Using and configuring Phaos or BOUNCY CASTLE for encryption and certificate tasks

Date:12 December 2008
Product/Release:LANSA Integrator
Abstract:Choosing to use Phaos or BOUNCY CASTLE - And how to Configure
Submitted By:LANSA Technical Support

Here are a few tips when choosing whether to use Phaos or Bouncy Castle for your encryption and certificate tasks.

Only the AS2 Service requires Phaos. Anything else, for example, SMIME can use Bouncy Castle (as well as Phaos).

Bouncy Castle Option:

Bouncy Castle is shipped with LANSA Integrator EPC835 which provides for the following :

  • Use PKIEditor which is 100% Bouncy Castle and does not require Phaos.
  • Configure SMTPMailService and POP3MailService to use Bouncy Castle and not to use Phaos.
  • If the JSM instance is configured for Bouncy Castle, you cannot use AS2 as this still requires Phaos. The two conflict for MIME content-type mapping in the Java Activation Framework ( JAF ), as AS2 use JavaMail and JAF.

Refer to the LANSA Integrator EPC835 documentation for more information.

Phaos Option:

Will need to be purchased from Oracle.

In particular, the software that needs to be purchased is:

  • Phaos Security Engine
  • Phaos CMS
  • Phaos S/MIME

If choosing to use Bouncy Castle:

If you plan to use Bouncy Castle for SMIME, then

  1. From the mailcap.txt file, comment out the Phaos handlers
  2. Uncomment the Bouncy castle handlers

# Phaos
#application/x-pkcs7-mime;; x-java-content-handler=com.phaos.smime.SmimeDataContentHandler
#application/pkcs7-mime;; x-java-content-handler=com.phaos.smime.SmimeDataContentHandler
#application/x-pkcs7-signature;; x-java-content-handler=com.phaos.smime.SmimeDataContentHandler
#application/pkcs7-signature;; x-java-content-handler=com.phaos.smime.SmimeDataContentHandler
#application/x-pkcs10;; x-java-content-handler=com.phaos.smime.SmimeDataContentHandler
#application/pkcs10;; x-java-content-handler=com.phaos.smime.SmimeDataContentHandler
#multipart/signed;; x-java-content-handler=com.phaos.smime.SmimeDataContentHandler
#
# Bouncy Castle
application/x-pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_mime
application/pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_mime
application/x-pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_signature
application/pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_signature
multipart/signed;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.multipart_signed
#

Note: If no mailcap entries are present at all, then the Bouncy Castle classes static code sections will register these entries.