Thomas Roessler wrote:
>
> On 2000-03-14 07:37:49 +0100, Richard Levitte - VMS
> Whacker wrote:
>
> > Personally I don't see the problem with getting the
> > correct mime headers served by smime and just graft
> > them in among all the others, but YMMV.
>
> While this may be fine for the simplest applications, it's
> not reasonable in a situation in which I want to generate
> multiple signatures and put them into a multipart/mixed,
> or in which I have a multipart/mixed and want to verify
> multiple signatures with different back-ends. I don't
> really want to do MIME en- and decoding just for passing
> data to the crypto back-end, and back.
>
> Additionally, it's an aesthetic question. Why put a MIME
> engine into the crypto back-end when the front-end will do
> MIME, probably has a better tested MIME parser, and
> additionally the back-end produced MIME doesn't really fit
> into the things the front-end wants to do?
>
The main reason MIME is in there is so the S/MIME messages can be
generated or parsed in the right form. The MIME parser in OpenSSL is
rather a contemptible beast but its good enough for the S/MIME messages
I tested it on.
At the time I couldn't find a MIME parser with an appropriate licence
that worked on the same platforms as OpenSSL. More importantly none of
them seemed to handle multipart/signed properly.
Anyway if you use the API you don't have to use the OpenSSL MIME parser
you can just feed in the decoded parts to the various functions. This
isn't available in the 'smime' tool but its not hard to do.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
