JiriOndrusek commented on code in PR #6241:
URL: https://github.com/apache/camel-quarkus/pull/6241#discussion_r1668450348
##########
docs/modules/ROOT/pages/reference/extensions/crypto-pgp.adoc:
##########
@@ -0,0 +1,55 @@
+// Do not edit directly!
+// This file was generated by
camel-quarkus-maven-plugin:update-extension-doc-page
+[id="extensions-crypto-pgp"]
+= PGP
+:linkattrs:
+:cq-artifact-id: camel-quarkus-crypto-pgp
+:cq-native-supported: true
+:cq-status: Stable
+:cq-status-deprecation: Stable
+:cq-description: Encrypt and decrypt messages using Java Cryptographic
Extension (JCE) and PGP.
+:cq-deprecated: false
+:cq-jvm-since: 3.13.0
+:cq-native-since: 3.13.0
+
+ifeval::[{doc-show-badges} == true]
+[.badges]
+[.badge-key]##JVM since##[.badge-supported]##3.13.0## [.badge-key]##Native
since##[.badge-supported]##3.13.0##
+endif::[]
+
+Encrypt and decrypt messages using Java Cryptographic Extension (JCE) and PGP.
+
+[id="extensions-crypto-pgp-whats-inside"]
+== What's inside
+
+* xref:{cq-camel-components}:dataformats:pgp-dataformat.adoc[PGP data format]
+
+Please refer to the above link for usage and configuration details.
+
+[id="extensions-crypto-pgp-maven-coordinates"]
+== Maven coordinates
+
+https://{link-quarkus-code-generator}/?extension-search=camel-quarkus-crypto-pgp[Create
a new project with this extension on {link-quarkus-code-generator},
window="_blank"]
+
+Or add the coordinates to your existing project:
+
+[source,xml]
+----
+<dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-crypto-pgp</artifactId>
+</dependency>
+----
+ifeval::[{doc-show-user-guide-link} == true]
+Check the xref:user-guide/index.adoc[User guide] for more information about
writing Camel Quarkus applications.
+endif::[]
+
+[id="extensions-crypto-pgp-camel-quarkus-limitations"]
+== Camel Quarkus limitations
+
+[id="extensions-crypto-pgp-limitations-fips"]
+=== FIPS
+
+It may not be possible to run `crypto` and `crypto-pgp` extensions together on
FIPS enabled system.
+For example if `crypro` uses `BCFIPS` provider and `crypto-pgp` uses `BC`
provider, it is no possible to have bot providers on one classpath.
Review Comment:
> It is still not clear to me what happens when bcprov is excluded from
`crypto-pgp` and replaced with BCFIPS. Have you tried that by any chance?
There might be more problems related to this question. The major one is that
**bcpg** depends on **bcprov**. Class
[BcKeyFingerprintCalculator](https://github.com/bcgit/bc-java/blob/main/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcKeyFingerprintCalculator.java#L10)
references
[org.bouncycastle.crypto.Digest](https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/crypto/Digest.java);
The same class is not part of the **bcfips**. (I checked the jar downloaded by
maven, and you can see it e.g in this
[fork](https://github.com/tashiscool/bc-fips/tree/master/core/src/main/java/org/bouncycastle/crypto))
**Therefore it is not possible to replace bcprov with bcfips.**
- The only workaround I'm aware of is to have a different bouncycastle fips
implementation, which uses different packages. In this case the **bcprov** and
**custom_bcfips** can coexist in the project and should work together)
- For illustration, the **bcprov** package `org.bouncycastle` contains 11
sub-packages; **bcfip's** `org.bouncycastle` contains 2 sub-packages. (So I
expect more possible issues.)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
