/// <summary> /// Creates a new <see cref="MultipartEncrypted"/>. /// </summary> /// <remarks> /// Encrypts the entity to the specified recipients, encapsulating the result in a /// new multipart/encrypted part. /// </remarks> /// <returns>A new <see cref="MimeKit.Cryptography.MultipartEncrypted"/> instance containing /// the encrypted version of the specified entity.</returns> /// <param name="recipients">The recipients for the encrypted entity.</param> /// <param name="entity">The entity to sign and encrypt.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="recipients"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.ArgumentException"> /// One or more of the recipient keys cannot be used for encrypting. /// </exception> /// <exception cref="System.NotSupportedException"> /// A default <see cref="OpenPgpContext"/> has not been registered. /// </exception> public static MultipartEncrypted Create(IEnumerable <PgpPublicKey> recipients, MimeEntity entity) { if (recipients == null) { throw new ArgumentNullException("recipients"); } if (entity == null) { throw new ArgumentNullException("entity"); } using (var ctx = (OpenPgpContext)CryptographyContext.Create("application/pgp-encrypted")) { return(Create(ctx, recipients, entity)); } }
/// <summary> /// Encrypts the specified entity. /// </summary> /// <remarks> /// Encrypts the entity to the specified recipients using the default <see cref="SecureMimeContext"/>. /// </remarks> /// <returns>The encrypted entity.</returns> /// <param name="recipients">The recipients.</param> /// <param name="entity">The entity.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="recipients"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.ArgumentException"> /// Valid certificates could not be found for one or more of the <paramref name="recipients"/>. /// </exception> /// <exception cref="CertificateNotFoundException"> /// A certificate could not be found for one or more of the <paramref name="recipients"/>. /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public static ApplicationPkcs7Mime Encrypt(IEnumerable <MailboxAddress> recipients, MimeEntity entity) { if (recipients == null) { throw new ArgumentNullException("recipients"); } if (entity == null) { throw new ArgumentNullException("entity"); } using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) { return(Encrypt(ctx, recipients, entity)); } }
/// <summary> /// Encrypts the specified entity. /// </summary> /// <remarks> /// Encrypts the entity to the specified recipients using the default <see cref="SecureMimeContext"/>. /// </remarks> /// <returns>The encrypted entity.</returns> /// <param name="recipients">The recipients.</param> /// <param name="entity">The entity.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="recipients"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public static ApplicationPkcs7Mime Encrypt(CmsRecipientCollection recipients, MimeEntity entity) { if (recipients == null) { throw new ArgumentNullException(nameof(recipients)); } if (entity == null) { throw new ArgumentNullException(nameof(entity)); } using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) { return(Encrypt(ctx, recipients, entity)); } }
/// <summary> /// Cryptographically signs the specified entity. /// </summary> /// <remarks> /// <para>Signs the entity using the supplied signer.</para> /// <para>For better interoperability with other mail clients, you should use /// <see cref="MultipartSigned.Create(SecureMimeContext, CmsSigner, MimeEntity)"/> /// instead as the multipart/signed format is supported among a much larger /// subset of mail client software.</para> /// </remarks> /// <returns>The signed entity.</returns> /// <param name="signer">The signer.</param> /// <param name="entity">The entity.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="signer"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public static ApplicationPkcs7Mime Sign(CmsSigner signer, MimeEntity entity) { if (signer == null) { throw new ArgumentNullException("signer"); } if (entity == null) { throw new ArgumentNullException("entity"); } using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) { return(Sign(ctx, signer, entity)); } }
