[
https://issues.apache.org/jira/browse/CAMEL-7002?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13837757#comment-13837757
]
Franz Forsthofer commented on CAMEL-7002:
-----------------------------------------
Hi Aki,
I will explain why it is better to do the filtering in the PGPDataFormat.
First, I explain the verification process as given in the patch:
Let us assume we receive a camel message which contains several PGP Signatures.
Now we loop over the Signatures and check whether we can find a public key in
the keystore which has the same KeyId as contained in the current signature. If
there is such a public key then we check if the public key has a user ID which
contains one of the strings provided by the new parameter signatureKeyUserids.
Only if this is the case we stop the looping and we execute a verification of
the actual signature. Even if the verification fails we do not continue the
loop over the signature.
So the semantic is find the first signature whose key is in the keystore and
which has one user ID which contains one value out of the signatureKeyUserIds
and execute a verification for this signature.
A later check as proposed by you has considerable performance drawbacks. In
your case, we have to execute the verification over *all* signatures then we
have to collect the verification information and the user ID information in
some map (signature to verification result and user ID list) so that we later
can evaluate this map. The execution of the verification of all signatures is
in my opinion a performance overhead because we want only to verify that the
message comes from someone who is specified in the list given by the
signatureKeyUserids.
Regards Franz
> PGPDataFormat: restrict verifying public keys
> ---------------------------------------------
>
> Key: CAMEL-7002
> URL: https://issues.apache.org/jira/browse/CAMEL-7002
> Project: Camel
> Issue Type: Improvement
> Components: camel-crypto
> Reporter: Franz Forsthofer
> Assignee: Hadrian Zbarcea
> Fix For: 2.12.3, 2.13.0
>
> Attachments: 0001-PGPDataFormat-signatureUserIds-added.patch
>
>
> During the signature verification with PGPDataFormat currently all public
> keys contained in the public keyring are taken into account. So the current
> semantic is: Verify the signature against all public keys in the keyring. IF
> you have a keyring with lot of public keys you will not want that every
> identity represented by the public keys can sent to you a signature. Normally
> you want to know from which identity the signature comes. Therefore I have
> introduced the possibility to restrict the verifying publikc keys; I have
> introduced the parameter signatureKeyUserids where you specify the Userids
> the publc keys must have in order to be allowed to verify a signature.
--
This message was sent by Atlassian JIRA
(v6.1#6144)