Managed C++/CLI - Verify digital signature and decrypt email - S/MIME

The following C++/CLI codes demonstrate how to verify S/MIME digital signature and decrypt encrypted email.

How to sign email?

Digital signature is always signed by sender certificate. The certificate used to sign email content MUST have the public/private key pair.

First of all, the user MUST get a digital certificate for personal email protection from third-party certificate authorities such as

After the certificate is installed on the machine, it can be viewed by Control Panel -> Internet Options -> Content -> Certificates -> Personal. When you view the certificate, please note there is a line “You have a private key that corresponds to this certificate” in the certificate view, that means you are able to use this certificate to sign email content. If this line doesn’t appear, that means you are unable to sign the email content by this certificate.

To sign email content, please refer to EASendMail SMTP Component.

How to encrypt email?

Encrypting email doesn’t require sender certificate but the certificate with public key for every recipient.

For example: sends an email to with digital signature; The digital signature contains the public key certificate for, then can send an encrypted email with this certificate back to; Only from@adminsystem can read this email, because this email MUST be decrypted by private key of

Therefore, you MUST receive an digital signed email from other people (Most email clients such as outlook, outlook express will add the certificate to the Other People Storage automatically once an digital signed email is received) before you can send encrypted email to this people.

To encrypt email, please refer to EASendMail SMTP Component.

EAGetMail Mail class provides an easy way to verify the email digital signature and get the signer certificate. The signer certificate only contains the public key, that means you can add this certificate to your user certificate storage so that you can use this certificate to encrypt email and send the encrypted email back to the sender, only the sender can decrypt the email.


Before you can use the following sample codes, you should download the EAGetMail Installer and install it on your machine at first. Full sample projects are included in this installer.

Install from NuGet

You can also install the run-time assembly by NuGet. Run the following command in the NuGet Package Manager Console:

Install-Package EAGetMail


If you install it by NuGet, no sample projects are installed, only .NET assembly is installed.

Add reference

To use EAGetMail POP3 & IMAP Component in your project, the first step is “Add reference of EAGetMail to your project”. Please create or open your project with Visual Studio, then go to menu -> Project -> Add Reference -> .NET -> Browse..., and select Installation path\Lib\[netversion]\EAGetMail.dll, click Open-> OK, the reference will be added to the project, you can start to use it to retrieve email and parse email in your project.

add reference in c#/ c++/cli

.NET assembly

Because EAGetMail has separate builds for .Net Framework, please refer to the following table and choose the correct dll.

Separate builds of run-time assembly for .Net Framework 2.0, 4.0, 4.5, 4.6.1, 4.7.2, 4.8.1, .NET 6.0, NET 7.0, .NET 8.0, .NET Standard 2.0 and .Net Compact Framework 2.0, 3.5.

File .NET Framework Version
Lib\net20\EAGetMail.dll Built with .NET Framework 2.0
It requires .NET Framework 2.0, 3.5 or later version.
Lib\net40\EAGetMail.dll Built with .NET Framework 4.0
It requires .NET Framework 4.0 or later version.
Lib\net45\EAGetMail.dll Built with .NET Framework 4.5
It requires .NET Framework 4.5 or later version.
Lib\net461\EAGetMail.dll Built with .NET Framework 4.6.1
It requires .NET Framework 4.6.1 or later version.
Lib\net472\EAGetMail.dll Built with .NET Framework 4.7.2
It requires .NET Framework 4.7.2 or later version.
Lib\net481\EAGetMail.dll Built with .NET Framework 4.8.1
It requires .NET Framework 4.8.1 or later version.
Lib\net6.0\EAGetMail.dll Built with .NET 6.0
It requires .NET 6.0 or later version.
Lib\net7.0\EAGetMail.dll Built with .NET 7.0
It requires .NET 7.0 or later version.
Lib\net8.0\EAGetMail.dll Built with .NET 8.0
It requires .NET 8.0 or later version.
Lib\netstandard2.0\EAGetMail.dll Built with .NET Standard 2.0
It requires .NET Standard 2.0 or later version.
Lib\net20-cf\EAGetMail.dll Built with .NET Compact Framework 2.0
It requires .NET Compact Framework 2.0, 3.5 or later version.
Lib\net35-cf\EAGetMail.dll Built with .NET Compact Framework 3.5
It requires .NET Compact Framework 3.5 or later version.

Managed C++/CLI - Verify digital signature and decrypt email - S/MIME - example

The following example codes demonstrate parsing S/MIME email - digital signature and decryption. In order to run it correctly, please change email server, user, password, folder, file name value to yours.


To get full sample projects, please download and install EAGetMail on your machine.

#include "stdafx.h"

using namespace System;
using namespace System::Text;
using namespace System::IO;
using namespace EAGetMail; //add EAGetMail namespace
using namespace System::Security::Cryptography::X509Certificates;

void ParseEmail(String ^emlFile)
    Mail ^oMail = gcnew Mail("TryIt");
    oMail->Load(emlFile, false);

    if (oMail->IsEncrypted)
            // this email is encrypted, we decrypt it by user default certificate.
            // you can also use specified certificate like this
            /* X509Certificate2 ^decryptCert = gcnew X509Certificate2("D:\\mycert\\test.pfx",
            X509KeyStorageFlags::Exportable | X509KeyStorageFlags::UserKeySet);

        catch (Exception ^ep)

    if (oMail.IsSigned)
            // This email is digital signed.
            X509Certificate2 ^signerCert = oMail->VerifyMessageSignature();
            Console::WriteLine("This email contains a valid digital signature.");

            // You can add the certificate to your certificate storage like this
            X509Store ^store = gcnew X509Store("My", StoreLocation::CurrentUser);
            // then you can use send the encrypted email back to this sender.
        catch (Exception ^ep)

    // Parse Mail From/Sender
    Console::WriteLine("From: {0}", oMail->From->ToString());

    // Parse Mail To/Recipient
    array<MailAddress^> ^addrs = oMail->To;
    for (int i = 0; i < addrs->Length; i++)
        Console::WriteLine("To: {0}", addrs[i]->ToString());

    // Parse Mail CC
    addrs = oMail->Cc;
    for (int i = 0; i < addrs->Length; i++)
        Console::WriteLine("To: {0}", addrs[i]->ToString());

    // Parse Mail Subject
    Console::WriteLine("Subject: {0}", oMail->Subject);

    // Parse Mail Text/Plain body
    Console::WriteLine("TextBody: {0}", oMail->TextBody);

    // Parse Mail Html Body
    Console::WriteLine("HtmlBody: {0}", oMail->HtmlBody);

    // Parse Attachments
    array<Attachment^> ^atts = oMail->Attachments;
    for (int i = 0; i < atts->Length; i++)
        Console::WriteLine("Attachment: {0}", atts[i]->Name);

int main(array<System::String ^> ^args)
        ParseEmail("c:\\my folder\\test.eml");
    catch (Exception ^ep)

    return 0;



If you have any comments or questions about above example codes, please click here to add your comments.