Send Email with Digital Signature in Visual C++ - S/MIME with SHA1, SHA256 and SHA512

In previous section, I introduced how to send email with embedded images. In this section, I will introduce how to sign email with digital certificate in Visual C++.

Introduction

Digital signature prevents email content is faked or changed in transport level. Encrypting email protects email content from exposure to inappropriate recipients. Both digital signature and email encrypting depend on digital certificate.

If you have an email digital signature certificate installed on your machine, you can find it in “Control Panel” -> “Internet Options” -> “Content” -> “Certificates” -> “Personal”.

Visual C++ email ceritificate

Then you can use your email certificate to sign the email by the following code. If you don’t have a certificate for your email address, you MUST get a digital certificate for personal email protection from third-party certificate authorities such as www.verisign.com.

If you need a free certificate for your email address, you can go to http://www.comodo.com/home/email-security/free-email-certificate.php to apply for one year free email certificate.

Note

Remarks: All of samples in this section are based on first section: A simple Visual C++ project. To compile and run the following example codes successfully, please click here to learn how to create the test project and add reference of EASendMail to your project.

[Visual C++ Example - Send email with digital signature (S/MIME)]

The following example codes demonstrate how to sign email with digital certificate.

Note

To get the full sample projects, please refer to Samples section.

#include "stdafx.h"
#include <tchar.h>
#include <Windows.h>

#include "EASendMailObj.tlh"
using namespace EASendMailObjLib;

const int ConnectNormal = 0;
const int ConnectSSLAuto = 1;
const int ConnectSTARTTLS = 2;
const int ConnectDirectSSL = 3;
const int ConnectTryTLS = 4;

int _tmain(int argc, _TCHAR* argv[])
{
    ::CoInitialize(NULL);

    IMailPtr oSmtp = NULL;
    oSmtp.CreateInstance(__uuidof(EASendMailObjLib::Mail));
    oSmtp->LicenseCode = _T("TryIt");

    // Set your sender email address
    oSmtp->FromAddr = _T("test@emailarchitect.net");
    // Add recipient email address
    oSmtp->AddRecipientEx(_T("support@emailarchitect.net"), 0);

    // Set email subject
    oSmtp->Subject = _T("email from Visual C++ with digital signature(S/MIME)");
    // Set email body
    oSmtp->BodyText = _T("this is a test email sent from Visual C++ with digital signature");

    // Your SMTP server address
    oSmtp->ServerAddr = _T("smtp.emailarchitect.net");

    // User and password for ESMTP authentication, if your server doesn't
    // require User authentication, please remove the following codes.
    oSmtp->UserName = _T("test@emailarchitect.net");
    oSmtp->Password = _T("testpassword");

    // Most mordern SMTP servers require SSL/TLS connection now.
    // ConnectTryTLS means if server supports SSL/TLS, SSL/TLS will be used automatically.
    oSmtp->ConnectType = ConnectTryTLS;

    // If your SMTP server uses 587 port
    // oSmtp->ServerPort = 587;

    // If your SMTP server requires SSL/TLS connection on 25/587/465 port
    // oSmtp->ServerPort = 25; // 25 or 587 or 465
    // oSmtp->ConnectType = ConnectSSLAuto;

    // Add signer digital signature
    if(oSmtp->SignerCert->FindSubject(_T("test@emailarchitect.net"),
        CERT_SYSTEM_STORE_CURRENT_USER , _T("my")) == VARIANT_FALSE)
    {
        _tprintf(_T("Error with signer certificate; %s\r\n"),
            (const TCHAR*)oSmtp->SignerCert->GetLastError());
        return 0;
    }

    if(oSmtp->SignerCert->HasPrivateKey == VARIANT_FALSE)
    {
        _tprintf(_T("certificate does not have a private key, it can not sign email.\r\n"));
        return 0;
    }

    _tprintf(_T("Start to send email ...\r\n"));

    if(oSmtp->SendMail() == 0)
    {
        _tprintf(_T("email was sent successfully!\r\n"));
    }
    else
    {
        _tprintf(_T("failed to send email with the following error: %s\r\n"),
            (const TCHAR*)oSmtp->GetLastErrDescription());
    }

    return 0;
}

Signature Algorithm

You can use SignatureHashAlgorithm property to set MD5, SHA1, SHA256, SHA384 or SHA512 signature algorithm. SHA256 is recommended.

RSASSA-PSS Signature for EDIFACT

If you need to use RSASSA-PSS signature scheme based on EDIFACT rule, you need an additional ActiveX Object for EASendMail, please have a look at this topic:

RSASSA-PSS + RSA-OAEP Encryption with SHA256

Next Section

At next section I will introduce how to encrypt email with digital certificate.

Appendix

Comments

If you have any comments or questions about above example codes, please click here to add your comments.