Class CryptoDataFormat
- java.lang.Object
-
- org.apache.camel.support.service.BaseService
-
- org.apache.camel.support.service.ServiceSupport
-
- org.apache.camel.converter.crypto.CryptoDataFormat
-
- All Implemented Interfaces:
AutoCloseable
,org.apache.camel.Service
,org.apache.camel.ShutdownableService
,org.apache.camel.spi.DataFormat
,org.apache.camel.spi.DataFormatName
,org.apache.camel.StatefulService
,org.apache.camel.SuspendableService
@Dataformat("crypto") public class CryptoDataFormat extends org.apache.camel.support.service.ServiceSupport implements org.apache.camel.spi.DataFormat, org.apache.camel.spi.DataFormatName
CryptoDataFormat
uses a specified key and algorithm to encrypt, decrypt and verify exchange payloads. The Data format allows an initialization vector to be supplied. The use of this initialization vector or IV is different depending on the algorithm type block or streaming, but it is desirable to be able to control it. Also in certain cases it may be necessary to have access to the IV in the decryption phase and as the IV doens't necessarily need to be kept secret it is ok to inline this in the stream and read it out on the other side prior to decryption. For more information on Initialization vectors see- http://en.wikipedia.org/wiki/Initialization_vector
- http://www.herongyang.com/Cryptography/
- http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation
- http://en.wikipedia.org/wiki/HMAC
-
To avoid attacks against the encrypted data while it is in transit the
CryptoDataFormat
can also calculate a Message Authentication Code for the encrypted exchange contents based on a configurable MAC algorithm. The calculated HMAC is appended to the stream after encryption. It is separated from the stream in the decryption phase. The MAC is recalculated and verified against the transmitted version to insure nothing was tampered with in transit.For more information on Message Authentication Codes see
-
-
Constructor Summary
Constructors Constructor Description CryptoDataFormat()
CryptoDataFormat(String algorithm, Key key)
CryptoDataFormat(String algorithm, Key key, String cryptoProvider)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
doStart()
protected void
doStop()
String
getDataFormatName()
void
marshal(org.apache.camel.Exchange exchange, Object graph, OutputStream outputStream)
void
setAlgorithm(String algorithm)
Sets the JCE name of the Encryption Algorithm that should be usedvoid
setAlgorithmParameterSpec(AlgorithmParameterSpec parameterSpec)
Sets a customAlgorithmParameterSpec
that should be used to configure the Cipher.void
setBufferSize(int bufferSize)
Set the size of the buffer used tovoid
setCryptoProvider(String cryptoProvider)
Sets the name of the JCE provider e.g.void
setInitializationVector(byte[] initializationVector)
void
setKey(Key key)
Set the key that should be used to encrypt or decrypt incoming encrypted exchanges.void
setMacAlgorithm(String macAlgorithm)
Sets the algorithm used to create the Hash-based Message Authentication Code (HMAC) appended to the stream.void
setShouldAppendHMAC(boolean shouldAppendHMAC)
Whether a Hash-based Message Authentication Code (HMAC) should be calculated and appended to the stream.void
setShouldInlineInitializationVector(boolean inline)
Meant for use with a Symmetric block Cipher and specifies that the initialization vector should be written to the cipher stream ahead of the encrypted ciphertext.Object
unmarshal(org.apache.camel.Exchange exchange, InputStream encryptedStream)
-
Methods inherited from class org.apache.camel.support.service.BaseService
build, doBuild, doFail, doInit, doLifecycleChange, doResume, doShutdown, doSuspend, fail, getStatus, init, isBuild, isInit, isNew, isRunAllowed, isShutdown, isStarted, isStarting, isStartingOrStarted, isStopped, isStopping, isStoppingOrStopped, isSuspended, isSuspending, isSuspendingOrSuspended, resume, shutdown, start, stop, suspend
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
-
-
-
Field Detail
-
KEY
public static final String KEY
- See Also:
- Constant Field Values
-
-
Method Detail
-
getDataFormatName
public String getDataFormatName()
- Specified by:
getDataFormatName
in interfaceorg.apache.camel.spi.DataFormatName
-
marshal
public void marshal(org.apache.camel.Exchange exchange, Object graph, OutputStream outputStream) throws Exception
- Specified by:
marshal
in interfaceorg.apache.camel.spi.DataFormat
- Throws:
Exception
-
unmarshal
public Object unmarshal(org.apache.camel.Exchange exchange, InputStream encryptedStream) throws Exception
- Specified by:
unmarshal
in interfaceorg.apache.camel.spi.DataFormat
- Throws:
Exception
-
doStart
protected void doStart() throws Exception
- Overrides:
doStart
in classorg.apache.camel.support.service.BaseService
- Throws:
Exception
-
doStop
protected void doStop() throws Exception
- Overrides:
doStop
in classorg.apache.camel.support.service.BaseService
- Throws:
Exception
-
setInitializationVector
public void setInitializationVector(byte[] initializationVector)
-
setShouldInlineInitializationVector
public void setShouldInlineInitializationVector(boolean inline)
Meant for use with a Symmetric block Cipher and specifies that the initialization vector should be written to the cipher stream ahead of the encrypted ciphertext. When the payload is to be decrypted this initialization vector will need to be read from the stream. Requires that the formatter has been configured with an init vector that is valid for the given algorithm.- Parameters:
inline
- true if the initialization vector should be inlined in the stream.
-
setAlgorithm
public void setAlgorithm(String algorithm)
Sets the JCE name of the Encryption Algorithm that should be used
-
setAlgorithmParameterSpec
public void setAlgorithmParameterSpec(AlgorithmParameterSpec parameterSpec)
Sets a customAlgorithmParameterSpec
that should be used to configure the Cipher. Note that if an Initalization vector is provided then the IvParameterSpec will be used and any value set here will be ignored
-
setCryptoProvider
public void setCryptoProvider(String cryptoProvider)
Sets the name of the JCE provider e.g. SUN or BC for Bouncy
-
setMacAlgorithm
public void setMacAlgorithm(String macAlgorithm)
Sets the algorithm used to create the Hash-based Message Authentication Code (HMAC) appended to the stream.
-
setShouldAppendHMAC
public void setShouldAppendHMAC(boolean shouldAppendHMAC)
Whether a Hash-based Message Authentication Code (HMAC) should be calculated and appended to the stream.
-
setKey
public void setKey(Key key)
Set the key that should be used to encrypt or decrypt incoming encrypted exchanges.
-
setBufferSize
public void setBufferSize(int bufferSize)
Set the size of the buffer used to
-
-