0

当我解密签名和加密的消息时,我成功解密并得到一个“MimeEntity”,他的 smime-type 是“signed-data”。

但签名格式不是“multipart/signed”,格式是“application/pkcs7-mime”。

我将它转换为“ApplicationPkcs7Mime”、“multipart”、“textpart”、“messagepart”,但我得到“null”值。

但是我可以在outlook中正常打开这条消息,我使用outlook发送这条消息,内容不是“mimikit”生成的。

我只会将“message.body”转换为“ApplicationPkcs7Mime”,但关于“解密的 MimeEntity”我该怎么办?

代码:

var parser = new MimeParser(new MemoryStream(content), MimeFormat.Default);

   MimeMessage  message = parser.ParseMessage();



        if (message.Body is  ApplicationPkcs7Mime) {

            using (var ctx = new MySecureMimeContext()) {  

                var encrypted = message.Body as ApplicationPkcs7Mime;

                if (encrypted != null && encrypted.SecureMimeType == SecureMimeType.EnvelopedData){

                    ctx.Import(new MemoryStream(p12data.blob),p12data.Pwd);

                    MimeEntity decrypted = encrypted.Decrypt(ctx);

                    if (decrypted is MultipartSigned) {                          
                        var signed = (MultipartSigned)decrypted;
                        var protocol = signed.ContentType.Parameters["protocol"];
                        if (ctx.Supports(protocol)){
                            if (signed[0] is TextPart && signed[1] is ApplicationPkcs7Signature) {
                                var extracted = (TextPart)signed[0];
                                var signatures = signed.Verify(ctx);

                                if (signatures != null && signatures.Count > 0) {
                                    foreach (var signature in signatures){
                                        bool valid = signature.Verify();
                                        if (!valid){
                                            isverify = false;
                                            return isverify;
                                        }
                                    }
                                }
                            }
                        }
                    }
                    else {
                        string signType = decrypted.ContentType.Parameters["smime-type"];                
                        if (signType == "signed-data"){    
                            //what can 1 do?
                            var signed = message.Body as ApplicationPkcs7Mime;
                        }                           
                    }
                }
4

1 回答 1

0

代替:

else {
    string signType = decrypted.ContentType.Parameters["smime-type"];                
    if (signType == "signed-data"){    
        //what can 1 do?
        var signed = message.Body as ApplicationPkcs7Mime;
    }                           
}

和:

else if (decrypted is ApplicationPkcs7Mime) {
    var signed = (ApplicationPkcs7Mime) decrypted;
    if (signed.SecureMimeType == SecureMimeType.SignedData) {
        // extract the original content and get a list of signatures
        MimeEntity original;

        // Note: if you are rendering the message, you'll want to render the
        // original mime part rather than the application/pkcs7-mime part.
        foreach (var signature in pkcs7.Verify (out original)) {
            try {
                bool valid = signature.Verify ();

                // If valid is true, then it signifies that the signed content
                // has not been modified since this particular signer signed the
                // content.
                // 
                // However, if it is false, then it indicates that the signed
                // content has been modified.
            } catch (DigitalSignatureVerifyException) {
                // There was an error verifying the signature.
            }
        }
    }
}

我只是从http://www.mimekit.net/docs/html/WorkingWithSMime.htm复制/粘贴了这段代码片段

于 2015-09-08T16:19:54.430 回答