Access Keys:
Skip to content (Access Key - 0)

Contents

PGP Security

This extension adds PGP security on endpoint communication. With PGP you can achieve end-to-end security communication with signed and encrypted messages between parties.

Requirements

Libraries

You must add these libraries to your Mule classpath:

Policy Files

If you are running JDK 1.4+ that comes with the Sun JCE by default, you must install the Unlimited Strength Jurisdiction Policy files, which can be downloaded from the following URL (note that they are listed entirely at the bottom of the page, in the Other Downloads section):

JDK 1.4
JDK 5
JDK 6

These files must be installed in $JAVA_HOME$/jre/lib/security

According to Sun, the default distribution of the JCE allows "strong, but limited strength cryptography." This means that you cannot use RSA keys bigger than 2048 bits and no symmetric ciphers that use more than 128 bits. ElGamal is not allowed at all, thus DH/DSS cannot be used for encryption.

Useful PGP Links
How PGP works (intro documentation)
GnuPG (freeware implementation)
enigmail (extension for Thunderbird)

Configuring the PGP Filter

Using a Spring context, you define a manager for accessing public and private keys.

<mule xmlns="http://www.mulesource.org/schema/mule/core/2.2"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:spring="http://www.springframework.org/schema/beans"
       xmlns:pgp="http://www.mulesource.org/schema/mule/pgp/2.2"
       ...cut...

    <spring:bean id="pgpKeyManager" class="org.mule.module.pgp.PGPKeyRingImpl" init-method="initialise">
        <spring:property name="publicKeyRingFileName" value="serverPublic.gpg"/>
        <spring:property name="secretKeyRingFileName" value="serverPrivate.gpg"/>
        <spring:property name="secretAliasId" value="0x6168F39C"/>
        <spring:property name="secretPassphrase" value="TestingPassphrase"/>
    </spring:bean>

    <spring:bean id="fakeCredentialAccessor" class="org.mule.module.pgp.FakeCredentialAccessor"/>

You must also specify a class that identifies the sender of a message. For this example, we simply fake the sender using the FakeCredentialAccessor (available in the test classes of mule-module-pgp), which returns a fixed user name.

PGP stores keys in files called keyrings
There is a public keyring storing public keys of your trusted parties and a private keyring storing your secret key. In a keyring, keys are referenced by an alias ID (also named key Id). Your secret keyring is encrypted on your disk using a passphrase.

In this example, we define a sample echo application that reads signed (and encrypted) files from a directory (/temp/signedAndEncryptedFiles/in) and write the decrypted content into /temp/decryptedFiles/out. The configuration looks like this:

    <pgp:security-manager>
        <pgp:security-provider name="pgpSecurityProvider" keyManager-ref="pgpKeyManager"/>
        <pgp:keybased-encryption-strategy name="keyBasedEncryptionStrategy" keyManager-ref="pgpKeyManager"/>
    </pgp:security-manager>

    <model name="test">
        <service name="echo">
            <inbound>
                <inbound-endpoint address="file:///temp/signedAndEncryptedFiles/in">
                    <pgp:security-filter strategyName="keyBasedEncryptionStrategy" signRequired="true"
                                         credentialsAccessor-ref="fakeCredentialAccessor"
                                         keyManager-ref="pgpKeyManager"/>
                </inbound-endpoint>
            </inbound>
            <component class="org.mule.module.pgp.EchoMsg"/>
            <outbound>
                <pass-through-router>
                    <outbound-endpoint address="file:///temp/decryptedFiles/out">
                        <pgp:security-filter strategyName="keyBasedEncryptionStrategy" 
                                             credentialsAccessor-ref="fakeCredentialAccessor"
                                             keyManager-ref="pgpKeyManager"/>
                    </outbound-endpoint>
                </pass-through-router>
            </outbound>
        </service>
    </model>
</mule>

The property signRequired in the inbound security filter controls whether to accept unsigned messages.

Configuration Reference

Security Manager

Child Elements of <security-manager...>

Name Cardinality Description
security-provider 0..1 Security provider for PGP-related functionality.
keybased-encryption-strategy 0..1 The key-based PGP encryption strategy to use.

Security Provider Security provider for PGP-related functionality.

Attributes of <security-provider...>

Name Type Required Default Description
keyManager-ref string no   Reference to the key manager to use.

Keybased Encryption Strategy The key-based PGP encryption strategy to use.

Attributes of <keybased-encryption-strategy...>

Name Type Required Default Description
keyManager-ref string no   Reference to the key manager to use.
credentialsAccessor-ref string no   Reference to the credentials accessor to use.
checkKeyExpirity boolean no   Check key expiration.

Security Filter Filters messages based on PGP encryption.

Attributes of <security-filter...>

Name Type Required Default Description
strategyName string no   The name of the PGP encryption strategy to use.
signRequired string no   Whether signing is required.
keyManager-ref string no   Reference to the key manager to use.
credentialsAccessor-ref string no   Reference to the credentials accessor to use.
Adaptavist Theme Builder Powered by Atlassian Confluence