Author: buildbot
Date: Fri Feb 26 08:22:40 2016
New Revision: 981196
Log:
Production update by buildbot for camel
Modified:
websites/production/camel/content/book-dataformat-appendix.html
websites/production/camel/content/book-in-one-page.html
websites/production/camel/content/cache/main.pageCache
websites/production/camel/content/crypto.html
Modified: websites/production/camel/content/book-dataformat-appendix.html
==============================================================================
--- websites/production/camel/content/book-dataformat-appendix.html (original)
+++ websites/production/camel/content/book-dataformat-appendix.html Fri Feb 26
08:22:40 2016
@@ -2564,7 +2564,7 @@ from("direct:key-in-header-decrypt&
<script class="brush: xml; gutter: false; theme: Default"
type="syntaxhighlighter"><![CDATA[
<crypto id="nokey" algorithm="DES" />
]]></script>
-</div></div><h3 id="BookDataFormatAppendix-PGPMessage">PGP Message</h3><p>The
PGP Data Formater can create and decrypt/verify PGP Messages of the following
PGP packet structure (entries in brackets are optional and ellipses indicate
repetition, comma represents  sequential composition, and vertical bar
separates alternatives):</p><p>    Public Key Encrypted Session Key
..., Symmetrically Encrypted Data | Sym. Encrypted and Integrity Protected
Data, (Compressed Data,) (One Pass Signature ...,) Literal Data,
(Signature ...,)</p><p><strong>Since Camel 2.16</strong>.<strong>0</strong> the
Compressed Data packet is optional, before it was
mandatory.</p><p> </p><h3
id="BookDataFormatAppendix-PGPDataFormatOptions">PGPDataFormat Options</h3><div
class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1" class
="confluenceTh"><p>Default</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>keyUserid</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>The user ID of the key in the
PGP keyring used during encryption. See also option <code>keyUserids</code>.
Can also be only a part of a user ID. For example, if the user ID is "Test User
<t...@camel.com>" then you can use the part "Test User" or
"<t...@camel.com>" to address the user ID.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>keyUserids</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>List<String></code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td
colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: PGP
allows to encrypt the symmetric key by several asymmetric public receiver keys.
You can specify here the User IDs or parts of User IDs of several public keys
contained in the PGP keyring. If you just have one User ID, then you can also
use the option <code>keyUserid</code>. The User ID specified in
<code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be
merged together and the corresponding public keys will be used for the
encryption.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>password</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Password used when opening the private key
(not used for encryption).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>keyFileN
ame</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Filename of the keyring; must be accessible as a
classpath resource (but you can specify a location in the file system by using
the "file:" prefix).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>encryptionKeyRing</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.1</strong>:
encryption keyring; you can not set the keyFileName and encryptionKeyRing at
the same time.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureKeyUserid</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>Strin
g</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; optional User ID
of the key in the PGP keyring used for signing (during encryption) or signature
verification (during decryption). During the signature verification process the
specified User ID restricts the public keys from the public keyring which can
be used for the verification. If no User ID is specified for the signature
verficiation then any public key in the public keyring can be used for the
verification. Can also be only a part of a user ID. For example, if the user ID
is "Test User <t...@camel.com>" then you can use the part "Test User" or
"<t...@camel.com>" to address the User ID.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureKeyUserids</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>List<String></code></p></t
d><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.3</strong>: optional list of
User IDs of the key in the PGP keyring used for signing (during encryption) or
signature verification (during decryption). You can specify here the User IDs
or parts of User IDs of several keys contained in the PGP keyring. If you just
have one User ID, then you can also use the option <code>keyUserid</code>. The
User ID specified in <code>keyUserid</code> and the User IDs in
<code>keyUserids</code> will be merged together and the corresponding keys will
be used for the signing or signature verification. If the specified User IDs
reference several keys then for each key a signature is added to the PGP result
during the encryption-signing process. In the decryption-verifying process the
list of User IDs restricts the list of public keys which can be used for
signature verification. If the list of User
IDs is empty then any public key in the public keyring can be used for the
signature verification.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signaturePassword</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>:
optional password used when opening the private key used for signing (during
encryption).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureKeyFileName</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>: optional filename of the keyring to use for signing (during