/// <summary> /// Cryptographically signs the specified entity. /// </summary> /// <remarks> /// <para>Signs the entity using the supplied signer and digest algorithm.</para> /// <para>For better interoperability with other mail clients, you should use /// <see cref="MultipartSigned.Create(SecureMimeContext, CmsSigner, MimeEntity)"/> /// instead as the multipart/signed format is supported among a much larger /// subset of mail client software.</para> /// </remarks> /// <returns>The signed entity.</returns> /// <param name="signer">The signer.</param> /// <param name="digestAlgo">The digest algorithm to use for signing.</param> /// <param name="entity">The entity.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="signer"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="CertificateNotFoundException"> /// A signing certificate could not be found for <paramref name="signer"/>. /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public static ApplicationPkcs7Mime Sign(MailboxAddress signer, DigestAlgorithm digestAlgo, MimeEntity entity) { if (signer == null) { throw new ArgumentNullException("signer"); } if (entity == null) { throw new ArgumentNullException("entity"); } using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) { return(Sign(ctx, signer, digestAlgo, entity)); } }
static MultipartSigned Create(CryptographyContext ctx, DigestAlgorithm digestAlgo, MimeEntity entity, MimeEntity signature) { var micalg = ctx.GetDigestAlgorithmName(digestAlgo); var signed = new MultipartSigned(); // set the protocol and micalg Content-Type parameters signed.ContentType.Parameters["protocol"] = ctx.SignatureProtocol; signed.ContentType.Parameters["micalg"] = micalg; // add the modified/parsed entity as our first part signed.Add(entity); // add the detached signature as the second part signed.Add(signature); return(signed); }
/// <summary> /// Cryptographically signs and encrypts the specified entity. /// </summary> /// <remarks> /// Cryptographically signs entity using the supplied signer and the default <see cref="SecureMimeContext"/> /// and then encrypts the result to the specified recipients. /// </remarks> /// <returns>The signed and encrypted entity.</returns> /// <param name="signer">The signer.</param> /// <param name="digestAlgo">The digest algorithm to use for signing.</param> /// <param name="recipients">The recipients.</param> /// <param name="entity">The entity.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="signer"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="recipients"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="CertificateNotFoundException"> /// <para>A signing certificate could not be found for <paramref name="signer"/>.</para> /// <para>-or-</para> /// <para>A certificate could not be found for one or more of the <paramref name="recipients"/>.</para> /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public static ApplicationPkcs7Mime SignAndEncrypt(MailboxAddress signer, DigestAlgorithm digestAlgo, IEnumerable <MailboxAddress> recipients, MimeEntity entity) { if (signer == null) { throw new ArgumentNullException(nameof(signer)); } if (recipients == null) { throw new ArgumentNullException(nameof(recipients)); } if (entity == null) { throw new ArgumentNullException(nameof(entity)); } using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) return(SignAndEncrypt(ctx, signer, digestAlgo, recipients, entity)); }
/// <summary> /// Cryptographically signs and encrypts the specified entity. /// </summary> /// <remarks> /// Cryptographically signs entity using the supplied signer and then /// encrypts the result to the specified recipients. /// </remarks> /// <returns>The signed and encrypted entity.</returns> /// <param name="signer">The signer.</param> /// <param name="recipients">The recipients.</param> /// <param name="entity">The entity.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="signer"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="recipients"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public static ApplicationPkcs7Mime SignAndEncrypt(CmsSigner signer, CmsRecipientCollection recipients, MimeEntity entity) { if (signer == null) { throw new ArgumentNullException("signer"); } if (recipients == null) { throw new ArgumentNullException("recipients"); } if (entity == null) { throw new ArgumentNullException("entity"); } using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) { return(SignAndEncrypt(ctx, signer, recipients, entity)); } }
