|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Sending signed and encrypted email.I am trying to send a signed and encrypted email using C#. After doing some research I understand that there are a couple of ways of doing that. With framework 1.1 we can use interop to capicom.dll and with framework 2.0 a new package "System.Security.Cryptography.Pkcs" is available. I would prefer to use the PKCS package to do the encryption etc and use either CDO or system.web.mail to send out the email. I saw some examples to sign and encrypt data at http://windowssdk.msdn.microsoft.com/en-us/library/ms180952.aspx and http://windowssdk.msdn.microsoft.com/en-us/library/ms180956.aspx but could not use it to sucessfully send out signed and encrypted email. I tried to merge the vb sample (using Capicom) available at http://www.microsoft.com/downloads/details.aspx?FamilyID=860ee43a-a843-462f-abb5-ff88ea5896f6&DisplayLang=en into a c# project and make use of PKCS package but in vain. Can u help me to achive this. Thanks in advance, Praveen I was finally able to get it working with some useful tips from
http://support.microsoft.com/?kbid=280391 thought it might be useful for some one else looking for similar thing. Thanks, Praveen Show quoteHide quote "Praveen" <praveen@newsgroup.nospam> wrote in message news:eywxSXM4GHA.4748@TK2MSFTNGP04.phx.gbl... > Hi all, > > I am trying to send a signed and encrypted email using C#. > > After doing some research I understand that there are a couple of ways of > doing that. > > With framework 1.1 we can use interop to capicom.dll and with framework > 2.0 a new package "System.Security.Cryptography.Pkcs" is available. I > would prefer to use the PKCS package to do the encryption etc and use > either CDO or system.web.mail to send out the email. > > I saw some examples to sign and encrypt data at > http://windowssdk.msdn.microsoft.com/en-us/library/ms180952.aspx and > http://windowssdk.msdn.microsoft.com/en-us/library/ms180956.aspx but could > not use it to sucessfully send out signed and encrypted email. > > I tried to merge the vb sample (using Capicom) available at > http://www.microsoft.com/downloads/details.aspx?FamilyID=860ee43a-a843-462f-abb5-ff88ea5896f6&DisplayLang=en > into a c# project and make use of PKCS package but in vain. > > Can u help me to achive this. > > Thanks in advance, > Praveen > > Were you able to do it with the CMS classes in .NET 2.0 and the .NET 2.0
SMTP classes, or did you have to fall back to CDO and CAPICOM? I know you should be able to do this in "pure" .NET now, but I'm unsure of how one goes from creating the CMS message to getting it into a mail message in the proper format to make it work. I would have replied to your post if I knew how to do that part. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Praveen" <praveen@newsgroup.nospam> wrote in message news:OcCVO125GHA.2208@TK2MSFTNGP04.phx.gbl... >I was finally able to get it working with some useful tips from > http://support.microsoft.com/?kbid=280391 > > thought it might be useful for some one else looking for similar thing. > > Thanks, > Praveen > > "Praveen" <praveen@newsgroup.nospam> wrote in message > news:eywxSXM4GHA.4748@TK2MSFTNGP04.phx.gbl... >> Hi all, >> >> I am trying to send a signed and encrypted email using C#. >> >> After doing some research I understand that there are a couple of ways of >> doing that. >> >> With framework 1.1 we can use interop to capicom.dll and with framework >> 2.0 a new package "System.Security.Cryptography.Pkcs" is available. I >> would prefer to use the PKCS package to do the encryption etc and use >> either CDO or system.web.mail to send out the