The encrytion capability is based on formats supported using the Apache XML Security (Santuario) project. Encryption/Decryption is "currently" supported using Triple-DES and AES (128, 192 and 256) encryption formats. Additional formats can be easily added later as needed. (Note: The support currently offered is for symmetric encryption. This means the same keyset is needed at both ends of the communication to encrypt/decrypt payloads).
The capability allows Camel users to encrypt/decrypt payloads while being dispatched or received along a route.
The default encrytion format if no algorithm is specified is Triple-DES.
The way it works is as follows
Example 1: Full Payload encryption/decryption
RouteBuilder builder = new RouteBuilder() {
public void configure() {
from("http:www.foo.com/orders")
.marshal().encryptXML()
.unmarshal().encryptXML()
.to("activemq:queue:ORDERS")
}
};
Example 2: Partial Payload Content Only encryption/decryption
RouteBuilder builder = new RouteBuilder() {
public void configure() {
String tagXPATH="//cheesesites/italy/cheese";
boolean secureTagContent = true;
from("http:www.foo.com/orders")
.marshal().encryptXML(tagXPATH, secureTagContent)
.unmarshal().encryptXML(tagXPATH, secureTagContent)
.to("activemq:queue:ORDERS")
}
};
Example 3: Partial Multi Node Payload Content Only encryption/decryption
RouteBuilder builder = new RouteBuilder() {
public void configure() {
String tagXPATH = "//cheesesites/*/cheese";
boolean secureTagContent = true;
from("http:www.foo.com/orders")
.marshal().encryptXML(tagXPATH, secureTagContent)
.unmarshal().encryptXML(tagXPATH, secureTagContent)
.to("activemq:queue:ORDERS")
}
};
Example 4: Partial Payload Content Only encryption/decryption using passPhrase(password)
RouteBuilder builder = new RouteBuilder() {
public void configure() {
String tagXPATH = "//cheesesites/*/cheese";
boolean secureTagContent = true;
byte[] passPhrase = "Just another 24 Byte key".getBytes();
from("http:www.foo.com/orders")
.marshal().encryptXML(tagXPATH, secureTagContent, passPhrase)
.unmarshal()
.encryptXML(tagXPATH, secureTagContent, passPhrase)
.to("activemq:queue:ORDERS")
}
};
Example 5: Payload encryption/decryption using passPhrase with passPhrase Algorithm
RouteBuilder builder = new RouteBuilder() {
public void configure() {
String tagXPATH = "//cheesesites/*/cheese";
boolean secureTagContent = true;
byte[] passPhrase = "Just another 24 Byte key".getBytes();
String algorithm= XMLCipher.TRIPLEDES;
from("http:www.foo.com/orders")
.marshal().encryptXML(tagXPATH , secureTagContent, passPhrase, algorithm)
.unmarshal().encryptXML(tagXPATH, secureTagContent, passPhrase, algorithm)
.to("activemq:queue:ORDERS")
}
};
The other choices for algorithm are
--> XMLCipher.AES_128
--> XMLCipher.AES_192 and
--> XMLCipher.AES_256
For more details on the submission check out the following
https://issues.apache.org/activemq/browse/CAMEL-1360