/// <summary> /// Creates a new <see cref="MultipartEncrypted"/>. /// </summary> /// <remarks> /// Signs the entity using the supplied signer and digest algorithm and then encrypts to /// the specified recipients, encapsulating the result in a new multipart/encrypted part. /// </remarks> /// <returns>A new <see cref="MimeKit.Cryptography.MultipartEncrypted"/> instance containing /// the signed and encrypted version of the specified entity.</returns> /// <param name="signer">The signer to use to sign the entity.</param> /// <param name="digestAlgo">The digest algorithm to use for signing.</param> /// <param name="cipherAlgo">The encryption algorithm.</param> /// <param name="recipients">The recipients for the encrypted entity.</param> /// <param name="entity">The entity to sign and encrypt.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="signer"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="recipients"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.ArgumentException"> /// <para><paramref name="signer"/> cannot be used for signing.</para> /// <para>-or-</para> /// <para>One or more of the recipient keys cannot be used for encrypting.</para> /// <para>-or-</para> /// <para>No recipients were specified.</para> /// </exception> /// <exception cref="System.ArgumentOutOfRangeException"> /// The <paramref name="digestAlgo"/> was out of range. /// </exception> /// <exception cref="System.NotSupportedException"> /// <para>A default <see cref="OpenPgpContext"/> has not been registered.</para> /// <para>-or-</para> /// <para>The <paramref name="digestAlgo"/> is not supported.</para> /// <para>-or-</para> /// <para>The <paramref name="cipherAlgo"/> is not supported.</para> /// </exception> /// <exception cref="System.OperationCanceledException"> /// The user chose to cancel the password prompt. /// </exception> /// <exception cref="System.UnauthorizedAccessException"> /// 3 bad attempts were made to unlock the secret key. /// </exception> public static MultipartEncrypted Create(PgpSecretKey signer, DigestAlgorithm digestAlgo, EncryptionAlgorithm cipherAlgo, IEnumerable <PgpPublicKey> recipients, MimeEntity entity) { if (signer == null) { throw new ArgumentNullException("signer"); } if (recipients == null) { throw new ArgumentNullException("recipients"); } if (entity == null) { throw new ArgumentNullException("entity"); } using (var ctx = (OpenPgpContext)CryptographyContext.Create("application/pgp-encrypted")) { return(Create(ctx, signer, digestAlgo, cipherAlgo, recipients, entity)); } }
/// <summary> /// Creates a new <see cref="MimeKit.Cryptography.MultipartEncrypted"/> instance with the entity as the content. /// </summary> /// <returns>A new <see cref="MimeKit.Cryptography.MultipartEncrypted"/> instance containing /// the signed and encrypted version of the specified entity.</returns> /// <param name="signer">The signer to use to sign the entity.</param> /// <param name="digestAlgo">The digest algorithm to use for signing.</param> /// <param name="recipients">The recipients for the encrypted entity.</param> /// <param name="entity">The entity to sign and encrypt.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="signer"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="recipients"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.NotSupportedException"> /// A default <see cref="OpenPgpContext"/> has not been registered. /// </exception> /// <exception cref="System.OperationCanceledException"> /// The user chose to cancel the password prompt. /// </exception> /// <exception cref="System.UnauthorizedAccessException"> /// 3 bad attempts were made to unlock the secret key. /// </exception> public static MultipartEncrypted Create(MailboxAddress signer, DigestAlgorithm digestAlgo, IEnumerable <MailboxAddress> recipients, MimeEntity entity) { if (signer == null) { throw new ArgumentNullException("signer"); } if (recipients == null) { throw new ArgumentNullException("recipients"); } if (entity == null) { throw new ArgumentNullException("entity"); } using (var ctx = CryptographyContext.Create("application/pgp-encrypted")) { using (var memory = new MemoryStream()) { var options = FormatOptions.Default.Clone(); options.NewLineFormat = NewLineFormat.Dos; PrepareEntityForEncrypting(entity); entity.WriteTo(options, memory); memory.Position = 0; var encrypted = new MultipartEncrypted(); encrypted.ContentType.Parameters["protocol"] = ctx.EncryptionProtocol; // add the protocol version part encrypted.Add(new ApplicationPgpEncrypted()); // add the encrypted entity as the second part encrypted.Add(ctx.SignAndEncrypt(signer, digestAlgo, recipients, memory)); return(encrypted); } } }
