static void Main (string[] args)
{
// Select a binary file
var dialog = new OpenFileDialog {
Filter = "All files (*.*)|*.*",
InitialDirectory = "./",
Title = "Select a text file"
};
var filename = (dialog.ShowDialog () == DialogResult.OK) ? dialog.FileName : null;
var certificate2 = new X509Certificate2 ("c:/temp1/cert.pfx", "password");
MimeEntity body;
using (var content = new MemoryStream (File.ReadAllBytes (filename)))
var part = new MimePart (MimeTypes.GetMimeType (filename)) {
ContentDisposition = new ContentDisposition (ContentDisposition.Attachment),
ContentTransferEncoding = ContentEncoding.Binary,
FileName = Path.GetFileName (filename),
Content = new MimeContent (content)
};
var recipient = new CmsRecipient (certificate2) {
EncryptionAlgorithms = new EncryptionAlgorithm[] { EncryptionAlgorithm.TripleDes }
};
var recipients = new CmsRecipientCollection ();
recipients.Add (recipient);
var signer = new CmsSigner (certificate2) {
DigestAlgorithm = DigestAlgorithm.Sha256
};
using (var ctx = new TemporarySecureMimeContext ())
body = ApplicationPkcs7Mime.SignAndEncrypt (ctx, signer, recipients, part);
}
/*
* tries to sign and encrypt a MimeEntity
*/
public static MimeEntity SignAndEncryptEntity(MimeEntity entity, MailboxAddress signer, IEnumerable <MailboxAddress> list)
{
using (WindowsSecureMimeContext ctx = new WindowsSecureMimeContext(sys.StoreLocation.CurrentUser))
{
return(ApplicationPkcs7Mime.SignAndEncrypt(ctx, signer, DigestAlgorithm.Sha1, list, entity));
}
}
public void TestSecureMimeSignAndEncrypt()
{
var self = new MailboxAddress("MimeKit UnitTests", "*****@*****.**");
var recipients = new List <MailboxAddress> ();
// encrypt to ourselves...
recipients.Add(self);
var cleartext = new TextPart("plain");
cleartext.Text = "This is some cleartext that we'll end up encrypting...";
ApplicationPkcs7Mime encrypted;
using (var ctx = CreateContext()) {
encrypted = ApplicationPkcs7Mime.SignAndEncrypt(ctx, self, DigestAlgorithm.Sha1, recipients, cleartext);
Assert.AreEqual(SecureMimeType.EnvelopedData, encrypted.SecureMimeType, "S/MIME type did not match.");
}
using (var ctx = CreateContext()) {
IList <IDigitalSignature> signatures;
var decrypted = encrypted.Decrypt(ctx, out signatures);
Assert.IsNull(signatures, "Did not expect to find any signatures from an encrypted message.");
// The decrypted part should be a multipart/signed
Assert.IsInstanceOfType(typeof(MultipartSigned), decrypted, "Expected the decrypted part to be a multipart/signed.");
var signed = (MultipartSigned)decrypted;
Assert.IsInstanceOfType(typeof(TextPart), signed[0], "Expected the first part of the multipart/signed to be a multipart.");
Assert.IsInstanceOfType(typeof(ApplicationPkcs7Signature), signed[1], "Expected second part of the multipart/signed to be a pkcs7-signature.");
var extracted = (TextPart)signed[0];
Assert.AreEqual(cleartext.Text, extracted.Text, "The decrypted text part's text does not match the original.");
signatures = signed.Verify(ctx);
Assert.AreEqual(1, signatures.Count, "Verify returned an unexpected number of signatures.");
foreach (var signature in signatures)
{
try {
bool valid = signature.Verify();
Assert.IsTrue(valid, "Bad signature from {0}", signature.SignerCertificate.Email);
} catch (DigitalSignatureVerifyException ex) {
Assert.Fail("Failed to verify signature: {0}", ex);
}
}
}
}
public void TestArgumentExceptions()
{
var path = Path.Combine("..", "..", "TestData", "smime", "smime.p12");
var entity = new TextPart("plain")
{
Text = "This is some text..."
