>; symmetric key encryption algorithm; possible values are defined in <code>org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags</code>; for example 2 (= TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7 (= AES_128). Only relevant for encrypting. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>compressionAlgorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>CompressionAlgorithmTags.ZIP</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <stro ng>Since camel 2.12.2</strong>; compression algorithm; possible values are defined in <code>org.bouncycastle.bcpg.CompressionAlgorithmTags</code>; for example 0 (= UNCOMPRESSED), 1 (= ZIP), 2 (= ZLIB), 3 (= BZIP2). Only relevant for encrypting. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>hashAlgorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>HashAlgorithmTags.SHA1</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.12.2</strong>: signature hash algorithm; possible values are defined in <code>org.bouncycastle.bcpg.HashAlgorithmTags</code>; for example 2 (= SHA1), 8 (= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only relevant for signing. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>armored</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code >boolean</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> ><code>false</code> </p></td><td colspan="1" rowspan="1" >class="confluenceTd"><p> This option will cause PGP to base64 encode the >encrypted text, making it available for copy/paste, etc. ></p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> ><code>integrity</code> </p></td><td colspan="1" rowspan="1" >class="confluenceTd"><p> <code>boolean</code> </p></td><td colspan="1" >rowspan="1" class="confluenceTd"><p> <code>true</code> </p></td><td >colspan="1" rowspan="1" class="confluenceTd"><p> Adds an integrity check/sign >into the encryption file. </p></td></tr><tr><td colspan="1" rowspan="1" >class="confluenceTd"><p> <code>passphraseAccessor</code> </p></td><td >colspan="1" rowspan="1" class="confluenceTd"><p> <a shape="rect" >class="external-link" >href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java"; > rel="n ofollow">PGPPassphraseAccessor</a> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.12.2</strong>; provides passphrases corresponding to user Ids. If no passpharase can be found from the option <code>password</code> or <code>signaturePassword</code> and from the headers <code>CamelPGPDataFormatKeyPassword</code> or <code>CamelPGPDataFormatSignatureKeyPassword</code> then the passphrase is fetched from the passphrase accessor. You provide a bean which implements the interface <a shape="rect" class="external-link" href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java"; rel="nofollow">PGPPassphraseAccessor</a>. A default implementation is given by <a shape="rect" class="external-link" href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apac he/camel/converter/crypto/DefaultPGPPassphraseAccessor.java" rel="nofollow">DefaultPGPPassphraseAccessor</a>. The passphrase accessor is especially useful in the decrypt case; see chapter 'PGP Decrypting/Verifying of Messages Encrypted/Signed by Different Private/Public Keys' below. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>signatureVerificationOption</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>"optional"</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel 2.13.0</strong>: controls the behavior for verifying the signature during unmarshaling. There are three values possible:</p> <ul><li><code>"optional"</code>: The PGP message may or may not contain signatures; if it does contain signatures, then a signature verification is executed. Use the constant PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_OPTIONAL.</li><li><code>"required"</code>: The PGP message must contain at least one signature; if this is not the case an exception (PGPException) is thrown. A signature verification is executed. Use the constant PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_REQUIRED.</li><li><code>"ignore"</code>: Contained signatures in the PGP message are ignored; no signature verification is executed. Use the constant PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_IGNORE.</li><li><code>"no_signature_allowed"</code>: The PGP message must not contain a signature; otherwize an exception (PGPException) is thrown. Use the constant PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED.</li></ul> -</td></tr></tbody></table> -<h3 id="BookDataFormatAppendix-PGPDataFormatMessageHeaders">PGPDataFormat Message Headers</h3><p>You can override the PGPDataFormat options by applying below headers into message dynamically.</p> <div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatKeyFileName</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionKeyRing</code></p></td><td colspan="1" rowspan="1" class= "confluenceTd"><p><code>byte[]</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the encryption keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserid</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the key in the PGP keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserids</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>List<String></code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: the User IDs of the key in the PGP keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatKeyPassword</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when opening the private key; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyFileName</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the signature keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyRing</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>by te[]</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the signature keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyUserid</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the signature key in the PGP keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">CamelPGPDataFormatSignatureKeyUserids</td><td colspan="1" rowspan="1" class="confluenceTd">List<String></td><td colspan="1" rowspan="1" class="confluenceTd"><strong>Since Camel 2.12.3</strong>; the User IDs of the signature keys in the PGP keyring; will override existing setting directly on the PGPDataFormat.</td></tr> <tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyPassword</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when opening the signature private key; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionAlgorithm</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>; symmetric key encryption algorithm; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureHashAlgorithm</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p>< /td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>; signature hash algorithm; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatCompressionAlgorithm</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>; compression algorithm; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">CamelPGPDataFormatNumberOfEncryptionKeys</td><td colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1" rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3;  </strong>number of public keys used for encrypting the symmectric key, set by PGPDataFormat during encryptiion process</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">CamelPGPDataFormatNumberOfSigningKeys</td><td colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1" rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3; </strong>number of private keys used for creating signatures, set by PGPDataFormat during signing process</td></tr></tbody></table></div><h3 id="BookDataFormatAppendix-EncryptingwithPGPDataFormat">Encrypting with PGPDataFormat</h3><p>The following sample uses the popular PGP format for encrypting/decrypting files using the <a shape="rect" class="external-link" href="http://www.bouncycastle.org/java.html"; rel="nofollow">Bouncy Castle Java libraries</a>:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl"> +</td></tr></tbody></table></div> +<h3 id="BookDataFormatAppendix-PGPDataFormatMessageHeaders">PGPDataFormat Message Headers</h3><p>You can override the PGPDataFormat options by applying below headers into message dynamically.</p><p> </p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatKeyFileName</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionKeyRing</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the encryption keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserid</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the key in the PGP keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserids</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>List<String></code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: the User IDs of the key in the PGP keyring; will override existing setting di rectly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatKeyPassword</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when opening the private key; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyFileName</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the signature keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyRing</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>< code>byte[]</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the signature keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyUserid</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the signature key in the PGP keyring; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">CamelPGPDataFormatSignatureKeyUserids</td><td colspan="1" rowspan="1" class="confluenceTd">List<String></td><td colspan="1" rowspan="1" class="confluenceTd"><strong>Since Camel 2.12.3</strong>; the User IDs of the signature keys in the PGP keyring; will override existing setting directly on the PGPDataFormat.</t d></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyPassword</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when opening the signature private key; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionAlgorithm</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>; symmetric key encryption algorithm; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatSignatureHashAlgorithm</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>int</cod e></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>; signature hash algorithm; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>CamelPGPDataFormatCompressionAlgorithm</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>; compression algorithm; will override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">CamelPGPDataFormatNumberOfEncryptionKeys</td><td colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1" rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3;  </strong>number of public keys used for encrypting the symmectric key, set by PGPDataFormat during encryptiion process</td></tr><tr><td colspan="1" rows pan="1" class="confluenceTd">CamelPGPDataFormatNumberOfSigningKeys</td><td colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1" rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3; </strong>number of private keys used for creating signatures, set by PGPDataFormat during signing process</td></tr></tbody></table></div><h3 id="BookDataFormatAppendix-EncryptingwithPGPDataFormat">Encrypting with PGPDataFormat</h3><p>The following sample uses the popular PGP format for encrypting/decrypting files using the <a shape="rect" class="external-link" href="http://www.bouncycastle.org/java.html"; rel="nofollow">Bouncy Castle Java libraries</a>:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl"> <script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><