MessageVerificationFlags Enumeration |
Namespace: MailBee.Security
Member name | Value | Description | |
---|---|---|---|
None | 0 | No criteria (the message signature successfully passed all the tests or the message was not signed and there were no tests to pass). | |
MessageTampered | 1 | The signature or content of the message was altered. | |
SignatureExpired | 2 | The signature of the message is expired. | |
SignerAndSenderDoNotMatch | 4 | The e-mail address of the sender (Email value of MailMessage.From object) does not match the EmailAddress of the certificate used to sign the message. | |
CertificateRevoked | 8 | The certificate used to sign the message is not valid anymore. | |
Untrusted | 16 | The certificate used to sign the message is not trusted. In other words, it was issued by an organization which is not trusted itself because its certificate was not found in the certification authorities stores such as IntermediateCA or RootCA. | |
All | 31 | All the criteria listed above. |
Verify(MailMessage, MessageVerificationFlags, CertificateStore) and DecryptAndVerify(MailMessage, MessageVerificationFlags) methods of Smime class can be used to verify message signatures accordingly MessageVerificationFlags criteria. These methods take MessageVerificationFlags value as one of the input parameters and return another MessageVerificationFlags value as one of the output parameters. The flags which have been set in the input value and remained in the output value indicate the verification tests which have not passed successfully.
Thus, if certain MessageVerificationFlags was set in the input parameter, the corresponding test will be made and the resulting value will have the same flag set if the corresponding test failed. This means each flag has two meanings: as input parameter "what to test" and as output parameter "whether the test failed or succeeded".
Note |
---|
Testing whether the signature is Untrusted actually checks if the signature certificate is issued by an organization (certification authority, CA) whose certificate is listed in the store of certification authorities. By default, they are IntermediateCA and RootCA. If the valid certificate of the CA is not there, the certificate of the signature is considered not trusted. You can use extraStore parameter of Verify(MailMessage, MessageVerificationFlags, CertificateStore) method to extend the list of CA stores if the CA certificate of the message signature resides in another location. |