camel-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Franz Paul Forsthofer <emc2...@googlemail.com>
Subject Re: New crypto component CMS (Cryptographic Message Syntax)
Date Fri, 23 Jun 2017 14:16:04 GMT
Hi Claus,
I already created thie JIRA ticket:
https://issues.apache.org/jira/browse/CAMEL-11438
Regards Franz

On Fri, Jun 23, 2017 at 2:21 PM, Claus Ibsen <claus.ibsen@gmail.com> wrote:

> Hi Franz
>
> +1 this sounds good. And I agree its a good idea to separate into a
> new component.
>
> I suggest to log a JIRA ticket with 2.20 as target so we can see it on
> the roadmap.
>
>
> On Fri, Jun 23, 2017 at 10:10 AM, Franz Paul Forsthofer
> <emc2fpf@googlemail.com> wrote:
> > Hello Claus,
> >
> >
> >
> > I want to contribute a new crypto component which supports
> > encryption/decryption, signing/verifying according to the Cryptographic
> > Message Syntax (CMS). See the CMS specification given in
> > https://tools.ietf.org/html/rfc5652. This component will use the Bouncy
> > Castle CMS library (bcpkix) which also needs the Bouncy Castel JCEE
> > provider library (bcprov).
> >
> >
> >
> > We have already the camel crypto component which has dependencies to the
> > Bouncy Castle libraries bcprov and bcpg because it contains the PGP
> > encryption and decryption:
> >
> >
> >
> >                        <dependency>
> >
> >
> > <groupId>org.bouncycastle</groupId>
> >
> >
> > <artifactId>bcpg-jdk15on</artifactId>
> >
> >
> > <version>${bouncycastle-version}</version>
> >
> >                               </dependency>
> >
> >                               <dependency>
> >
> >
> > <groupId>org.bouncycastle</groupId>
> >
> >
> > <artifactId>bcprov-jdk15on</artifactId>
> >
> >
> > <version>${bouncycastle-version}</version>
> >
> >                               </dependency>
> >
> >
> >
> > I could put the CMS endpoints also into the crypto maven project.
> However,
> > in my opinion it makes sense to create a new own component for CMS in a
> new
> > own maven project because
> >
> > -        then we have a clear separation between PGP and CMS
> >
> > -        users which only want to use  PGP will then not need the bcpkix
> > library and users which only want to use CMS will not need the bcpg
> library
> >
> >
> >
> > My idea is to provide the following endpoints:
> >
> >
> >
> > camel-cms:sign://<name>?[options]
> >
> >
> >
> > camel-cms:verify://<name>?[options]
> >
> >
> >
> > camel-cms:encrypt://<name>?[options]
> >
> >
> >
> > camel-cms:decrypt://<name>?[options]
> >
> >
> >
> > So I propose the component name camel-cms . We could use as package name
> > org.apache.camel.component.cms.
> >
> >
> >
> > Do you agree that I create a new maven project for the camel-cms
> component
> > or should I put the component into camel-crypto maven project?
> >
> >
> >
> > I plan the contribution for the 2.20 release.
> >
> >
> >
> > Best Regards Franz
>
>
>
> --
> Claus Ibsen
> -----------------
> http://davsclaus.com @davsclaus
> Camel in Action 2: https://www.manning.com/ibsen2
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message