0

I m making an application which requires sending encrypted and digitally signed email for which I want to use S/MIME. I am using the MAILKIT and MIMEKIT API. However, the MIMEKIT requires the certificates to be loaded from a sql database. As shown below

public MySecureMimeContext()
    : base(OpenDatabase("C:\\wherever\\certdb.sqlite"))
{
}

I have got certificates with me (Root CA and Client Certificates (pfx files), but how can I save and read them from a database ? Or is there an alternative simple approach ?

Fuzed Mass
  • 414
  • 1
  • 3
  • 10

1 Answers1

1

The DefaultSecureMimeContext that your class presumably inherits from has a number of Import() methods that you can use:

http://www.mimekit.net/docs/html/Overload_MimeKit_Cryptography_DefaultSecureMimeContext_Import.htm

jstedfast
  • 35,744
  • 5
  • 97
  • 110
  • I followed steps for sign & encryption but got stuck as context was needed https://stackoverflow.com/questions/30983883/sign-and-encrypt-on-mimekit?rq=1 My requirement goes like this: Using S/MIME standard, the email must be encrypted using AES-256 (AES cipher with a 256-bit key length) and Receipient's public key. The message must be signed using sender's private key that corresponds with public key submitted to sender. Why is the context mandatory for carrying out this process. Or is there any alternate way to achieve this? Any pointers or example would be helpful. – Harkirat singh May 23 '19 at 09:57
  • 1
    The context is how MimeKit does lookups of the certificates/keys. You can just use a [TemporarySecureMimeContext](http://www.mimekit.net/docs/html/T_MimeKit_Cryptography_TemporarySecureMimeContext.htm) and then just use methods like this: [ApplicationPkcs7Mime.Encrypt(SecureMimeContext, CmsRecipientCollection, MimeEntity)](http://www.mimekit.net/docs/html/M_MimeKit_Cryptography_ApplicationPkcs7Mime_Encrypt_1.htm) and/or [ApplicationPkcs7Mime.Sign(SecureMimeContext, CmsSigner, MimeEntity)](http://www.mimekit.net/docs/html/M_MimeKit_Cryptography_ApplicationPkcs7Mime_Sign_1.htm). – jstedfast May 23 '19 at 12:37
  • Those methods negate the need for the context to look up certificates/keys, but the context is still needed as an abstract way of signing/encrypting since it wraps BouncyCastle and/or the System.Security APIs depending on which context you choose. – jstedfast May 23 '19 at 12:38