You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@camel.apache.org by Franz Paul Forsthofer <em...@googlemail.com> on 2017/06/23 08:10:12 UTC
New crypto component CMS (Cryptographic Message Syntax)
Hello Claus,
I want to contribute a new crypto component which supports
encryption/decryption, signing/verifying according to the Cryptographic
Message Syntax (CMS). See the CMS specification given in
https://tools.ietf.org/html/rfc5652. This component will use the Bouncy
Castle CMS library (bcpkix) which also needs the Bouncy Castel JCEE
provider library (bcprov).
We have already the camel crypto component which has dependencies to the
Bouncy Castle libraries bcprov and bcpg because it contains the PGP
encryption and decryption:
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpg-jdk15on</artifactId>
<version>${bouncycastle-version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${bouncycastle-version}</version>
</dependency>
I could put the CMS endpoints also into the crypto maven project. However,
in my opinion it makes sense to create a new own component for CMS in a new
own maven project because
- then we have a clear separation between PGP and CMS
- users which only want to use PGP will then not need the bcpkix
library and users which only want to use CMS will not need the bcpg library
My idea is to provide the following endpoints:
camel-cms:sign://<name>?[options]
camel-cms:verify://<name>?[options]
camel-cms:encrypt://<name>?[options]
camel-cms:decrypt://<name>?[options]
So I propose the component name camel-cms . We could use as package name
org.apache.camel.component.cms.
Do you agree that I create a new maven project for the camel-cms component
or should I put the component into camel-crypto maven project?
I plan the contribution for the 2.20 release.
Best Regards Franz
Re: New crypto component CMS (Cryptographic Message Syntax)
Posted by Franz Paul Forsthofer <em...@googlemail.com>.
Hi Claus,
I already created thie JIRA ticket:
https://issues.apache.org/jira/browse/CAMEL-11438
Regards Franz
On Fri, Jun 23, 2017 at 2:21 PM, Claus Ibsen <cl...@gmail.com> wrote:
> Hi Franz
>
> +1 this sounds good. And I agree its a good idea to separate into a
> new component.
>
> I suggest to log a JIRA ticket with 2.20 as target so we can see it on
> the roadmap.
>
>
> On Fri, Jun 23, 2017 at 10:10 AM, Franz Paul Forsthofer
> <em...@googlemail.com> wrote:
> > Hello Claus,
> >
> >
> >
> > I want to contribute a new crypto component which supports
> > encryption/decryption, signing/verifying according to the Cryptographic
> > Message Syntax (CMS). See the CMS specification given in
> > https://tools.ietf.org/html/rfc5652. This component will use the Bouncy
> > Castle CMS library (bcpkix) which also needs the Bouncy Castel JCEE
> > provider library (bcprov).
> >
> >
> >
> > We have already the camel crypto component which has dependencies to the
> > Bouncy Castle libraries bcprov and bcpg because it contains the PGP
> > encryption and decryption:
> >
> >
> >
> > <dependency>
> >
> >
> > <groupId>org.bouncycastle</groupId>
> >
> >
> > <artifactId>bcpg-jdk15on</artifactId>
> >
> >
> > <version>${bouncycastle-version}</version>
> >
> > </dependency>
> >
> > <dependency>
> >
> >
> > <groupId>org.bouncycastle</groupId>
> >
> >
> > <artifactId>bcprov-jdk15on</artifactId>
> >
> >
> > <version>${bouncycastle-version}</version>
> >
> > </dependency>
> >
> >
> >
> > I could put the CMS endpoints also into the crypto maven project.
> However,
> > in my opinion it makes sense to create a new own component for CMS in a
> new
> > own maven project because
> >
> > - then we have a clear separation between PGP and CMS
> >
> > - users which only want to use PGP will then not need the bcpkix
> > library and users which only want to use CMS will not need the bcpg
> library
> >
> >
> >
> > My idea is to provide the following endpoints:
> >
> >
> >
> > camel-cms:sign://<name>?[options]
> >
> >
> >
> > camel-cms:verify://<name>?[options]
> >
> >
> >
> > camel-cms:encrypt://<name>?[options]
> >
> >
> >
> > camel-cms:decrypt://<name>?[options]
> >
> >
> >
> > So I propose the component name camel-cms . We could use as package name
> > org.apache.camel.component.cms.
