Opinionated behavior limits usability #2
Comments
|
@matlik Thanks very much for your post. i was using this library and having some strange behavior and though it was just my own problem. Is it possible to publish your work and I could sync it. Very much appreciate. |
|
If you are referring to the ability to specify the encryption algorithm, I do have a fork that I will be pushing my changes to soon. You can see it at https://github.com/vnomics/java-utils-mail-smime under the variable-encryption-algorithms branch once I've pushed it. As for the problem I was having with the text attachment, this is an example snippet of how to make the canonicalization safe for the inbound email message: Setting the |
|
@matlik you are the life saver. I have the encryption part working as expected now. But looks like still have issue with sign. i have a simple sign function that to send out email but looks like not work as expected: String from ="[email protected]", to="[email protected]", subject = "sbj", body="body";
javax.mail.Session mailSession = javax.mail.Session.getInstance(new Properties(), null);
MimeMessage message = new MimeMessage(mailSession);
message.setFrom(new InternetAddress(from));
message.setRecipient(RecipientType.TO, new InternetAddress(to));
message.setSubject(subject);
// message.setContent(body, "text/plain; charset=utf-8"); // neither works.
message.setText(body);
System.out.println(SmimeUtil.getStatus(message));
SmimeKey privateKey = getSmimeKey();
message = SmimeUtil.sign(mailSession, message, privateKey);
System.out.println(SmimeUtil.getStatus(message));
System.out.println("-----------------");And result I added JCE to JDK, and used the certificate that is generated from COMODO. Because the Encryption works, I think the SmimeKey should be generated right. But just did not figure out why the sign fails. |
|
Try calling |
|
Another observation: I need to do following to get signed message sent out Otherwise, I will get The https://github.com/vnomics/java-utils-mail-smime version handled it way much better. Hope those change would be push to maven. |
After searching online, this library as the simplest and best implementation of S/MIME support in Java I could find. Thank you for your work!
I've integrated it into our application, but have run into an issue related to the hard coded default DES_EDE3_CBC algorithm in
SmimeUtil.prepareEncryptor(). Our use case requires us to use AES_256_CBC instead. I was able to work around this by creatingSmimeUtil.encrypt(Session session, MimeMessage mimeMessage, X509Certificate certificate, ASN1ObjectIdentifier cmsAlgorithm)Additionally, it may be worth adding some comments in the readme about how
SmimeUtil.sign(...)will canonicalize EOL characters as a side-effect. This has the potential of corrupting attachments, as was the case for us. The work-around is to force a Base64 (or something else that will never have a newline) encoding of the attachment instead of allowing the default (7bit text in our case)If you'd be interested in a pull request, I can try submitting one. It would be a first for me.
Thanks again for this library!
The text was updated successfully, but these errors were encountered: