[ 
https://issues.apache.org/jira/browse/CAMEL-23843?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrea Cosentino updated CAMEL-23843:
-------------------------------------
    Fix Version/s: 4.22.0

> Camel-PQC: sign/verify only handle String payloads and use the platform 
> default charset
> ---------------------------------------------------------------------------------------
>
>                 Key: CAMEL-23843
>                 URL: https://issues.apache.org/jira/browse/CAMEL-23843
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-pqc
>            Reporter: Andrea Cosentino
>            Assignee: Andrea Cosentino
>            Priority: Major
>             Fix For: 4.22.0
>
>
> PQCProducer signature/verification (and the hybrid variants) read the body 
> with {{getMandatoryBody(String.class)}} and then call {{payload.getBytes()}} 
> with no explicit charset.
> Two problems:
> # Binary payloads cannot be signed/verified correctly. A 
> {{byte[]}}/{{InputStream}} body (PDF, image, protobuf, ...) is forced through 
> a String conversion and then re-encoded, which is not byte-for-byte safe.
> # {{payload.getBytes()}} uses the JVM default charset. Signing on one JVM and 
> verifying on another with a different {{file.encoding}} (still possible on 
> Java 17, pre-JEP 400) and non-ASCII content can make verification fail.
> h3. Proposal
> * Operate on {{byte[]}} natively: try {{byte[]}}/{{InputStream}} first, fall 
> back to String.
> * When a String must be used, pin {{StandardCharsets.UTF_8}} (or honour the 
> Exchange charset) consistently on both sign and verify.
> Affected: {{components/camel-pqc}} PQCProducer (sign, verify, hybridSign, 
> hybridVerify).
> ----
> _Filed by Claude Code on behalf of Andrea Cosentino._



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to