You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Martin Hoffmann (JIRA)" <ji...@apache.org> on 2018/10/04 14:46:00 UTC

[jira] [Commented] (CAMEL-12857) Enhance the AS2 Component to support RSA-OAEP

    [ https://issues.apache.org/jira/browse/CAMEL-12857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16638323#comment-16638323 ] 

Martin Hoffmann commented on CAMEL-12857:
-----------------------------------------

To use OAEP with BouncyCastle you must and an additional parameter to the JceKeyTransRecipientInfoGenerator
{code:java}
JcaAlgorithmParametersConverter paramsConverter = new JcaAlgorithmParametersConverter();
AlgorithmIdentifier algorithmIdentifier = paramsConverter.getAlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, OAEPParameterSpec.DEFAULT);
JceKeyTransRecipientInfoGenerator generator = new JceKeyTransRecipientInfoGenerator(encryptionCertificate, algorithmIdentifier);{code}

> Enhance the AS2 Component to support RSA-OAEP
> ---------------------------------------------
>
>                 Key: CAMEL-12857
>                 URL: https://issues.apache.org/jira/browse/CAMEL-12857
>             Project: Camel
>          Issue Type: New Feature
>          Components: camel-as2
>    Affects Versions: 2.22.1
>            Reporter: Martin Hoffmann
>            Priority: Major
>
> The use of AS2 in Germany for business application could require to follow regulations set by the BSI (German Federal Office for Information Security).
> The BSI requeries to use OAEP (Optimal asymmetric encryption padding) when sending encrypted SMIME-messages between public institutions. As AS2 uses SMIME as message structur this regulation affects AS2 implementation used in Germany.
> [https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding]
> The BouncyCastle libary already supports OAEP.
> See [https://www.bouncycastle.org/specifications.html]
>  * RSA/NONE/OAEPWithMD5AndMGF1Padding
>  * RSA/NONE/OAEPWithSHA1AndMGF1Padding
>  * RSA/NONE/OAEPWithSHA224AndMGF1Padding
>  * RSA/NONE/OAEPWithSHA256AndMGF1Padding
>  * RSA/NONE/OAEPWithSHA384AndMGF1Padding
>  * RSA/NONE/OAEPWithSHA512AndMGF1Padding
>  * RSA/NONE/OAEPWithSHA3-224AndMGF1Padding
>  * RSA/NONE/OAEPWithSHA3-256AndMGF1Padding
>  * RSA/NONE/OAEPWithSHA3-384AndMGF1Padding
>  * RSA/NONE/OAEPWithSHA3-512AndMGF1Padding



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)