[jira] Resolved: (CAMEL-1360) Develop a new Dataformat that facilitates symmetric key encryption/decryption of XML payloads at the Payload, XML Element and XML Element Content level

Ashwin Karpe (JIRA) Thu, 19 Feb 2009 14:42:24 -0800

     [ 
https://issues.apache.org/activemq/browse/CAMEL-1360?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ashwin Karpe resolved CAMEL-1360.
---------------------------------

    Resolution: Fixed

I have developed a new Dataformat feature for Camel that facilitates encryption 
and decryption of XML payloads at the Document, Element and Element Content 
levels (including simultaneous multi-node encryption using XPATH).

The encrytion capability is based on formats supported using the Apache XML 
Security (Santaurio) project. Encryption/Decryption is "currently" supported 
using Triple-DES and AES (128, 192 and 256) encryption formats. Additional 
formats can be easily added later as needed.  (Note: The support currently 
offered is for symmetric encryption. This means the same keyset is needed at 
both ends of the communication to encrypt/decrypt payloads).

The capability allows Camel users to encrypt/decrypt payloads while being 
dispatched or received along a route.

The default encrytion format if no algorithm is specified is Triple-DES.

The way it works is as follows

Full Payload encryption/decryption
----------------------------------------------
                    from("direct:start").
                               marshal().encryptXML().
                               unmarshal().encryptXML().
                     to("direct:end");

Partial Payload Content Only encryption/decryption
--------------------------------------------------------------------
                   String tagXPATH = "//cheesesites/italy/cheese";
                   boolean secureTagContent = true;
                    from("direct:start").
                               marshal().encryptXML(tagXPATH , secureTagContent 
).
                               unmarshal().encryptXML(tagXPATH , 
secureTagContent).
                     to("direct:end");

Partial Multi Node Payload Content Only encryption/decryption
-----------------------------------------------------------------------------------
                   String tagXPATH = "//cheesesites/*/cheese";
                   boolean secureTagContent = true;
                    from("direct:start").
                               marshal().encryptXML(tagXPATH , secureTagContent 
).
                               unmarshal().encryptXML(tagXPATH , 
secureTagContent).
                     to("direct:end");

Partial Payload Content Only encryption/decryption with choice of 
passPhrase(password)
-------------------------------------------------------------------------------------------------------------------------
                   String tagXPATH = "//cheesesites/italy/cheese";
                   boolean secureTagContent = true;
                   byte[] passPhrase = "Just another 24 Byte key".getBytes();
                    from("direct:start").
                               marshal().encryptXML(tagXPATH , secureTagContent 
, passPhrase).
                               unmarshal().encryptXML(tagXPATH , 
secureTagContent, passPhrase).
                     to("direct:end");

Partial Payload Content Only encryption/decryption with passPhrase(password) 
and Algorithm
-------------------------------------------------------------------------------------------------------------------------
                   import org.apache.xml.security.encryption.XMLCipher;
                    ....
                   String tagXPATH = "//cheesesites/italy/cheese";
                   boolean secureTagContent = true;
                   byte[] passPhrase = "Just another 24 Byte key".getBytes();
                   String algorithm= XMLCipher.TRIPLEDES;
                    from("direct:start").
                               marshal().encryptXML(tagXPATH , secureTagContent 
, passPhrase, algorithm).
                               unmarshal().encryptXML(tagXPATH , 
secureTagContent, passPhrase, algorithm).
                     to("direct:end");

The other choices for algorithm are 
                    - XMLCipher.AES_128
                    - XMLCipher.AES_192 and
                    - XMLCipher.AES_256 

I am attaching an SVN Diff of the changes that I made to the camel-core and a 
newly created component called camel-xmlsecurity. I am also attaching a zip 
file containing the code that I developed for the purpose.

I have added the code to the trunk. Can the committers please take a look and 
commit this feature.

Thanks & Regards,

Ashwin...






> Develop a new Dataformat that facilitates symmetric key encryption/decryption 
> of XML payloads at the Payload, XML Element and XML Element Content level
> -------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: CAMEL-1360
>                 URL: https://issues.apache.org/activemq/browse/CAMEL-1360
>             Project: Apache Camel
>          Issue Type: New Feature
>            Reporter: Ashwin Karpe
>   Original Estimate: 2 weeks
>  Remaining Estimate: 2 weeks
>
> Develop a new Dataformat for Camel that facilitates Triple-DES and AES (128, 
> 192, 256) based encryption and decryption of XML payloads at the Document, 
> Element and Element Content levels

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Resolved: (CAMEL-1360) Develop a new Dataformat that facilitates symmetric key encryption/decryption of XML payloads at the Payload, XML Element and XML Element Content level

Reply via email to