encryption) or for signature verif
ication (during decryption); must be accessible as a classpath resource (but
you can specify a location in the file system by using the "file:"
prefix).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureKeyRing</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.1</strong>:
signature keyring; you can not set the signatureKeyFileName and
signatureKeyRing at the same time.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>algorithm</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>SymmetricKeyAlgorithmTags.CAST5</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since camel
2.12.2</strong>: symmetric key encryp
tion algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags</code>; for example 2 (=
TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7 (= AES_128). Only
relevant for encrypting.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>compressionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CompressionAlgorithmTags.ZIP</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since camel
2.12.2</strong>: compression algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.CompressionAlgorithmTags</code>; for example 0 (=
UNCOMPRESSED), 1 (= ZIP), 2 (= ZLIB), 3 (= BZIP2). Only relevant for
encrypting.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>hashAlgorithm</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>int</code></p></td>
<td colspan="1" rowspan="1"
class="confluenceTd"><p><code>HashAlgorithmTags.SHA1</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since camel
2.12.2</strong>: signature hash algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.HashAlgorithmTags</code>; for example 2 (= SHA1), 8
(= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only relevant for
signing.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>armored</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>boolean</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>false</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>This option will cause PGP to
base64 encode the encrypted text, making it available for copy/paste,
etc.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>integrity</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>boolean</code></p></
td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>true</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Adds an integrity check/sign into the encryption
file.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>passphraseAccessor</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code><a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a></code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>:
provides passphrases corresponding to user Ids. If no passpharase can be found
from the option <code>password</code> or <code>signaturePassword</code> and
from the headers <code>CamelPGPDataFormatKeyPassword</code> or <code>CamelPG
PDataFormatSignatureKeyPassword</code> then the passphrase is fetched from the
passphrase accessor. You provide a bean which implements the interface <a
shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPPassphraseAccessor.java";
rel="nofollow">DefaultPGPPassphraseAccessor</a>. The passphrase accessor is
especially useful in the decrypt case; see chapter 'PGP Decrypting/Verifying of
Messages Encrypted/Signed by Different Private/Public Keys'
below.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureVerificationOption</code></p></td><td
colspan="1" rowspan="1" class="confluenc
eTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>"optional"</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.13.0</strong>:
controls the behavior for verifying the signature during unmarshaling. There
are three values possible:</p><ul><li><code>"optional"</code>: The PGP message
may or may not contain signatures; if it does contain signatures, then a
signature verification is executed. Use the constant
PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_OPTIONAL.</li><li><code>"required"</code>:
The PGP message must contain at least one signature; if this is not the case
an exception (PGPException) is thrown. A signature verification is executed.
Use the constant
PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_REQUIRED.</li><li><code>"ignore"</code>:
Contained signatures in the PGP message are ignored; no signature verification
is executed. Use the constant PGPKeyAccessDataFormat.SIGNATURE_VER
IFICATION_OPTION_IGNORE.</li><li><code>"no_signature_allowed"</code>: The PGP
message must not contain a signature; otherwise an exception (PGPException) is
thrown. Use the constant
PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED.</li></ul></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>FileName</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><code>String</code></td><td colspan="1"
rowspan="1" class="confluenceTd"><code>"_CONSOLE"</code></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.15.0</strong>: Sets
the file name for the literal data packet. Can be overwritten by the 
header {@link Exchange#FILE_NAME}.</p><p>"<code>_CONSOLE</code>" indicates that
the message is considered to be "for your eyes only". This advises that the
message data is unusually sensitive, and the receiving program should process
it more carefully, perhaps avoiding storing the received data to disk, for
example
.Only used for marshaling.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><code>withCompressedDataPacket</code></td><td colspan="1"
rowspan="1" class="confluenceTd">boolean</td><td colspan="1" rowspan="1"
class="confluenceTd"><code>true</code></td><td colspan="1" rowspan="1"
class="confluenceTd"><strong>Since Camel 2.16.0</strong>: Indicator whether the