/// <summary> /// Creates a new <see cref="MimeKit.Cryptography.MultipartEncrypted"/> instance with the entity as the content. /// </summary> /// <returns>A new <see cref="MimeKit.Cryptography.MultipartEncrypted"/> instance containing /// the encrypted version of the specified entity.</returns> /// <param name="recipients">The recipients for the encrypted entity.</param> /// <param name="entity">The entity to sign and encrypt.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="recipients"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.NotSupportedException"> /// A default <see cref="OpenPgpContext"/> has not been registered. /// </exception> public static MultipartEncrypted Create(IEnumerable <MailboxAddress> recipients, MimeEntity entity) { if (recipients == null) { throw new ArgumentNullException("recipients"); } if (entity == null) { throw new ArgumentNullException("entity"); } using (var ctx = CryptographyContext.Create("application/pgp-encrypted")) { using (var memory = new MemoryStream()) { using (var filtered = new FilteredStream(memory)) { filtered.Add(new Unix2DosFilter()); PrepareEntityForEncrypting(entity); entity.WriteTo(filtered); filtered.Flush(); } memory.Position = 0; var encrypted = new MultipartEncrypted(); encrypted.ContentType.Parameters["protocol"] = ctx.EncryptionProtocol; // add the protocol version part encrypted.Add(new ApplicationPgpEncrypted()); // add the encrypted entity as the second part encrypted.Add(ctx.Encrypt(recipients, memory)); return(encrypted); } } }
/// <summary> /// Encrypt the message to the sender and all of the recipients /// using the specified cryptography context. /// </summary> /// <remarks> /// If either of the Resent-Sender or Resent-From headers are set, then the message /// will be encrypted to all of the addresses specified in the Resent headers /// (Resent-Sender, Resent-From, Resent-To, Resent-Cc, and Resent-Bcc), /// otherwise the message will be encrypted to all of the addresses specified in /// the standard address headers (Sender, From, To, Cc, and Bcc). /// </remarks> /// <param name="ctx">The cryptography context.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="ctx"/> is <c>null</c>. /// </exception> /// <exception cref="System.ArgumentException"> /// An unknown type of cryptography context was used. /// </exception> /// <exception cref="System.InvalidOperationException"> /// <para>The <see cref="Body"/> has not been set.</para> /// <para>-or-</para> /// <para>No recipients have been specified.</para> /// </exception> /// <exception cref="CertificateNotFoundException"> /// A certificate could not be found for one or more of the recipients. /// </exception> /// <exception cref="PublicKeyNotFoundException"> /// The public key could not be found for one or more of the recipients. /// </exception> public void Encrypt (CryptographyContext ctx) { if (ctx == null) throw new ArgumentNullException ("ctx"); if (Body == null) throw new InvalidOperationException ("No message body has been set."); var recipients = GetMessageRecipients (true); if (recipients.Count == 0) throw new InvalidOperationException ("No recipients have been set."); if (ctx is SecureMimeContext) { Body = ApplicationPkcs7Mime.Encrypt ((SecureMimeContext) ctx, recipients, Body); } else if (ctx is OpenPgpContext) { Body = MultipartEncrypted.Encrypt ((OpenPgpContext) ctx, recipients, Body); } else { throw new ArgumentException ("Unknown type of cryptography context.", "ctx"); } }
/// <summary> /// Sign the message using the specified cryptography context and digest algorithm. /// </summary> /// <remarks> /// If either of the Resent-Sender or Resent-From headers are set, then the message /// will be signed using the Resent-Sender (or first mailbox in the Resent-From) /// address as the signer address, otherwise the Sender or From address will be /// used instead. /// </remarks> /// <param name="ctx">The cryptography context.</param> /// <param name="digestAlgo">The digest algorithm.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="ctx"/> is <c>null</c>. /// </exception> /// <exception cref="System.InvalidOperationException"> /// <para>The <see cref="Body"/> has not been set.</para> /// <para>-or-</para> /// <para>A sender has not been specified.</para> /// </exception> /// <exception cref="System.ArgumentOutOfRangeException"> /// The <paramref name="digestAlgo"/> was out of range. /// </exception> /// <exception cref="System.NotSupportedException"> /// The <paramref name="digestAlgo"/> is not supported. /// </exception> /// <exception cref="CertificateNotFoundException"> /// A signing certificate could not be found for the sender. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found for the sender. /// </exception> public void Sign (CryptographyContext ctx, DigestAlgorithm digestAlgo) { if (ctx == null) throw new ArgumentNullException ("ctx"); if (Body == null) throw new InvalidOperationException ("No message body has been set."); var signer = GetMessageSigner (); if (signer == null) throw new InvalidOperationException ("The sender has not been set."); Body = MultipartSigned.Create (ctx, signer, digestAlgo, Body); }
