Delphi - Sign email (RSASSA-PSS + SHA256) and encrypt email (RSAES-OAEP + AES 128/196/256 + SHA256) based on EDIFACT rule - S/MIME¶
The following Delphi example codes demonstrate how to sign email to S/MIME format with digital signature (RSASSA-PSS + SHA256) and how to encrypt email with RSAES-OAEP + AES 128/192/256 + SHA256.
Sections:
- Installation
- Add reference
- EDIFACT rule in EUROPE
- EASendMail ActiveX Object with Bouncy Castle
- Delphi - Sign email with RSASSA-PSS + SHA256 - EDIFACT - S/MIME - example
- Delphi - Encrypt email with RRSAES-OAEP + AES 128/192/256 + SHA256 - EDIFACT - S/MIME - example
- Delphi - Sign email with RSASSA-PSS + SHA256 and encrypt email with RRSAES-OAEP + AES 128/192/256 + SHA256 - EDIFACT - S/MIME - example
- TLS 1.2 protocol
- 32bit/x64 ActiveX DLL
- Distribution
Installation¶
EASendMail is a SMTP component which supports all operations of SMTP/ESMTP protocols (RFC 821, RFC 822, RFC 2554). Before you can use the following example codes, you should download the EASendMail Installer and install it on your machine at first.
Add reference¶
To use EASendMail SMTP ActiveX Object in your Delphi project, the first step is “Add Unit file of EASendMail to your project”.
Please go to C:\Program Files\EASendMail\Include\delphi or
C:\Program Files (x86)\EASendMail\Include\delphi folder, find EASendMailObjLib_TLB.pas,
and then copy this file to your project folder.
unit Unit1;
interface
// include EASendMailObjLib_TLB unit to your Delphi Project
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, EASendMailObjLib_TLB, StdCtrls;
You can also create “EASendMailObjLib_TLB.pas” manually like this:
Delphi 7
Please choose menu ->
Project->Import Type Libraryand selectEASendMailObj ActiveX Object, clickCreate Unit, the reference of EASendMail ActiveX Object will be added to your project.
Delphi XE
If you use Delphi XE to import the Type library, Please choose menu ->
Component->Import Component->Import Type Library-> and selectEASendMailObj ActiveX Object-> haveGenerate Component Wrapperchecked -> Create Unit.
Then you can start to use it in your Delphi Project.
EDIFACT rule in EUROPE¶
Latest EDIFACT requires RSA-SHA256 Signature Algorithm + RSASSA-PSS with SHA256 padding for digital signature, and AES128/192/256 Encrypting Algorithm + RSAES-OAEP + SHA256 Hash for email encryption.
EASendMail uses Windows built-in function to implement S/MIME, it supports RSASSA-PSS signature + SHA1 padding and AES + RSAES-OAEP, however it has a compatible problem with RSASSA-PSS signature defined in latest EDIFACT (SHA256 padding).
To comply with EDIFACT rule, we implemented an ActiveX Wrapper with Bouncy Castle library.
EASendMail ActiveX Object with Bouncy Castle¶
If you need to sign email with digital signature or encrypt email based on the rule of EDIFACT in EUROPE with EASendMail ActiveX Object,
you should install an additional Bouncy Castle Wrapper ActiveX Object on your machine:
You can download it from: http://www.emailarchitect.net/webapp/download/BcWrapperObject.exe
To use this feature, it also requires .NET framework 2.0, 4.0 or 4.61 installed on the machine. Because .NET framework 2.0/4.0 is built-in feature in modern Windows operating system, so you don’t have to install .NET framework manually in most cases.
After you installed it on your machine, you can use the following codes to sign email based on the rule of EDIFACT.
Delphi - Sign email with RSASSA-PSS + SHA256 - EDIFACT - S/MIME - example¶
The following example codes demonstrate signing email based on EDIFACT rule - S/MIME.
In order to run it correctly, please change SMTP server, user, password, sender, recipient value to yours.