> >
> >
> >
> > Do you agree that I create a new maven project for the camel-cms
> component
> > or should I put the component into camel-crypto maven project?
> >
> >
> >
> > I plan the contribution for the 2.20 release.
> >
> >
> >
> > Best Regards Franz
>
>
>
> --
> Claus Ibsen
> -----------------
> http://davsclaus.com @davsclaus
> Camel in Action 2: https://www.manning.com/ibsen2
>
Re: New crypto component CMS (Cryptographic Message Syntax)
Posted by Claus Ibsen <cl...@gmail.com>.
Hi Franz
+1 this sounds good. And I agree its a good idea to separate into a
new component.
I suggest to log a JIRA ticket with 2.20 as target so we can see it on
the roadmap.
On Fri, Jun 23, 2017 at 10:10 AM, Franz Paul Forsthofer
<em...@googlemail.com> wrote:
> Hello Claus,
>
>
>
> I want to contribute a new crypto component which supports
> encryption/decryption, signing/verifying according to the Cryptographic
> Message Syntax (CMS). See the CMS specification given in
> https://tools.ietf.org/html/rfc5652. This component will use the Bouncy
> Castle CMS library (bcpkix) which also needs the Bouncy Castel JCEE
> provider library (bcprov).
>
>
>
> We have already the camel crypto component which has dependencies to the
> Bouncy Castle libraries bcprov and bcpg because it contains the PGP
> encryption and decryption:
>
>
>
> <dependency>
>
>
> <groupId>org.bouncycastle</groupId>
>
>
> <artifactId>bcpg-jdk15on</artifactId>
>
>
> <version>${bouncycastle-version}</version>
>
> </dependency>
>
> <dependency>
>
>
> <groupId>org.bouncycastle</groupId>
>
>
> <artifactId>bcprov-jdk15on</artifactId>
>
>
> <version>${bouncycastle-version}</version>
>
> </dependency>
>
>
>
> I could put the CMS endpoints also into the crypto maven project. However,
> in my opinion it makes sense to create a new own component for CMS in a new
> own maven project because
>
> - then we have a clear separation between PGP and CMS
>
> - users which only want to use PGP will then not need the bcpkix
> library and users which only want to use CMS will not need the bcpg library
>
>
>
> My idea is to provide the following endpoints:
>
>
>
> camel-cms:sign://<name>?[options]
>
>
>
> camel-cms:verify://<name>?[options]
>
>
>
> camel-cms:encrypt://<name>?[options]
>
>
>
> camel-cms:decrypt://<name>?[options]
>
>
>
> So I propose the component name camel-cms . We could use as package name
> org.apache.camel.component.cms.
>
>
>
> Do you agree that I create a new maven project for the camel-cms component
> or should I put the component into camel-crypto maven project?
>
>
>
> I plan the contribution for the 2.20 release.
>
>
>
> Best Regards Franz
--
Claus Ibsen
-----------------
http://davsclaus.com @davsclaus
Camel in Action 2: https://www.manning.com/ibsen2
Re: New crypto component CMS (Cryptographic Message Syntax)
Posted by Andrea Cosentino <an...@yahoo.com.INVALID>.
That was what I meant from the beginning :-)
Thanks. --Andrea Cosentino ----------------------------------Apache Camel PMC MemberApache Karaf CommitterApache Servicemix PMC MemberEmail: ancosen1985@yahoo.comTwitter: @oscerd2Github: oscerd
On Friday, June 23, 2017 11:20 AM, Franz Paul Forsthofer <em...@googlemail.com> wrote:
Hello,
I have seen that all current endpoint urls do not contain the world
"camel". Therefore I will remove the world "camel" in the url. The new
endpoint urls will look as follows
crypto-cms:sign://<name>?[options]
crypto-cms:verify://<name>?[options]
crypto-cms:encrypt://<name>?[options]
crypto-cms:decrypt://<name>?[options]
This also means that the component name will just be "crypto-cms".
Regards Franz
SAP SE
On Fri, Jun 23, 2017 at 10:19 AM, Franz Paul Forsthofer <
emc2fpf@googlemail.com> wrote:
> Thanks for the quick reply. O.k. I can use camel-crypto-cms as name.
