Author: buildbot
Date: Wed Feb 26 10:19:23 2014
New Revision: 899244
Log:
Production update by buildbot for camel
Modified:
websites/production/camel/content/book-dataformat-appendix.html
websites/production/camel/content/book-in-one-page.html
websites/production/camel/content/cache/main.pageCache
websites/production/camel/content/crypto.html
Modified: websites/production/camel/content/book-dataformat-appendix.html
==============================================================================
--- websites/production/camel/content/book-dataformat-appendix.html (original)
+++ websites/production/camel/content/book-dataformat-appendix.html Wed Feb 26
10:19:23 2014
@@ -3570,10 +3570,8 @@ from("direct:key-in-header-decrypt&
<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><![CDATA[
<crypto id="nokey" algorithm="DES" />
]]></script>
-</div></div><h3 id="BookDataFormatAppendix-PGPDataFormatOptions">PGPDataFormat
Options</h3><table class="confluenceTable"><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Description </p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>keyUserid</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The user ID of
the key in the PGP keyring used during encryption. See also option
<code>keyUserids</code>. Can also be only a part of a user ID. For example, if
the user ID is "Test User <[email protected]>" then you can use the part
"Test User" or "<[email protected]>"
to address the user ID. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>keyUserids</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>List<String></code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since
camel 2.12.2</strong>: PGP allows to encrypt the symmetric key by several
asymmetric public receiver keys. You can specify here the User IDs or parts of
User IDs of several public keys contained in the PGP keyring. If you just have
one User ID, then you can also use the option <code>keyUserid</code>. The User
ID specified in <code>keyUserid</code> and the User IDs in
<code>keyUserids</code> will be merged together and the corresponding public
keys will be used for the encryption. </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>password</code> </p></td><td
colspan="1" rowspan="1" class="confl
uenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> Password used when opening the private key (not used
for encryption). </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>keyFileName</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> Filename of the keyring; must
be accessible as a classpath resource (but you can specify a location in the
file system by using the "file:" prefix). </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>encryptionKeyRing</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>byte[]</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspa
n="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel
2.12.1</strong>; encryption keyring; you can not set the keyFileName and
encryptionKeyRing at the same time. </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>signatureKeyUserid</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>String</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>; optional User ID
of the key in the PGP keyring used for signing (during encryption) or signature
verification (during decryption). During the signature verification process the
specified User ID restricts the public keys from the public keyring which can
be used for the verification. If no User ID is specified for the signature
verficiation then any public key in the public keyring can be used for the
verification. Can also be only a part of a user ID. For
example, if the user ID is "Test User <[email protected]>" then you can use
the part "Test User" or "<[email protected]>" to address the User ID.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signatureKeyUserids</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>List<String></code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel
2.12.3</strong>; optional list of User IDs of the key in the PGP keyring used
for signing (during encryption) or signature verification (during decryption).
You can specify here the User IDs or parts of User IDs of several keys
contained in the PGP keyring. If you just have one User ID, then you can also
use the option <code>keyUserid</code>. The User ID specified in
<code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be
merged together and the corresponding k
eys will be used for the signing or signature verification. If the specified
User IDs reference several keys then for each key a signature is added to the
PGP result during the encryption-signing process. In the decryption-verifying
process the list of User IDs restricts the list of public keys which can be
used for signature verification. If the list of User IDs is empty then any
public key in the public keyring can be used for the signature verification.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signaturePassword</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>;
optional password used when opening the private key used for signing (during
encryption). </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>signa
tureKeyFileName</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>;
optional filename of the keyring to use for signing (during encryption) or for
signature verification (during decryption); must be accessible as a classpath
resource (but you can specify a location in the file system by using the
"file:" prefix). </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>signatureKeyRing</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>byte[]</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel
2.12.1</strong>; signature keyring; you can not set the signatureKeyFileName
and signatureKeyRing at the same time. </p><
/td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>algorithm</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>SymmetricKeyAlgorithmTags.CAST5</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since
camel 2.12.2</strong>; symmetric key encryption algorithm; possible values are
defined in <code>org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags</code>; for
example 2 (= TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7 (=