PGP Message shall be created with or without a Compressed Data packet. If the
value is set to false, then no Compressed Data packet is added and the
compressionAlgorithm value is ignored. Only used for
marshaling.</td></tr></tbody></table></div><h3
id="BookDataFormatAppendix-PGPDataFormatMessageHeaders">PGPDataFormat Message
Headers</h3><p>You can override the PGPDataFormat options by applying below
headers into message dynamically.</p><p> </p><div
class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1"
class="con
fluenceTh"><p>Type</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyFileName</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; filename of the keyring; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionKeyRing</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the encryption
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserid</code></p></td><td
colspan="1" rowspan="1" cla
ss="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the
key in the PGP keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserids</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>List<String></code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: the
User IDs of the key in the PGP keyring; will override existing setting directly
on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyPassword</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; password used when opening the private key; will override e
xisting setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyFileName</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the
signature keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyRing</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the signature
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyUserid</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd">
<p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the
signature key in the PGP keyring; will override existing setting directly on
the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><code>CamelPGPDataFormatSignatureKeyUserids</code></td><td
colspan="1" rowspan="1"
class="confluenceTd"><code>List<String></code></td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since Camel 2.12.3</strong>; the User
IDs of the signature keys in the PGP keyring; will override existing setting
directly on the PGPDataFormat.</td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyPassword</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when
opening the signature private key; will
override existing setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; symmetric key encryption algorithm; will override existing
setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureHashAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; signature hash algorithm; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatCompressionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class=
"confluenceTd"><p><code>int</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>; compression
algorithm; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatNumberOfEncryptionKeys</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><code>Integer</code></td><td
colspan="1" rowspan="1"
class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3; 
</strong>number of public keys used for encrypting the symmectric key, set by
PGPDataFormat during encryptiion process</td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatNumberOfSigningKeys</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><code>Integer</code></td><td
colspan="1" rowspan="1"
class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3; 
</strong>number of private keys used for creatin
g signatures, set by PGPDataFormat during signing
process</td></tr></tbody></table></div><h3
id="BookDataFormatAppendix-EncryptingwithPGPDataFormat">Encrypting with
PGPDataFormat</h3><p>The following sample uses the popular PGP format for
encrypting/decrypting files using the <a shape="rect" class="external-link"
href="http://www.bouncycastle.org/java.html"; rel="nofollow">Bouncy Castle Java
libraries</a>:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
+</div></div><h3 id="BookDataFormatAppendix-PGPMessage">PGP Message</h3><p>The
PGP Data Formater can create and decrypt/verify PGP Messages of the following
PGP packet structure (entries in brackets are optional and ellipses indicate
repetition, comma represents  sequential composition, and vertical bar
separates alternatives):</p><p>    Public Key Encrypted Session Key
..., Symmetrically Encrypted Data | Sym. Encrypted and Integrity Protected
Data, (Compressed Data,) (One Pass Signature ...,) Literal Data,
(Signature ...,)</p><p><strong>Since Camel 2.16</strong>.<strong>0</strong> the
Compressed Data packet is optional, before it was
mandatory.</p><p> </p><h3
id="BookDataFormatAppendix-PGPDataFormatOptions">PGPDataFormat Options</h3><div
class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1" class
="confluenceTh"><p>Default</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>keyUserid</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>The user ID of the key in the
PGP keyring used during encryption. See also option <code>keyUserids</code>.
Can also be only a part of a user ID. For example, if the user ID is "Test User
<t...@camel.com>" then you can use the part "Test User" or
"<t...@camel.com>" to address the user ID.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>keyUserids</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>List<String></code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td
colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: PGP
allows to encrypt the symmetric key by several asymmetric public receiver keys.
