warning

You are viewing an archived MuleSoft forum and the content you see here may be outdated. Please ask your question in our new forum for a quick response from our community

Take me to the new forum

Welcome, Guest
Guest Settings
Help

Home » MuleSoft Forum Archive » MuleSoft Products » Mule User

Thread: PGP Security - encryption example?


This question is answered. Helpful answers available: 2. Correct answers available: 1.

Reply to this Thread Reply to this Thread Search Forum Search Forum Back to Thread List Back to Thread List

Permlink Replies: 8 - Last Post: Aug 3, 2010 6:21 AM Last Post By: rbiresch
rbiresch

Posts: 10
Registered: 03/21/09
PGP Security - encryption example?
Posted: Jul 22, 2010 11:45 AM
 
   thread.click_reply Reply
I have the decryption example working for PGP Security however, is there an encryption example?
rbiresch

Posts: 10
Registered: 03/21/09
Re: PGP Security - encryption example?
Posted: Aug 2, 2010 7:40 AM    global.in_response_to.tooltip in response to: rbiresch
 
   thread.click_reply Reply
I see that the KeyBasedEncryptionStrategy class has both 'decrypt' and 'encrypt' methods. So, the encryption support appears to be implemented, as expected...the question is how to configure it in mule? Is encryption configured via <pgp:security-filter> or some transformer or...any ideas?
Andrew Perepely...
Re: [mule-user] Re: PGP Security - encryption example?
Posted: Aug 2, 2010 8:01 AM    global.in_response_to.tooltip in response to: rbiresch
   thread.click_reply Reply
I wonder if you missed this one:
http://www.mulesoft.org/documentation/display/MULE2USER/Transformers+Configuration+Reference#TransformersConfigurationReference-encrypt

Googling it returned it as a 2nd result here :)

HTH,
Andrew
rbiresch

Posts: 10
Registered: 03/21/09
Re: [mule-user] Re: PGP Security - encryption example?
Posted: Aug 2, 2010 8:35 AM    global.in_response_to.tooltip in response to: Andrew Perepely...
 
   thread.click_reply Reply
Yes, I did miss that one, thank you! I think I must of googled everything else though :)

The <encrypt-transformer name="pgpEncrypt" strategy-ref="keyBasedEncryptionStrategy"/> gets me closer...now troubleshooting a NullPointerException.

ERROR 2010-08-02 11:20:27,812 http://inboundFileConnector.dispatcher.1 org.mule.DefaultExceptionStrategy:
********************************************************************************
Message : Crypto Failure
Type : org.mule.api.security.CryptoFailureException
Code : MULE_ERROR-56112
Encryption : org.mule.module.pgp.KeyBasedEncryptionStrategy@7fb22024
JavaDoc : http://www.mulesource.org/docs/site/current2/apidocs/org/mule/api/security/CryptoFailureException.html
********************************************************************************
Exception stack is:
1. null (java.lang.NullPointerException)
org.mule.module.pgp.KeyBasedEncryptionStrategy:60 (null)
2. Crypto Failure (org.mule.api.security.CryptoFailureException)
org.mule.module.pgp.KeyBasedEncryptionStrategy:96 (http://www.mulesource.org/docs/site/current2/apidocs/org/mule/api/security/CryptoFailureException.html)
********************************************************************************
Root Exception stack trace:
java.lang.NullPointerException
at org.mule.module.pgp.KeyBasedEncryptionStrategy.encrypt(KeyBasedEncryptionStrategy.java:60)
at org.mule.transformer.encryption.EncryptionTransformer.getTransformedBytes(EncryptionTransformer.java:24)
at org.mule.transformer.encryption.AbstractEncryptionTransformer.doTransform(AbstractEncryptionTransformer.java:81)
at org.mule.transformer.AbstractTransformer.transform(AbstractTransformer.java:254)
at org.mule.DefaultMuleMessage.applyAllTransformers(DefaultMuleMessage.java:645)
at org.mule.DefaultMuleMessage.applyTransformers(DefaultMuleMessage.java:606)
at org.mule.DefaultMuleMessage.applyTransformers(DefaultMuleMessage.java:599)
at org.mule.DefaultMuleEvent.transformMessage(DefaultMuleEvent.java:328)
at org.mule.DefaultMuleEvent.transformMessage(DefaultMuleEvent.java:323)
at org.mule.transport.file.FileMessageDispatcher.doDispatch(FileMessageDispatcher.java:52)
at org.mule.transport.AbstractMessageDispatcher$Worker.doRun(AbstractMessageDispatcher.java:278)
at org.mule.work.AbstractMuleEventWork.run(AbstractMuleEventWork.java:41)
at org.mule.work.WorkerContext.run(WorkerContext.java:310)
at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:987)
at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:528)
at java.lang.Thread.run(Thread.java:637)

