'Check if email is digitally signed using VB.Net
I would like to know if it's possible, using VB.Net, to check if an e-mail is digitally signed and who is the issuer of the certificate.
Using Extended MAPI Wrapper and Cryptography I was able to get the smime.p7m attachment from an e-mail and get the certificate information out of it (including the issuer), so it seemed like everything was working. The issue is that if I send an unsigned e-mail and manually attach a smime.p7m file, it will trick the code into thinking that the e-mail is signed.
Does anyone have a solution for this? I can also use other methods like Outlook Interop.
Solution 1:[1]
If you have a truly signed S/MIME message, then the "smime.p7m" attachment will either have a Content-Type value of application/pkcs7-mime; smime-type=signed-data -or- it will have a Content-Type value of application/pkcs7-signature and will be the 2nd child MIME part of a multipart/signed container.
To visualize:
Option 1:
Content-Type: application/pkcs7-mime; smime-type="signed-data"; name="smime.p7m"
Content-Disposition: attachment; filename="smime.p7m"
Content-Transfer-Encoding: base64
Option 2:
Content-Type: multipart/signed; boundary="some-bounary-string"; protocol="application/pkcs7-signature"
--some-boundary-string
Content-Type: text/plain
This is the message content that was signed...
--some-boundary-string
Content-Type: application/pkcs7-signature; name="smime.p7m"
Content-Disposition: attachment; filename="smime.p7m"
Content-Transfer-Encoding: base64
...
--some-boundary-string--
I'm not familiar with the Exchange MAPI wrapper API, but there should be a way to get the Content-Type value. Depending on what that is, you can check for the other attributes I mentioned above to verify if it is actually a signed message or just an attachment.
Note: They can also be application/x-pkcs7-mime and application/x-pkcs7-signature, but other than the leading x- of the MIME subtype, the logic is the same.
Solution 2:[2]
Outlook Object Model always tries to represent signed and encrypted messages as regular MailItem objects. The MessageClass property will return "IPM.Note". It goes as far as returning a fake IMessage object from the MailItem.MAPIOBJECT property.
If you are using Extended MAPI, you can read the PR_MESSAGE_CLASS property and check if its value corresponds to one of the signed/encrypted message classes (e.g. "IPM.Note.SMIME.MultipartSigned"). Just make sure to unwrap the IMessage object if you are retrieving it from the MailItem.MAPIOBJECT property.
You can also use Redemption (I am its author) and and its RDOEncryptedMessage object - it allows to decrypt an encrypted message using RDOEncryptedMessage.GetDecryptedMessage message as well as access the certificate properties.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | jstedfast |
| Solution 2 |