};
var mailbox = new MailboxAddress("MimeKit UnitTests", "*****@*****.**");
var recipients = new CmsRecipientCollection();
var signer = new CmsSigner(path, "no.secret");
var mailboxes = new [] { mailbox };
recipients.Add(new CmsRecipient(signer.Certificate));
using (var ctx = new TemporarySecureMimeContext()) {
using (var file = File.OpenRead(path))
ctx.Import(file, "no.secret");
// Compress
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Compress(null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Compress(ctx, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Compress(null));
// Encrypt
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt(null, mailboxes, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt(null, recipients, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt(ctx, (IEnumerable <MailboxAddress>)null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt(ctx, (CmsRecipientCollection)null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt(ctx, recipients, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt(ctx, mailboxes, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt((IEnumerable <MailboxAddress>)null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt((CmsRecipientCollection)null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt(recipients, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Encrypt(mailboxes, null));
// Sign
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign(null, mailbox, DigestAlgorithm.Sha1, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign(null, signer, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign(ctx, (MailboxAddress)null, DigestAlgorithm.Sha1, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign(ctx, (CmsSigner)null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign(ctx, mailbox, DigestAlgorithm.Sha1, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign(ctx, signer, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign((MailboxAddress)null, DigestAlgorithm.Sha1, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign((CmsSigner)null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign(mailbox, DigestAlgorithm.Sha1, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.Sign(signer, null));
// SignAndEncrypt
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(null, mailbox, DigestAlgorithm.Sha1, mailboxes, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(ctx, null, DigestAlgorithm.Sha1, mailboxes, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(ctx, mailbox, DigestAlgorithm.Sha1, null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(ctx, mailbox, DigestAlgorithm.Sha1, mailboxes, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(null, DigestAlgorithm.Sha1, mailboxes, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(mailbox, DigestAlgorithm.Sha1, null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(mailbox, DigestAlgorithm.Sha1, mailboxes, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(null, signer, recipients, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(ctx, null, recipients, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(ctx, signer, null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(ctx, signer, recipients, null));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(null, recipients, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(signer, null, entity));
Assert.Throws <ArgumentNullException> (() => ApplicationPkcs7Mime.SignAndEncrypt(signer, recipients, null));
var compressed = ApplicationPkcs7Mime.Compress(ctx, entity);
var encrypted = ApplicationPkcs7Mime.Encrypt(recipients, entity);
var signed = ApplicationPkcs7Mime.Sign(signer, entity);
// Decompress
Assert.Throws <ArgumentNullException> (() => compressed.Decompress(null));
Assert.Throws <InvalidOperationException> (() => encrypted.Decompress(ctx));
Assert.Throws <InvalidOperationException> (() => signed.Decompress(ctx));
// Decrypt
Assert.Throws <ArgumentNullException> (() => encrypted.Decrypt(null));
Assert.Throws <InvalidOperationException> (() => compressed.Decrypt(ctx));
Assert.Throws <InvalidOperationException> (() => signed.Decrypt(ctx));
// Verify
Assert.Throws <ArgumentNullException> (() => {
MimeEntity mime;
signed.Verify(null, out mime);
});
Assert.Throws <InvalidOperationException> (() => {
MimeEntity mime;
compressed.Verify(ctx, out mime);
});
Assert.Throws <InvalidOperationException> (() => {
MimeEntity mime;
encrypted.Verify(ctx, out mime);
});
}
}
public void TestSecureMimeSignAndEncrypt()
{
var self = new MailboxAddress("MimeKit UnitTests", "*****@*****.**");
var recipients = new List <MailboxAddress> ();
// encrypt to ourselves...
recipients.Add(self);
var cleartext = new TextPart("plain");
cleartext.Text = "This is some cleartext that we'll end up encrypting...";
ApplicationPkcs7Mime encrypted;
using (var ctx = CreateContext()) {
encrypted = ApplicationPkcs7Mime.SignAndEncrypt(ctx, self, DigestAlgorithm.Sha1, recipients, cleartext);
Assert.AreEqual(SecureMimeType.EnvelopedData, encrypted.SecureMimeType, "S/MIME type did not match.");
}
using (var ctx = CreateContext()) {
var decrypted = encrypted.Decrypt(ctx);
// The decrypted part should be a multipart/signed
Assert.IsInstanceOfType(typeof(MultipartSigned), decrypted, "Expected the decrypted part to be a multipart/signed.");
var signed = (MultipartSigned)decrypted;
Assert.IsInstanceOfType(typeof(TextPart), signed[0], "Expected the first part of the multipart/signed to be a multipart.");
Assert.IsInstanceOfType(typeof(ApplicationPkcs7Signature), signed[1], "Expected second part of the multipart/signed to be a pkcs7-signature.");
var extracted = (TextPart)signed[0];
Assert.AreEqual(cleartext.Text, extracted.Text, "The decrypted text part's text does not match the original.");
var signatures = signed.Verify(ctx);
Assert.AreEqual(1, signatures.Count, "Verify returned an unexpected number of signatures.");
foreach (var signature in signatures)
{
try {
bool valid = signature.Verify();
Assert.IsTrue(valid, "Bad signature from {0}", signature.SignerCertificate.Email);
} catch (DigitalSignatureVerifyException ex) {
Assert.Fail("Failed to verify signature: {0}", ex);
}
var algorithms = ((SecureMimeDigitalSignature)signature).EncryptionAlgorithms;
Assert.AreEqual(EncryptionAlgorithm.Camellia256, algorithms[0], "Expected Camellia-256 capability");
Assert.AreEqual(EncryptionAlgorithm.Aes256, algorithms[1], "Expected AES-256 capability");
Assert.AreEqual(EncryptionAlgorithm.Camellia192, algorithms[2], "Expected Camellia-192 capability");
Assert.AreEqual(EncryptionAlgorithm.Aes192, algorithms[3], "Expected AES-192 capability");
Assert.AreEqual(EncryptionAlgorithm.Camellia128, algorithms[4], "Expected Camellia-128 capability");
Assert.AreEqual(EncryptionAlgorithm.Aes128, algorithms[5], "Expected AES-128 capability");
Assert.AreEqual(EncryptionAlgorithm.Idea, algorithms[6], "Expected IDEA capability");
Assert.AreEqual(EncryptionAlgorithm.Cast5, algorithms[7], "Expected Cast5 capability");
Assert.AreEqual(EncryptionAlgorithm.TripleDes, algorithms[8], "Expected Triple-DES capability");
//Assert.AreEqual (EncryptionAlgorithm.RC2128, algorithms[9], "Expected RC2-128 capability");
//Assert.AreEqual (EncryptionAlgorithm.RC264, algorithms[10], "Expected RC2-64 capability");
//Assert.AreEqual (EncryptionAlgorithm.Des, algorithms[11], "Expected DES capability");
//Assert.AreEqual (EncryptionAlgorithm.RC240, algorithms[12], "Expected RC2-40 capability");
}
}
}