org.apache.camel.converter.crypto
Class CryptoDataFormat

java.lang.Object
  org.apache.camel.converter.crypto.CryptoDataFormat

All Implemented Interfaces:

org.apache.camel.spi.DataFormat

public class CryptoDataFormat
extends Object
implements org.apache.camel.spi.DataFormat

CryptoDataFormat uses a specified key and algorithm to encrypt, decrypt and verify exchange payloads. The Data format allows an initialization vector to be supplied. The use of this initialization vector or IV is different depending on the algorithm type block or streaming, but it is desirable to be able to control it. Also in certain cases it may be necessary to have access to the IV in the decryption phase and as the IV doens't necessarily need to be kept secret it is ok to inline this in the stream and read it out on the other side prior to decryption. For more information on Initialization vectors see

• http://en.wikipedia.org/wiki/Initialization_vector
• http://www.herongyang.com/Cryptography/
• http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

To avoid attacks against the encrypted data while it is in transit the CryptoDataFormat can also calculate a Message Authentication Code for the encrypted exchange contents based on a configurable MAC algorithm. The calculated HMAC is appended to the stream after encryption. It is separated from the stream in the decryption phase. The MAC is recalculated and verified against the transmitted version to insure nothing was tampered with in transit.For more information on Message Authentication Codes see

• http://en.wikipedia.org/wiki/HMAC

Field Summary

static String

KEY

Constructor Summary

CryptoDataFormat()


CryptoDataFormat(String algorithm, Key key)


CryptoDataFormat(String algorithm, Key key, String cryptoProvider)


Method Summary

void	marshal(org.apache.camel.Exchange exchange, Object graph, OutputStream outputStream)
void	setAlgorithm(String algorithm) Sets the JCE name of the Encryption Algorithm that should be used
void	setAlgorithmParameterSpec(AlgorithmParameterSpec parameterSpec) Sets a custom AlgorithmParameterSpec that should be used to configure the Cipher.
void	setBufferSize(int bufferSize) Set the size of the buffer used to
void	setCryptoProvider(String cryptoProvider) Sets the name of the JCE provider e.g.
void	setInitializationVector(byte[] initializationVector)
void	setKey(Key key) Set the key that should be used to encrypt or decrypt incoming encrypted exchanges.
void	setMacAlgorithm(String macAlgorithm) Sets the algorithm used to create the Hash-based Message Authentication Code (HMAC) appended to the stream.
void	setShouldAppendHMAC(boolean shouldAppendHMAC) Whether a Hash-based Message Authentication Code (HMAC) should be calculated and appended to the stream.
void	setShouldInlineInitializationVector(boolean inline) Meant for use with a Symmetric block Cipher and specifies that the initialization vector should be written to the cipher stream ahead of the encrypted ciphertext.
Object	unmarshal(org.apache.camel.Exchange exchange, InputStream encryptedStream)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

KEY

public static final String KEY

See Also:

Constant Field Values

Constructor Detail

CryptoDataFormat

public CryptoDataFormat()

CryptoDataFormat

public CryptoDataFormat(String algorithm,
                        Key key)

CryptoDataFormat

public CryptoDataFormat(String algorithm,
                        Key key,
                        String cryptoProvider)

Method Detail

marshal

public void marshal(org.apache.camel.Exchange exchange,
                    Object graph,
                    OutputStream outputStream)
             throws Exception

Specified by:

marshal in interface org.apache.camel.spi.DataFormat

Throws:

Exception

unmarshal

public Object unmarshal(org.apache.camel.Exchange exchange,
                        InputStream encryptedStream)
                 throws Exception

Specified by:

unmarshal in interface org.apache.camel.spi.DataFormat

Throws:

Exception

setInitializationVector

public void setInitializationVector(byte[] initializationVector)

setShouldInlineInitializationVector

public void setShouldInlineInitializationVector(boolean inline)

Meant for use with a Symmetric block Cipher and specifies that the initialization vector should be written to the cipher stream ahead of the encrypted ciphertext. When the payload is to be decrypted this initialization vector will need to be read from the stream. Requires that the formatter has been configured with an init vector that is valid for the give algorithm.

Parameters:

inline - true if the initialization vector should be inlined in the stream.

setAlgorithm

public void setAlgorithm(String algorithm)

Sets the JCE name of the Encryption Algorithm that should be used

setAlgorithmParameterSpec

public void setAlgorithmParameterSpec(AlgorithmParameterSpec parameterSpec)

Sets a custom AlgorithmParameterSpec that should be used to configure the Cipher. Note that if an Initalization vector is provided then the IvParameterSpec will be used and any value set here will be ignored

setCryptoProvider

public void setCryptoProvider(String cryptoProvider)

Sets the name of the JCE provider e.g. SUN or BC for Bouncy

setMacAlgorithm

public void setMacAlgorithm(String macAlgorithm)

Sets the algorithm used to create the Hash-based Message Authentication Code (HMAC) appended to the stream.

setShouldAppendHMAC

public void setShouldAppendHMAC(boolean shouldAppendHMAC)

Whether a Hash-based Message Authentication Code (HMAC) should be calculated and appended to the stream.

setKey

public void setKey(Key key)

Set the key that should be used to encrypt or decrypt incoming encrypted exchanges.

setBufferSize

public void setBufferSize(int bufferSize)

Set the size of the buffer used to