>
> Franz Forsthofer
> SAP AG
>
> On Fri, Jun 23, 2017 at 10:12 AM, Andrea Cosentino <
> ancosen1985@yahoo.com.invalid> wrote:
>
>> +1 for a new component.
>>
>> Maybe for the naming it can be better camel-crypto-cms, camel-cms can be
>> confused with a content management system. By the way it's not so important.
>>
>> Nice idea and really good contribution.
>>
>> Thanks Franz.
>>
>> --
>> Andrea Cosentino
>> ----------------------------------
>> Apache Camel PMC Member
>> Apache Karaf Committer
>> Apache Servicemix PMC Member
>> Email: ancosen1985@yahoo.com
>> Twitter: @oscerd2
>> Github: oscerd
>>
>>
>> On Friday, June 23, 2017 10:10 AM, Franz Paul Forsthofer <
>> emc2fpf@googlemail.com> wrote:
>>
>>
>>
>> Hello Claus,
>>
>>
>>
>>
>> I want to contribute a new crypto component which supports
>>
>> encryption/decryption, signing/verifying according to the Cryptographic
>>
>> Message Syntax (CMS). See the CMS specification given in
>>
>> https://tools.ietf.org/html/rfc5652. This component will use the Bouncy
>>
>> Castle CMS library (bcpkix) which also needs the Bouncy Castel JCEE
>>
>> provider library (bcprov).
>>
>>
>>
>>
>> We have already the camel crypto component which has dependencies to the
>>
>> Bouncy Castle libraries bcprov and bcpg because it contains the PGP
>>
>> encryption and decryption:
>>
>>
>>
>>
>> <dependency>
>>
>>
>>
>> <groupId>org.bouncycastle</groupId>
>>
>>
>>
>> <artifactId>bcpg-jdk15on</artifactId>
>>
>>
>>
>> <version>${bouncycastle-version}</version>
>>
>>
>> </dependency>
>>
>>
>> <dependency>
>>
>>
>>
>> <groupId>org.bouncycastle</groupId>
>>
>>
>>
>> <artifactId>bcprov-jdk15on</artifactId>
>>
>>
>>
>> <version>${bouncycastle-version}</version>
>>
>>
>> </dependency>
>>
>>
>>
>>
>> I could put the CMS endpoints also into the crypto maven project. However,
>>
>> in my opinion it makes sense to create a new own component for CMS in a
>> new
>>
>> own maven project because
>>
>>
>> - then we have a clear separation between PGP and CMS
>>
>>
>> - users which only want to use PGP will then not need the bcpkix
>>
>> library and users which only want to use CMS will not need the bcpg
>> library
>>
>>
>>
>>
>> My idea is to provide the following endpoints:
>>
>>
>>
>>
>> camel-cms:sign://<name>?[options]
>>
>>
>>
>>
>> camel-cms:verify://<name>?[options]
>>
>>
>>
>>
>> camel-cms:encrypt://<name>?[options]
>>
>>
>>
>>
>> camel-cms:decrypt://<name>?[options]
>>
>>
>>
>>
>> So I propose the component name camel-cms . We could use as package name
>>
>> org.apache.camel.component.cms.
>>
>>
>>
>>
>> Do you agree that I create a new maven project for the camel-cms component
>>
>> or should I put the component into camel-crypto maven project?
>>
>>
>>
>>
>> I plan the contribution for the 2.20 release.
>>
>>
>>
>>
>> Best Regards Franz
>>
>
>
Re: New crypto component CMS (Cryptographic Message Syntax)
Posted by Franz Paul Forsthofer <em...@googlemail.com>.
Hello,
I have seen that all current endpoint urls do not contain the world
"camel". Therefore I will remove the world "camel" in the url. The new
endpoint urls will look as follows
crypto-cms:sign://<name>?[options]
crypto-cms:verify://<name>?[options]
crypto-cms:encrypt://<name>?[options]
crypto-cms:decrypt://<name>?[options]
This also means that the component name will just be "crypto-cms".
Regards Franz
SAP SE
On Fri, Jun 23, 2017 at 10:19 AM, Franz Paul Forsthofer <
emc2fpf@googlemail.com> wrote:
> Thanks for the quick reply. O.k. I can use camel-crypto-cms as name.
>
> Franz Forsthofer
> SAP AG
>
> On Fri, Jun 23, 2017 at 10:12 AM, Andrea Cosentino <
> ancosen1985@yahoo.com.invalid> wrote:
>
>> +1 for a new component.
