I'm currently working on a DomainKeys verification mailet.
I have been taking hints from the RFC which uses the openssl command line for illustrations. I have written a simple Java wrapper that makes system calls to openssl, and I'm using this wrapper to do signature verification. I admit this is not a very efficient way to perform the verification, but it has allowed me to spend more time on other issues like message canonicalization, and parsing the TXT records and signature header.
Does anyone have suggestions on how to do the verification in Java natively? I have a the public key which is published in a DNS record in PEM format, and I have the signature in Base64. It was a fairly simple exercise to map this data to the openssl command line. However, I am not sure how to instantiate the Java objects, namely java.security.cert.Certificate and java.security.Signature.
Any help is appreciated. -Mike Bryant --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
