You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Martin Hoffmann (JIRA)" <ji...@apache.org> on 2018/10/04 14:46:00 UTC
[jira] [Commented] (CAMEL-12857) Enhance the AS2 Component to
support RSA-OAEP
[ https://issues.apache.org/jira/browse/CAMEL-12857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16638323#comment-16638323 ]
Martin Hoffmann commented on CAMEL-12857:
-----------------------------------------
To use OAEP with BouncyCastle you must and an additional parameter to the JceKeyTransRecipientInfoGenerator
{code:java}
JcaAlgorithmParametersConverter paramsConverter = new JcaAlgorithmParametersConverter();
AlgorithmIdentifier algorithmIdentifier = paramsConverter.getAlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, OAEPParameterSpec.DEFAULT);
JceKeyTransRecipientInfoGenerator generator = new JceKeyTransRecipientInfoGenerator(encryptionCertificate, algorithmIdentifier);{code}
> Enhance the AS2 Component to support RSA-OAEP
> ---------------------------------------------
>
> Key: CAMEL-12857
> URL: https://issues.apache.org/jira/browse/CAMEL-12857
> Project: Camel
> Issue Type: New Feature
> Components: camel-as2
> Affects Versions: 2.22.1
> Reporter: Martin Hoffmann
> Priority: Major
>
> The use of AS2 in Germany for business application could require to follow regulations set by the BSI (German Federal Office for Information Security).
> The BSI requeries to use OAEP (Optimal asymmetric encryption padding) when sending encrypted SMIME-messages between public institutions. As AS2 uses SMIME as message structur this regulation affects AS2 implementation used in Germany.
> [https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding]
> The BouncyCastle libary already supports OAEP.
> See [https://www.bouncycastle.org/specifications.html]
> * RSA/NONE/OAEPWithMD5AndMGF1Padding
> * RSA/NONE/OAEPWithSHA1AndMGF1Padding
> * RSA/NONE/OAEPWithSHA224AndMGF1Padding
> * RSA/NONE/OAEPWithSHA256AndMGF1Padding
> * RSA/NONE/OAEPWithSHA384AndMGF1Padding
> * RSA/NONE/OAEPWithSHA512AndMGF1Padding
> * RSA/NONE/OAEPWithSHA3-224AndMGF1Padding
> * RSA/NONE/OAEPWithSHA3-256AndMGF1Padding
> * RSA/NONE/OAEPWithSHA3-384AndMGF1Padding
> * RSA/NONE/OAEPWithSHA3-512AndMGF1Padding
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)