Hi all The question is the same with the title. i would like to encrypt email before sending, i've tried with jana mail but just want to ask whether we have any support from ivy mail or not?

Reference: How to Send Encrypted Emails Programmatically (from an automated process)


asked 08.11.2016 at 03:48

trungdv's gravatar image

accept rate: 52%


Yet there exists no ivy-core solution to encrypt mails. There is also nothing planned in this area. If you have a working solution you may share it here so that other projects can benefit from it.

(08.11.2016 at 17:18) Reguel Werme... ♦♦ Reguel%20Wermelinger's gravatar image

hi ivyteam,

i've tried with the third party library is bouncycastle and java.mails , it's seem to work and i post implementation here

Function to encrypt message:

public MimeMessage encrypt(MimeMessage clearMessage, Session session) {

    MimeMessage encryptedMessage = null;
    try {
        MailcapCommandMap mailcap = (MailcapCommandMap) CommandMap

        mailcap.addMailcap("application/pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_signature");
        mailcap.addMailcap("application/pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_mime");
        mailcap.addMailcap("application/x-pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_signature");
        mailcap.addMailcap("application/x-pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_mime");
        mailcap.addMailcap("multipart/signed;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.multipart_signed");

        /* Add BC */
        Security.addProvider(new BouncyCastleProvider());

        /* Open the keystore */
        KeyStore keystore = KeyStore.getInstance("PKCS12", "BC");
        keystore.load(new FileInputStream(pathP12File),

        // get key alias
        Enumeration e = keystore.aliases();
        String keyAlias = null;
        while (e.hasMoreElements()) {
            String alias = (String) e.nextElement();

            if (keystore.isKeyEntry(alias)) {
                keyAlias = alias;

        if (keyAlias == null) {
            Ivy.log().error("can't find a private key!");
            return null;

        // end getting key
        Certificate[] chain = keystore.getCertificateChain(keyAlias);

        /* Create the encrypter */
        SMIMEEnvelopedGenerator encrypter = new SMIMEEnvelopedGenerator();
                .addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(
                        (X509Certificate) chain[0]).setProvider("BC"));

        /* Encrypt the message */
        MimeBodyPart encryptedPart = encrypter.generate(clearMessage,
                new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC)

         * Create a new MimeMessage that contains the encrypted and signed
         * content
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        try {
        } catch (IOException e1) {
            Ivy.log().error("EncryptMEssage: " + e1.getMessage(), e1);
        encryptedMessage = new MimeMessage(session,
                new ByteArrayInputStream(out.toByteArray()));
        /* Set all original MIME headers in the encrypted message */
        Enumeration headers = clearMessage.getAllHeaderLines();
        while (headers.hasMoreElements()) {
            String headerLine = (String) headers.nextElement();
            if (!Strings.toLowerCase(headerLine).startsWith("content-")) {
    } catch (SMIMEException | MessagingException | CMSException
            | IllegalArgumentException | KeyStoreException
            | NoSuchAlgorithmException | CertificateException | IOException
            | NoSuchProviderException ex) {
        Ivy.log().error("encrypt method:" + ex.getMessage());
    return encryptedMessage;

And Sendmail method:

                    SignMessageService signMessageService = new SignMessageService();
        EncryptMessageService encryptMessageService = new EncryptMessageService();

        MimeMessage signedMessage = signMessageService.sign(clearMessage,
        MimeMessage encryptedMessage = encryptMessageService.encrypt(
                signedMessage, session);
        Ivy.log().info("send mail");

You can get the full sourcecode from this Here (follow the ReadMe.txt to import project) . In that project I implement demo flow with using normal process as well using Signal (experiment)

This answer is marked "community wiki".

answered 18.11.2016 at 08:25

trungdv's gravatar image

accept rate: 52%

edited 23.11.2016 at 08:40

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦

thanks a lot for sharing! I'll definitively come back to this resource...

(23.11.2016 at 08:41) Reguel Werme... ♦♦ Reguel%20Wermelinger's gravatar image

Another improvement: I saw that you have hardcoded host names and smtp users in your demo. I'd stick to the configuration that is provided by the Axon.ivy Designer preferences or the Engines System Properties. You can easily re-use these configuration by using an internal API

private Session prepareSession() {
    ch.ivyteam.ivy.email.EmailSetupConfiguration emailConfig = 

    Properties props = new Properties();
    props.put("mail.smtp.auth", "true");
    props.put("mail.smtp.starttls.enable", "true");
    props.put("mail.smtp.host", emailConfig.getSmtpServer());
    props.put("mail.smtp.port", emailConfig.getSmtpPort());

    props.put("mail.smtp.connectiontimeout", 2000);

    Session session = Session.getInstance(props,
            new javax.mail.Authenticator() {
                protected PasswordAuthentication getPasswordAuthentication() {
                    return new PasswordAuthentication(emailConfig.getSmtpUser(), emailConfig.getSmtpPassword());
    return session;

answered 18.11.2016 at 09:23

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
accept rate: 70%

edited 23.11.2016 at 08:40

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: 08.11.2016 at 03:48

Seen: 1,976 times

Last updated: 23.11.2016 at 08:41