/// <summary> /// Creates a new <see cref="MultipartSigned"/>. /// </summary> /// <remarks> /// Cryptographically signs the entity using the supplied signer in order /// to generate a detached signature and then adds the entity along with /// the detached signature data to a new multipart/signed part. /// </remarks> /// <returns>A new <see cref="MultipartSigned"/> instance.</returns> /// <param name="signer">The signer.</param> /// <param name="entity">The entity to sign.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="signer"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.NotSupportedException"> /// A cryptography context suitable for signing could not be found. /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public static MultipartSigned Create(CmsSigner signer, MimeEntity entity) { using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-signature")) return(Create(ctx, signer, entity)); }
/// <summary> /// Creates a new <see cref="MultipartSigned"/>. /// </summary> /// <remarks> /// Cryptographically signs the entity using the supplied signer and digest algorithm in /// order to generate a detached signature and then adds the entity along with the /// detached signature data to a new multipart/signed part. /// </remarks> /// <returns>A new <see cref="MultipartSigned"/> instance.</returns> /// <param name="signer">The signer.</param> /// <param name="digestAlgo">The digest algorithm to use for signing.</param> /// <param name="entity">The entity to sign.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="signer"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.ArgumentException"> /// <paramref name="signer"/> cannot be used for signing. /// </exception> /// <exception cref="System.ArgumentOutOfRangeException"> /// The <paramref name="digestAlgo"/> was out of range. /// </exception> /// <exception cref="System.NotSupportedException"> /// <para>A cryptography context suitable for signing could not be found.</para> /// <para>-or-</para> /// <para>The <paramref name="digestAlgo"/> is not supported.</para> /// </exception> /// <exception cref="Org.BouncyCastle.Bcpg.OpenPgp.PgpException"> /// An error occurred in the OpenPGP subsystem. /// </exception> public static MultipartSigned Create(PgpSecretKey signer, DigestAlgorithm digestAlgo, MimeEntity entity) { using (var ctx = (OpenPgpContext)CryptographyContext.Create("application/pgp-signature")) return(Create(ctx, signer, digestAlgo, entity)); }
/// <summary> /// Decrypts the <see cref="MultipartEncrypted"/> part. /// </summary> /// <remarks> /// Decrypts the <see cref="MultipartEncrypted"/> and extracts any digital signatures in cases /// where the content was also signed. /// </remarks> /// <returns>The decrypted entity.</returns> /// <param name="signatures">A list of digital signatures if the data was both signed and encrypted.</param> /// <exception cref="System.FormatException"> /// <para>The <c>protocol</c> parameter was not specified.</para> /// <para>-or-</para> /// <para>The multipart is malformed in some way.</para> /// </exception> /// <exception cref="System.NotSupportedException"> /// A suitable <see cref="MimeKit.Cryptography.CryptographyContext"/> for /// decrypting could not be found. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found to decrypt the encrypted data. /// </exception> /// <exception cref="System.OperationCanceledException"> /// The user chose to cancel the password prompt. /// </exception> /// <exception cref="System.UnauthorizedAccessException"> /// 3 bad attempts were made to unlock the secret key. /// </exception> public MimeEntity Decrypt(out DigitalSignatureCollection signatures) { var protocol = ContentType.Parameters["protocol"]; if (string.IsNullOrEmpty(protocol)) { throw new FormatException(); } protocol = protocol.Trim().ToLowerInvariant(); if (Count < 2) { throw new FormatException(); } var version = this[0] as MimePart; if (version == null) { throw new FormatException(); } var ctype = version.ContentType; var value = string.Format("{0}/{1}", ctype.MediaType, ctype.MediaSubtype); if (value.ToLowerInvariant() != protocol) { throw new FormatException(); } var encrypted = this[1] as MimePart; if (encrypted == null || encrypted.ContentObject == null) { throw new FormatException(); } if (!encrypted.ContentType.Matches("application", "octet-stream")) { throw new FormatException(); } using (var ctx = CryptographyContext.Create(protocol)) { using (var memory = new MemoryBlockStream()) { var pgp = ctx as OpenPgpContext; encrypted.ContentObject.DecodeTo(memory); memory.Position = 0; if (pgp != null) { return(pgp.Decrypt(memory, out signatures)); } signatures = null; return(ctx.Decrypt(memory)); } } }
