camel-crypto-cms-kafka-connector sink configuration

When using camel-crypto-cms-kafka-connector as sink make sure to use the following Maven dependency to have support for the connector:

<dependency>
  <groupId>org.apache.camel.kafkaconnector</groupId>
  <artifactId>camel-crypto-cms-kafka-connector</artifactId>
  <version>x.x.x</version>
  <!-- use the same version as your Camel Kafka connector version -->
</dependency>

The camel-crypto-cms sink connector supports 23 options, which are listed below.

Name	Description	Default	Priority
camel.sink.path.cryptoOperation	Set the Crypto operation from that supplied after the crypto scheme in the endpoint uri e.g. crypto-cms:sign sets sign as the operation. Possible values: sign, verify, encrypt, or decrypt. One of: [sign] [verify] [encrypt] [decrypt]	null	HIGH
camel.sink.path.name	The name part in the URI can be chosen by the user to distinguish between different signer/verifier/encryptor/decryptor endpoints within the camel context.	null	HIGH
camel.sink.endpoint.keyStore	Keystore which contains signer private keys, verifier public keys, encryptor public keys, decryptor private keys depending on the operation. Use either this parameter or the parameter 'keyStoreParameters'.	null	MEDIUM
camel.sink.endpoint.keyStoreParameters	Keystore containing signer private keys, verifier public keys, encryptor public keys, decryptor private keys depending on the operation. Use either this parameter or the parameter 'keystore'.	null	MEDIUM
camel.sink.endpoint.lazyStartProducer	Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel’s routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing.	false	MEDIUM
camel.sink.endpoint.basicPropertyBinding	Whether the endpoint should use basic property binding (Camel 2.x) or the newer property binding with additional capabilities	false	MEDIUM
camel.sink.endpoint.synchronous	Sets whether synchronous processing should be strictly used, or Camel is allowed to use asynchronous processing (if supported).	false	MEDIUM
camel.sink.endpoint.password	Sets the password of the private keys. It is assumed that all private keys in the keystore have the same password. If not set then it is assumed that the password of the private keys is given by the keystore password given in the KeyStoreParameters.	null	MEDIUM
camel.sink.endpoint.fromBase64	If true then the CMS message is base 64 encoded and must be decoded during the processing. Default value is false.	false	MEDIUM
camel.sink.endpoint.contentEncryptionAlgorithm	Encryption algorithm, for example DESede/CBC/PKCS5Padding. Further possible values: DESede/CBC/PKCS5Padding, AES/CBC/PKCS5Padding, Camellia/CBC/PKCS5Padding, CAST5/CBC/PKCS5Padding. One of: [AES/CBC/PKCS5Padding] [DESede/CBC/PKCS5Padding] [Camellia/CBC/PKCS5Padding] [CAST5/CBC/PKCS5Padding]	null	MEDIUM
camel.sink.endpoint.originatorInformationProvider	Provider for the originator info. See https://tools.ietf.org/html/rfc5652#section-6.1. The default value is null.	null	MEDIUM
camel.sink.endpoint.recipient	Recipient Info: reference to a bean which implements the interface org.apache.camel.component.crypto.cms.api.TransRecipientInfo	null	MEDIUM
camel.sink.endpoint.secretKeyLength	Key length for the secret symmetric key used for the content encryption. Only used if the specified content-encryption algorithm allows keys of different sizes. If contentEncryptionAlgorithm=AES/CBC/PKCS5Padding or Camellia/CBC/PKCS5Padding then 128; if contentEncryptionAlgorithm=DESede/CBC/PKCS5Padding then 192, 128; if strong encryption is enabled then for AES/CBC/PKCS5Padding and Camellia/CBC/PKCS5Padding also the key lengths 192 and 256 are possible.	null	MEDIUM
camel.sink.endpoint.unprotectedAttributesGenerator Provider	Provider of the generator for the unprotected attributes. The default value is null which means no unprotected attribute is added to the Enveloped Data object. See https://tools.ietf.org/html/rfc5652#section-6.1.	null	MEDIUM
camel.sink.endpoint.toBase64	Indicates whether the Signed Data or Enveloped Data instance shall be base 64 encoded. Default value is false.	"false"	MEDIUM
camel.sink.endpoint.includeContent	Indicates whether the signed content should be included into the Signed Data instance. If false then a detached Signed Data instance is created in the header CamelCryptoCmsSignedData.	"true"	MEDIUM
camel.sink.endpoint.signer	Signer information: reference to bean(s) which implements org.apache.camel.component.crypto.cms.api.SignerInfo. Multiple values can be separated by comma	null	MEDIUM
camel.sink.endpoint.signedDataHeaderBase64	Indicates whether the value in the header CamelCryptoCmsSignedData is base64 encoded. Default value is false. Only relevant for detached signatures. In the detached signature case, the header contains the Signed Data object.	false	MEDIUM
camel.sink.endpoint.verifySignaturesOfAllSigners	If true then the signatures of all signers contained in the Signed Data object are verified. If false then only one signature whose signer info matches with one of the specified certificates is verified. Default value is true.	true	MEDIUM
camel.component.crypto-cms.lazyStartProducer	Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel’s routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing.	false	MEDIUM
camel.component.crypto-cms.basicPropertyBinding	Whether the component should use basic property binding (Camel 2.x) or the newer property binding with additional capabilities	false	MEDIUM
camel.component.crypto-cms.envelopedDataDecryptor Configuration	To configure the shared EnvelopedDataDecryptorConfiguration, which determines the uri parameters for the decrypt operation.	null	MEDIUM
camel.component.crypto-cms.signedDataVerifier Configuration	To configure the shared SignedDataVerifierConfiguration, which determines the uri parameters for the verify operation.	null	MEDIUM