>>
>> Maybe for the naming it can be better camel-crypto-cms, camel-cms can be
>> confused with a content management system. By the way it's not so important.
>>
>> Nice idea and really good contribution.
>>
>> Thanks Franz.
>>
>> --
>> Andrea Cosentino
>> ----------------------------------
>> Apache Camel PMC Member
>> Apache Karaf Committer
>> Apache Servicemix PMC Member
>> Email: ancosen1985@yahoo.com
>> Twitter: @oscerd2
>> Github: oscerd
>>
>>
>> On Friday, June 23, 2017 10:10 AM, Franz Paul Forsthofer <
>> emc2fpf@googlemail.com> wrote:
>>
>>
>>
>> Hello Claus,
>>
>>
>>
>>
>> I want to contribute a new crypto component which supports
>>
>> encryption/decryption, signing/verifying according to the Cryptographic
>>
>> Message Syntax (CMS). See the CMS specification given in
>>
>> https://tools.ietf.org/html/rfc5652. This component will use the Bouncy
>>
>> Castle CMS library (bcpkix) which also needs the Bouncy Castel JCEE
>>
>> provider library (bcprov).
>>
>>
>>
>>
>> We have already the camel crypto component which has dependencies to the
>>
>> Bouncy Castle libraries bcprov and bcpg because it contains the PGP
>>
>> encryption and decryption:
>>
>>
>>
>>
>> <dependency>
>>
>>
>>
>> <groupId>org.bouncycastle</groupId>
>>
>>
>>
>> <artifactId>bcpg-jdk15on</artifactId>
>>
>>
>>
>> <version>${bouncycastle-version}</version>
>>
>>
>> </dependency>
>>
>>
>> <dependency>
>>
>>
>>
>> <groupId>org.bouncycastle</groupId>
>>
>>
>>
>> <artifactId>bcprov-jdk15on</artifactId>
>>
>>
>>
>> <version>${bouncycastle-version}</version>
>>
>>
>> </dependency>
>>
>>
>>
>>
>> I could put the CMS endpoints also into the crypto maven project. However,
>>
>> in my opinion it makes sense to create a new own component for CMS in a
>> new
>>
>> own maven project because
>>
>>
>> - then we have a clear separation between PGP and CMS
>>
>>
>> - users which only want to use PGP will then not need the bcpkix
>>
>> library and users which only want to use CMS will not need the bcpg
>> library
>>
>>
>>
>>
>> My idea is to provide the following endpoints:
>>
>>
>>
>>
>> camel-cms:sign://<name>?[options]
>>
>>
>>
>>
>> camel-cms:verify://<name>?[options]
>>
>>
>>
>>
>> camel-cms:encrypt://<name>?[options]
>>
>>
>>
>>
>> camel-cms:decrypt://<name>?[options]
>>
>>
>>
>>
>> So I propose the component name camel-cms . We could use as package name
>>
>> org.apache.camel.component.cms.
>>
>>
>>
>>
>> Do you agree that I create a new maven project for the camel-cms component
>>
>> or should I put the component into camel-crypto maven project?
>>
>>
>>
>>
>> I plan the contribution for the 2.20 release.
>>
>>
>>
>>
>> Best Regards Franz
>>
>
>
Re: New crypto component CMS (Cryptographic Message Syntax)
Posted by Franz Paul Forsthofer <em...@googlemail.com>.
Thanks for the quick reply. O.k. I can use camel-crypto-cms as name.
Franz Forsthofer
SAP AG
On Fri, Jun 23, 2017 at 10:12 AM, Andrea Cosentino <
ancosen1985@yahoo.com.invalid> wrote:
> +1 for a new component.
>
> Maybe for the naming it can be better camel-crypto-cms, camel-cms can be
> confused with a content management system. By the way it's not so important.
>
> Nice idea and really good contribution.
>
> Thanks Franz.