You can specify here the User IDs or parts of User IDs of several public keys
contained in the PGP keyring. If you just have one User ID, then you can also
use the option <code>keyUserid</code>. The User ID specified in
<code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be
merged together and the corresponding public keys will be used for the
encryption.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>password</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Password used when opening the private key
(not used for encryption).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>keyFileN
ame</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Filename of the keyring; must be accessible as a
classpath resource (but you can specify a location in the file system by using
the "file:" prefix).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>encryptionKeyRing</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.1</strong>:
encryption keyring; you can not set the keyFileName and encryptionKeyRing at
the same time.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureKeyUserid</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>Strin
g</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; optional User ID
of the key in the PGP keyring used for signing (during encryption) or signature
verification (during decryption). During the signature verification process the
specified User ID restricts the public keys from the public keyring which can
be used for the verification. If no User ID is specified for the signature
verficiation then any public key in the public keyring can be used for the
verification. Can also be only a part of a user ID. For example, if the user ID
is "Test User <t...@camel.com>" then you can use the part "Test User" or
"<t...@camel.com>" to address the User ID.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureKeyUserids</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>List<String></code></p></t
d><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.3</strong>: optional list of
User IDs of the key in the PGP keyring used for signing (during encryption) or
signature verification (during decryption). You can specify here the User IDs
or parts of User IDs of several keys contained in the PGP keyring. If you just
have one User ID, then you can also use the option <code>keyUserid</code>. The
User ID specified in <code>keyUserid</code> and the User IDs in
<code>keyUserids</code> will be merged together and the corresponding keys will
be used for the signing or signature verification. If the specified User IDs
reference several keys then for each key a signature is added to the PGP result
during the encryption-signing process. In the decryption-verifying process the
list of User IDs restricts the list of public keys which can be used for
signature verification. If the list of User
IDs is empty then any public key in the public keyring can be used for the
signature verification.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signaturePassword</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>:
optional password used when opening the private key used for signing (during
encryption).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureKeyFileName</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>: optional filename of the keyring to use for signing (during
encryption) or for signature verif
ication (during decryption); must be accessible as a classpath resource (but
you can specify a location in the file system by using the "file:"
prefix).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureKeyRing</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.1</strong>:
signature keyring; you can not set the signatureKeyFileName and
signatureKeyRing at the same time.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>algorithm</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>SymmetricKeyAlgorithmTags.CAST5</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since camel
2.12.2</strong>: symmetric key encryp
tion algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags</code>; for example 2 (=
TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7 (= AES_128). Only
relevant for encrypting.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>compressionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CompressionAlgorithmTags.ZIP</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since camel
2.12.2</strong>: compression algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.CompressionAlgorithmTags</code>; for example 0 (=
UNCOMPRESSED), 1 (= ZIP), 2 (= ZLIB), 3 (= BZIP2). Only relevant for
encrypting.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>hashAlgorithm</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>int</code></p></td>
<td colspan="1" rowspan="1"
class="confluenceTd"><p><code>HashAlgorithmTags.SHA1</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since camel
2.12.2</strong>: signature hash algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.HashAlgorithmTags</code>; for example 2 (= SHA1), 8
(= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only relevant for
signing.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>armored</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>boolean</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>false</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>This option will cause PGP to
base64 encode the encrypted text, making it available for copy/paste,
etc.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>integrity</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>boolean</code></p></
td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>true</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Adds an integrity check/sign into the encryption
file.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>passphraseAccessor</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code><a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a></code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>:
provides passphrases corresponding to user Ids. If no passpharase can be found
from the option <code>password</code> or <code>signaturePassword</code> and
from the headers <code>CamelPGPDataFormatKeyPassword</code> or <code>CamelPG
PDataFormatSignatureKeyPassword</code> then the passphrase is fetched from the
passphrase accessor. You provide a bean which implements the interface <a
shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPPassphraseAccessor.java";
rel="nofollow">DefaultPGPPassphraseAccessor</a>. The passphrase accessor is
especially useful in the decrypt case; see chapter 'PGP Decrypting/Verifying of
Messages Encrypted/Signed by Different Private/Public Keys'
below.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>signatureVerificationOption</code></p></td><td
colspan="1" rowspan="1" class="confluenc
eTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>"optional"</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.13.0</strong>:
controls the behavior for verifying the signature during unmarshaling. There
are three values possible:</p><ul><li><code>"optional"</code>: The PGP message
may or may not contain signatures; if it does contain signatures, then a
signature verification is executed. Use the constant
PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_OPTIONAL.</li><li><code>"required"</code>:
The PGP message must contain at least one signature; if this is not the case
an exception (PGPException) is thrown. A signature verification is executed.
