EldoS | Feel safer!

Software components for data protection, secure storage and transfer

PKCS11 Mime Smtp

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
Posted: 01/31/2010 05:54:08
by Marcel Talamini (Standard support level)
Joined: 01/30/2010
Posts: 15


We are developing an application to send signed mime messages.
The envelop-mime message contains other mimeparts some of them must signed with an PKCS11 token or smartcard.
Also the envelop-mime must signed with the PKCS11 certificate.
And finally the envelop-mime will be send through an email client (SMTP).

Contruction mime envelop:

mimepart XML (unsigned)
mimepart PDF (signed)
mimepart PDF (signed)

Can I achieve this with SecureBlackbox?
If so, would you be so kind to give me some hints,

thanks in advance,

Best regards,
Posted: 01/31/2010 06:27:02
by Eugene Mayevski (EldoS Corp.)

Yes, all of the above can be done using SecureBlackbox. You would need SecureBlackbox Standard license to cover all needed functionality.

Please take a look at MimeMaker and SecureMail samples regarding how to create multipart messages and sign parts using S/MIME. I must say that your request is very specific, so you won't find out of the box code to do what you want, but in general SecureBlackbox MIME and S/MIME classes let you do what you need.

When signing the data, you need to specify the certificate which will be used for signing. The samples will show you how to do this. As you need to use PKCS11 for the task, you need to check PKCS11 sample regarding how to use PKCS11 in general, and to specify the certificate from PKCS11 storage you need to create an instance of ElMemoryCertStorage class and add the certificate taken from PKCS11 storage to the newly created instance. Then pass this instance to S/MIME class. The certificate knows it's "origins" so PKCS#11 will be used to sign the message part.

Sincerely yours
Eugene Mayevski
Posted: 01/31/2010 06:29:32
by Eugene Mayevski (EldoS Corp.)

Also, we don't have a sample for SMTP, but it's trivial - use ElSMTPClient component and call Open, Login, Send and Close methods in the specified sequence. Login is mandatory!

Sincerely yours
Eugene Mayevski
Posted: 02/02/2010 08:33:44
by Marcel Talamini (Standard support level)
Joined: 01/30/2010
Posts: 15

Thanks for your quick reply.

There are some gaps in my knowledge of this topic.
I've tried a lot but still getting a null exception when I use signing.

Where am I going wrong?

[ Download ]
Posted: 02/03/2010 04:04:13
by Marcel Talamini (Standard support level)
Joined: 01/30/2010
Posts: 15

I found the problem.

null Exception occured because I forgot to fill the .From and .To_ properties of the messages.
Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.



Topic viewed 1481 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!