>
> --
> Andrea Cosentino
> ----------------------------------
> Apache Camel PMC Member
> Apache Karaf Committer
> Apache Servicemix PMC Member
> Email: ancosen1985@yahoo.com
> Twitter: @oscerd2
> Github: oscerd
>
>
> On Friday, June 23, 2017 10:10 AM, Franz Paul Forsthofer <
> emc2fpf@googlemail.com> wrote:
>
>
>
> Hello Claus,
>
>
>
>
> I want to contribute a new crypto component which supports
>
> encryption/decryption, signing/verifying according to the Cryptographic
>
> Message Syntax (CMS). See the CMS specification given in
>
> https://tools.ietf.org/html/rfc5652. This component will use the Bouncy
>
> Castle CMS library (bcpkix) which also needs the Bouncy Castel JCEE
>
> provider library (bcprov).
>
>
>
>
> We have already the camel crypto component which has dependencies to the
>
> Bouncy Castle libraries bcprov and bcpg because it contains the PGP
>
> encryption and decryption:
>
>
>
>
> <dependency>
>
>
>
> <groupId>org.bouncycastle</groupId>
>
>
>
> <artifactId>bcpg-jdk15on</artifactId>
>
>
>
> <version>${bouncycastle-version}</version>
>
>
> </dependency>
>
>
> <dependency>
>
>
>
> <groupId>org.bouncycastle</groupId>
>
>
>
> <artifactId>bcprov-jdk15on</artifactId>
>
>
>
> <version>${bouncycastle-version}</version>
>
>
> </dependency>
>
>
>
>
> I could put the CMS endpoints also into the crypto maven project. However,
>
> in my opinion it makes sense to create a new own component for CMS in a new
>
> own maven project because
>
>
> - then we have a clear separation between PGP and CMS
>
>
> - users which only want to use PGP will then not need the bcpkix
>
> library and users which only want to use CMS will not need the bcpg library
>
>
>
>
> My idea is to provide the following endpoints:
>
>
>
>
> camel-cms:sign://<name>?[options]
>
>
>
>
> camel-cms:verify://<name>?[options]
>
>
>
>
> camel-cms:encrypt://<name>?[options]
>
>
>
>
> camel-cms:decrypt://<name>?[options]
>
>
>
>
> So I propose the component name camel-cms . We could use as package name
>
> org.apache.camel.component.cms.
>
>
>
>
> Do you agree that I create a new maven project for the camel-cms component
>
> or should I put the component into camel-crypto maven project?
>
>
>
>
> I plan the contribution for the 2.20 release.
>
>
>
>
> Best Regards Franz
>
Re: New crypto component CMS (Cryptographic Message Syntax)
Posted by Andrea Cosentino <an...@yahoo.com.INVALID>.
+1 for a new component.
Maybe for the naming it can be better camel-crypto-cms, camel-cms can be confused with a content management system. By the way it's not so important.
Nice idea and really good contribution.
Thanks Franz.
--
Andrea Cosentino
----------------------------------
Apache Camel PMC Member
Apache Karaf Committer
Apache Servicemix PMC Member
Email: ancosen1985@yahoo.com
Twitter: @oscerd2
Github: oscerd
On Friday, June 23, 2017 10:10 AM, Franz Paul Forsthofer <em...@googlemail.com> wrote:
Hello Claus,
I want to contribute a new crypto component which supports
encryption/decryption, signing/verifying according to the Cryptographic
Message Syntax (CMS). See the CMS specification given in
https://tools.ietf.org/html/rfc5652. This component will use the Bouncy
Castle CMS library (bcpkix) which also needs the Bouncy Castel JCEE
provider library (bcprov).
We have already the camel crypto component which has dependencies to the
Bouncy Castle libraries bcprov and bcpg because it contains the PGP
encryption and decryption:
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpg-jdk15on</artifactId>
<version>${bouncycastle-version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${bouncycastle-version}</version>
</dependency>
I could put the CMS endpoints also into the crypto maven project. However,
in my opinion it makes sense to create a new own component for CMS in a new
own maven project because
- then we have a clear separation between PGP and CMS
- users which only want to use PGP will then not need the bcpkix
library and users which only want to use CMS will not need the bcpg library
My idea is to provide the following endpoints:
camel-cms:sign://<name>?[options]
camel-cms:verify://<name>?[options]
camel-cms:encrypt://<name>?[options]
camel-cms:decrypt://<name>?[options]
So I propose the component name camel-cms . We could use as package name
org.apache.camel.component.cms.
Do you agree that I create a new maven project for the camel-cms component
or should I put the component into camel-crypto maven project?
I plan the contribution for the 2.20 release.
Best Regards Franz