Crypto (JCE)
Sign and verify exchanges using the Signature Service of the Java Cryptographic Extension (JCE).
What’s inside
-
Crypto (JCE) component, URI syntax:
crypto:cryptoOperation:name
Please refer to the above links for usage and configuration details.
Maven coordinates
<dependency>
<groupId>org.apache.camel.springboot</groupId>
<artifactId>camel-crypto-starter</artifactId>
</dependency>Spring Boot Auto-Configuration
The starter supports 32 options, which are listed below.
| Name | Description | Default | Type |
|---|---|---|---|
camel.component.crypto.algorithm | Sets the JCE name of the Algorithm that should be used for the signer. | SHA256withRSA | String |
camel.component.crypto.alias | Sets the alias used to query the KeyStore for keys and \{link java.security.cert.Certificate Certificates} to be used in signing and verifying exchanges. This value can be provided at runtime via the message header org.apache.camel.component.crypto.DigitalSignatureConstants#KEYSTORE_ALIAS | String | |
camel.component.crypto.autowired-enabled | Whether autowiring is enabled. This is used for automatic autowiring options (the option must be marked as autowired) by looking up in the registry to find if there is a single instance of matching type, which then gets configured on the component. This can be used for automatic configuring JDBC data sources, JMS connection factories, AWS Clients, etc. | true | Boolean |
camel.component.crypto.buffer-size | Set the size of the buffer used to read in the Exchange payload data. | 2048 | Integer |
camel.component.crypto.certificate | Set the Certificate that should be used to verify the signature in the exchange based on its payload. The option is a java.security.cert.Certificate type. | Certificate | |
camel.component.crypto.certificate-name | Sets the reference name for a PrivateKey that can be found in the registry. | String | |
camel.component.crypto.clear-headers | Determines if the Signature specific headers be cleared after signing and verification. Defaults to true, and should only be made otherwise at your extreme peril as vital private information such as Keys and passwords may escape if unset. | true | Boolean |
camel.component.crypto.configuration | To use the shared DigitalSignatureConfiguration as configuration. The option is a org.apache.camel.component.crypto.DigitalSignatureConfiguration type. | DigitalSignatureConfiguration | |
camel.component.crypto.enabled | Whether to enable auto configuration of the crypto component. This is enabled by default. | Boolean | |
camel.component.crypto.key-store-parameters | Sets the KeyStore that can contain keys and Certficates for use in signing and verifying exchanges based on the given KeyStoreParameters. A KeyStore is typically used with an alias, either one supplied in the Route definition or dynamically via the message header CamelSignatureKeyStoreAlias. If no alias is supplied and there is only a single entry in the Keystore, then this single entry will be used. The option is a org.apache.camel.support.jsse.KeyStoreParameters type. | KeyStoreParameters | |
camel.component.crypto.keystore | Sets the KeyStore that can contain keys and Certficates for use in signing and verifying exchanges. A KeyStore is typically used with an alias, either one supplied in the Route definition or dynamically via the message header CamelSignatureKeyStoreAlias. If no alias is supplied and there is only a single entry in the Keystore, then this single entry will be used. The option is a java.security.KeyStore type. | KeyStore | |
camel.component.crypto.keystore-name | Sets the reference name for a Keystore that can be found in the registry. | String | |
camel.component.crypto.lazy-start-producer | Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel’s routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing. | false | Boolean |
camel.component.crypto.password | Sets the password used to access an aliased PrivateKey in the KeyStore. | String | |
camel.component.crypto.private-key | Set the PrivateKey that should be used to sign the exchange. The option is a java.security.PrivateKey type. | PrivateKey | |
camel.component.crypto.private-key-name | Sets the reference name for a PrivateKey that can be found in the registry. | String | |
camel.component.crypto.provider | Set the id of the security provider that provides the configured Signature algorithm. | String | |
camel.component.crypto.public-key | Set the PublicKey that should be used to verify the signature in the exchange. The option is a java.security.PublicKey type. | PublicKey | |
camel.component.crypto.public-key-name | references that should be resolved when the context changes | String | |
camel.component.crypto.secure-random | Set the SecureRandom used to initialize the Signature service. The option is a java.security.SecureRandom type. | SecureRandom | |
camel.component.crypto.secure-random-name | Sets the reference name for a SecureRandom that can be found in the registry. | String | |
camel.component.crypto.signature-header-name | Set the name of the message header that should be used to store the base64 encoded signature. This defaults to 'CamelDigitalSignature' | String | |
camel.dataformat.crypto.algorithm | The JCE algorithm name indicating the cryptographic algorithm that will be used. | String | |
camel.dataformat.crypto.algorithm-parameter-spec | A JCE AlgorithmParameterSpec used to initialize the Cipher. The option is a java.security.spec.AlgorithmParameterSpec type. | String | |
camel.dataformat.crypto.buffer-size | The size of the buffer used in the signature process. | 4096 | Integer |
camel.dataformat.crypto.crypto-provider | The name of the JCE Security Provider that should be used. | String | |
camel.dataformat.crypto.enabled | Whether to enable auto configuration of the crypto data format. This is enabled by default. | Boolean | |
camel.dataformat.crypto.init-vector | Refers to a byte array containing the Initialization Vector that will be used to initialize the Cipher. | Byte[] | |
camel.dataformat.crypto.inline | Flag indicating that the configured IV should be inlined into the encrypted data stream. Is by default false. | false | Boolean |
camel.dataformat.crypto.key | Refers to the secret key to lookup from the register to use. The option is a java.security.Key type. | String | |
camel.dataformat.crypto.mac-algorithm | The JCE algorithm name indicating the Message Authentication algorithm. | HmacSHA1 | String |
camel.dataformat.crypto.should-append-h-m-a-c | Flag indicating that a Message Authentication Code should be calculated and appended to the encrypted data. | true | Boolean |