|
|
Crypt::OpenSSL::SMIME - signing and encrypting messages with S/MIME standard using OpenSSL libraries.
use Crypt::OpenSSL::SMIME;
$smime = new Crypt::OpenSSL::SMIME({ signer_from => 'sender@test.com', signer_cert => 'sender.crt', signer_key => 'sender.key', signer_key_pass => 'mysecurepassword', outfile => 'MailEncrypted.txt' }); $smime->loadDataFile('MailForSend.txt');
$smime->encryptData('recipient.crt', 'recipient@test.com', 'Subject text');
Crypt::OpenSSL::SMIME is a brain dead minimalistic not yet secure for use by paranoid people wrapper around OpenSSL library which was extremely useful for us at YASP Software Ltd to send sensitive information to Outlook and Mozilla mailboxes and requires NO additional support from the mail reader software to decrypt messages unlike PGP.
Ok, here is clear and long description.
It is minimalistic becouse it does sign and encrypt operations in one go. No flexibility (yet).
It is not yet secure for paranoid people becouse it creates outputfile. On first go this file will contain signed message. I.e. original message in clear text and signature appended. On second go this file will be overwritten with encrypted one. So bad boy has a couple of milliseconds to read unencrypted data from disk. I know i am paranoid but the question is: am I paranoid enough ? We are working on the next version which will be secure even for paranoid users.
It is extremely useful becouse allow to encrypt mail messages with S/MIME standard with 4 lines of Perl code. Mail reading software like Mozilla and Outlook have builtin support for this standard unlike PGP. Recipient will need to install his certificate though. Which is proven to be simple step even for dumb people. If you managed to run your own CA recipient will probably want your root CA certificate as weel. I hope i used well known words here.
Takes reference to hash as parameter. Probably not good idea though. Hash keys:
signer_from - email address of the sender (From: ) signer_cert - filename with sender certificate file signer_key - filename with sender key file signer_key_pass - password for sender key outfile - filename to store signed and encrypted message =item I<loadDataFile> filename
filename - filename with original message
Note: we are not yet support attachements. At least we did not tested it.
recipient_cert - filename with recipient certificte recipient_email - recipient email subject - Subject: for email
Copyright (c) 2003 YASP Software Ltd. http://www.yasp.com/ All Rights Reserved.
Distribution and use of this module is under the same terms as the OpenSSL package itself (i.e. free, but mandatory attribution; NO WARRANTY). Please consult LICENSE file in the root of the OpenSSL distribution.
And remember, you, and nobody else but you, are responsible for auditing this module and OpenSSL library for security problems, backdoors, and general suitability for your application.
<http://www.openssl.org/> - OpenSSL source, documentation, etc openssl-users-request@openssl.org - General OpenSSL mailing list
Dmitry Dorofeev dima somewhere inside yasp point com original C code to show that S/MIME is really simple with OpenSSL and author of this POD text
Max Rozanov max somewhere inside yasp point com XS hacker who made all hard work to convert C code into Perl Modiule
Artem Marchenko tema somewhere inside yasp point com Who made test suite.
Please send bug reports to dima-smime somewhere inside yasp point or dot com