Re: [Javamail-crypto-devel] Fwd: Verify signature
Status: Beta
Brought to you by:
akp
Menu
▾
▴
Re: [Javamail-crypto-devel] Fwd: Verify signature
|
From: Didac <um...@gm...> - 2009-07-22 09:30:01
|
I'm ussing java for verify the signature, so the cacerts are on $JAVA_HOME/lib/security/cacerts. I have the CA installed and I sing a message with a private key that is signed by this CA. It's easy to extrac the public key associated to a signed message (EncryptionUtils extractkeys method). Then, what I need is to check if this key is signed by my CA. With this I can check the validity of the signature. 2009/7/22 <geo...@fi...> > You can attach the public key to the mail. It is quite simple. But for > checking against a CA, you would need the CA keys. They usually exists > within the OS but I have no idea where. > > > > Best Regards > > Phone Norway: 02367 abroad: +47 974 14 025 > Fileflow Technologies AS > Ole Deviks vei 35, 0668 Oslo, Norway > > ------------------------------------- > > > > > > > > On 21 Jul 2009, at 23:19, Didac wrote: > > Hi everyone! >> >> I'm ussing javamail-crypto with S/MIME provider based off of the >> BouncyCastle. I sends mail signed and I can verify the sign correctly if I >> have it. >> >> But the default way to verify a signatura (Outlook does it) is sending the >> public key or the certificate with the signed message. So, the receiver can >> download the certificate and veritfy the signature with the public key on >> the certificate. It's possible to do with javamail-crypto? >> >> Another thing that can by done is to verify if the message is signed with >> a private key signed by a CA. It's possible? (Thunderbird does it) >> >> Regards >> >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> Javamail-crypto-devel mailing list >> Jav...@li... >> https://lists.sourceforge.net/lists/listinfo/javamail-crypto-devel >> > > |