********************************************************************************
Andrew Perepely...
Re: [mule-user] Re: PGP Security - encryption example?
Posted: Aug 2, 2010 9:06 AM    global.in_response_to.tooltip in response to: rbiresch
   thread.click_reply Reply
rbiresch

Posts: 10
Registered: 03/21/09
Re: [mule-user] Re: PGP Security - encryption example?
Posted: Aug 2, 2010 9:30 AM    global.in_response_to.tooltip in response to: Andrew Perepely...
 
   thread.click_reply Reply
Decryption is working so the Key Manager appears to be there. Here's the config:

<?xml version="1.0"?>
<mule xmlns="http://www.mulesource.org/schema/mule/core/2.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:spring="http://www.springframework.org/schema/beans"
xmlns:file="http://www.mulesource.org/schema/mule/file/2.2"
xmlns:sftp="http://www.mulesource.org/schema/mule/sftp/2.2"
xmlns:ftp="http://www.mulesource.org/schema/mule/ftp/2.2"
xmlns:pgp="http://www.mulesource.org/schema/mule/pgp/2.2"
xmlns:jdbc="http://www.mulesource.org/schema/mule/ee/jdbc/2.2"
xmlns:stdio="http://www.mulesource.org/schema/mule/stdio/2.2"
xmlns:smtp="http://www.mulesource.org/schema/mule/smtp/2.2"
xmlns:email="http://www.mulesource.org/schema/mule/email/2.2"
xmlns:vm="http://www.mulesource.org/schema/mule/vm/2.2"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.mulesource.org/schema/mule/core/2.2 http://www.mulesource.org/schema/mule/core/2.2/mule.xsd
http://www.mulesource.org/schema/mule/file/2.2 http://www.mulesource.org/schema/mule/file/2.2/mule-file.xsd
http://www.mulesource.org/schema/mule/sftp/2.2 http://www.mulesource.org/schema/mule/sftp/2.2/mule-sftp.xsd
http://www.mulesource.org/schema/mule/ftp/2.2 http://www.mulesource.org/schema/mule/ftp/2.2/mule-ftp.xsd
http://www.mulesource.org/schema/mule/pgp/2.2 http://www.mulesource.org/schema/mule/pgp/2.2/mule-pgp.xsd
http://www.mulesource.org/schema/mule/ee/jdbc/2.2 http://www.mulesource.org/schema/mule/ee/jdbc/2.2/mule-jdbc-ee.xsd
http://www.mulesource.org/schema/mule/stdio/2.2 http://www.mulesource.org/schema/mule/stdio/2.2/mule-stdio.xsd
http://www.mulesource.org/schema/mule/smtp/2.2 http://www.mulesource.org/schema/mule/smtp/2.2/mule-smtp.xsd
http://www.mulesource.org/schema/mule/email/2.2 http://www.mulesource.org/schema/mule/email/2.2/mule-email.xsd
http://www.mulesource.org/schema/mule/vm/2.2 http://www.mulesource.org/schema/mule/vm/2.2/mule-vm.xsd">

<spring:bean id="pgpKeyManager" class="org.mule.module.pgp.PGPKeyRingImpl" init-method="initialise">
<spring:property name="publicKeyRingFileName" value="<path to public keyring>/pubring.gpg"/>
<spring:property name="secretKeyRingFileName" value="<path to private keyring>/secring.gpg"/>
<spring:property name="secretAliasId" value="<public key id>"/>
<spring:property name="secretPassphrase" value="<password>"/>
</spring:bean>

<pgp:security-manager>
<pgp:security-provider name="pgpSecurityProvider" keyManager-ref="pgpKeyManager"/>
<pgp:keybased-encryption-strategy name="keyBasedEncryptionStrategy" keyManager-ref="pgpKeyManager"/>
</pgp:security-manager>

<spring:bean id="credentialAccessor" class="org.mule.module.pgp.FakeCredentialAccessor"/>

<model name="ftpInboundModel">
<service name="ftpInboundService">
<inbound>
<sftp:inbound-endpoint user="<user account>" password="<password>"
host="localhost"
port="22"
pollingFrequency="10000"
path="/temp/muletest/uc1/ftp"
tempDir="tmp"
useTempFileTimestampSuffix="true"
archiveDir ="./archive">
<pgp:security-filter strategyName="keyBasedEncryptionStrategy"
signRequired="true"
credentialsAccessor-ref="credentialAccessor"
keyManager-ref="pgpKeyManager"/>
</sftp:inbound-endpoint>
</inbound>
<echo-component/>
<outbound>
<pass-through-router>
<file:outbound-endpoint connector-ref="inboundFileConnector" path="./remoteFS"
outputPattern="#header:originalFilename-#function:datestamp.gpg">
<encrypt-transformer name="pgpEncrypt" strategy-ref="keyBasedEncryptionStrategy"/>
</file:outbound-endpoint>
</pass-through-router>
</outbound>
</service>
</model>

</mule>

rbiresch

Posts: 10
Registered: 03/21/09
Re: [mule-user] Re: PGP Security - encryption example?
Posted: Aug 2, 2010 10:17 AM    global.in_response_to.tooltip in response to: rbiresch
 
   thread.click_reply Reply
It appears that the credential accessor maybe missing...not configured on the transformer. The security filter supports credentialsAccessor-ref but the <encrypt-transformer> does not.
Andrew Perepely...
Re: [mule-user] Re: PGP Security - encryption example?
Posted: Aug 2, 2010 10:40 AM    global.in_response_to.tooltip in response to: rbiresch
   thread.click_reply Reply
Rod,

Try it via a generic custom-transformer element and configure those via
<spring:property/>. If it works, file a jira to enhance the schema for
encryption transformer.

HTH,
Andrew
rbiresch

Posts: 10
Registered: 03/21/09
Re: [mule-user] Re: PGP Security - encryption example?
Posted: Aug 3, 2010 6:21 AM    global.in_response_to.tooltip in response to: Andrew Perepely...
 
   thread.click_reply Reply
Andrew,
I believe I have it working. I created a spring bean for the KeyBasedEncryptionStrategy and injected the credential accessor. Then used the <encrypt-transformer> and referenced the newly created KeyBasedEncryptionStrategy bean. It appears to be working fine however, I'm still testing. Here's an example of what my spring bean configuration looks like:

<spring:bean id="keyBEStrategy" class="org.mule.module.pgp.KeyBasedEncryptionStrategy" init-method="initialise">
<spring:property name="keyManager" ref="pgpKeyManager"/>
<spring:property name="credentialsAccessor" ref="credentialAccessor"/>
</spring:bean>

...the <encrypt-transformer>:

<encrypt-transformer name="pgpEncrypt" strategy-ref="keyBEStrategy"/>

Thanks for your help!

Rod
Legend
Helpful Answer
Correct Answer