/// <summary> /// Verifies the multipart/signed part. /// </summary> /// <remarks> /// Verifies the multipart/signed part using the supplied cryptography context. /// </remarks> /// <returns>A signer info collection.</returns> /// <param name="ctx">The cryptography context to use for verifying the signature.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="ctx"/> is <c>null</c>. /// </exception> /// <exception cref="System.FormatException"> /// The multipart is malformed in some way. /// </exception> /// <exception cref="System.NotSupportedException"> /// <paramref name="ctx"/> does not support verifying the signature part. /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public DigitalSignatureCollection Verify (CryptographyContext ctx) { if (ctx == null) throw new ArgumentNullException ("ctx"); var protocol = ContentType.Parameters["protocol"]; if (string.IsNullOrEmpty (protocol)) throw new FormatException ("The multipart/signed part did not specify a protocol."); if (!ctx.Supports (protocol.Trim ())) throw new NotSupportedException ("The specified cryptography context does not support the signature protocol."); if (Count < 2) throw new FormatException ("The multipart/signed part did not contain the expected children."); var signature = this[1] as MimePart; if (signature == null || signature.ContentObject == null) throw new FormatException ("The signature part could not be found."); var ctype = signature.ContentType; var value = string.Format ("{0}/{1}", ctype.MediaType, ctype.MediaSubtype); if (!ctx.Supports (value)) throw new NotSupportedException (string.Format ("The specified cryptography context does not support '{0}'.", value)); using (var signatureData = new MemoryBlockStream ()) { signature.ContentObject.DecodeTo (signatureData); signatureData.Position = 0; using (var cleartext = new MemoryBlockStream ()) { // Note: see rfc2015 or rfc3156, section 5.1 var options = FormatOptions.Default.Clone (); options.NewLineFormat = NewLineFormat.Dos; this[0].WriteTo (options, cleartext); cleartext.Position = 0; return ctx.Verify (cleartext, signatureData); } } }
/// <summary> /// Creates a new <see cref="MultipartSigned"/>. /// </summary> /// <remarks> /// Cryptographically signs the entity using the supplied signer and digest algorithm in /// order to generate a detached signature and then adds the entity along with the /// detached signature data to a new multipart/signed part. /// </remarks> /// <returns>A new <see cref="MultipartSigned"/> instance.</returns> /// <param name="ctx">The cryptography context to use for signing.</param> /// <param name="signer">The signer.</param> /// <param name="digestAlgo">The digest algorithm to use for signing.</param> /// <param name="entity">The entity to sign.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="ctx"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="signer"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="entity"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.ArgumentOutOfRangeException"> /// The <paramref name="digestAlgo"/> was out of range. /// </exception> /// <exception cref="System.NotSupportedException"> /// The <paramref name="digestAlgo"/> is not supported. /// </exception> /// <exception cref="CertificateNotFoundException"> /// A signing certificate could not be found for <paramref name="signer"/>. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found for <paramref name="signer"/>. /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public static MultipartSigned Create (CryptographyContext ctx, MailboxAddress signer, DigestAlgorithm digestAlgo, MimeEntity entity) { if (signer == null) throw new ArgumentNullException ("signer"); if (entity == null) throw new ArgumentNullException ("entity"); PrepareEntityForSigning (entity); using (var memory = new MemoryBlockStream ()) { using (var filtered = new FilteredStream (memory)) { // Note: see rfc3156, section 3 - second note filtered.Add (new ArmoredFromFilter ()); // Note: see rfc3156, section 5.4 (this is the main difference between rfc2015 and rfc3156) filtered.Add (new TrailingWhitespaceFilter ()); // Note: see rfc2015 or rfc3156, section 5.1 filtered.Add (new Unix2DosFilter ()); entity.WriteTo (filtered); filtered.Flush (); } memory.Position = 0; // Note: we need to parse the modified entity structure to preserve any modifications var parser = new MimeParser (memory, MimeFormat.Entity); var parsed = parser.ParseEntity (); memory.Position = 0; // sign the cleartext content var signature = ctx.Sign (signer, digestAlgo, memory); var micalg = ctx.GetDigestAlgorithmName (digestAlgo); var signed = new MultipartSigned (); // set the protocol and micalg Content-Type parameters signed.ContentType.Parameters["protocol"] = ctx.SignatureProtocol; signed.ContentType.Parameters["micalg"] = micalg; // add the modified/parsed entity as our first part signed.Add (parsed); // add the detached signature as the second part signed.Add (signature); return signed; } }
