Hello, wonder why MailMessage.CheckSignature is not X509Certificate2Collection and is array! Anyway, it seems to work for clear-signed email, but I’ve loaded a signed + encrypted email to see if both certificates are also saved and got exception on line: .CheckSignature()
CryptographicException: Invalid cryptographic message type.
The required certificates are all installed in My Store.
Since I just need to save the certificates (signing & encryption) of message and nothing else, should not use Decrypt as it will remove the encryption certificate (I guess), although using Decrypt before CheckSignature will cause no difference and still got the exception!
We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.
Issue ID(s): EMAILNET-40942
You can obtain Paid Support services if you need support on a priority basis, along with the direct access to our Paid Support management team.
Hello and good morning, just asking about the reply template, when mentioned will deliver their fixes means the bug is confirmed? or pending analysis?
Anyway a quick question: When looping through certificates of CheckSignature returned array, how to distinguish if the current certificate is signing or encryption certificate?
Thank you
just asking about the reply template, when mentioned will deliver their fixes means the bug is confirmed? or pending analysis?
It depends on the issue. In this case, I reproduced the problem, but I didn’t dig deeper into its cause so as not to waste time. I created an investigation ticket to be further considered by the developer.
When looping through certificates of CheckSignature returned array, how to distinguish if the current certificate is signing or encryption certificate?
I forwarded this question to the developer as well.
Since MailMessage.CheckSignature is array, might be wise to add a new:
MailMessage.CheckSignatures as X509Certificate2Collection and mark CheckSignature as deprecated.
Exception thrown and inability to parse the signing + encryption certificate from MailMessage is already reported in this topic, but:
MapiMessage.CheckSignature does not exist, can be added?
Regardless of item 3 above, please advise how to save both signing and encryption certificates from a signed + encryted MSG/OFT using MapiMessage ?!
If not possible, can be added?
These are very very foundamental features of Smime in email SDKs, indeed
C# restrictions do not allow change the return type of method during overriding. Therefore, we don’t want to add a new method with a return type of X509Certificate2Collection, you can easily do it yourself using the standard constructor X509Certificate2Collection like this:
MailMessage eml = MailMessage.Load(fileName);
X509Certificate2Collection certificates = new X509Certificate2Collection(eml.CheckSignature());
Added, will be available in 23.5.
We couldn’t find a solution to get the encryption certificates, also I can’t investigate the problem with your encrypted file because I don’t have the private key to decrypt it. If you would like to resolve this issue, please provide a test project and test keys with which the issue can be reproduced.
