Hello,

Could anyone give a working demo project showing how to implement
S/MIME (using CAPICOM or other APIs)?

What parts of the message (plain text, HTML, attachments, etc) need to
be encrypted?

Thank you.

Simon

On Tue, Mar 9, 2010 at 7:44 AM, czernitko <czerni...@gmail.com> wrote:
> :-O instantly implemented and verified - worked like a charm! I still can't
> believe it was THAT simple. Thanks a lot, Lukas!
>
> In case anyone might be looking for CAPICOM solution, I attach a few lines
> of code for creating S/MIME with detached signature. Maybe it saves some
> time to others:
>
> procedure MakeDetachedSMIME(string messContent);
> var
>     SD : SignedData;
>     MainPart, ContentPart, SignaturePart : TMimePart;
>     MessBody: TMimeMess;
> begin
>   //create MessBody, fill the headers
>   ...
>   //create SD
>   SD := CoSignedData.Create;
>
>   //Create multipart as the root message part with proper headers
>   MainPart := MessBody.AddPartMultipart('signed;
> protocol="application/x-pkcs7-signature";'+#13#10+' micalg=SHA1',nil);
>   MainPart.PrePart.Text := 'This is a multi-part message in MIME
> format.'+#13#10+#13#10;
>
>   //Create part with readable data to be signed
>   ContentPart := MessBody.AddPart(MainPart);
>   ContentPart.Headers.Add('Content-type: text/plain');
>   ContentPart.Headers.Add('Content-Transfer-Encoding: 7bit');
>   ContentPart.PartBody.Text := messContent;
>   ContentPart.ComposeParts;
>
>   //Assign content to be signed
>   SD.Content := StringToWideString(ContentPart.lines.Text);
>   //Obtain base64 encoded signature from CAPICOM
>   StrBase64 :=
> BinaryStringToString(SD.Sign(nil,true,CAPICOM_ENCODE_BASE64));
>
>   //DAMN YOU, OUTLOOK!!
>   //Add CrLf to the end of part to be signed so as to make it
> "Outlook-verifiable". Thanks Lukas!
>   ContentPart.PartBody.Text := ContentPart.PartBody.Text+#13#10;
>
>   //Create signature part as the second subpart of root multipart
>   SignaturePart := MessBody.AddPart(MainPart);
>   SignaturePart.Headers.Add('Content-Type:
> application/x-pkcs7-signature;'+#13#10#9+'name="smime.p7s"');
>   SignaturePart.Headers.Add('Content-Transfer-Encoding: base64');
>   SignaturePart.EncodingCode := ME_BASE64;
>   SignaturePart.Headers.Add('Content-Disposition:
> attachment;'+#13#10#9+'filename="smime.p7s"');
>   SignaturePart.PartBody.Text := StrBase64;
>
>   MessBody.EncodeMessage;
>   //Save message to a file so as to be easily opened and verified in outlook
> locally
>   MessBody.Lines.SaveToFile('detached_signature.eml');
> end;
>
> 2010/3/9 Lukas Gebauer <gebyl...@mlp.cz>
>>
>> I am not using CAPICOM, I am using CryptoAPI directly only.
>>
>> However when I try to build my own S/MIME detached signature, then I
>> have a problem. Outlook says invalid has too. However Thunderbird is
>> OK. :-O
>>
>> Solution is simple... add one empty line after signed message part
>> before sending.
>>
>> Maybe similar issue causing your problems with verifying in your
>> code.
>>
>>
>> --
>> Lukas Gebauer.
>>
>> http://synapse.ararat.cz/ - Ararat Synapse - TCP/IP Lib.
>> http://geoget.ararat.cz/ - Geocaching solution
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Download Intel&#174; Parallel Studio Eval
>> Try the new software tools for yourself. Speed compiling, find bugs
>> proactively, and fine-tune applications for parallel performance.
>> See why Intel Parallel Studio got high marks during beta.
>> http://p.sf.net/sfu/intel-sw-dev
>> _______________________________________________
>> synalist-public mailing list
>> synalist-public@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/synalist-public
>
>
> ------------------------------------------------------------------------------
> Download Intel&#174; Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> synalist-public mailing list
> synalist-public@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/synalist-public
>
>

------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public

Reply via email to