Getting the public certificate from a mail which is signed and encrypted

Question

I have the whole mail as a string which is encrypted and signed.

By Default in outlook express if the receiver does not have the public certificate of the sender then the public certificate is extracted from the mail and stored into the certificate manager. so later on we can reply to that mail which will also go as encrypted and signed

I want to achieve the same functionality using c#.

How do I extract the public certificate from the text of the mail and store it into the certificate manager?

Answer 1

It is going to depend on the type of signature used, but if you know where the email ends and where the signature portion of the email starts, then you should be able to parse this information using a class from .NET named System.Security.Cryptography.Pkcs.SignedCms.

A pseudo-code example of what this may look like... I made a couple assumptions that we can discuss further if needed. The function references expect things to be done behind them. we can discuss what would be needed in those methods further if needed.

var rawEmailBytes = pseudo_GetRawEmail();  // function that gets the raw email
var signedCmsBytes = psuedo_GetSignedCmsData(rawEmailBytes)   // would pull out the signed package bytes from the email
var signedCms = new SignedCms();
signedCms.Decode(signedCmsBytes)

foreach (var certificate in signedCms.Certificates) {
   psuedo_StoreCertificate(certificate)   // store certificate using the cert manager.
}

There is no guarantee that the certificate will be stored in this collection as it is optional that the certificate be included in the signature package. Add a note if you would like to discuss further.

Also, if you would like to see the RFC on this signature type you can read at URL http://www.ietf.org/rfc/rfc3852.txt. Specifically look at the Signed Data type, starting in section 5.1