On Thu, 08 Apr 1999, rfi from Rich Roth wrote:
> On Wed, Apr 07, 1999 at 12:34:47PM +0200, Thomas Roessler wrote:
> > Not yet. I'm playing with the thought to write a cryptlib-based
> > command line tool to handle S/MIME messages, and to integrate it
> > with mutt.
> My understanding is that you'd have to start from scratch - the tool
> kit is US/Gov developed and blocked from export.
Thomas doesn't need to do so, because someone else did:
--------------------- schnipp ----------------------------------
From: [EMAIL PROTECTED] (Peter Gutmann)
To: [EMAIL PROTECTED]
Subject: cryptlib 2.1 final beta released
Reply-To: [EMAIL PROTECTED]
Date: Thu, 25 Mar 1999 05:05:10 (NZST)
I've just uploaded what should in theory be the final beta of cryptlib 2.1,
you can get the source code (Unix/Windows/DOS/whatever) + precompiled Win16
and Win32 DLL's as ftp://ftp.franken.de/pub/crypt/cryptlib/beta/beta0322.zip
and the 230-page manual as
ftp://ftp.franken.de/pub/crypt/cryptlib/beta/manual.pdf.
cryptlib provides the ability to create and read S/MIME messages (with real
encryption, not the usual RC2/40), a reasonably complete PKIX and X.509v3
certificate handling implementation (YMMV), and various other useful features
like key databases, a certificate trust manager, automated checking of certs
against CRL contents, LDAP directory access, and other odds and ends - grab a
copy of the manual for more information. The main design goal was ease of
use, for example here's what it takes to create a signed S/MIME message:
/* Create an envelope for the message and push in the signing key */
cryptCreateEnvelopeEx( &cryptEnvelope, CRYPT_FORMAT_SMIME, CRYPT_USE_DEFAULT
+);
cryptAddEnvComponentNumeric( cryptEnvelope, CRYPT_ENVELOPE_SIGNATURE,
signatureKey );
/* Push in the message data and pop out the signed result */
cryptPushData( cryptEnvelope, message, messageSize, &bytesIn );
cryptPushData( cryptEnvelope, NULL, 0, NULL );
cryptPopData( cryptEnvelope, buffer, bufferSize, &bytesOut );
/* Clean up */
cryptDestroyEnvelope( cryptEnvelope );
The manual contains examples of how you'd integrate this into a mailer like
Eudora to provide full-strength S/MIME encryption.
--------------------- schnipp ----------------------------------
AFAIK that's the base Thomas wants to operate on.
> Personally I don't get how S/MIME can be considered an international
> standard without a internationally available reference
> implementation - is there one you are aware of ??
Fact is, that many Windows mail readers support S/MIME and not PGP
(especially not RFC 2015). If you want to use S/MIME in an Unix
environment you have to install Netscape Communicator and use
Messanger, which may corrupt your mail folders and something like
this. So it's really a great idea to implement some kind of S/MIME
support to Mutt.
> Does 'cryptlib' handle this and what is a URL for it ?
See the above quoted mail.
Ciao
Roland
--
* [EMAIL PROTECTED] * http://www.spinnaker.de/ *
PGP: 1024/DD08DD6D 2D E7 CC DE D5 8D 78 BE 3C A0 A4 F1 4B 09 CE AF
