I have created a simple demo using Camel in order to encrypt/decrypt a PGP encrytion based file. The code is shown below.
package com.example.demo;
import org.apache.camel.CamelContext;
import org.apache.camel.builder.RouteBuilder;
import org.apache.camel.converter.crypto.PGPDataFormat;
import org.apache.camel.impl.DefaultCamelContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class PGPEncryptor {
static final Logger LOG = LoggerFactory.getLogger(PGPEncryptor.class);
final String originalPath = "pgp/original";
final String encryptedPath = "pgp/encrypted";
final String decryptedPath = "pgp/decrypted";
public static void main(String[] args) {
try {
PGPEncryptor pgp = new PGPEncryptor();
pgp.runEncryption();
pgp.runDecryption();
} catch (Exception e) {
LOG.error(e.getMessage(), e);
}
}
private void runEncryption() throws Exception {
CamelContext ctx = new DefaultCamelContext();
ctx.addRoutes(new RouteBuilder() {
@Override
public void configure() throws Exception {
PGPDataFormat encryptFormat = new PGPDataFormat();
encryptFormat.setKeyFileName("file:keys/pubring.gpg");
encryptFormat.setKeyUserid("XXXXX");
encryptFormat.setArmored(true);
// TODO setting armored to false (which is default) fails?
from("file:" + originalPath + "?noop=true&charset=utf-8")
.marshal(encryptFormat)
.to("file:" + encryptedPath + "?charset=utf-8");
}
});
ctx.start();
// Maybe sleep a little here
Thread.sleep(4000);
ctx.stop();
try {
ctx.close();
} catch (Exception e) {
// do nothing
}
}
private void runDecryption() throws Exception {
CamelContext camelContext = new DefaultCamelContext();
camelContext.addRoutes(new RouteBuilder() {
public void configure() throws Exception {
PGPDataFormat decryptFormat = new PGPDataFormat();
decryptFormat.setKeyFileName("file:keys/secring.gpg");
decryptFormat.setKeyUserid("XXXXX");
decryptFormat.setPassword("XXXX");
decryptFormat.setArmored(false);
from("file:" + encryptedPath + "?noop=true&charset=utf-8")
.log("message ${headers}")
.unmarshal(decryptFormat)
.to("file:" + decryptedPath + "?charset=utf-8");
}
});
camelContext.start();
// Maybe sleep a little here
Thread.sleep(4000);
camelContext.stop();
try {
camelContext.close();
} catch (Exception e) {
// do nothing
}
}
}
If encryptFormat.setArmored(true); is set to true the files from original folder are encrypted decrypted.
If armored is set to false or not set since it is default the
decryption fails with :
If the file is signed by someone else with my public key (i.e read directly from my encrypted folder)
java.io.EOFException: premature end of stream in PartialInputStream
at org.bouncycastle.bcpg.BCPGInputStream$PartialInputStream.read(Unknown Source)
at java.base/java.io.BufferedInputStream.fill(BufferedInputStream.java:244)
at java.base/java.io.BufferedInputStream.read1(BufferedInputStream.java:284)
at java.base/java.io.BufferedInputStream.read(BufferedInputStream.java:343)
or if the file is encrytpted by the demo code using armor false
java.lang.IllegalArgumentException: The input message body has an invalid format. The PGP decryption/verification processor expects a sequence of PGP packets of the form (entries in brackets are optional and ellipses indicate repetition, comma represents sequential composition, and vertical bar separates alternatives): Public Key Encrypted Session Key ..., Symmetrically Encrypted Data | Sym. Encrypted and Integrity Protected Data, (Compressed Data,) (One Pass Signature ...,) Literal Data, (Signature ...,)
at org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.getFormatException(PGPKeyAccessDataFormat.java:491)
at org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.getDecryptedData(PGPKeyAccessDataFormat.java:437)
at org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.unmarshal(PGPKeyAccessDataFormat.java:372)
at org.apache.camel.support.processor.UnmarshalProcessor.process(UnmarshalProcessor.java:76)
I have exported the keys to the older format since my keybox file named pubring.kbx using
gpg --export > pubring.gpg
gpg --export-secret-keys > secring.gpg
Is there some other configuration i am missing? Since my requirement is armored to by false. I am using latest camel with BC 1.76.