AES_128). Only relevant for encrypting. </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>compressionAlgorithm</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>CompressionAlgorithmTags.ZIP</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since camel 2.12.2</s
trong>; compression algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.CompressionAlgorithmTags</code>; for example 0 (=
UNCOMPRESSED), 1 (= ZIP), 2 (= ZLIB), 3 (= BZIP2). Only relevant for
encrypting. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>hashAlgorithm</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>HashAlgorithmTags.SHA1</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since
camel 2.12.2</strong>: signature hash algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.HashAlgorithmTags</code>; for example 2 (= SHA1), 8
(= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only relevant for
signing. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>armored</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>boolean</code> </p></td
><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>false</code>
></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> This option
>will cause PGP to base64 encode the encrypted text, making it available for
>copy/paste, etc. </p></td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p> <code>integrity</code> </p></td><td colspan="1"
>rowspan="1" class="confluenceTd"><p> <code>boolean</code> </p></td><td
>colspan="1" rowspan="1" class="confluenceTd"><p> <code>true</code>
></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Adds an
>integrity check/sign into the encryption file. </p></td></tr><tr><td
>colspan="1" rowspan="1" class="confluenceTd"><p>
><code>passphraseAccessor</code> </p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p> <a shape="rect" class="external-link"
>href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
> rel="nofollow">PGPPassphraseAc
cessor</a> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<strong>Since Camel 2.12.2</strong>; provides passphrases corresponding to user
Ids. If no passpharase can be found from the option <code>password</code> or
<code>signaturePassword</code> and from the headers
<code>CamelPGPDataFormatKeyPassword</code> or
<code>CamelPGPDataFormatSignatureKeyPassword</code> then the passphrase is
fetched from the passphrase accessor. You provide a bean which implements the
interface <a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypt
o/DefaultPGPPassphraseAccessor.java"
rel="nofollow">DefaultPGPPassphraseAccessor</a>. The passphrase accessor is
especially useful in the decrypt case; see chapter 'PGP Decrypting/Verifying of
Messages Encrypted/Signed by Different Private/Public Keys' below.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>publicKeyAccessor</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPublicKeyAccessor.java";
rel="nofollow">PGPPublicKeyAccessor</a> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Sinace Camel 2.13.0</strong>; provides the
publicKeyAccessor which can be used to help PGPDataFormat to find the PublicKey
and EncryptionKeys. You provide a bean which implements the interface
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPublicKeyAccessor.java";
rel="nofollow">PGPPublicKeyAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPPublicKeyAccessor.java";
rel="nofollow">DefaultPGPPublicKeyAccessor</a>.</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>secretKeyAccessor</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <a shape="rect"
class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPSecretAccessor.java";
rel="nofollow">PGPSecretKeyAccessor</a> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1
" rowspan="1" class="confluenceTd"><p> <strong>Sinace Camel 2.13.0</strong>;
provides the secretKeyAccessor which can be used to help PGPDataFormat to find
the SecretKey and DecryptionKeys. You provide a bean which implements the
interface <a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPSecretKeyAccessor.java";
rel="nofollow">PGPSecretKeyAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPSecretKeyAccessor.java";
rel="nofollow">DefaultPGPSecretKeyAccessor</a>.</p></td></tr></tbody></table>
-
-<p> <br clear="none">
- </p><h3
id="BookDataFormatAppendix-PGPDataFormatMessageHeaders">PGPDataFormat Message
Headers</h3><p>You can override the PGPDataFormat options by applying below
headers into message dynamically.</p> <div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyFileName</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; filename of the keyring; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionKeyRing</code></p></td><td
colspan="1" rowspan=
"1" class="confluenceTd"><p><code>byte[]</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the
encryption keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserid</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; the User ID of the key in the PGP keyring; will override
existing setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserids</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>List<String></code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: the
User IDs of the key in the PGP keyring; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyPassword</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; password used when opening the private key; will override
existing setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyFileName</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the
signature keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyRing</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><
p><code>byte[]</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the signature
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyUserid</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the
signature key in the PGP keyring; will override existing setting directly on
the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatSignatureKeyUserids</td><td colspan="1"
rowspan="1" class="confluenceTd">List<String></td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since Camel 2.12.3</strong>; the User
IDs of the signature keys in the PGP keyring; will override existing setting
directly on the PGPDataFormat.
