...
crypto:sign
creates the signature and stores it in the Header keyed by the constant Exchangeorg.apache.camel.component.crypto.DigitalSignatureConstants.SIGNATURE
, i.e. "CamelDigitalSignature"
.crypto:verify
will read in the contents of this header and do the verification calculation.
...
The most basic way to way to sign and verify an exchange is with a KeyPair as follows.
Wiki Markup |
---|
{snippet:id=basic|lang=java|url=camel/trunk/components/camel-crypto/src/test/java/org/apache/camel/component/crypto/SignatureTests.java} |
The same can be achieved with the
Spring XML Extensions using references to keys
Wiki Markup |
---|
{snippet:id=basic|lang=xml|url=camel/trunk/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringSignatureTests.xml} |
2) KeyStores and Aliases.
...
The following shows how to use a Keystore via the Fluent builders, it also shows how to load and initialize the keystore.
Wiki Markup |
---|
{snippet:id=keystore|lang=java|url=camel/trunk/components/camel-crypto/src/test/java/org/apache/camel/component/crypto/SignatureTests.java} |
Again in Spring a ref is used to lookup an actual keystore instance.
Wiki Markup |
---|
{snippet:id=keystore|lang=xml|url=camel/trunk/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringSignatureTests.xml} |
3) Changing JCE Provider and Algorithm
Changing the Signature algorithm or the Security provider is a simple matter of specifying their names. You will need to also use Keys that are compatible with the algorithm you choose.
Wiki Markup |
---|
{snippet:id=algorithm|lang=java|url=camel/trunk/components/camel-crypto/src/test/java/org/apache/camel/component/crypto/SignatureTests.java} |
Wiki Markup |
---|
{snippet:id=provider|lang=java|url=camel/trunk/components/camel-crypto/src/test/java/org/apache/camel/component/crypto/SignatureTests.java} |
or
Wiki Markup |
---|
{snippet:id=algorithm|lang=xml|url=camel/trunk/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringSignatureTests.xml} |
Wiki Markup |
---|
{snippet:id=provider|lang=xml|url=camel/trunk/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringSignatureTests.xml} |
It may be desirable to change the message header used to store the signature. A different header name can be specified in the route definition as follows
Wiki Markup |
---|
{snippet:id=signature-header|lang=java|url=camel/trunk/components/camel-crypto/src/test/java/org/apache/camel/component/crypto/SignatureTests.java} |
or
Wiki Markup |
---|
{snippet:id=signature-header|lang=xml|url=camel/trunk/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringSignatureTests.xml} |
5) Changing the buffersize
In case you need to update the size of the buffer...
Wiki Markup |
---|
{snippet:id=buffersize|lang=java|url=camel/trunk/components/camel-crypto/src/test/java/org/apache/camel/component/crypto/SignatureTests.java} |
or
Wiki Markup |
---|
{snippet:id=buffersize|lang=xml|url=camel/trunk/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringSignatureTests.xml} |
6) Supplying Keys dynamically.
...
Exchange.SIGNATURE_PRIVATE_KEY
, "CamelSignaturePrivateKey"
Exchange.SIGNATURE_PUBLIC_KEY_OR_CERT
, "CamelSignaturePublicKeyOrCert"
Wiki Markup |
---|
{snippet:id=headerkey|lang=java|url=camel/trunk/components/camel-crypto/src/test/java/org/apache/camel/component/crypto/SignatureTests.java} |
or
Wiki Markup |
---|
{snippet:id=headerkey|lang=xml|url=camel/trunk/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringSignatureTests.xml} |
Even better would be to dynamically supply a keystore alias. Again the alias can be supplied in a message header
Exchange.KEYSTORE_ALIAS
, "CamelSignatureKeyStoreAlias"
Wiki Markup |
---|
{snippet:id=alias|lang=java|url=camel/trunk/components/camel-crypto/src/test/java/org/apache/camel/component/crypto/SignatureTests.java} |
or
Wiki Markup |
---|
{snippet:id=alias|lang=xml|url=camel/trunk/components/camel-crypto/src/test/resources/org/apache/camel/component/crypto/SpringSignatureTests.xml} |
The header would be set as follows
...