Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.camel.model.dataformat;
018
019import java.util.HashMap;
020import java.util.Map;
021
022import javax.xml.bind.annotation.XmlAccessType;
023import javax.xml.bind.annotation.XmlAccessorType;
024import javax.xml.bind.annotation.XmlAttribute;
025import javax.xml.bind.annotation.XmlRootElement;
026import javax.xml.bind.annotation.XmlTransient;
027
028import org.apache.camel.model.DataFormatDefinition;
029import org.apache.camel.spi.Metadata;
030import org.apache.camel.spi.NamespaceAware;
031import org.apache.camel.support.jsse.KeyStoreParameters;
032
033/**
034 * The XML Security data format facilitates encryption and decryption of XML
035 * payloads.
036 */
037@Metadata(firstVersion = "2.0.0", label = "dataformat,transformation,xml,security", title = "XML Security")
038@XmlRootElement(name = "secureXML")
039@XmlAccessorType(XmlAccessType.FIELD)
040public class XMLSecurityDataFormat extends DataFormatDefinition implements NamespaceAware {
041
042    @XmlAttribute
043    @Metadata(defaultValue = "AES-256-GCM")
044    private String xmlCipherAlgorithm;
045    @XmlAttribute
046    private String passPhrase;
047    @XmlAttribute
048    private byte[] passPhraseByte;
049    @XmlAttribute
050    private String secureTag;
051    @XmlAttribute
052    @Metadata(javaType = "java.lang.Boolean")
053    private String secureTagContents;
054    @XmlAttribute
055    @Metadata(defaultValue = "RSA_OAEP")
056    private String keyCipherAlgorithm;
057    @XmlAttribute
058    private String recipientKeyAlias;
059    @XmlAttribute
060    private String keyOrTrustStoreParametersRef;
061    @XmlAttribute
062    private String keyPassword;
063    @XmlAttribute
064    @Metadata(defaultValue = "SHA1")
065    private String digestAlgorithm;
066    @XmlAttribute
067    @Metadata(defaultValue = "MGF1_SHA1")
068    private String mgfAlgorithm;
069    @XmlAttribute
070    @Metadata(javaType = "java.lang.Boolean", defaultValue = "true")
071    private String addKeyValueForEncryptedKey;
072    @XmlTransient
073    private KeyStoreParameters keyOrTrustStoreParameters;
074    @XmlTransient
075    private Map<String, String> namespaces;
076
077    public XMLSecurityDataFormat() {
078        super("secureXML");
079    }
080
081    public String getXmlCipherAlgorithm() {
082        return xmlCipherAlgorithm;
083    }
084
085    /**
086     * The cipher algorithm to be used for encryption/decryption of the XML
087     * message content. The available choices are:
088     * <ul>
089     * <li>XMLCipher.TRIPLEDES</li>
090     * <li>XMLCipher.AES_128</li>
091     * <li>XMLCipher.AES_128_GCM</li>
092     * <li>XMLCipher.AES_192</li>
093     * <li>XMLCipher.AES_192_GCM</li>
094     * <li>XMLCipher.AES_256</li>
095     * <li>XMLCipher.AES_256_GCM</li>
096     * <li>XMLCipher.SEED_128</li>
097     * <li>XMLCipher.CAMELLIA_128</li>
098     * <li>XMLCipher.CAMELLIA_192</li>
099     * <li>XMLCipher.CAMELLIA_256</li>
100     * </ul>
101     * The default value is XMLCipher.AES_256_GCM
102     */
103    public void setXmlCipherAlgorithm(String xmlCipherAlgorithm) {
104        this.xmlCipherAlgorithm = xmlCipherAlgorithm;
105    }
106
107    public String getPassPhrase() {
108        return passPhrase;
109    }
110
111    /**
112     * A String used as passPhrase to encrypt/decrypt content. The passPhrase
113     * has to be provided. The passPhrase needs to be put together in conjunction with the
114     * appropriate encryption algorithm. For example using TRIPLEDES the
115     * passPhase can be a "Only another 24 Byte key"
116     */
117    public void setPassPhrase(String passPhrase) {
118        this.passPhrase = passPhrase;
119    }
120
121    public byte[] getPassPhraseByte() {
122        return passPhraseByte;
123    }
124
125    /**
126     * A byte[] used as passPhrase to encrypt/decrypt content. The passPhrase
127     * has to be provided. The passPhrase needs to be put together in conjunction with the
128     * appropriate encryption algorithm. For example using TRIPLEDES the
129     * passPhase can be a "Only another 24 Byte key"
130     */
131    public void setPassPhraseByte(byte[] passPhraseByte) {
132        this.passPhraseByte = passPhraseByte;
133    }
134
135    public String getSecureTag() {
136        return secureTag;
137    }
138
139    /**
140     * The XPath reference to the XML Element selected for
141     * encryption/decryption. If no tag is specified, the entire payload is
142     * encrypted/decrypted.