</td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyPassword</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when
opening the signature private key; will override existing setting directly on
the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; symmetric key encryption algorithm; will override existing
setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureHashAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</
code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.2</strong>; signature hash
algorithm; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatCompressionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; compression algorithm; will override existing setting directly
on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatNumberOfEncryptionKeys</td><td
colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel
2.12.3;  </strong>number of public keys used for encrypting the symmectric
key, set by PGPDataFormat during encryptiion process</td></tr><tr><td
colspan="1" r
owspan="1" class="confluenceTd">CamelPGPDataFormatNumberOfSigningKeys</td><td
colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel
2.12.3; </strong>number of private keys used for creating signatures, set by
PGPDataFormat during signing process</td></tr></tbody></table></div><h3
id="BookDataFormatAppendix-EncryptingwithPGPDataFormat">Encrypting with
PGPDataFormat</h3><p>The following sample uses the popular PGP format for
encrypting/decrypting files using the <a shape="rect" class="external-link"
href="http://www.bouncycastle.org/java.html"; rel="nofollow">Bouncy Castle Java
libraries</a>:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
+</div></div><h3 id="BookDataFormatAppendix-PGPDataFormatOptions">PGPDataFormat
Options</h3><table class="confluenceTable"><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p> Description </p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>keyUserid</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The user ID of
the key in the PGP keyring used during encryption. See also option
<code>keyUserids</code>. Can also be only a part of a user ID. For example, if
the user ID is "Test User <[email protected]>" then you can use the part
"Test User" or "<[email protected]>"
to address the user ID. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>keyUserids</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>List<String></code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since
camel 2.12.2</strong>: PGP allows to encrypt the symmetric key by several
asymmetric public receiver keys. You can specify here the User IDs or parts of
User IDs of several public keys contained in the PGP keyring. If you just have
one User ID, then you can also use the option <code>keyUserid</code>. The User
ID specified in <code>keyUserid</code> and the User IDs in
<code>keyUserids</code> will be merged together and the corresponding public
keys will be used for the encryption. </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>password</code> </p></td><td
colspan="1" rowspan="1" class="confl
uenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> Password used when opening the private key (not used
for encryption). </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>keyFileName</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> Filename of the keyring; must
be accessible as a classpath resource (but you can specify a location in the
file system by using the "file:" prefix). </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>encryptionKeyRing</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>byte[]</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspa
n="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel
2.12.1</strong>; encryption keyring; you can not set the keyFileName and
encryptionKeyRing at the same time. </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>signatureKeyUserid</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>String</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>; optional User ID
of the key in the PGP keyring used for signing (during encryption) or signature
verification (during decryption). During the signature verification process the
specified User ID restricts the public keys from the public keyring which can
be used for the verification. If no User ID is specified for the signature
verficiation then any public key in the public keyring can be used for the
verification. Can also be only a part of a user ID. For
example, if the user ID is "Test User <[email protected]>" then you can use
the part "Test User" or "<[email protected]>" to address the User ID.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signatureKeyUserids</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>List<String></code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since Camel
2.12.3</strong>; optional list of User IDs of the key in the PGP keyring used
for signing (during encryption) or signature verification (during decryption).
You can specify here the User IDs or parts of User IDs of several keys
contained in the PGP keyring. If you just have one User ID, then you can also
use the option <code>keyUserid</code>. The User ID specified in
<code>keyUserid</code> and the User IDs in <code>keyUserids</code> will be
merged together and the corresponding k
eys will be used for the signing or signature verification. If the specified
User IDs reference several keys then for each key a signature is added to the
PGP result during the encryption-signing process. In the decryption-verifying
process the list of User IDs restricts the list of public keys which can be
used for signature verification. If the list of User IDs is empty then any
public key in the public keyring can be used for the signature verification.
</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>signaturePassword</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>;
optional password used when opening the private key used for signing (during
encryption). </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>signa
tureKeyFileName</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <strong>Since Camel 2.11.0</strong>;
optional filename of the keyring to use for signing (during encryption) or for
signature verification (during decryption); must be accessible as a classpath
resource (but you can specify a location in the file system by using the
"file:" prefix). </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>signatureKeyRing</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>byte[]</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since camel
2.12.1</strong>; signature keyring; you can not set the signatureKeyFileName
and signatureKeyRing at the same time. </p><
/td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>algorithm</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>SymmetricKeyAlgorithmTags.CAST5</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since
camel 2.12.2</strong>; symmetric key encryption algorithm; possible values are
defined in <code>org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags</code>; for
example 2 (= TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7 (=
AES_128). Only relevant for encrypting. </p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>compressionAlgorithm</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>int</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>CompressionAlgorithmTags.ZIP</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <strong>Since camel 2.12.2</s