Unit Unit1;
Interface
Uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, EASendMailObjLib_TLB; // add EASendMail Unit
Type
TForm1 = Class(TForm)
Button1: TButton;
Procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
End;
Const
CRYPT_MACHINE_KEYSET = 32;
CRYPT_USER_KEYSET = 4096;
CERT_SYSTEM_STORE_CURRENT_USER = 65536;
CERT_SYSTEM_STORE_LOCAL_MACHINE = 131072;
ConnectNormal = 0;
ConnectSSLAuto = 1;
ConnectSTARTTLS = 2;
ConnectDirectSSL = 3;
ConnectTryTLS = 4;
Var
Form1: TForm1;
Implementation
{$R *.dfm}
Procedure TForm1.Button1Click(Sender: TObject);
Var
oSmtp : TMail;
Begin
oSmtp := TMail.Create(Application);
oSmtp.LicenseCode := 'TryIt';
// Set your sender email address
oSmtp.FromAddr := 'test@emailarchitect.net';
// Add recipient email address
oSmtp.AddRecipientEx('support@emailarchitect.net', 0);
// Set email subject
oSmtp.Subject := 'test email from Delphi with digital signature';
// Set body text
oSmtp.BodyText := 'this is a test email sent from Delphi with digital signature';
// Add digital signature
If Not oSmtp.SignerCert.FindSubject('test@emailarchitect.net',
CERT_SYSTEM_STORE_CURRENT_USER, 'my') Then
Begin
ShowMessage(oSmtp.SignerCert.GetLastError());
exit;
End;
If Not oSmtp.SignerCert.HasCertificate Then
Begin
ShowMessage('Signer certificate has no private key, ' +
'this certificate can not be used to sign email');
End;
// Use RSA-SHA256 signature, 0: sha1; 1: sha256; 2: sha384; 3: sha512;
oSmtp.SignatureHashAlgorithm := 1;
// Use Hash 256 RSASSA_PSS padding, 0: PSS is not used; 1: PSS with default; 2: PSS with signature hash algorithm;
oSmtp.SignatureEncryptionAlgorithm := 2;
// Your SMTP server address
oSmtp.ServerAddr := 'smtp.emailarchitect.net';
// User and password for ESMTP authentication, if your server doesn't require
// user authentication, please remove the following codes
oSmtp.UserName := 'test@emailarchitect.net';
oSmtp.Password := 'testpassword';
// ConnectTryTLS means if server supports SSL/TLS connection, SSL/TLS is used automatically
oSmtp.ConnectType := ConnectTryTLS;
// If your server uses 587 port
// oSmtp.ServerPort := 587;
// If your server uses 25/587/465 port with SSL/TLS
// oSmtp.ConnectType := ConnectSSLAuto;
// oSmtp.ServerPort := 587; // 25 or 587 or 465
ShowMessage('start to send email ...');
If oSmtp.SendMail() = 0 Then
ShowMessage('email was sent successfully!')
Else
ShowMessage('failed to send email with the following error: '
+ oSmtp.GetLastErrDescription());
End;
End.
Note
RSASSA-PSS signature generated by Bouncy Castle is not verified by most email clients (outlook, firebird …), but it does meet the requirement in EDIFACT rule.
Delphi - Encrypt email with RRSAES-OAEP + AES 128/192/256 + SHA256 - EDIFACT - S/MIME - example¶
The following example codes demonstrate encrypting email message based on EDIFACT rule - S/MIME.
In order to run it correctly, please change SMTP server, user, password, sender, recipient value to yours.
