[
https://issues.apache.org/jira/browse/CAMEL-23737?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrea Cosentino updated CAMEL-23737:
-------------------------------------
Description:
h3. Re-scoped (2026-06-11)
The originally proposed hybrid documentation already exists and is
comprehensive: the *Hybrid Cryptography* section of {{pqc-component.adoc}}
(since ~Camel 4.19) documents hybrid signatures
({{hybridSign}}/{{hybridVerify}}), hybrid KEM
({{hybridGenerateSecretKeyEncapsulation}} and friends), the recommended NIST
combinations (X25519 + ML-KEM-768, ECDSA/Ed25519 + ML-DSA-65), security
considerations and the v2 wire format.
This issue is therefore re-scoped to a small *discoverability* improvement:
* Add a *Hybrid Operations* entry to the top-level _Supported Operations_ list.
* Cross-reference the _Hybrid Cryptography_ section from the _Signature and
Verification_ and _Key Encapsulation and Extraction_ sections.
* Drive-by: fix two corrupted {{streamCache}} code snippets in the _PQC
DataFormat_ section.
was:
h3. Background
{{camel-pqc}} already ships hybrid *KEM* (X25519 + ML-KEM-768, ECDH-P256 +
ML-KEM-768) and hybrid *signature* (ECDSA + ML-DSA-65, Ed25519 + ML-DSA-65)
material under
{{components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/hybrid/}}.
However {{pqc-component.adoc}} does not show how to select these hybrid
materials, nor does it position hybrid mode as the recommended quantum-safe
choice during the classical->PQC transition.
h3. Proposal
* (a) Add a *"Hybrid (classical + PQC)"* section to {{pqc-component.adoc}}
explaining when and why to use hybrid KEM and hybrid signatures, and how to
configure them.
* (b) Add example route(s) demonstrating hybrid KEM encapsulate/decapsulate and
hybrid sign/verify.
h3. Notes
The component is functionally complete -- this is a discoverability / guidance
improvement derived from a PQC-readiness review. Related: CAMEL-22512.
Summary: camel-pqc: surface hybrid operations and cross-reference the
Hybrid Cryptography section in the docs (was: camel-pqc: document and add
examples for hybrid PQC (hybrid KEM + hybrid signatures), recommend as
quantum-safe default)
> camel-pqc: surface hybrid operations and cross-reference the Hybrid
> Cryptography section in the docs
> ----------------------------------------------------------------------------------------------------
>
> Key: CAMEL-23737
> URL: https://issues.apache.org/jira/browse/CAMEL-23737
> Project: Camel
> Issue Type: Improvement
> Components: camel-pqc
> Reporter: Andrea Cosentino
> Assignee: Andrea Cosentino
> Priority: Minor
>
> h3. Re-scoped (2026-06-11)
> The originally proposed hybrid documentation already exists and is
> comprehensive: the *Hybrid Cryptography* section of {{pqc-component.adoc}}
> (since ~Camel 4.19) documents hybrid signatures
> ({{hybridSign}}/{{hybridVerify}}), hybrid KEM
> ({{hybridGenerateSecretKeyEncapsulation}} and friends), the recommended NIST
> combinations (X25519 + ML-KEM-768, ECDSA/Ed25519 + ML-DSA-65), security
> considerations and the v2 wire format.
> This issue is therefore re-scoped to a small *discoverability* improvement:
> * Add a *Hybrid Operations* entry to the top-level _Supported Operations_
> list.
> * Cross-reference the _Hybrid Cryptography_ section from the _Signature and
> Verification_ and _Key Encapsulation and Extraction_ sections.
> * Drive-by: fix two corrupted {{streamCache}} code snippets in the _PQC
> DataFormat_ section.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
