SmimeDecryptAndVerify Method (MailMessage, MessageVerificationFlags, CertificateStore, CertificateStore) |
Namespace: MailBee.Security
public SmimeResult DecryptAndVerify( MailMessage message, MessageVerificationFlags flags, CertificateStore[] storesForDecrypt, CertificateStore extraStoreForVerify )
Exception | Condition |
---|---|
MailBeeInvalidArgumentException | message is a null reference (Nothing in Visual Basic). |
MailBeeCertificateStoreWin32Exception | A WinAPI error occurred during opening Personal certificate store and ThrowExceptions is true. |
MailBeeSmimeWin32Exception | A WinAPI error occurred while performing S/MIME operation and ThrowExceptions is true. |
MailBeeCertificateException | A certificate error occurred ThrowExceptions is true. Typically, if the error message is "Keyset does not exist", indicates that there is no private key in the certicate required for decryption. |
The returned SmimeResult object provides access to the return values of this method, including DecryptedMessage, DecryptionCertificate, VerificationResult, and SignatureCertificate.
Thus, to access the decrypted message, use DecryptedMessage property; to get the certificate used for decryption, use DecryptionCertificate property.
To check the result of the message signature verification, examine VerificationResult property value. To access the signature certificate, use SignatureCertificate property.
See Decrypt(MailMessage) and Verify(MailMessage, MessageVerificationFlags, CertificateStore) topics for more details on decryption and verification process.
Note |
---|
This method is not available in .NET Standard 2.0 and newer (because it relies on Win32 API). Use DecryptAndVerify2(MailMessage, MessageVerificationFlags, X509Certificate2Collection, X509Certificate2Collection) instead. |
// To use the code below, import these namespaces at the top of your code using System; using MailBee; using MailBee.Mime; using MailBee.Security; // The actual code (put it into a method of your class) // Load the message from file. MailMessage msg = new MailMessage(); msg.LoadMessage(@"C:\Temp\encrypted.eml"); Smime objSmime = new Smime(); try { // Verify the message. SmimeResult smResult = objSmime.DecryptAndVerify(msg, MessageVerificationFlags.All, new CertificateStore[] {new CertificateStore(CertificateStore.Personal, CertStoreType.System, null)}, null); MessageVerificationFlags resultOptions = smResult.VerificationResult; // Check whether verification has been passed successfully. if (resultOptions != MessageVerificationFlags.None) { if ((resultOptions & MessageVerificationFlags.CertificateRevoked) == MessageVerificationFlags.CertificateRevoked) { Console.WriteLine("Error! Certificate revoked..."); } if ((resultOptions & MessageVerificationFlags.MessageTampered) == MessageVerificationFlags.MessageTampered) { Console.WriteLine("Error! Message has been tampered..."); } if ((resultOptions & MessageVerificationFlags.SignatureExpired) == MessageVerificationFlags.SignatureExpired) { Console.WriteLine("Error! Signature expired..."); } if ((resultOptions & MessageVerificationFlags.SignerAndSenderDoNotMatch) == MessageVerificationFlags.SignerAndSenderDoNotMatch) { Console.WriteLine("Error! Signer and sender do not match..."); } if ((resultOptions & MessageVerificationFlags.Untrusted) == MessageVerificationFlags.Untrusted) { Console.WriteLine("Error! Untrusted certificate..."); } } if (smResult.SignatureCertificate != null) { Console.WriteLine(smResult.SignatureCertificate.Subject); } if (smResult.DecryptionCertificate != null) { Console.WriteLine(smResult.DecryptionCertificate.Subject); } if (smResult.DecryptedMessage != null) { Console.WriteLine(smResult.DecryptedMessage.BodyPlainText); } } catch (MailBeeException ex) { Console.WriteLine(ex.Message); }