Unit Unit1;
Interface
Uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, EASendMailObjLib_TLB; // add EASendMail Unit
Type
TForm1 = Class(TForm)
Button1: TButton;
Procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
End;
Const
CRYPT_MACHINE_KEYSET = 32;
CRYPT_USER_KEYSET = 4096;
CERT_SYSTEM_STORE_CURRENT_USER = 65536;
CERT_SYSTEM_STORE_LOCAL_MACHINE = 131072;
ConnectNormal = 0;
ConnectSSLAuto = 1;
ConnectSTARTTLS = 2;
ConnectDirectSSL = 3;
ConnectTryTLS = 4;
Var
Form1: TForm1;
Implementation
{$R *.dfm}
Procedure TForm1.Button1Click(Sender: TObject);
Var
oSmtp : TMail;
oEncryptCert : TCertificate;
Begin
oSmtp := TMail.Create(Application);
oSmtp.LicenseCode := 'TryIt';
// Set your sender email address
oSmtp.FromAddr := 'test@emailarchitect.net';
// Add recipient email address
oSmtp.AddRecipientEx('support@emailarchitect.net', 0);
// Set email subject
oSmtp.Subject := 'test encrypted email from Delphi with digital signature';
// Set body text
oSmtp.BodyText := 'this is a test encrypted email sent from Delphi with digital signature';
// Find the encrypting certificate for every recipients
oEncryptCert := TCertificate.Create(Application);
If Not oEncryptCert.FindSubject('support@emailarchitect.net',
CERT_SYSTEM_STORE_CURRENT_USER, 'AddressBook') Then
If Not oEncryptCert.FindSubject('support@emailarchitect.net',
CERT_SYSTEM_STORE_CURRENT_USER, 'my') Then
Begin
ShowMessage(oEncryptCert.GetLastError());
exit;
End;
// Add encrypting certificate
oSmtp.RecipientsCerts.Add(oEncryptCert.DefaultInterface);
// Use AES128 encrypting algorithm, 4: AES128; 5: AES192; 6: AES256;
oSmtp.EncryptionAlgorithm := 4;
// Use RAES-OAEP with sha-256 hash algorithm, 0: sha1; 1: sha256; 2: sha384; 3: sha512;
oSmtp.OaepHashAlgorithm := 1;
// Your SMTP server address
oSmtp.ServerAddr := 'smtp.emailarchitect.net';
// User and password for ESMTP authentication, if your server doesn't require
// user authentication, please remove the following codes
oSmtp.UserName := 'test@emailarchitect.net';
oSmtp.Password := 'testpassword';
// ConnectTryTLS means if server supports SSL/TLS connection, SSL/TLS is used automatically
oSmtp.ConnectType := ConnectTryTLS;
// If your server uses 587 port
// oSmtp.ServerPort := 587;
// If your server uses 25/587/465 port with SSL/TLS
// oSmtp.ConnectType := ConnectSSLAuto;
// oSmtp.ServerPort := 587; // 25 or 587 or 465
ShowMessage('start to send email ...');
If oSmtp.SendMail() = 0 Then
ShowMessage('email was sent successfully!')
Else
ShowMessage('failed to send email with the following error: '
+ oSmtp.GetLastErrDescription());
End;
End.
Delphi - Sign email with RSASSA-PSS + SHA256 and encrypt email with RRSAES-OAEP + AES 128/192/256 + SHA256 - EDIFACT - S/MIME - example¶
The following example codes demonstrate signing and encrypting email message based on EDIFACT rule - S/MIME.
In order to run it correctly, please change SMTP server, user, password, sender, recipient value to yours.
Unit Unit1;
Interface
Uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, EASendMailObjLib_TLB; // add EASendMail Unit
Type
TForm1 = Class(TForm)
Button1: TButton;
Procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
End;
Const
CRYPT_MACHINE_KEYSET = 32;
CRYPT_USER_KEYSET = 4096;
CERT_SYSTEM_STORE_CURRENT_USER = 65536;
CERT_SYSTEM_STORE_LOCAL_MACHINE = 131072;
ConnectNormal = 0;
ConnectSSLAuto = 1;
ConnectSTARTTLS = 2;
ConnectDirectSSL = 3;
ConnectTryTLS = 4;
Var
Form1: TForm1;
Implementation
{$R *.dfm}
Procedure TForm1.Button1Click(Sender: TObject);
Var
oSmtp : TMail;
oEncryptCert : TCertificate;
Begin
oSmtp := TMail.Create(Application);
oSmtp.LicenseCode := 'TryIt';
// Set your sender email address
oSmtp.FromAddr := 'test@emailarchitect.net';
// Add recipient email address