143     */
144    public void setSecureTag(String secureTag) {
145        this.secureTag = secureTag;
146    }
147
148    public String getSecureTagContents() {
149        return secureTagContents;
150    }
151
152    /**
153     * A boolean value to specify whether the XML Element is to be encrypted or
154     * the contents of the XML Element false = Element Level true = Element
155     * Content Level
156     */
157    public void setSecureTagContents(String secureTagContents) {
158        this.secureTagContents = secureTagContents;
159    }
160
161    /**
162     * The cipher algorithm to be used for encryption/decryption of the
163     * asymmetric key. The available choices are:
164     * <ul>
165     * <li>XMLCipher.RSA_v1dot5</li>
166     * <li>XMLCipher.RSA_OAEP</li>
167     * <li>XMLCipher.RSA_OAEP_11</li>
168     * </ul>
169     * The default value is XMLCipher.RSA_OAEP
170     */
171    public void setKeyCipherAlgorithm(String keyCipherAlgorithm) {
172        this.keyCipherAlgorithm = keyCipherAlgorithm;
173    }
174
175    public String getKeyCipherAlgorithm() {
176        return keyCipherAlgorithm;
177    }
178
179    /**
180     * The key alias to be used when retrieving the recipient's public or
181     * private key from a KeyStore when performing asymmetric key encryption or
182     * decryption.
183     */
184    public void setRecipientKeyAlias(String recipientKeyAlias) {
185        this.recipientKeyAlias = recipientKeyAlias;
186    }
187
188    public String getRecipientKeyAlias() {
189        return recipientKeyAlias;
190    }
191
192    /**
193     * Refers to a KeyStore instance to lookup in the registry, which is used
194     * for configuration options for creating and loading a KeyStore instance
195     * that represents the sender's trustStore or recipient's keyStore.
196     */
197    public void setKeyOrTrustStoreParametersRef(String id) {
198        this.keyOrTrustStoreParametersRef = id;
199    }
200
201    public String getKeyOrTrustStoreParametersRef() {
202        return this.keyOrTrustStoreParametersRef;
203    }
204
205    public KeyStoreParameters getKeyOrTrustStoreParameters() {
206        return keyOrTrustStoreParameters;
207    }
208
209    /**
210     * Configuration options for creating and loading a KeyStore instance that
211     * represents the sender's trustStore or recipient's keyStore.
212     */
213    public void setKeyOrTrustStoreParameters(KeyStoreParameters keyOrTrustStoreParameters) {
214        this.keyOrTrustStoreParameters = keyOrTrustStoreParameters;
215    }
216
217    public String getKeyPassword() {
218        return this.keyPassword;
219    }
220
221    /**
222     * The password to be used for retrieving the private key from the KeyStore.
223     * This key is used for asymmetric decryption.
224     */
225    public void setKeyPassword(String keyPassword) {
226        this.keyPassword = keyPassword;
227    }
228
229    public String getDigestAlgorithm() {
230        return digestAlgorithm;
231    }
232
233    /**
234     * The digest algorithm to use with the RSA OAEP algorithm. The available
235     * choices are:
236     * <ul>
237     * <li>XMLCipher.SHA1</li>
238     * <li>XMLCipher.SHA256</li>
239     * <li>XMLCipher.SHA512</li>
240     * </ul>
241     * The default value is XMLCipher.SHA1
242     */
243    public void setDigestAlgorithm(String digestAlgorithm) {
244        this.digestAlgorithm = digestAlgorithm;
245    }
246
247    public String getMgfAlgorithm() {
248        return mgfAlgorithm;
249    }
250
251    /**
252     * The MGF Algorithm to use with the RSA OAEP algorithm. The available
253     * choices are:
254     * <ul>
255     * <li>EncryptionConstants.MGF1_SHA1</li>
256     * <li>EncryptionConstants.MGF1_SHA256</li>
257     * <li>EncryptionConstants.MGF1_SHA512</li>
258     * </ul>
259     * The default value is EncryptionConstants.MGF1_SHA1
260     */
261    public void setMgfAlgorithm(String mgfAlgorithm) {
262        this.mgfAlgorithm = mgfAlgorithm;
263    }
264
265    public String getAddKeyValueForEncryptedKey() {
266        return addKeyValueForEncryptedKey;
267    }
268
269    /**
270     * Whether to add the public key used to encrypt the session key as a
271     * KeyValue in the EncryptedKey structure or not.
272     */
273    public void setAddKeyValueForEncryptedKey(String addKeyValueForEncryptedKey) {
274        this.addKeyValueForEncryptedKey = addKeyValueForEncryptedKey;
275    }
276
277    @Override
278    public void setNamespaces(Map<String, String> nspaces) {
279        if (this.namespaces == null) {
280            this.namespaces = new HashMap<>();
281        }
282        this.namespaces.putAll(nspaces);
283    }
284
285    @Override
286    public Map<String, String> getNamespaces() {
287        return namespaces;
288    }
289}