email. >> >> I saw some examples to sign and encrypt data at >> http://windowssdk.msdn.microsoft.com/en-us/library/ms180952.aspx and >> http://windowssdk.msdn.microsoft.com/en-us/library/ms180956.aspx but >> could not use it to sucessfully send out signed and encrypted email. >> >> I tried to merge the vb sample (using Capicom) available at >> http://www.microsoft.com/downloads/details.aspx?FamilyID=860ee43a-a843-462f-abb5-ff88ea5896f6&DisplayLang=en >> into a c# project and make use of PKCS package but in vain. >> >> Can u help me to achive this. >> >> Thanks in advance, >> Praveen >> >> > > Hello Joe,
I was able to achieve this with .Net 2.0 and Interop to CDO for sending mail. I am new to framework 2.0 so unsure about the capabilities of the smtp classes available. I believe it should be possible do this with pure dotnet framework 2.0 I am attaching the dotnet project. This project is built using information and sample provided at http://support.microsoft.com/?kbid=280391 and http://windowssdk.msdn.microsoft.com/en-us/library/ms180959.aspx I was now trying to achive something else may be you can help me with this. I wanted to query the active directory and extract the certificates for users and store them on the disk. I found some article to achieve this http://windowssdk.msdn.microsoft.com/en-us/library/aa387675.aspx but that was in c++ could not achieve this in dotnet. Thanks and regards, Praveen Show quoteHide quote "Joe Kaplan" <joseph.e.kap***@removethis.accenture.com> wrote in message [attached file: PKCS7.zip]news:e32keu85GHA.3732@TK2MSFTNGP05.phx.gbl... > Were you able to do it with the CMS classes in .NET 2.0 and the .NET 2.0 > SMTP classes, or did you have to fall back to CDO and CAPICOM? > > I know you should be able to do this in "pure" .NET now, but I'm unsure of > how one goes from creating the CMS message to getting it into a mail > message > in the proper format to make it work. I would have replied to your post > if > I knew how to do that part. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services > Programming" > http://www.directoryprogramming.net > -- > "Praveen" <praveen@newsgroup.nospam> wrote in message > news:OcCVO125GHA.2208@TK2MSFTNGP04.phx.gbl... >>I was finally able to get it working with some useful tips from >> http://support.microsoft.com/?kbid=280391 >> >> thought it might be useful for some one else looking for similar thing. >> >> Thanks, >> Praveen >> >> "Praveen" <praveen@newsgroup.nospam> wrote in message >> news:eywxSXM4GHA.4748@TK2MSFTNGP04.phx.gbl... >>> Hi all, >>> >>> I am trying to send a signed and encrypted email using C#. >>> >>> After doing some research I understand that there are a couple of ways >>> of >>> doing that. >>> >>> With framework 1.1 we can use interop to capicom.dll and with framework >>> 2.0 a new package "System.Security.Cryptography.Pkcs" is available. I >>> would prefer to use the PKCS package to do the encryption etc and use >>> either CDO or system.web.mail to send out the email. >>> >>> I saw some examples to sign and encrypt data at >>> http://windowssdk.msdn.microsoft.com/en-us/library/ms180952.aspx and >>> http://windowssdk.msdn.microsoft.com/en-us/library/ms180956.aspx but >>> could not use it to sucessfully send out signed and encrypted email. >>> >>> I tried to merge the vb sample (using Capicom) available at >>> http://www.microsoft.com/downloads/details.aspx?FamilyID=860ee43a-a843-462f-abb5-ff88ea5896f6&DisplayLang=en >>> into a c# project and make use of PKCS package but in vain. >>> >>> Can u help me to achive this. >>> >>> Thanks in advance, >>> Praveen >>> >>> >> >> > > That is a question I know something about.
