PowerTCP Mail for .NET
SecureDecode(X509Certificate2Collection,Boolean) Method
Example 




If the message is encrypted, these certificates and those in the "MY" certificate store are searched for the certificate needed for decryption.
If true, the signing certificate is added to the user's "AddressBook" certificate store.
Decode the S/MIME encoded MailMessage.
Syntax
Public Overloads Function SecureDecode( _
   ByVal decryptingCertificates As X509Certificate2Collection, _
   ByVal importSigningCertificate As Boolean _
) As SignerInfoCollection
Dim instance As MailMessage
Dim decryptingCertificates As X509Certificate2Collection
Dim importSigningCertificate As Boolean
Dim value As SignerInfoCollection
 
value = instance.SecureDecode(decryptingCertificates, importSigningCertificate)

Parameters

decryptingCertificates
If the message is encrypted, these certificates and those in the "MY" certificate store are searched for the certificate needed for decryption.
importSigningCertificate
If true, the signing certificate is added to the user's "AddressBook" certificate store.

Return Value

System.Security.Cryptography.Pkcs.SignerInfoCollection containing the signing certificate and additional information found in any signed message.
Exceptions
ExceptionDescription
System.FormatExceptionFormat not recognized.
System.Security.Cryptography.CryptographicExceptionA cryptographic operation could not be completed. Thrown if the signer could not be validated.
Remarks

If IsSecure is true, this method verifies and/or decrypts the S/MIME message in place. If successful, IsSecure returns false. If unsuccessful, an Exception is thrown; decryption may succeed before signer verification throws an exception, so the message may be partially decoded if an exception is thrown.

Specify decryptingCertificates to supplement the certificates in the user's "MY" certificate store. If the user's certificate store contains a valid certificate, use null.

If importSigningCertificates is true, the signing certificate is added to the "AddressBook" certificate store. The user can then use SecureEncrypt on future messages sent to this sender without specifying an encrypting certificate because SecureEncrypt will check the "AddressBook" certificate store for a matching certificate.

To verify the digital signature or validate the certificate, call SignerInfo.CheckSignature(Boolean) on each member of the returned System.Security.Cryptography.Pkcs.SignerInfoCollection.

Example
This example demonstrates decoding an SMIME message that was either signed, encrypted or both.
using System.Security.Cryptography.X509Certificates;
using System.Security.Cryptography.Pkcs;

private MailMessage getDecodedMessage(MailMessage message)
{
    //Load the decrypting certificate from an exported certificate file (may also be loaded from an X509Store)
    X509Certificate2 decryptingCertificate = new X509Certificate2(Application.StartupPath + "\\myCertificate.pfx");
    //Decode the message and import the signing certificate into the AddressBook certificate Store
    //(If the decrypting certificate is already present in the "MY" certificate store, 
    //the parameterless SecureDecode() may be used instead.)
    SignerInfoCollection signatories = message.SecureDecode(new X509Certificate2Collection(decryptingCertificate), true);
    //Optionally verify the signature and validate the certificate
    foreach (SignerInfo signator in signatories)
        signator.CheckSignature(false);
    return message;
}
Imports System.Security.Cryptography.X509Certificates
Imports System.Security.Cryptography.Pkcs

Private Function getDecodedMessage(ByVal message As MailMessage) As MailMessage
    'Load the decrypting certificate from an exported certificate file (may also be loaded from an X509Store)
    Dim decryptingCertificate As New X509Certificate2(Application.StartupPath & "\myCertificate.pfx")
    'Decode the message and import the signing certificate into the AddressBook certificate Store
    '(If the decrypting certificate is already present in the "MY" certificate store, 
    'the parameterless SecureDecode() may be used instead.)
    Dim signatories As SignerInfoCollection = message.SecureDecode(New X509Certificate2Collection(decryptingCertificate), True)
    'Optionally verify the signature and validate the certificate
    For Each signator As SignerInfo In signatories
        signator.CheckSignature(False)
    Next signator
    Return message
End Function
See Also

Reference

MailMessage Class
MailMessage Members
Overload List


PowerTCP Mail for .NET Documentation Version 4.3
© 2018 Dart Communications. All Rights Reserved.
Send comments on this topic