Name

Description

Default

Priority

camel.sink.path.cryptoOperation

Set the Crypto operation from that supplied after the crypto scheme in the endpoint uri e.g. crypto-cms:sign sets sign as the operation. Possible values: sign, verify, encrypt, or decrypt. One of: [sign] [verify] [encrypt] [decrypt]

null

HIGH

camel.sink.path.name

The name part in the URI can be chosen by the user to distinguish between different signer/verifier/encryptor/decryptor endpoints within the camel context.

null

HIGH

camel.sink.endpoint.keyStore

Keystore which contains signer private keys, verifier public keys, encryptor public keys, decryptor private keys depending on the operation. Use either this parameter or the parameter 'keyStoreParameters'.

null

MEDIUM

camel.sink.endpoint.keyStoreParameters

Keystore containing signer private keys, verifier public keys, encryptor public keys, decryptor private keys depending on the operation. Use either this parameter or the parameter 'keystore'.

null

MEDIUM

camel.sink.endpoint.lazyStartProducer

Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel’s routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing.

false

MEDIUM

camel.sink.endpoint.basicPropertyBinding

Whether the endpoint should use basic property binding (Camel 2.x) or the newer property binding with additional capabilities

false

MEDIUM

camel.sink.endpoint.synchronous

Sets whether synchronous processing should be strictly used, or Camel is allowed to use asynchronous processing (if supported).

false

MEDIUM

camel.sink.endpoint.password

Sets the password of the private keys. It is assumed that all private keys in the keystore have the same password. If not set then it is assumed that the password of the private keys is given by the keystore password given in the KeyStoreParameters.

null

MEDIUM

camel.sink.endpoint.fromBase64

If true then the CMS message is base 64 encoded and must be decoded during the processing. Default value is false.

false

MEDIUM

camel.sink.endpoint.contentEncryptionAlgorithm

Encryption algorithm, for example DESede/CBC/PKCS5Padding. Further possible values: DESede/CBC/PKCS5Padding, AES/CBC/PKCS5Padding, Camellia/CBC/PKCS5Padding, CAST5/CBC/PKCS5Padding. One of: [AES/CBC/PKCS5Padding] [DESede/CBC/PKCS5Padding] [Camellia/CBC/PKCS5Padding] [CAST5/CBC/PKCS5Padding]

null

MEDIUM

camel.sink.endpoint.originatorInformationProvider

Provider for the originator info. See https://tools.ietf.org/html/rfc5652#section-6.1. The default value is null.

null

MEDIUM

camel.sink.endpoint.recipient

Recipient Info: reference to a bean which implements the interface org.apache.camel.component.crypto.cms.api.TransRecipientInfo

null

MEDIUM

camel.sink.endpoint.secretKeyLength

Key length for the secret symmetric key used for the content encryption. Only used if the specified content-encryption algorithm allows keys of different sizes. If contentEncryptionAlgorithm=AES/CBC/PKCS5Padding or Camellia/CBC/PKCS5Padding then 128; if contentEncryptionAlgorithm=DESede/CBC/PKCS5Padding then 192, 128; if strong encryption is enabled then for AES/CBC/PKCS5Padding and Camellia/CBC/PKCS5Padding also the key lengths 192 and 256 are possible.

null

MEDIUM

camel.sink.endpoint.unprotectedAttributesGenerator Provider

Provider of the generator for the unprotected attributes. The default value is null which means no unprotected attribute is added to the Enveloped Data object. See https://tools.ietf.org/html/rfc5652#section-6.1.

null

MEDIUM

camel.sink.endpoint.toBase64

Indicates whether the Signed Data or Enveloped Data instance shall be base 64 encoded. Default value is false.

"false"

MEDIUM

camel.sink.endpoint.includeContent

Indicates whether the signed content should be included into the Signed Data instance. If false then a detached Signed Data instance is created in the header CamelCryptoCmsSignedData.

"true"

MEDIUM

camel.sink.endpoint.signer

Signer information: reference to bean(s) which implements org.apache.camel.component.crypto.cms.api.SignerInfo. Multiple values can be separated by comma

null

MEDIUM

camel.sink.endpoint.signedDataHeaderBase64

Indicates whether the value in the header CamelCryptoCmsSignedData is base64 encoded. Default value is false. Only relevant for detached signatures. In the detached signature case, the header contains the Signed Data object.

false

MEDIUM

camel.sink.endpoint.verifySignaturesOfAllSigners

If true then the signatures of all signers contained in the Signed Data object are verified. If false then only one signature whose signer info matches with one of the specified certificates is verified. Default value is true.

true

MEDIUM

camel.component.crypto-cms.lazyStartProducer

false

MEDIUM

camel.component.crypto-cms.basicPropertyBinding

Whether the component should use basic property binding (Camel 2.x) or the newer property binding with additional capabilities

false

MEDIUM

camel.component.crypto-cms.envelopedDataDecryptor Configuration

To configure the shared EnvelopedDataDecryptorConfiguration, which determines the uri parameters for the decrypt operation.

null

MEDIUM

camel.component.crypto-cms.signedDataVerifier Configuration

To configure the shared SignedDataVerifierConfiguration, which determines the uri parameters for the verify operation.

null

MEDIUM