trong>; compression algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.CompressionAlgorithmTags</code>; for example 0 (=
UNCOMPRESSED), 1 (= ZIP), 2 (= ZLIB), 3 (= BZIP2). Only relevant for
encrypting. </p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>hashAlgorithm</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>int</code> </p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p> <code>HashAlgorithmTags.SHA1</code>
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <strong>Since
camel 2.12.2</strong>: signature hash algorithm; possible values are defined in
<code>org.bouncycastle.bcpg.HashAlgorithmTags</code>; for example 2 (= SHA1), 8
(= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only relevant for
signing. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>armored</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> <code>boolean</code> </p></td
><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>false</code>
></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> This option
>will cause PGP to base64 encode the encrypted text, making it available for
>copy/paste, etc. </p></td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p> <code>integrity</code> </p></td><td colspan="1"
>rowspan="1" class="confluenceTd"><p> <code>boolean</code> </p></td><td
>colspan="1" rowspan="1" class="confluenceTd"><p> <code>true</code>
></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Adds an
>integrity check/sign into the encryption file. </p></td></tr><tr><td
>colspan="1" rowspan="1" class="confluenceTd"><p>
><code>passphraseAccessor</code> </p></td><td colspan="1" rowspan="1"
>class="confluenceTd"><p> <a shape="rect" class="external-link"
>href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
> rel="nofollow">PGPPassphraseAc
cessor</a> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>
<strong>Since Camel 2.12.2</strong>; provides passphrases corresponding to user
Ids. If no passpharase can be found from the option <code>password</code> or
<code>signaturePassword</code> and from the headers
<code>CamelPGPDataFormatKeyPassword</code> or
<code>CamelPGPDataFormatSignatureKeyPassword</code> then the passphrase is
fetched from the passphrase accessor. You provide a bean which implements the
interface <a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java";
rel="nofollow">PGPPassphraseAccessor</a>. A default implementation is given by
<a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypt
o/DefaultPGPPassphraseAccessor.java"
rel="nofollow">DefaultPGPPassphraseAccessor</a>. The passphrase accessor is
especially useful in the decrypt case; see chapter 'PGP Decrypting/Verifying of
Messages Encrypted/Signed by Different Private/Public Keys' below.
</p></td></tr></tbody></table>
+<h3 id="BookDataFormatAppendix-PGPDataFormatMessageHeaders">PGPDataFormat
Message Headers</h3><p>You can override the PGPDataFormat options by applying
below headers into message dynamically.</p> <div class="table-wrap"><table
class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyFileName</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; filename of the keyring; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionKeyRing</code></p></td><td
colspan="1" rowspan="1" class=
"confluenceTd"><p><code>byte[]</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the encryption
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserid</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; the User ID of the key in the PGP keyring; will override
existing setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyUserids</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>List<String></code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p><strong>Since camel 2.12.2</strong>: the
User IDs of the key in the PGP keyring; will override existing setting directly
on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatKeyPassword</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.11.0</strong>; password used when opening the private key; will override
existing setting directly on the PGPDataFormat.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyFileName</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; filename of the
signature keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyRing</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>by
te[]</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.12.1</strong>; the signature
keyring; will override existing setting directly on the
PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyUserid</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; the User ID of the
signature key in the PGP keyring; will override existing setting directly on
the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatSignatureKeyUserids</td><td colspan="1"
rowspan="1" class="confluenceTd">List<String></td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since Camel 2.12.3</strong>; the User
IDs of the signature keys in the PGP keyring; will override existing setting
directly on the PGPDataFormat.</td></tr>
<tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureKeyPassword</code></p></td><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p><strong>Since Camel 2.11.0</strong>; password used when
opening the signature private key; will override existing setting directly on
the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatEncryptionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; symmetric key encryption algorithm; will override existing
setting directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatSignatureHashAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p><
/td><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; signature hash algorithm; will override existing setting
directly on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CamelPGPDataFormatCompressionAlgorithm</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>int</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><strong>Since Camel
2.12.2</strong>; compression algorithm; will override existing setting directly
on the PGPDataFormat.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatNumberOfEncryptionKeys</td><td
colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel
2.12.3;  </strong>number of public keys used for encrypting the symmectric
key, set by PGPDataFormat during encryptiion process</td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd">CamelPGPDataFormatNumberOfSigningKeys</td><td
colspan="1" rowspan="1" class="confluenceTd">Integer</td><td colspan="1"
rowspan="1" class="confluenceTd"><strong>Since</strong> <strong>Camel
2.12.3; </strong>number of private keys used for creating signatures, set by
PGPDataFormat during signing process</td></tr></tbody></table></div><h3
id="BookDataFormatAppendix-EncryptingwithPGPDataFormat">Encrypting with
PGPDataFormat</h3><p>The following sample uses the popular PGP format for
encrypting/decrypting files using the <a shape="rect" class="external-link"
href="http://www.bouncycastle.org/java.html"; rel="nofollow">Bouncy Castle Java
libraries</a>:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[
// Public Key FileName
String keyFileName = getKeyFileName();
@@ -3690,7 +3688,7 @@ from("direct:start")
...
