Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.camel.model.dataformat;
018
019import java.util.HashMap;
020import java.util.Map;
021
022import javax.xml.bind.annotation.XmlAccessType;
023import javax.xml.bind.annotation.XmlAccessorType;
024import javax.xml.bind.annotation.XmlAttribute;
025import javax.xml.bind.annotation.XmlRootElement;
026import javax.xml.bind.annotation.XmlTransient;
027
028import org.apache.camel.model.DataFormatDefinition;
029import org.apache.camel.spi.Metadata;
030import org.apache.camel.spi.NamespaceAware;
031import org.apache.camel.support.jsse.KeyStoreParameters;
032
033/**
034 * The XML Security data format facilitates encryption and decryption of XML
035 * payloads.
036 */
037@Metadata(firstVersion = "2.0.0", label = "dataformat,transformation,xml,security", title = "XML Security")
038@XmlRootElement(name = "secureXML")
039@XmlAccessorType(XmlAccessType.FIELD)
040public class XMLSecurityDataFormat extends DataFormatDefinition implements NamespaceAware {
041
042    @XmlAttribute
043    @Metadata(defaultValue = "TRIPLEDES")
044    private String xmlCipherAlgorithm;
045    @XmlAttribute
046    private String passPhrase;
047    @XmlAttribute
048    private byte[] passPhraseByte;
049    @XmlAttribute
050    private String secureTag;
051    @XmlAttribute
052    private Boolean secureTagContents;
053    @XmlAttribute
054    @Metadata(defaultValue = "RSA_OAEP")
055    private String keyCipherAlgorithm;
056    @XmlAttribute
057    private String recipientKeyAlias;
058    @XmlAttribute
059    private String keyOrTrustStoreParametersRef;
060    @XmlAttribute
061    private String keyPassword;
062    @XmlAttribute
063    @Metadata(defaultValue = "SHA1")
064    private String digestAlgorithm;
065    @XmlAttribute
066    @Metadata(defaultValue = "MGF1_SHA1")
067    private String mgfAlgorithm;
068    @XmlAttribute
069    @Metadata(defaultValue = "true")
070    private Boolean addKeyValueForEncryptedKey;
071    @XmlTransient
072    private KeyStoreParameters keyOrTrustStoreParameters;
073    @XmlTransient
074    private Map<String, String> namespaces;
075
076    public XMLSecurityDataFormat() {
077        super("secureXML");
078    }
079
080    public String getXmlCipherAlgorithm() {
081        return xmlCipherAlgorithm;
082    }
083
084    /**
085     * The cipher algorithm to be used for encryption/decryption of the XML
086     * message content. The available choices are:
087     * <ul>
088     * <li>XMLCipher.TRIPLEDES</li>
089     * <li>XMLCipher.AES_128</li>
090     * <li>XMLCipher.AES_128_GCM</li>
091     * <li>XMLCipher.AES_192</li>
092     * <li>XMLCipher.AES_192_GCM</li>
093     * <li>XMLCipher.AES_256</li>
094     * <li>XMLCipher.AES_256_GCM</li>
095     * <li>XMLCipher.SEED_128</li>
096     * <li>XMLCipher.CAMELLIA_128</li>
097     * <li>XMLCipher.CAMELLIA_192</li>
098     * <li>XMLCipher.CAMELLIA_256</li>
099     * </ul>
100     * The default value is MLCipher.TRIPLEDES
101     */
102    public void setXmlCipherAlgorithm(String xmlCipherAlgorithm) {
103        this.xmlCipherAlgorithm = xmlCipherAlgorithm;
104    }
105
106    public String getPassPhrase() {
107        return passPhrase;
108    }
109
110    /**
111     * A String used as passPhrase to encrypt/decrypt content. The passPhrase
112     * has to be provided. If no passPhrase is specified, a default passPhrase
113     * is used. The passPhrase needs to be put together in conjunction with the
114     * appropriate encryption algorithm. For example using TRIPLEDES the
115     * passPhase can be a "Only another 24 Byte key"
116     */
117    public void setPassPhrase(String passPhrase) {
118        this.passPhrase = passPhrase;
119    }
120
121    public byte[] getPassPhraseByte() {
122        return passPhraseByte;
123    }
124
125    /**
126     * A byte[] used as passPhrase to encrypt/decrypt content. The passPhrase
127     * has to be provided. If no passPhrase is specified, a default passPhrase
128     * is used. The passPhrase needs to be put together in conjunction with the
129     * appropriate encryption algorithm. For example using TRIPLEDES the
130     * passPhase can be a "Only another 24 Byte key"
131     */
132    public void setPassPhraseByte(byte[] passPhraseByte) {
133        this.passPhraseByte = passPhraseByte;
134    }
135
136    public String getSecureTag() {
137        return secureTag;
138    }
139
140    /**
141     * The XPath reference to the XML Element selected for
142     * encryption/decryption. If no tag is specified, the entire payload is
143     * encrypted/decrypted.
