Author |
|
mackolo22 Groupie
Joined: 09 October 2018 Location: Poland
Online Status: Offline Posts: 41
|
Posted: 07 October 2019 at 10:53am | IP Logged
|
|
|
Hi,
I've got a problem with verifying digital signature of mail messages which have been signed using certificate obtained from this organization: https://extrassl.actalis.it/portal/uapub/freemail?lang=en
After calling Verify method, the SmimeResult.VerificationResult is set to SignerAndSenderDoNotMatch
This occurs because SmimeResult.SignatureCertificate.EmailAddress is set to empty string. I don't know if this certificate is invalid in some way or there's a problem in your library. The version of my MailBee.NET is 11.2.0.590.
I would be grateful if you could check it. :)
|
Back to Top |
|
|
Alex AfterLogic Support
Joined: 19 November 2003
Online Status: Offline Posts: 2206
|
Posted: 07 October 2019 at 11:39am | IP Logged
|
|
|
Hi,
You can enable Smime.SetSignedCmsOnVerify, do verification and then check SignedCmsResult property. It will contain certificate information (in SignerInfos collection) based on .NET SDK functions rather than on MailBee implementation. If the certificate email is missing there too, then there is a problem with the certificate, I think.
Regards,
Alex
|
Back to Top |
|
|
mackolo22 Groupie
Joined: 09 October 2018 Location: Poland
Online Status: Offline Posts: 41
|
Posted: 07 October 2019 at 12:44pm | IP Logged
|
|
|
Hi Alex,
Thanks for your response. Could you tell me in which property of Certificate should I look for email address? The subject is set to: "CN=myemailaddress@test.com". Also if I call GetNameInfo(X509NameType.EmailName, false) on Certificate, it returns my valid email address. So how MailBee is getting email address from certificate?
|
Back to Top |
|
|
Alex AfterLogic Support
Joined: 19 November 2003
Online Status: Offline Posts: 2206
|
Posted: 08 October 2019 at 1:40am | IP Logged
|
|
|
Hi,
It takes it from Subject, the format should be E=email. Also, it can take it from SubjectAlternativeName, the format should be RFC822 Name=email.
Regards,
Alex
|
Back to Top |
|
|
mackolo22 Groupie
Joined: 09 October 2018 Location: Poland
Online Status: Offline Posts: 41
|
Posted: 08 October 2019 at 5:34am | IP Logged
|
|
|
Hi,
Ok, subject format is different. But SubjectAlternativeName equals "Name RFC822=email". I used this code:
Code:
var extensions = smimeResult.SignedCmsResult.SignerInfos[0].Certificate.Extensions;
foreach (X509Extension extension in extensions)
{
AsnEncodedData data = new AsnEncodedData(extension.Oid, extension.RawData);
string encodedData = data.Format(false);
}
|
|
|
|
Back to Top |
|
|
mackolo22 Groupie
Joined: 09 October 2018 Location: Poland
Online Status: Offline Posts: 41
|
Posted: 08 October 2019 at 5:39am | IP Logged
|
|
|
Actually, the encodedData equals "Nazwa RFC822=email" where 'nazwa' is 'name' in Polish. Maybe that's a clue and your parser works only with OS in English version?
|
Back to Top |
|
|
Alex AfterLogic Support
Joined: 19 November 2003
Online Status: Offline Posts: 2206
|
Posted: 08 October 2019 at 8:59am | IP Logged
|
|
|
Yes, Nazwa RFC822 won't work.
The next version (will be released in a month) will have a lot of S/MIME related changes and will use another mechanism of detecting email address (via GetNameInfo) so localized attribute names won't be a problem.
Regards,
Alex
|
Back to Top |
|
|
mackolo22 Groupie
Joined: 09 October 2018 Location: Poland
Online Status: Offline Posts: 41
|
Posted: 08 October 2019 at 9:26am | IP Logged
|
|
|
Thanks Alex, that's a great news! I will wait for new release.
Best regards.
|
Back to Top |
|
|
Alex AfterLogic Support
Joined: 19 November 2003
Online Status: Offline Posts: 2206
|
Posted: 08 October 2019 at 10:21am | IP Logged
|
|
|
You can actually already test RC here:
https://afterlogic.com/updates/mailbee_net.zip
It needs v12 license key, however. You can get the trial key on the product download page if you don't have it yet.
Regards,
Alex
|
Back to Top |
|
|