Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

how do I create s/mime message with attachments using CAPICOM 2.0?

0 views
Skip to first unread message

mark weitz

unread,
Dec 9, 2002, 1:35:10 PM12/9/02
to
I am working with the CAPICOM 2.0 DLL to sign a formatted MIME message
and am having problems with the Visual Basic S/MIME sample.

Signing a message clear text with no attachments is fine. Opaquely
signing a message WITH attachments is fine also. What I need to do is
sign the message with clear text and with attachments.

My message consists of body text and attachments. The body text and
the attachments are all separated with the same boundary (in other
words, the attachments are not sub bodyparts of the body text). I am
including a simplified version of the message below (I've taken out
some of the attachments).

***** Sample input MIME message follows *****

From: <MyCompa...@MyCompany.net>
To: <mess...@test.boleroserve.net>
Subject: SMSG
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0015_01C275D7.78668BC0"
Content-Transfer-Encoding: 7bit
Thread-Index: AcJ2AV0RGCeE+VAWQDKrwPRptnn3Qw==
Content-Class: urn:content-classes:message
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

This is a multi-part message in MIME format.

------=_NextPart_000_0015_01C275D7.78668BC0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

<?xml version="1.0"?>
<Message ProtocolVersion="3.0"
ClientSoftware="MySoftware"><SMSG><SntEnvelopeID>1001</SntEnvelopeID><Sender><RID>MyCompanytest61</RID></Sender><Receiver><RID>MyCompanyTest60</RID></Receiver><Document><Draft/><DocumentID><RID>MyCompanytest61</RID><GeneralID>568</GeneralID></DocumentID><DocType><DocTypeCode>000</DocTypeCode></DocType><DocumentContent>MyCompanytest61#568</DocumentContent></Document></SMSG></Message>

------=_NextPart_000_0015_01C275D7.78668BC0
Content-Type: text/plain;
name="MyCompanytest61#568"
Content-Transfer-Encoding: base64
Content-Description: Attached file 'MyCompanytest61#568'
Content-Disposition: attachment;
filename="MyCompanytest61#568"

RnJlZSBUZXh0IGFyZWEgb2YgdGhlIGRvY3VtZW50

------=_NextPart_000_0015_01C275D7.78668BC0--

***** End of MIME message *****

When I run my message through the S/MIME sample VB code, I get a
correctly signed message but one that does not contain my attachments.
I believe this is because the sample code sets the SignedData.Content
with the stream of body part 1 only.

Then I modified the sample VB code to try to include the attachments
as sub body parts off the first body part. Someone on another
discussion group suggested that setting the content of SignedData
based on the first body part would include all the children bodyparts
as well.

In this case I get an incorrectly signed message but one that DOES
contain the attachments. The message, when opened in Outlook
indicates that the message has been tampered with.

In the S/MIME sample code, there is a method SignMessage that does the
signing. In the method is a Case statement to sign either clear text
or opaquely.

Here is how I modified that "Case true" (clear text) option. All my
changes bracketed by "start/end of code changes":

Case True
' this is to be a clear text signed message so we need to copy
the interesting
' parts (sender, recipient, and subject) into the new header
oSignedMsg.To = oMsg.To
oSignedMsg.CC = oMsg.CC
oSignedMsg.From = oMsg.From
oSignedMsg.Subject = oMsg.Subject

Set oBodyPart = oSignedMsg.BodyPart.AddBodyPart
Set cFields = oBodyPart.Fields
cFields.Item(cdoContentType).Value =
oMsg.BodyPart.BodyParts(1).Fields.Item(cdoContentType).Value
cFields.Update

Set oStream = oBodyPart.GetDecodedContentStream
oStream.WriteText
oMsg.BodyPart.BodyParts(1).GetDecodedContentStream.ReadText
oStream.Flush

' ***** Start of code changes
Dim count As Integer
Dim i As Integer
Dim s As String
Dim oSubBodyPart As CDO.IBodyPart

count = oMsg.BodyPart.BodyParts.count

' The first body part was already copied in (above). Start
' with bodypart 2
For i = 2 To count - 1
' Create a new sub body part.
Set oSubBodyPart = oBodyPart.AddBodyPart

