Reorganize SMIME crypto support code to share it with future new PGP support
code
---------------------------------------------------------------------------------
Key: JAMES-596
URL: http://issues.apache.org/jira/browse/JAMES-596
Project: James
Issue Type: New Feature
Components: Matchers/Mailets (bundled)
Reporter: Vincenzo Gianferrari Pini
Assigned To: Vincenzo Gianferrari Pini
Priority: Minor
Fix For: 3.0
The current mailet code that does cryptographic activity is specialized for
SMIME. In order to support PGP, as requested by some people (Robert Burrel
Donkin), it would be nice to have it rearranged in order to share code as much
as possible.
First of all let me recall the current code.
There are two similar but not identically built "strains", one written by me,
and the other by Stefano. But from our point of view they are equivalent.
My strain is the SMIMESign mailet that extends SMIMEAbstractSign; the split
between the two classes is just to allow for some possible massaging of the
message before the signature (the "explanation text" in this case).
Stefano's strain is composed of the SMIMECheckSignature and SMIMEDecrypt
mailet, plus the IsSMIMEEncrypted, IsSMIMESigned and IsX509CertificateSubject
matchers.
SMIMEAbstractSign (and SMIMEDecrypt) uses *for all the SMIME related work* the
org.apache.james.security.KeyHolder helper class; similarly SMIMECheckSignature
uses the org.apache.james.security.KeyStoreHolder helper class.
The approach I'm thinking about is the following:
1) Create an *interface* named KeyHolder with all the needed (and not SMIME
dependent) methods.
2) Rename the current KeyHolder class to SMIMEKeyHolder, and have it implement
the KeyHolder interface doing the SMIME implementation.
3) Create a new PGPKeyHolder implementing KeyHolder interface doing the PGP
work. My assumption is that *there is a total equivalence* between the SMIME
and PGP required/desired functionalities, captured by the KeyHolder interface.
4) Have SMIMEAbstractSign instantiate either SMIMEKeyHolder or PGPKeyHolder as
the KeyHolder object that will be used, based on the value of a new
<keyHolderClass> attribute, that would be either <keyHolderClass>
org.apache.james.security.SMIMEKeyHolder </keyHolderClass>or <keyHolderClass>
org.apache.james.security.PGPKeyHolder </keyHolderClass>.
5) Rename SMIMESign to Sign, that will become the concrete sign malet driven by
the <keyHolderClass> attribute.
6) Create two new and very simple SMIMESign and PGPSign mailets, whose only job
would be to force the <keyHolderClass> attribute to the right one.
An equivalent job could and should be done for Stefano's mailets.
The PGP equivalents of Stefano's matchers should be written from scratch.
I have already done part of the work. If nobody has anything to say against
this approach, I will start committing to trunk in the next few days. Robert
after that will write the PGP specific code.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
