Andrea Cosentino created CAMEL-23744:
----------------------------------------
Summary: camel-xmlsecurity: update XML Encryption docs example
from 3DES (TRIPLEDES) to AES-256-GCM
Key: CAMEL-23744
URL: https://issues.apache.org/jira/browse/CAMEL-23744
Project: Camel
Issue Type: Improvement
Components: camel-xmlsecurity
Reporter: Andrea Cosentino
Assignee: Andrea Cosentino
The {{XMLSecurityDataFormat}} data-cipher default is already
{{XMLCipher.AES_256_GCM}}, but the documentation example in
{{xmlSecurity-dataformat.adoc}} ("Partial Payload Content Only
encryption/decryption with passPhrase and Algorithm") still demonstrates
{{String algorithm = XMLCipher.TRIPLEDES;}}. Showing 3DES in the docs
implicitly recommends a legacy cipher.
h3. Proposal
* Update the example to {{XMLCipher.AES_256_GCM}} (with a correctly sized
32-byte passphrase).
* Add a short *Data Cipher Algorithm* note (mirroring the existing *Key Cipher
Algorithm* note) stating the default is AES-256-GCM and that TRIPLEDES is
legacy/discouraged.
Docs-only; no code or behaviour change. The 3DES code path stays for explicit
opt-in (route-author's choice per the Camel security model). Derived from a
PQC-readiness review.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
