:-O instantly implemented and verified - worked like a charm! I still can't
believe it was THAT simple. Thanks a lot, Lukas!
In case anyone might be looking for CAPICOM solution, I attach a few lines
of code for creating S/MIME with detached signature. Maybe it saves some
time to others:
procedure MakeDetachedSMIME(string messContent);
var
SD : SignedData;
MainPart, ContentPart, SignaturePart : TMimePart;
MessBody: TMimeMess;
begin
//create MessBody, fill the headers
...
//create SD
SD := CoSignedData.Create;
//Create multipart as the root message part with proper headers
MainPart := MessBody.AddPartMultipart('signed;
protocol="application/x-pkcs7-signature";'+#13#10+' micalg=SHA1',nil);
MainPart.PrePart.Text := 'This is a multi-part message in MIME
format.'+#13#10+#13#10;
//Create part with readable data to be signed
ContentPart := MessBody.AddPart(MainPart);
ContentPart.Headers.Add('Content-type: text/plain');
ContentPart.Headers.Add('Content-Transfer-Encoding: 7bit');
ContentPart.PartBody.Text := messContent;
ContentPart.ComposeParts;
//Assign content to be signed
SD.Content := StringToWideString(ContentPart.lines.Text);
//Obtain base64 encoded signature from CAPICOM
StrBase64 :=
BinaryStringToString(SD.Sign(nil,true,CAPICOM_ENCODE_BASE64));
//DAMN YOU, OUTLOOK!!
//Add CrLf to the end of part to be signed so as to make it
"Outlook-verifiable". Thanks Lukas!
ContentPart.PartBody.Text := ContentPart.PartBody.Text+#13#10;
//Create signature part as the second subpart of root multipart
SignaturePart := MessBody.AddPart(MainPart);
SignaturePart.Headers.Add('Content-Type:
application/x-pkcs7-signature;'+#13#10#9+'name="smime.p7s"');
SignaturePart.Headers.Add('Content-Transfer-Encoding: base64');
SignaturePart.EncodingCode := ME_BASE64;
SignaturePart.Headers.Add('Content-Disposition:
attachment;'+#13#10#9+'filename="smime.p7s"');
SignaturePart.PartBody.Text := StrBase64;
MessBody.EncodeMessage;
//Save message to a file so as to be easily opened and verified in outlook
locally
MessBody.Lines.SaveToFile('detached_signature.eml');
end;
2010/3/9 Lukas Gebauer <gebyl...@mlp.cz>
> I am not using CAPICOM, I am using CryptoAPI directly only.
>
> However when I try to build my own S/MIME detached signature, then I
> have a problem. Outlook says invalid has too. However Thunderbird is
> OK. :-O
>
> Solution is simple... add one empty line after signed message part
> before sending.
>
> Maybe similar issue causing your problems with verifying in your
> code.
>
>
> --
> Lukas Gebauer.
>
> http://synapse.ararat.cz/ - Ararat Synapse - TCP/IP Lib.
> http://geoget.ararat.cz/ - Geocaching solution
>
>
>
> ------------------------------------------------------------------------------
> Download Intel® Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> synalist-public mailing list
> synalist-public@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/synalist-public
>
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public