/// <summary> /// Verifies the multipart/signed part. /// </summary> /// <remarks> /// Verifies the multipart/signed part using the supplied cryptography context. /// </remarks> /// <returns>A signer info collection.</returns> /// <param name="ctx">The cryptography context to use for verifying the signature.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="ctx"/> is <c>null</c>. /// </exception> /// <exception cref="System.FormatException"> /// The multipart is malformed in some way. /// </exception> /// <exception cref="System.NotSupportedException"> /// <paramref name="ctx"/> does not support verifying the signature part. /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public DigitalSignatureCollection Verify(CryptographyContext ctx) { using (var cleartext = new MemoryBlockStream()) { return(Verify(ctx, cleartext)); } }
/// <summary> /// Decrypt the enveloped-data. /// </summary> /// <remarks> /// Decrypts the enveloped-data using the default <see cref="SecureMimeContext"/>. /// </remarks> /// <returns>The decrypted <see cref="MimeKit.MimeEntity"/>.</returns> /// <param name="cancellationToken">The cancellation token.</param> /// <exception cref="System.InvalidOperationException"> /// The "smime-type" parameter on the Content-Type header is not "certs-only". /// </exception> /// <exception cref="System.OperationCanceledException"> /// The operation was cancelled via the cancellation token. /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public MimeEntity Decrypt(CancellationToken cancellationToken = default(CancellationToken)) { using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) return(Decrypt(ctx, cancellationToken)); }
/// <summary> /// Verifies the signed-data and returns the unencapsulated <see cref="MimeKit.MimeEntity"/>. /// </summary> /// <remarks> /// Verifies the signed-data and returns the unencapsulated <see cref="MimeKit.MimeEntity"/>. /// </remarks> /// <returns>The list of digital signatures.</returns> /// <param name="entity">The unencapsulated entity.</param> /// <exception cref="System.InvalidOperationException"> /// The "smime-type" parameter on the Content-Type header is not "signed-data". /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public DigitalSignatureCollection Verify(out MimeEntity entity) { using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) { return(Verify(ctx, out entity)); } }
/// <summary> /// Sign and encrypt the message to the sender and all of the recipients using /// the specified cryptography context and the specified digest algorithm. /// </summary> /// <remarks> /// <para>If either of the Resent-Sender or Resent-From headers are set, then the message /// will be signed using the Resent-Sender (or first mailbox in the Resent-From) /// address as the signer address, otherwise the Sender or From address will be /// used instead.</para> /// <para>Likewise, if either of the Resent-Sender or Resent-From headers are set, then the /// message will be encrypted to all of the addresses specified in the Resent headers /// (Resent-Sender, Resent-From, Resent-To, Resent-Cc, and Resent-Bcc), /// otherwise the message will be encrypted to all of the addresses specified in /// the standard address headers (Sender, From, To, Cc, and Bcc).</para> /// </remarks> /// <param name="ctx">The cryptography context.</param> /// <param name="digestAlgo">The digest algorithm.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="ctx"/> is <c>null</c>. /// </exception> /// <exception cref="System.ArgumentException"> /// An unknown type of cryptography context was used. /// </exception> /// <exception cref="System.ArgumentOutOfRangeException"> /// The <paramref name="digestAlgo"/> was out of range. /// </exception> /// <exception cref="System.InvalidOperationException"> /// <para>The <see cref="Body"/> has not been set.</para> /// <para>-or-</para> /// <para>The sender has been specified.</para> /// <para>-or-</para> /// <para>No recipients have been specified.</para> /// </exception> /// <exception cref="System.NotSupportedException"> /// The <paramref name="digestAlgo"/> is not supported. /// </exception> /// <exception cref="CertificateNotFoundException"> /// A certificate could not be found for the signer or one or more of the recipients. