On Tue, 18 Mar 2003, Michael Bell wrote: > getSMIME was used to include all SMIME functionality in one function. > This was perhaps a mistake. If you want to rename it then you can do it > but please be careful because we don't want to change the code too often > (it is a stable interface). >
Well, after thinking a lot about this, I came to the conclusion that it would be better if the S/MIME functionality is in a separate module, and works with MIME::Entity, as it seems to be the natural option (openssl reads and writes MIME entities). You create the object giving it a file or a MIME::Entity, apply the sign/verify/encrypt/decrypt methods, and then fetch the resulting file or entity with correct headers and the final content. The main reason to use MIME::Entity is that it eases the parsing of headers (otherwise them will be lost when decrypting, or signed/encrypted if not correctly stripped), is real easy to build new multipart messages from scratch and it has its own cache of temporary files which allows to use very little memory independiently of message/attachments size. It would be better explained when I finish the first version. But please tell me if you think this is the wrong approach. Also, I want to ask you something. IMHO the passing of certificates is best done with OpenCA::X509 objects which I write in a local cache of temporary files for openssl, and allows me to easily run checks on them (the one that signed the mail is the same I expect for this email? Is it issued by my CA? etc.). But I'd seen that in your implementation of getSIME you always expect filenames. I could write routines that automagically check which kind of data you are passing, but I think it would increase the complexity of the interface too much... Inside openca you store the certs and such in a database isn't it? (I am doing that for my project) In that case, it would be better if we pass them in-core. Tell me if I'm wrong... Regards, Martin. PD: it's me or lists.sourceforge.net is slooooow? ------------------------------------------------------- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
