//这是一个明文签名的消息,所以我们需要复制 有趣的 //部分(发件人,收件人和主题)进入新标题 oSignedMsg.To = oMessage.To; oSignedMsg.CC = oMessage.CC; oSignedMsg.Subject = oMessage。主题; oBodyPart2 = oSignedMsg.BodyPart.AddBodyPart(1); cFields2 = oBodyPart2.Fields; cFields2 [" urn:schemas:mailheader:content-type"]。值= oMessage.BodyPart.BodyParts [1] .Fields [" urn:schemas:mailheader:content-type" ] .Value; cFields2.Update(); //附上信号然后让CDO base64对它进行编码 oBodyPart2 = oSignedMsg.BodyPart.AddBodyPart(1); cFields2 = oBodyPart2.Fields; oBodyPart2。字段[" urn:schemas:mailheader:content-type"]。值= " application / x-pkcs7-signature\rName =" +''\ u0022''+" smime.p7s" +''\ u0022'' +"" ;; oBodyPart2.Fields [" urn:schemas:mailheader:content-transfer-编码"]。值= " base64"; oBodyPart2.Fields [" urn:schemas:mailheader:content-disposition"]。Value = " attachment; \rFileName =" +''\ u0022''+" smime.p7s" +''\ u0022''+"" ;; cFields2.Update(); // oStream2 = oBodyPart2。 GetDecodedContentStream(); oStream2.Type = ADODB.StreamTypeEnum.adTypeBinary; oStream2.Write(byteSignature); oStream2.Flush() ; //设置消息内容类型,这需要最后完成以确保 当我们添加BodyParts时它不会被更改 oSignedMsg.Fields [" urn:schemas:mailheader:content-type"]。Value = " multipart / signed; \rprotocol =" +''\ u0022''+" application / x-pkcs7-signature" + ''\ u0022''+"; \ rmicalg = SHA1;" ;; oSignedMsg.Fields.Update(); oMessage = oSignedMsg; oMessage.Send(); }I have a .NET service sending mails using CDOEX.These mails I need to sign. I got a tip that I should use CAPICOM. Thatworkedfine sending a mail with signature.BUT the problem is that I have to type the password for my certificate everytime my program signs a mail :o(My program is a windows service running on a server so typing passwords isbad.Then I got a new tip, I should use CryptoAPI instead of CAPICOM.I think I have solved the CryptoAPI mystic and got my certificate, signed mybody of the mail and got the hash for it. But I don''t know how to get mysigned code into the mail?The code looks like this, and gives this error when the outlook clientreseive the mail:Error: Can''t open this item. Your Digital ID name can not be found by theunderlying security system.This takes a byte array that I send from my CryptoAPI code.Code:private void SendMail(byte[] byteSignature){CDO.IBodyPart oBodyPart;ADODB.Fields cFields;ADODB.Stream oStream;// set sender, recipient, and subject.oMessage = new CDO.Message();oMessage.To = "re**********@Domain.dk";oMessage.Subject = "Test Mail";oMessage.Fields["urn:schemas:mailheader:date"].Value = DateTime.UtcNow;oMessage.Fields.Update();oMessage.From = "my*****@domain.dk";oBodyPart = oMessage.BodyPart.AddBodyPart(1);cFields = oBodyPart.Fields;cFields["urn:schemas:mailheader:content-type"].Value =CDO.CdoContentTypeValues.cdoTextPlain;cFields.Update();oStream = oBodyPart.GetDecodedContentStream();oStream.WriteText("Hello this is some test text",0);oStream.Flush();////// Start the new message////CDO.Message oSignedMsg = new CDO.Message();CDO.IBodyPart oBodyPart2;ADODB.Fields cFields2;ADODB.Stream oStream2;oSignedMsg.From = "My*****@domain.dk";// this is to be a clear text signed message so we need to copy theinteresting// parts (sender, recipient, and subject) into the new headeroSignedMsg.To = oMessage.To;oSignedMsg.CC = oMessage.CC;oSignedMsg.Subject = oMessage.Subject;oBodyPart2 = oSignedMsg.BodyPart.AddBodyPart(1);cFields2 = oBodyPart2.Fields;cFields2["urn:schemas:mailheader:content-type"].Value =oMessage.BodyPart.BodyParts[1].Fields["urn:schemas:mailheader:content-type"].Value;cFields2.Update();// Attach the signature and let CDO base64 encode itoBodyPart2 = oSignedMsg.BodyPart.AddBodyPart(1);cFields2 = oBodyPart2.Fields;oBodyPart2.Fields["urn:schemas:mailheader:content-type"].Value ="application/x-pkcs7-signature\rName = " + ''\u0022'' + "smime.p7s" + ''\u0022''+ "";oBodyPart2.Fields["urn:schemas:mailheader:content-transfer-encoding"].Value ="base64";oBodyPart2.Fields["urn:schemas:mailheader:content-disposition"].Value ="attachment;\rFileName=" + ''\u0022'' + "smime.p7s" + ''\u0022'' + "";cFields2.Update();//oStream2 = oBodyPart2.GetDecodedContentStream();oStream2.Type = ADODB.StreamTypeEnum.adTypeBinary;oStream2.Write (byteSignature);oStream2.Flush();// Set the messages content type, this needs to be done last to ensureit is not changed when we add the BodyPartsoSignedMsg.Fields["urn:schemas:mailheader:content-type"].Value ="multipart/signed;\rprotocol=" + ''\u0022'' + "application/x-pkcs7-signature" +''\u0022'' + ";\rmicalg=SHA1;";oSignedMsg.Fields.Update();oMessage = oSignedMsg;oMessage.Send();}推荐答案您好 我们已经审核了这个问题,目前正在研究它。我们将尽快更新您的b $ b。感谢您的耐心等待! Kevin Yu ======= 此帖已提供按原样没有保证,并且不授予 权利。HiWe have reviewed this issue and are currently researching on it. We willupdate you ASAP. Thanks for your patience!Kevin Yu======="This posting is provided "AS IS" with no warranties, and confers norights."你好, 基于我的理解是,您正在尝试从 UserA向UserB发送加密电子邮件,但在UserB中收到以下错误。Hello,Based on my understanding, you are trying to send encrypted email fromUserA to UserB, but get following error in UserB.错误:无法打开此项目。 底层安全系统无法找到您的数字身份证名称。Error: Can''t open this item. Your Digital ID name can not be found by theunderlying security system. 此错误表示没有数字身份证的收件人 应该发送一个或未加密的消息。您为列出的收件人提供的 证书无效。他们可能 已过期,可能是错误的类型,或者您的 安全策略可能不支持。您需要从/向收件人获取/设置新证书,以便加密邮件可以成功解密。 祝你好运, Rhett Gong [MSFT] Microsoft在线合作伙伴支持 此帖子按原样提供。没有保证,也没有授予任何权利。 请仅回复新闻组。谢谢。This error indicates that the recipient(s) that does not have a Digital IDshould either obtain one or an unencrypted message should be sent. Thecertificates you have for the recipients listed are not valid. They mayhave expired, may be the wrong type, or may not be supported by yoursecurity policy. You will need to get/set new certificates from/to therecipients so that the encrypted message could be decrypted successfully.Best regards,Rhett Gong [MSFT]Microsoft Online Partner SupportThis posting is provided "AS IS" with no warranties, and confers no rights.Please reply to newsgroups only. Thanks.你好, 我的证书工作正常。 如果我使用CAPICOM发送Sign Mail就没有问题了。 为了测试它我发送邮件给我自己,我和CAPICOM完美合作,但是 我的代码使用CryptoAPI +这里的代码我得到了错误。 我曾与一些CryptoAPI人谈过他们说我的CryptoAPI代码 应该没问题,但如果您认为我的邮件代码是正确的,您可以使用我的 加密代码。 最好的问候 Kim " Rhett Gong [MSFT]"写道:Hello,My Certificate is working perfect.If I use CAPICOM to send a Sign Mail there is no problem.To test it I send the mail to my self and I worked perfect with CAPICOM, butwith my code using CryptoAPI + the code here I got the error.I had talked to some CryptoAPI guys and they say that my CryptoAPI codeshould be fine but if you think my Mail code is correct you can se myCryptoAPI code.Best RegardsKim"Rhett Gong [MSFT]" wrote:您好,根据我的理解,您正在尝试从用户A发送加密电子邮件到UserB,但在UserB中收到以下错误。 /> Hello, Based on my understanding, you are trying to send encrypted email from UserA to UserB, but get following error in UserB.错误:无法打开此项目。 底层安全系统无法找到您的数字身份证名称。Error: Can''t open this item. Your Digital ID name can not be found by theunderlying security system. 此错误表示没有数字身份证的收件人应该获得一个或者应该发送未加密的消息。您列出的收件人的证书无效。他们可能已过期,可能是错误的类型,或者您的安全策略可能不支持。您需要从/向收件人获取/设置新证书,以便加密的邮件可以成功解密。 祝你好运, Rhett Gong [MSFT] 此帖子按原样提供。没有保证,也没有授予任何权利。请回复新闻组。谢谢。 This error indicates that the recipient(s) that does not have a Digital ID should either obtain one or an unencrypted message should be sent. The certificates you have for the recipients listed are not valid. They may have expired, may be the wrong type, or may not be supported by your security policy. You will need to get/set new certificates from/to the recipients so that the encrypted message could be decrypted successfully. Best regards, Rhett Gong [MSFT] Microsoft Online Partner Support This posting is provided "AS IS" with no warranties, and confers no rights. Please reply to newsgroups only. Thanks. 这篇关于电子签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持! 上岸,阿里云!
08-15 20:25