streamable (and resumable) s/mime encryption (plus signature)

[ralfhauser]

1. Create a S/MIME implementation that reads the input mime stream only once and writes the result to an output stream.
   (no temp files, just reading from the input stream and writing to the output stream)

2. Make it resumable, i.e. it can be stopped, it keeps the (serializeable) state (symmetric session key, nonces/salts, ...) - later it can restart at any offset and the pieces of the output stream when combined (and no gaps) make a valid smime encrypted message
   (just for reference: your sha256 appears to fulfil 1 and 2)

3. the same for s/mime signatures

4. what would it cost if the bouncycastle core team were to implement this (say 1 + 2)?

I'm please to say this is now done. Thanks to Ralf and PrivaSphere for supporting this.

[ll-priva]

Regarding 1.: Am I correct to assume, that this is done by calling transferTo on the inputstream? Are there any tests?

For 2. I found: https://github.com/bcgit/bc-java/blob/master/mail/src/test/java/org/bouncycastle/mail/smime/test/JournalingSecureRandomEncryptTest.java

Are there any other tests, for the 3 points?

[ralfhauser]

Are there any committs that could be referenced to make it easily accessible ?

[ralfhauser]

see also https://issues.apache.org/jira/browse/PDFBOX-4297

[ralfhauser]

see also https://issues.apache.org/jira/browse/PDFBOX-4297

and see https://issues.apache.org/jira/browse/PDFBOX-2776 (would that also work for LARGE ?)