Essentially, you'll need to issue an LDAP query to AD to find your user (or users) in question. Assuming your certificates have been deployed to AD in the normal way, the data will be stored in the "userCertificate" attribute on each user. The user may have 1 or more certificates, depending on how your system works. If your goal is to send an encrypted message to users via an AD lookup, you would want their encryption certificate, not their signing certificate. This is normally determined by looking at the key usages on the cert. If they only have a single cert that serves both purposes, you just use that. The crux of this is to use the DirectorySearcher class to find the user in question (perhaps by their email address?) and retrieve their userCertificate attribute. This will give you an array of objects containing arrays of bytes. You basically pass the resulting byte array into the constructor for X509Certificate or X509Certificate2. Connecting to LDAP is usually the hardest part, as it depends a lot on the context the current thread is running under. If you are logged in as a domain account and running this in a console or forms app, it is usually easy, but it can be complex in a web app or service. If you can provide more details about what you are doing, I can probably provide you with a code sample. My book also explains how to do everything you have to do to make this work, but I don't necessarily expect you to buy it just to figure out how to do this one thing. :) Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Praveen" <praveen@newsgroup.nospam> wrote in message news:%23NJKhK95GHA.2264@TK2MSFTNGP02.phx.gbl... > Hello Joe, > I was able to achieve this with .Net 2.0 and Interop to CDO for sending > mail. I am new to framework 2.0 so unsure about the capabilities of the > smtp classes available. I believe it should be possible do this with pure > dotnet framework 2.0 > > I am attaching the dotnet project. This project is built using information > and sample provided at > http://support.microsoft.com/?kbid=280391 and > http://windowssdk.msdn.microsoft.com/en-us/library/ms180959.aspx > > I was now trying to achive something else may be you can help me with > this. I wanted to query the active directory and extract the certificates > for users and store them on the disk. I found some article to achieve this > http://windowssdk.msdn.microsoft.com/en-us/library/aa387675.aspx > but that was in c++ could not achieve this in dotnet. > > Thanks and regards, > Praveen > > "Joe Kaplan" <joseph.e.kap***@removethis.accenture.com> wrote in message > news:e32keu85GHA.3732@TK2MSFTNGP05.phx.gbl... >> Were you able to do it with the CMS classes in .NET 2.0 and the .NET 2.0 >> SMTP classes, or did you have to fall back to CDO and CAPICOM? >> >> I know you should be able to do this in "pure" .NET now, but I'm unsure >> of >> how one goes from creating the CMS message to getting it into a mail >> message >> in the proper format to make it work. I would have replied to your post >> if >> I knew how to do that part. >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> "Praveen" <praveen@newsgroup.nospam> wrote in message >> news:OcCVO125GHA.2208@TK2MSFTNGP04.phx.gbl... >>>I was finally able to get it working with some useful tips from >>> http://support.microsoft.com/?kbid=280391 >>> >>> thought it might be useful for some one else looking for similar thing. >>> >>> Thanks, >>> Praveen >>> >>> "Praveen" <praveen@newsgroup.nospam> wrote in message >>> news:eywxSXM4GHA.4748@TK2MSFTNGP04.phx.gbl... >>>> Hi all, >>>> >>>> I am trying to send a signed and encrypted email using C#. >>>> >>>> After doing some research I understand that there are a couple of ways >>>> of >>>> doing that. >>>> >>>> With framework 1.1 we can use interop to capicom.dll and with >>>> framework >>>> 2.0 a new package "System.Security.Cryptography.Pkcs" is available. I >>>> would prefer to use the PKCS package to do the encryption etc and use >>>> either CDO or system.web.mail to send out the email. >>>> >>>> I saw some examples to sign and encrypt data at >>>> http://windowssdk.msdn.microsoft.com/en-us/library/ms180952.aspx and >>>> http://windowssdk.msdn.microsoft.com/en-us/library/ms180956.aspx but >>>> could not use it to sucessfully send out signed and encrypted email. >>>> >>>> I tried to merge the vb sample (using Capicom) available at >>>> http://www.microsoft.com/downloads/details.aspx?FamilyID=860ee43a-a843-462f-abb5-ff88ea5896f6&DisplayLang=en >>>> into a c# project and make use of PKCS package but in vain. >>>> >>>> Can u help me to achive this. >>>> >>>> Thanks in advance, >>>> Praveen >>>> >>>> >>> >>> >> >> > > > 
Other interesting topics
Using remoting features inside a .NET applet loaded in a tag object
Configuration Tool missing .NET 2.0: SetAccessControl wipe out inherited ACEs deserialize and "medium trust" remote registry access issue on Vista RC1 Drag and Drop Outlook email to Dot Net Framework application? EnvironmentPermission ASN1 unexpected end of data Runtime Security Policy Question Security Windows Application and Web application |
|||||||||||||||||||||||