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found for the sender. /// </exception> /// <exception cref="PublicKeyNotFoundException"> /// The public key could not be found for one or more of the recipients. /// </exception> public void SignAndEncrypt (CryptographyContext ctx, DigestAlgorithm digestAlgo) { if (ctx == null) throw new ArgumentNullException ("ctx"); if (Body == null) throw new InvalidOperationException ("No message body has been set."); var signer = GetMessageSigner (); if (signer == null) throw new InvalidOperationException ("The sender has not been set."); var recipients = GetMessageRecipients (true); if (recipients.Count == 0) throw new InvalidOperationException ("No recipients have been set."); if (ctx is SecureMimeContext) { Body = ApplicationPkcs7Mime.SignAndEncrypt ((SecureMimeContext) ctx, signer, digestAlgo, recipients, Body); } else if (ctx is OpenPgpContext) { Body = MultipartEncrypted.SignAndEncrypt ((OpenPgpContext) ctx, signer, digestAlgo, recipients, Body); } else { throw new ArgumentException ("Unknown type of cryptography context.", "ctx"); } }
/// <summary> /// Verifies the signed-data and returns the unencapsulated <see cref="MimeKit.MimeEntity"/>. /// </summary> /// <remarks> /// Verifies the signed-data using the default <see cref="SecureMimeContext"/> and returns the /// unencapsulated <see cref="MimeKit.MimeEntity"/>. /// </remarks> /// <returns>The list of digital signatures.</returns> /// <param name="entity">The unencapsulated entity.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <exception cref="System.InvalidOperationException"> /// The "smime-type" parameter on the Content-Type header is not "signed-data". /// </exception> /// <exception cref="System.OperationCanceledException"> /// The operation was cancelled via the cancellation token. /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public DigitalSignatureCollection Verify(out MimeEntity entity, CancellationToken cancellationToken = default(CancellationToken)) { using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) return(Verify(ctx, out entity, cancellationToken)); }
/// <summary> /// Sign and encrypt the message to the sender and all of the recipients using /// the specified cryptography context and the SHA-1 digest algorithm. /// </summary> /// <remarks> /// <para>If either of the Resent-Sender or Resent-From headers are set, then the message /// will be signed using the Resent-Sender (or first mailbox in the Resent-From) /// address as the signer address, otherwise the Sender or From address will be /// used instead.</para> /// <para>Likewise, if either of the Resent-Sender or Resent-From headers are set, then the /// message will be encrypted to all of the addresses specified in the Resent headers /// (Resent-Sender, Resent-From, Resent-To, Resent-Cc, and Resent-Bcc), /// otherwise the message will be encrypted to all of the addresses specified in /// the standard address headers (Sender, From, To, Cc, and Bcc).</para> /// </remarks> /// <param name="ctx">The cryptography context.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="ctx"/> is <c>null</c>. /// </exception> /// <exception cref="System.ArgumentException"> /// An unknown type of cryptography context was used. /// </exception> /// <exception cref="System.InvalidOperationException"> /// <para>The <see cref="Body"/> has not been set.</para> /// <para>-or-</para> /// <para>The sender has been specified.</para> /// <para>-or-</para> /// <para>No recipients have been specified.</para> /// </exception> /// <exception cref="CertificateNotFoundException"> /// A certificate could not be found for the signer or one or more of the recipients. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found for the sender. /// </exception> /// <exception cref="PublicKeyNotFoundException"> /// The public key could not be found for one or more of the recipients. /// </exception> public void SignAndEncrypt (CryptographyContext ctx) { SignAndEncrypt (ctx, DigestAlgorithm.Sha1); }
/// <summary> /// Decrypts the content. /// </summary> /// <remarks> /// Decrypts the content using the default <see cref="SecureMimeContext"/>. /// </remarks> /// <returns>The decrypted <see cref="MimeKit.MimeEntity"/>.</returns> /// <exception cref="System.InvalidOperationException"> /// The "smime-type" parameter on the Content-Type header is not "certs-only". /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public MimeEntity Decrypt() { using (var ctx = (SecureMimeContext)CryptographyContext.Create("application/pkcs7-mime")) { return(Decrypt(ctx)); } }