Re: Security-related APIs
Re: Security-related APIs
- Subject: Re: Security-related APIs
- From: Johann Hibschman <email@hidden>
- Date: Sat, 29 Sep 2001 11:09:25 -0700
On Friday, September 28, 2001, at 04:51 AM, Ondra Cada wrote:
(a) implement en/decryption in a way
(a.i) which would look as a native feature of the Mail application;
(a.ii) which would be at least useable from other e-mail clients
[snip]
Incidentally, the one thing I do know is how to use Services for
(a.ii); I
can (and probably will) do that, but my client would like to have, at
least
for Mail, something more automatical.
One warning: implementing crypography via services for mail has one big
problem. Namely, most mail applications feel free to re-wrap the text
in messages as you send it, possibly introducing paragraph tags, and the
like. This plays havoc with any kind of decryption or signing service,
since the text you just signed/encrypted/whatever is not the text that
was actually sent out.
I've experimented a bit with this through the Gnu Privacy Guard, which
has been wrapped as a basic Framework for Cocoa, search (IIRC)
macgpg.sourceforge.net. That focuses on key management and signing, but
the encryption API is exposed.
I've heard that 10.1 has a /dev/random, which should help key generation
a lot, and will require some changes to any existing packages. I don't
have it, since I'm a poor unemployed ex-student. (sniff, sniff. :
( anyone hiring? ;) )
I imagine the more interesting problem would be to find a way to hack
into Mail in a seamless way, and to get other mail programs not to alter
any output text. There is a program that I saw on versiontracker called
GPGMail, which actually does what you ask and hacks GPG support into
Mail.app. I don't know how they did it, and the APIs they used aren't
official, but it might be a place to start.
I hope that helps,
--Johann