Send Email with Digital Signature in Delphi - S/MIME with SHA1, SHA256 and SHA512¶
In previous section, I introduced how to send email with embedded images. In this section, I will introduce how to sign email with digital certificate in Delphi.
Sections:
Introduction¶
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data.
Digital signature prevents email content is faked or changed in transport level. Encrypting email protects email content from exposure to inappropriate recipients. Both digital signature and email encrypting depend on digital certificate.
If you have an email digital signature certificate installed on your machine, you can find it in “Control Panel” -> “Internet Options” -> “Content” -> “Certificates” -> “Personal”.
Then you can use your email certificate to sign the email by the following code. If you don’t have a certificate for your email address, you MUST get a digital certificate for personal email protection from third-party certificate authorities such as www.verisign.com.
If you need a free certificate for your email address, you can go to http://www.comodo.com/home/email-security/free-email-certificate.php to apply for one year free email certificate.
Note
Remarks: All of samples in this section are based on first section: Send email in a simple Delphi project. To compile and run the following example codes successfully, please click here to learn how to create the test project and add reference of EASendMail to your project.
[Delphi - Send email with digital signature (S/MIME) - Example]¶
The following example codes demonstrate how to send email with digital signature in Delphi.
Note
To get the full sample projects, please refer to Samples section.
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, EASendMailObjLib_TLB; // add EASendMail unit
type
TForm1 = class(TForm)
Button1: TButton;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
const
ConnectNormal = 0;
ConnectSSLAuto = 1;
ConnectSTARTTLS = 2;
ConnectDirectSSL = 3;
ConnectTryTLS = 4;
CRYPT_MACHINE_KEYSET = 32;
CRYPT_USER_KEYSET = 4096;
CERT_SYSTEM_STORE_CURRENT_USER = 65536;
CERT_SYSTEM_STORE_LOCAL_MACHINE = 131072;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure TForm1.Button1Click(Sender: TObject);
var
oSmtp : TMail;
begin
oSmtp := TMail.Create(Application);
oSmtp.LicenseCode := 'TryIt';
// Set your sender email address
oSmtp.FromAddr := 'test@emailarchitect.net';
// Add recipient email address
oSmtp.AddRecipientEx('support@emailarchitect.net', 0);
// Set email subject
oSmtp.Subject := 'test email from Delphi with digital signature';
// Set body text
oSmtp.BodyText := 'this is a test email sent from Delphi with digital signature';
// Add digital signature
if not oSmtp.SignerCert.FindSubject('test@emailarchitect.net',
CERT_SYSTEM_STORE_CURRENT_USER, 'my') then
begin
ShowMessage(oSmtp.SignerCert.GetLastError());
exit;
end;
if not oSmtp.SignerCert.HasCertificate Then
begin
ShowMessage('Signer certificate has no private key, ' +
'this certificate can not be used to sign email');
end;
// Your SMTP server address
oSmtp.ServerAddr := 'smtp.emailarchitect.net';
// User and password for ESMTP authentication, if your server doesn't require
// user authentication, please remove the following codes
oSmtp.UserName := 'test@emailarchitect.net';
oSmtp.Password := 'testpassword';
// ConnectTryTLS means if server supports SSL/TLS connection, SSL/TLS is used automatically
oSmtp.ConnectType := ConnectTryTLS;
// If your server uses 587 port
// oSmtp.ServerPort := 587;
// If your server uses 25/587/465 port with SSL/TLS
// oSmtp.ConnectType := ConnectSSLAuto;
// oSmtp.ServerPort := 587; // 25 or 587 or 465
ShowMessage('start to send email ...');
if oSmtp.SendMail() = 0 then
ShowMessage('email was sent successfully!')
else
ShowMessage('failed to send email with the following error: '
+ oSmtp.GetLastErrDescription());
end;
end.
Signature Algorithm¶
You can use SignatureHashAlgorithm property to set MD5, SHA1, SHA256, SHA384 or SHA512 signature algorithm. SHA256 is recommended.
RSASSA-PSS Signature for EDIFACT
If you need to use RSASSA-PSS signature scheme based on EDIFACT rule, you need an additional ActiveX Object for EASendMail, please have a look at this topic:
RSASSA-PSS + RSA-OAEP Encryption with SHA256
Next Section
At next section I will introduce how to encrypt email with digital certificate in Delphi.
Appendix
- EASendMail SMTP Component SDK
- Process Bounced Email (Non-Delivery Report) and Email Tracking
- Bulk Email Sender Guidelines
- Work with Email Queue
- Registration-free COM/ActiveX with Manifest File (Distribution)
Comments
If you have any comments or questions about above example codes, please click here to add your comments.