oSmtp.AddRecipientEx('support@emailarchitect.net', 0);
// Set email subject
oSmtp.Subject := 'test encrypted email from Delphi with digital signature';
// Set body text
oSmtp.BodyText := 'this is a test encrypted email sent from Delphi with digital signature';
// Add digital signature
If Not oSmtp.SignerCert.FindSubject('test@emailarchitect.net',
CERT_SYSTEM_STORE_CURRENT_USER, 'my') Then
Begin
ShowMessage(oSmtp.SignerCert.GetLastError());
exit;
End;
If Not oSmtp.SignerCert.HasCertificate Then
Begin
ShowMessage('Signer certificate has no private key, ' +
'this certificate can not be used to sign email');
End;
// Use RSA-SHA256 signature, 0: sha1; 1: sha256; 2: sha384; 3: sha512;
oSmtp.SignatureHashAlgorithm := 1;
// Use Hash 256 RSASSA_PSS padding, 0: PSS is not used; 1: PSS with default; 2: PSS with signature hash algorithm;
oSmtp.SignatureEncryptionAlgorithm := 2;
// Find the encrypting certificate for every recipients
oEncryptCert := TCertificate.Create(Application);
If Not oEncryptCert.FindSubject('support@emailarchitect.net',
CERT_SYSTEM_STORE_CURRENT_USER, 'AddressBook') Then
If Not oEncryptCert.FindSubject('support@emailarchitect.net',
CERT_SYSTEM_STORE_CURRENT_USER, 'my') Then
Begin
ShowMessage(oEncryptCert.GetLastError());
exit;
End;
// Add encrypting certificate
oSmtp.RecipientsCerts.Add(oEncryptCert.DefaultInterface);
// Use AES128 encrypting algorithm, 4: AES128; 5: AES192; 6: AES256;
oSmtp.EncryptionAlgorithm := 4;
// Use RAES-OAEP with sha-256 hash algorithm, 0: sha1; 1: sha256; 2: sha384; 3: sha512;
oSmtp.OaepHashAlgorithm := 1;
// Your SMTP server address
oSmtp.ServerAddr := 'smtp.emailarchitect.net';
// User and password for ESMTP authentication, if your server doesn't require
// user authentication, please remove the following codes
oSmtp.UserName := 'test@emailarchitect.net';
oSmtp.Password := 'testpassword';
// ConnectTryTLS means if server supports SSL/TLS connection, SSL/TLS is used automatically
oSmtp.ConnectType := ConnectTryTLS;
// If your server uses 587 port
// oSmtp.ServerPort := 587;
// If your server uses 25/587/465 port with SSL/TLS
// oSmtp.ConnectType := ConnectSSLAuto;
// oSmtp.ServerPort := 587; // 25 or 587 or 465
ShowMessage('start to send email ...');
If oSmtp.SendMail() = 0 Then
ShowMessage('email was sent successfully!')
Else
ShowMessage('failed to send email with the following error: '
+ oSmtp.GetLastErrDescription());
End;
End.
TLS 1.2 protocol¶
TLS is the successor of SSL, more and more SMTP servers require TLS 1.2 encryption now.
If your operating system is Windows XP/Vista/Windows 7/Windows 2003/2008/2008 R2/2012/2012 R2, you need to
enable TLS 1.2 protocol in your operating system like this:
Enable TLS 1.2 on Windows XP/Vista/7/10/Windows 2008/2008 R2/2012
32bit/x64 ActiveX DLL¶
Seperate builds of run-time dll for 32 and x64 platform
| File | Platform |
| Installation Path\Lib\native\x86\EASendMailObj.dll | 32 bit |
| Installation Path\Lib\native\x64\EASendMailObj.dll | 64 bit |
Distribution¶
Standard EXE
For VB6, C++, Delphi or other standard exe application, you can distribute EASendMailObj.dll with your application to target machine without COM-registration and installer. To learn more detail, please have a look at Registration-free COM with Manifest File.
Script
For ASP, VBScript, VBA, MS SQL Stored Procedure, you need to install EASendMail on target machine by EASendMail installer, both 32bit/x64 DLL are installed and registered.
Appendix
- Send Email in Delphi - Tutorial
- EASendMail SMTP Component SDK
- Process Bounced Email (Non-Delivery Report) and Email Tracking
- Bulk Email Sender Guidelines
- Work with Email Queue
Comments
If you have any comments or questions about above example codes, please click here to add your comments.