4

I am using C# .NET 4.0 to send a signed SMTP mail message like so:

    private void SendMailMessage(object data)
    {
        MailMessage message = new MailMessage();
        message.From = new MailAddress(fromAddress);
        message.To.Add(new MailAddress(emailTo));
        message.Subject = "Subject";
        message.IsBodyHtml = true;
        message.Body += "Blah blah blah.";
        byte[] messageBytes = Encoding.ASCII.GetBytes(message.Body);
        SignedCms Cms = new SignedCms(new ContentInfo(messageBytes));
        CmsSigner Signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, certificate);
        Cms.ComputeSignature(Signer);
        byte[] SignedBytes = Cms.Encode();
        MemoryStream signedStream = new MemoryStream(SignedBytes);
        AlternateView signedView = new AlternateView(signedStream, "application/pkcs7-mime; smime-type=signed-data;name=sig.p7m");
        message.AlternateViews.Add(signedView);
        SmtpClient client = new SmtpClient(smtpServer, int.Parse(smtpServerPort));
        client.DeliveryMethod = SmtpDeliveryMethod.Network;
        client.Send(message);
        message.Dispose();
        client = null;       
    }

From what I can tell, this "works" in that if view the raw data of the message, I see the alternate view with a big PKCS signature in it. But Outlook doesn't recognize it. The Outlook client normally recognizes signed messages and attempts to validate them and puts a little certificate on the message and all that...

I want that... what am I missing?

Edit: I have made some progress on this on my own, but still having some trouble. Here is what the code looks like now:

    private void SendMailMessage(string emailTo)
    {            
        MailMessage message = new MailMessage();
        message.From = new MailAddress(fromAddress);
        message.To.Add(new MailAddress(emailTo));
        message.Subject = "Special Delivery";
        message.IsBodyHtml = false;
        string body = "Content-Type: text/plain;charset=\"iso-8859-1\"\nContent-Transfer-Encoding: quoted-printable\n\nHere is some body text!";
        byte[] messageBytes = Encoding.ASCII.GetBytes(body);
        ContentInfo content = new ContentInfo(messageBytes);
        SignedCms signedCms = new SignedCms(content, false);
        CmsSigner Signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, certificate);
        signedCms.ComputeSignature(Signer);
        byte[] signedBytes = signedCms.Encode();
        MemoryStream ms = new MemoryStream(signedBytes);
        AlternateView av = new AlternateView(ms, "application/pkcs7-mime; smime-type=signed-data;name=smime.p7m");
        message.AlternateViews.Add(av);
        SmtpClient client = new SmtpClient(smtpServer, int.Parse(smtpServerPort));
        client.DeliveryMethod = SmtpDeliveryMethod.Network;
        client.Send(message);
        message.Dispose();
        client = null;
    }

Of note is that I left message.Body blank this time, only sending the AlternateView. Now, when I send this to an Outlook inbox, I get the padlock icon over my email, the S/MIME doodad kicks in and tries to verify the signer, but fails. The certificate used to sign the email is issued by a publically trusted CA. Edit: That's my fault, the certificate didn't have the "secure email" usage attribute. I'll get a new certificate.

When I send the same email to a Gmail address, I get a blank message with a *.p7m attachment on it that contains a bunch of garbage.

4

1 回答 1

6

使它在 Outlook 中工作的代码如下所示:

private void SendMailMessage(string emailTo)
{
    MailMessage message = new MailMessage();
    message.From = new MailAddress(fromAddress);
    message.To.Add(new MailAddress(emailTo));
    message.Subject = "Regarding your lottery winnings";
    message.IsBodyHtml = false;
    string body = "Content-Type: text/plain;charset=\"iso-8859-1\"\nContent-Transfer-Encoding: quoted-printable\n\nBlah blah blah blah blah blah.";                
    byte[] messageBytes = Encoding.ASCII.GetBytes(body);
    ContentInfo content = new ContentInfo(messageBytes);
    SignedCms signedCms = new SignedCms(content, false);
    CmsSigner Signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, emailCert);
    signedCms.ComputeSignature(Signer);
    byte[] signedBytes = signedCms.Encode();
    MemoryStream ms = new MemoryStream(signedBytes);
    AlternateView av = new AlternateView(ms, "application/pkcs7-mime; smime-type=signed-data;name=smime.p7m");
    message.AlternateViews.Add(av);                
    SmtpClient client = new SmtpClient(smtpServer, int.Parse(smtpServerPort));
    client.DeliveryMethod = SmtpDeliveryMethod.Network;
    client.Send(message);
    message.Dispose();
    client = null;
}

当然,使用有效的证书。现在,当我发送这封电子邮件并在 Outlook 中查看它时,我在电子邮件上看到了证书图标,并且 S/MIME 控件成功验证了签名,并且文本按照我想要的方式显示,而不向用户显示标题.

请注意,我必须留下 message.Body 为空。在 message.Body 中放入任何东西都会破坏它。

于 2013-04-13T21:00:22.290 回答