org.apache.james.transport.mailets.smime
Class SMIMECheckSignature

java.lang.Object
  extended by org.apache.mailet.GenericMailet
      extended by org.apache.james.transport.mailets.smime.SMIMECheckSignature
All Implemented Interfaces:
Mailet, MailetConfig

public class SMIMECheckSignature
extends GenericMailet

Verifies the s/mime signature of a message. The s/mime signing ensure that the private key owner is the real sender of the message. To be checked by this mailet the s/mime signature must contain the actual signature, the signer's certificate and optionally a set of certificate that can be used to create a chain of trust that starts from the signer's certificate and leads to a known trusted certificate.

This check is composed by two steps: firstly it's ensured that the signature is valid, then it's checked if a chain of trust starting from the signer certificate and that leads to a trusted certificate can be created. The first check verifies that the the message has not been modified after the signature was put and that the signer's certificate was valid at the time of the signing. The latter should ensure that the signer is who he declare to be.

The results of the checks perfomed by this mailet are wrote as a mail attribute which default name is org.apache.james.SMIMECheckSignature (it can be changed using the mailet parameter mailAttribute). After the check this attribute will contain a list of SMIMESignerInfo object, one for each message's signer. These objects contain the signer's certificate and the trust path.

Optionally, specifying the parameter strip, the signature of the message can be stripped after the check. The message will become a standard message without an attached s/mime signature.

The configuration parameter of this mailet are summerized below. The firsts defines the location, the format and the password of the keystore containing the certificates that are considered trusted. Note: only the trusted certificate entries are read, the key ones are not.

Other parameters configure the behavior of the mailet:


Field Summary
protected  java.lang.String mailAttribute
           
protected  boolean onlyTrusted
           
protected  boolean stripSignature
           
protected  KeyStoreHolder trustedCertificateStore
           
 
Constructor Summary
SMIMECheckSignature()
           
 
Method Summary
 void init()
          A convenience method which can be overridden so that there's no need to call super.init(config).
 void service(Mail mail)
          Called by the mailet container to allow the mailet to process a message.
 
Methods inherited from class org.apache.mailet.GenericMailet
destroy, getInitParameter, getInitParameter, getInitParameterNames, getMailetConfig, getMailetContext, getMailetInfo, getMailetName, init, log, log
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

trustedCertificateStore

protected KeyStoreHolder trustedCertificateStore

stripSignature

protected boolean stripSignature

onlyTrusted

protected boolean onlyTrusted

mailAttribute

protected java.lang.String mailAttribute
Constructor Detail

SMIMECheckSignature

public SMIMECheckSignature()
Method Detail

init

public void init()
          throws javax.mail.MessagingException
Description copied from class: GenericMailet

A convenience method which can be overridden so that there's no need to call super.init(config).

Instead of overriding init(MailetConfig), simply override this method and it will be called by GenericMailet.init(MailetConfig config). The MailetConfig object can still be retrieved via getMailetConfig().

Overrides:
init in class GenericMailet
Throws:
javax.mail.MessagingException - if an exception occurs that interrupts the mailet's normal operation

service

public void service(Mail mail)
             throws javax.mail.MessagingException
Description copied from class: GenericMailet

Called by the mailet container to allow the mailet to process a message.

This method is declared abstract so subclasses must override it.

Specified by:
service in interface Mailet
Specified by:
service in class GenericMailet
Parameters:
mail - - the Mail object that contains the MimeMessage and routing information
Throws:
javax.mail.MessagingException - - if an exception occurs that interferes with the mailet's normal operation
See Also:
Matcher.match(org.apache.mailet.Mail)


Copyright © 2002-2007 The Apache Software Foundation. All Rights Reserved.