144     */
145    public void setSecureTag(String secureTag) {
146        this.secureTag = secureTag;
147    }
148
149    public Boolean getSecureTagContents() {
150        return secureTagContents;
151    }
152
153    /**
154     * A boolean value to specify whether the XML Element is to be encrypted or
155     * the contents of the XML Element false = Element Level true = Element
156     * Content Level
157     */
158    public void setSecureTagContents(Boolean secureTagContents) {
159        this.secureTagContents = secureTagContents;
160    }
161
162    /**
163     * The cipher algorithm to be used for encryption/decryption of the
164     * asymmetric key. The available choices are:
165     * <ul>
166     * <li>XMLCipher.RSA_v1dot5</li>
167     * <li>XMLCipher.RSA_OAEP</li>
168     * <li>XMLCipher.RSA_OAEP_11</li>
169     * </ul>
170     * The default value is XMLCipher.RSA_OAEP
171     */
172    public void setKeyCipherAlgorithm(String keyCipherAlgorithm) {
173        this.keyCipherAlgorithm = keyCipherAlgorithm;
174    }
175
176    public String getKeyCipherAlgorithm() {
177        return keyCipherAlgorithm;
178    }
179
180    /**
181     * The key alias to be used when retrieving the recipient's public or
182     * private key from a KeyStore when performing asymmetric key encryption or
183     * decryption.
184     */
185    public void setRecipientKeyAlias(String recipientKeyAlias) {
186        this.recipientKeyAlias = recipientKeyAlias;
187    }
188
189    public String getRecipientKeyAlias() {
190        return recipientKeyAlias;
191    }
192
193    /**
194     * Refers to a KeyStore instance to lookup in the registry, which is used
195     * for configuration options for creating and loading a KeyStore instance
196     * that represents the sender's trustStore or recipient's keyStore.
197     */
198    public void setKeyOrTrustStoreParametersRef(String id) {
199        this.keyOrTrustStoreParametersRef = id;
200    }
201
202    public String getKeyOrTrustStoreParametersRef() {
203        return this.keyOrTrustStoreParametersRef;
204    }
205
206    public KeyStoreParameters getKeyOrTrustStoreParameters() {
207        return keyOrTrustStoreParameters;
208    }
209
210    /**
211     * Configuration options for creating and loading a KeyStore instance that
212     * represents the sender's trustStore or recipient's keyStore.
213     */
214    public void setKeyOrTrustStoreParameters(KeyStoreParameters keyOrTrustStoreParameters) {
215        this.keyOrTrustStoreParameters = keyOrTrustStoreParameters;
216    }
217
218    public String getKeyPassword() {
219        return this.keyPassword;
220    }
221
222    /**
223     * The password to be used for retrieving the private key from the KeyStore.
224     * This key is used for asymmetric decryption.
225     */
226    public void setKeyPassword(String keyPassword) {
227        this.keyPassword = keyPassword;
228    }
229
230    public String getDigestAlgorithm() {
231        return digestAlgorithm;
232    }
233
234    /**
235     * The digest algorithm to use with the RSA OAEP algorithm. The available
236     * choices are:
237     * <ul>
238     * <li>XMLCipher.SHA1</li>
239     * <li>XMLCipher.SHA256</li>
240     * <li>XMLCipher.SHA512</li>
241     * </ul>
242     * The default value is XMLCipher.SHA1
243     */
244    public void setDigestAlgorithm(String digestAlgorithm) {
245        this.digestAlgorithm = digestAlgorithm;
246    }
247
248    public String getMgfAlgorithm() {
249        return mgfAlgorithm;
250    }
251
252    /**
253     * The MGF Algorithm to use with the RSA OAEP algorithm. The available
254     * choices are:
255     * <ul>
256     * <li>EncryptionConstants.MGF1_SHA1</li>
257     * <li>EncryptionConstants.MGF1_SHA256</li>
258     * <li>EncryptionConstants.MGF1_SHA512</li>
259     * </ul>
260     * The default value is EncryptionConstants.MGF1_SHA1
261     */
262    public void setMgfAlgorithm(String mgfAlgorithm) {
263        this.mgfAlgorithm = mgfAlgorithm;
264    }
265
266    public Boolean getAddKeyValueForEncryptedKey() {
267        return addKeyValueForEncryptedKey;
268    }
269
270    /**
271     * Whether to add the public key used to encrypt the session key as a
272     * KeyValue in the EncryptedKey structure or not.
273     */
274    public void setAddKeyValueForEncryptedKey(Boolean addKeyValueForEncryptedKey) {
275        this.addKeyValueForEncryptedKey = addKeyValueForEncryptedKey;
276    }
277
278    @Override
279    public void setNamespaces(Map<String, String> nspaces) {
280        if (this.namespaces == null) {
281            this.namespaces = new HashMap<>();
282        }
283        this.namespaces.putAll(nspaces);
284    }
285
286    @Override
287    public Map<String, String> getNamespaces() {
288        return namespaces;
289    }
290}