制作展望承认我的数字签名的电子邮件 [英] Making Outlook Recognize My Digitally Signed Email

问题描述

我使用C＃.NET 4.0发送签名SMTP邮件像这样：

I am using C# .NET 4.0 to send a signed SMTP mail message like so:

    private void SendMailMessage(object data)
    {
        MailMessage message = new MailMessage();
        message.From = new MailAddress(fromAddress);
        message.To.Add(new MailAddress(emailTo));
        message.Subject = "Subject";
        message.IsBodyHtml = true;
        message.Body += "Blah blah blah.";
        byte[] messageBytes = Encoding.ASCII.GetBytes(message.Body);
        SignedCms Cms = new SignedCms(new ContentInfo(messageBytes));
        CmsSigner Signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, certificate);
        Cms.ComputeSignature(Signer);
        byte[] SignedBytes = Cms.Encode();
        MemoryStream signedStream = new MemoryStream(SignedBytes);
        AlternateView signedView = new AlternateView(signedStream, "application/pkcs7-mime; smime-type=signed-data;name=sig.p7m");
        message.AlternateViews.Add(signedView);
        SmtpClient client = new SmtpClient(smtpServer, int.Parse(smtpServerPort));
        client.DeliveryMethod = SmtpDeliveryMethod.Network;
        client.Send(message);
        message.Dispose();
        client = null;       
    }

据我所知，这在工程如果查看原始该消息的数据，我看到它在一个大的PKCS签名不同的观点。但展望不承认它。 Outlook客户端通常可以识别签名的邮件，并试图对其进行验证，并提出一点点证书上我想要的消息，这一切...

From what I can tell, this "works" in that if view the raw data of the message, I see the alternate view with a big PKCS signature in it. But Outlook doesn't recognize it. The Outlook client normally recognizes signed messages and attempts to validate them and puts a little certificate on the message and all that...

...我是什么？缺少

I want that... what am I missing?

编辑：我做了我自己对这个一定进展，但仍然有一些麻烦。下面是代码看起来像现在：

I have made some progress on this on my own, but still having some trouble. Here is what the code looks like now:

    private void SendMailMessage(string emailTo)
    {            
        MailMessage message = new MailMessage();
        message.From = new MailAddress(fromAddress);
        message.To.Add(new MailAddress(emailTo));
        message.Subject = "Special Delivery";
        message.IsBodyHtml = false;
        string body = "Content-Type: text/plain;charset=\"iso-8859-1\"\nContent-Transfer-Encoding: quoted-printable\n\nHere is some body text!";
        byte[] messageBytes = Encoding.ASCII.GetBytes(body);
        ContentInfo content = new ContentInfo(messageBytes);
        SignedCms signedCms = new SignedCms(content, false);
        CmsSigner Signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, certificate);
        signedCms.ComputeSignature(Signer);
        byte[] signedBytes = signedCms.Encode();
        MemoryStream ms = new MemoryStream(signedBytes);
        AlternateView av = new AlternateView(ms, "application/pkcs7-mime; smime-type=signed-data;name=smime.p7m");
        message.AlternateViews.Add(av);
        SmtpClient client = new SmtpClient(smtpServer, int.Parse(smtpServerPort));
        client.DeliveryMethod = SmtpDeliveryMethod.Network;
        client.Send(message);
        message.Dispose();
        client = null;
    }

值得注意的是，在我离开message.Body空白的这个时候，只有发送AlternateView。现在，当我把这个给Outlook收件箱，我得到的挂锁图标在我的电子邮件，在S / MIME装饰物踢和尝试验证签名，但失败。用于签名的电子邮件的证书是由公开可信CA颁发修改这是我的错，该证书不具备安全电子邮件的使用属性。我会得到一个新的证书。

Of note is that I left message.Body blank this time, only sending the AlternateView. Now, when I send this to an Outlook inbox, I get the padlock icon over my email, the S/MIME doodad kicks in and tries to verify the signer, but fails. The certificate used to sign the email is issued by a publically trusted CA. That's my fault, the certificate didn't have the "secure email" usage attribute. I'll get a new certificate.

当我送了相同的电子邮件为Gmail地址，我得到它一* .p7m附件的空消息包含。一堆垃圾

When I send the same email to a Gmail address, I get a blank message with a *.p7m attachment on it that contains a bunch of garbage.

推荐答案

这得到在Outlook这个工作的代码如下：

The code that gets this working in Outlook looks like this:

private void SendMailMessage(string emailTo)
{
    MailMessage message = new MailMessage();
    message.From = new MailAddress(fromAddress);
    message.To.Add(new MailAddress(emailTo));
    message.Subject = "Regarding your lottery winnings";
    message.IsBodyHtml = false;
    string body = "Content-Type: text/plain;charset=\"iso-8859-1\"\nContent-Transfer-Encoding: quoted-printable\n\nBlah blah blah blah blah blah.";                
    byte[] messageBytes = Encoding.ASCII.GetBytes(body);
    ContentInfo content = new ContentInfo(messageBytes);
    SignedCms signedCms = new SignedCms(content, false);
    CmsSigner Signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, emailCert);
    signedCms.ComputeSignature(Signer);
    byte[] signedBytes = signedCms.Encode();
    MemoryStream ms = new MemoryStream(signedBytes);
    AlternateView av = new AlternateView(ms, "application/pkcs7-mime; smime-type=signed-data;name=smime.p7m");
    message.AlternateViews.Add(av);                
    SmtpClient client = new SmtpClient(smtpServer, int.Parse(smtpServerPort));
    client.DeliveryMethod = SmtpDeliveryMethod.Network;
    client.Send(message);
    message.Dispose();
    client = null;
}

使用一个有效的证书，当然。现在，当我在Outlook发送这封电子邮件并查看它，我得到的电子邮件的证书图标，以及S / MIME控件的成功验证签名，文本显示出来，就像我希望它不显示标题给用户

Using a valid certificate, of course. Now when I send this email and view it in Outlook, I get the certificate icon on the email, and the S/MIME control successfully validates the signature, and the text shows up just like I want it to without displaying the headers to the user.

请注意，我不得不离开message.Body空。在message.Body把任何东西会打破它。

Notice that I have to leave message.Body empty. Putting anything in message.Body will break it.

这篇关于制作展望承认我的数字签名的电子邮件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！