Use the constant
PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_REQUIRED.</li><li><code>"ignore"</code>:
Contained signatures in the PGP message are ignored; no signature verification
is executed. Use the constant PGPKeyAccessDataFormat.SIGNATURE_VER
IFICATION_OPTION_IGNORE.</li><li><code>"no_signature_allowed"</code>: The PGP
message must not contain a signature; otherwise an exception (PGPException) is
thrown. Use the constant
PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED.</li></ul></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>FileName</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><code>String</code></td><td colspan="1"
rowspan="1" class="confluenceTd"><code>"_CONSOLE"</code></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.15.0</strong>: Sets
the file name for the literal data packet. Can be overwritten by the 
header {@link Exchange#FILE_NAME}.</p><p>"<code>_CONSOLE</code>" indicates that
the message is considered to be "for your eyes only". This advises that the
message data is unusually sensitive, and the receiving program should process
it more carefully, perhaps avoiding storing the received data to disk, for
example
.Only used for marshaling.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>withCompressedDataPacket</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>boolean</p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>true</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.16.0</strong>:
Indicator whether the PGP Message shall be created with or without a Compressed
Data packet. If the value is set to false, then no Compressed Data packet is
added and the compressionAlgorithm value is ignored. Only used for
marshaling.</p></td></tr></tbody></table></div><h3
id="BookDataFormatAppendix-PGPDataFormatMessageHeaders">PGPDataFormat Message
Headers</h3><p>You can override the PGPDataFormat options by applying below
headers into message dynamically.</p><p> </p><div
class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p>Name</p></th><th colspa
n="1" rowspan="1" class="confluenceTh"><p>Type</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyFileName</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; filename of the keyring; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionKeyRing</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the encryption
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserid</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the
key in the PGP keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserids</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>List<String></code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: the
User IDs of the key in the PGP keyring; will override existing setting directly
on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyPassword</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; password used when opening the
private key; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyFileName</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the
signature keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyRing</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the signature
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyUserid</code></p></td><td
colspan="1" rowsp
an="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the
User ID of the signature key in the PGP keyring; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><code>CamelPGPDataFormatSignatureKeyUserids</code></td><td
colspan="1" rowspan="1"
class="confluenceTd"><code>List<String></code></td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since Camel 2.12.3</strong>; the User
IDs of the signature keys in the PGP keyring; will override existing setting
directly on the PGPDataFormat.</td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyPassword</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when
opening the
signature private key; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; symmetric key encryption algorithm; will override existing
setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureHashAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; signature hash algorithm; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatCompressionAlgorithm</code></p></td><td
co
lspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; compression algorithm; will override existing setting directly
on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatNumberOfEncryptionKeys</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><code>Integer</code></td><td
colspan="1" rowspan="1"
class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3; 
</strong>number of public keys used for encrypting the symmectric key, set by
PGPDataFormat during encryptiion process</td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatNumberOfSigningKeys</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><code>Integer</code></td><td
colspan="1" rowspan="1"
class="confluenceTd"><strong>Since</strong> <strong>Camel 2.12.3; 
</strong>number of p
rivate keys used for creating signatures, set by PGPDataFormat during signing
process</td></tr></tbody></table></div><h3
id="BookDataFormatAppendix-EncryptingwithPGPDataFormat">Encrypting with
PGPDataFormat</h3><p>The following sample uses the popular PGP format for
encrypting/decrypting files using the <a shape="rect" class="external-link"
href="http://www.bouncycastle.org/java.html"; rel="nofollow">Bouncy Castle Java
libraries</a>:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
<script class="brush: java; gutter: false; theme: Default"
type="syntaxhighlighter"><