Archived Forum Post

Index of archived forum posts

Question:

Unpacking smime.p7m files

Dec 04 '15 at 09:54

Hello,

I've been able to retrieve signed emails containing encrypted attachments using : - Fetch email from the POP server and save as .eml file - CkEmail_LoadEml() - CkEmail_SaveEml() - CkEmail_SaveAllAttachments()

At that point i end up with a SMIME.P7M file. I need to extract the files contained in this p7m file, but all the trials i did using the various MIME and CRYPT routines does not work.

I have the .pem. .cer, .p12 files associated to the signed message, and when i open the .eml file using outlook, i DO see the 2 embedded files in the .p7m.

Could you help me in the correct sequence of routines to call to get tis extraction done ?

Thks in advance! PhC


Answer

Thanks! I'll try to provide some initial guidance, which will likely not entirely answer the question, but then you can followup with additional questions if needed.

Here are some general rules relating to the subject matter of signed/encrypted email:

  1. Anytime MIME is loaded into an email object, the security wrappers (signatures/encryption) are automatically unwrapped and become accessible via the various properties.
  2. MIME effectively loaded into an email object for methods that download from a POP3 or IMAP server which return an email object (or an email bundle).
  3. If a .p7m is truly an attachment, then it is not automatically unwrapped. A .p7m attachment will have a sub-header where the disposition indicates attachment and it is generally found under the multipart/mixed umbrella. For .p7m attachments, they can be extracted/saved and then decrypted using Chilkat Crypt2.
  4. If it is desired to download email without unwrapping security layers (i.e. without signature verification or decryption), methods are provided in the POP3 and IMAP interfaces to download and return the MIME string instead of email objects. These methods can be used instead of the methods that return email objects.
  5. The Chilkat MIME class/object is more general purpose than the Chilkat Email class/object. When it loads MIME it does not do anything automatic (such as unwrapping security layers). The Chilkat Email object must unwrap because the content of the email is stored in an internal object model for email, whereas the MIME object is not specific to email.
  6. If using Chilkat Crypt2 to decrypt, set the CryptAlgorithm equal to "PKI". Then it's just a matter of telling the Crypt2 object the location of resources (such as .p12 or .pfx files) prior to decrypting. Use the AddPfxSourceData or AddPfxSourceFile methods for this. (Remember, a private key is required to decrypt. Only a public key is required to verify a signature.)