On 10/24/06, Danny Angus <[EMAIL PROTECTED]> wrote:
On 10/22/06, robert burrell donkin <[EMAIL PROTECTED]> wrote:
> hi
>
> (as some will know) i've been working on an OpenPGP/MIME (RFC3156)
> signing mailet. my reading of the specification leads me to believe
> that i should canonicalise the content to be signed.
Oh what a PITA!
You can create a MimeMessage and get its bytes out in a stream, if
thats what you need to do. You can do it for a "Part"
(http://java.sun.com/products/javamail/javadocs/javax/mail/internet/MimeBodyPart.html#getContentStream())
Perhaps that isn't what you're after?
i start with a part. i could canonicalize just the signing stream
without canonicalizing the actual content part. this would produce a
signature that most OpenPGP/MIME readers would verify ok but the
specification implies that the part content itself should be
canonicalised as well. i'd much prefer to be specification compliant.
i suppose that the canonicalized stream could be used to create a new
part containing the canonicalized content. what i don't really
understand is how i can ensure that the content-transport-encoding
used to send the message is correct (the spec says Quoted-Printable or
Base64 MIME only) or indeed if i can using javamail.
- robert
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