.marshal(pgpSignAndEncryptSeveralSignerKeys)
... ]]></script>
-</div></div><h3
id="BookDataFormatAppendix-SupportofSub-KeysandKeyFlagsinPGPDataFormatMarshaler">Support
of Sub-Keys and Key Flags in PGP Data Format
Marshaler</h3><p>Since <strong>Camel 2.12.3.<br clear="none"></strong>An
<a shape="rect" class="external-link"
href="https://tools.ietf.org/html/rfc4880#section-12.1"; rel="nofollow">OpenPGP
V4 key</a> can have a primary key and sub-keys. The usage of the keys is
indicated by the so called <a shape="rect" class="external-link"
href="https://tools.ietf.org/html/rfc4880#section-5.2.3.21"; rel="nofollow">Key
Flags</a>. For example, you can have a primary key with two sub-keys; the
primary key shall only be used for certifying other keys (Key Flag 0x01), the
first sub-key  shall only be used for signing (Key Flag 0x02), and the
second sub-key shall only be used for encryption (Key Flag 0x04 or 0x08). The
PGP Data Format marshaler takes into account these Key Flags of the primary key
and sub-keys in order to determine the right key
for signing and encryption. This is necessary because the primary key and its
sub-keys have the same User IDs.</p><h3
id="BookDataFormatAppendix-Dependencies.15">Dependencies</h3><p>To use the <a
shape="rect" href="crypto.html">Crypto</a> dataformat in your camel routes you
need to add the following dependency to your pom.</p><div class="code panel
pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h3
id="BookDataFormatAppendix-SupportofSub-KeysandKeyFlagsinPGPDataFormatMarshaler">Support
of Sub-Keys and Key Flags in PGP Data Format
Marshaler</h3><p>Since <strong>Camel 2.12.3.<br clear="none"></strong>An
<a shape="rect" class="external-link"
href="https://tools.ietf.org/html/rfc4880#section-12.1"; rel="nofollow">OpenPGP
V4 key</a> can have a primary key and sub-keys. The usage of the keys is
indicated by the so called <a shape="rect" class="external-link"
href="https://tools.ietf.org/html/rfc4880#section-5.2.3.21"; rel="nofollow">Key
Flags</a>. For example, you can have a primary key with two sub-keys; the
primary key shall only be used for certifying other keys (Key Flag 0x01), the
first sub-key  shall only be used for signing (Key Flag 0x02), and the
second sub-key shall only be used for encryption (Key Flag 0x04 or 0x08). The
PGP Data Format marshaler takes into account these Key Flags of the primary key
and sub-keys in order to determine the right key
for signing and encryption. This is necessary because the primary key and its
sub-keys have the same User IDs.</p><h3
id="BookDataFormatAppendix-SupportofCustomKeyAccessors">Support of Custom Key
Accessors</h3><p>Since <strong>Camel 2.13.0.<br clear="none"></strong>You can
implement custom key accessors for encryption/signing. The above PGPDataFormat
class selects in a certain predefined way the keys which should be used for
signing/encryption or verifying/decryption. If you have special requirements
how your keys should be selected you should use the <a shape="rect"
class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPKeyAccessDataFormat.java";
rel="nofollow">PGPKeyAccessDataFormat</a> class instead and implement the
interfaces <a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPu
blicKeyAccessor.java" rel="nofollow">PGPPublicKeyAccessor</a> and <a
shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPSecretKeyAccessor.java";
rel="nofollow">PGPSecretKeyAccessor</a> as beans. There are default
implementations <a shape="rect" class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPPublicKeyAccessor.java";
rel="nofollow">DefaultPGPPublicKeyAccessor</a> and <a shape="rect"
class="external-link"
href="https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPSecretKeyAccessor.java";
rel="nofollow">DefaultPGPSecretKeyAccessor</a> which cache the keys, so that
not every time the keyring is parsed when the processor is
called.</p><p>PGPKeyAccessDataFormat has the same options as PGPDataFormat
except pas
sword, keyFileName, encryptionKeyRing, signaturePassword,
signatureKeyFileName, and signatureKeyRing.</p><h3
id="BookDataFormatAppendix-Dependencies.15">Dependencies</h3><p>To use the <a
shape="rect" href="crypto.html">Crypto</a> dataformat in your camel routes you
need to add the following dependency to your pom.</p><div class="code panel
pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><