' Copy the relevant Field information from the original
bodypart
' to the copy.
Set cFields = oSubBodyPart.Fields
cFields.Item(cdoContentType).Value =
oMsg.BodyPart.BodyParts(i).Fields.Item(cdoContentType).Value
cFields.Item(cdoContentTransferEncoding).Value =
oMsg.BodyPart.BodyParts(i).Fields.Item(cdoContentTransferEncoding).Value
cFields.Item(cdoContentDescription).Value =
oMsg.BodyPart.BodyParts(i).Fields.Item(cdoContentDescription).Value
cFields.Item(cdoContentDisposition).Value =
oMsg.BodyPart.BodyParts(i).Fields.Item(cdoContentDisposition).Value
cFields.Update

' Now copy the body part contents
Set oStream = oSubBodyPart.GetDecodedContentStream
oStream.WriteText
oMsg.BodyPart.BodyParts(i).GetDecodedContentStream.ReadText
oStream.Flush
Next
' ***** End of code changes

' set the content to be signed
oSignedData.Content =
StrConv(oSignedMsg.BodyPart.BodyParts(1).GetStream.ReadText,
vbFromUnicode)

' sign the content
szSignature = oSignedData.Sign(oSigner, True,
CAPICOM_ENCODE_BINARY)

' Get the string data as a byte array
byteSignature = szSignature

' Attach the signature and let CDO base64 encode it
Set oBodyPart = oSignedMsg.BodyPart.AddBodyPart
Set cFields = oBodyPart.Fields
oBodyPart.Fields.Item("urn:schemas:mailheader:content-type").Value
= "application/x-pkcs7-signature" & vbCrLf & "Name = ""smime.p7s"""
oBodyPart.Fields.Item("urn:schemas:mailheader:content-transfer-encoding").Value
= "base64"
oBodyPart.Fields.Item("urn:schemas:mailheader:content-disposition").Value
= "attachment;" & vbCrLf & "FileName=""smime.p7s"""
cFields.Update

Set oStream = oBodyPart.GetDecodedContentStream
oStream.Type = ADODB.StreamTypeEnum.adTypeBinary
oStream.Write (byteSignature)
oStream.Flush

' Set the messages content type, this needs to be done last to
ensure it is not changed when we add the BodyParts
oSignedMsg.Fields.Item("urn:schemas:mailheader:content-type").Value
= "multipart/signed;" & vbCrLf &
"protocol=""application/x-pkcs7-signature"";" & vbCrLf &
"micalg=SHA1;"
oSignedMsg.Fields.Update

*****

Has anyone successfully signed a MIME message with attachments using
CAPICOM 2.0? Does anyone have a suggestion on what I'm doing wrong?

Davy Toch

unread,
Dec 14, 2002, 7:18:30 AM12/14/02
to
Hello,

First of all, I would like to apologize for the fact that I accidentally
sent this mail directly to your e-mail address.

Could you tell me where I can find the complete source of the VB S/MIME
sample you're mentioning below?
I also need to sign messages with a MIME structure as described below.

Greetings,

Davy Toch

"mark weitz" <mark_...@hotmail.com> wrote in message
news:fa408886.02120...@posting.google.com...

Fred de Jong

unread,
Dec 17, 2002, 4:08:56 PM12/17/02
to
> Could you tell me where I can find the complete source of the
VB S/MIME
> sample you're mentioning below?

In the folder .\CAPICOM2\CAPICOM\samples\vb\SMIME
of an installed MS CAPICOM2 Platform SDK redistributable.

Download from the MS Platform SDK redistributables site,
searchable at
http://www.microsoft.com/downloads/search.asp?LangID=20&LangDIR=
en-us
with keywords: capicom, os: windows 2000

Or download immediately from:
http://download.microsoft.com/download/whistler/Install/2.0.0.1/
W98NT42KMeXP/EN-US/CC2RINST.EXE

Regards,

Fred de Jong, Heerlen, NL

0 new messages