Email Encryption in Visual C++ - S/MIME with RC2, 3DES and RSAES-OAEP

In previous section, I introduced how to send email with digital signature. In this section, I will introduce how to encrypt email with digital certificate in Visual C++.

Introduction

After the recipient received your email with digital signature, the recipient can get your digital certificate public key from your digital signature. Then the recipient can encrypt an email with your public key and send it to you. Only you can decrypt this email with your private key. That is how S/MIME can protect your email content. If you don’t expose your digital certificate private key to others, none can read your email which is encrypted by your public key.

If you received an email with digital signature, your email client usually stores the public key of the sender in “Control Panel” -> “Internet Options” -> “Content” -> “Certificates” -> “Other People”.

Then you can use the following code to encrypt email and send it to your recipient.

Note

Remarks: All of samples in this section are based on first section: A simple Visual C++ project. To compile and run the following example codes successfully, please click here to learn how to create the test project and add reference of EASendMail to your project.

[Visual C++ Example - Email Encryption (S/MIME)]

The following example codes demonstrate how to encrypt email with digital certificate.

Note

To get the full sample projects, please refer to Samples section.

#include "stdafx.h"
#include "easendmailobj.tlh"
using namespace EASendMailObjLib;
int _tmain(int argc, _TCHAR* argv[])
{
    ::CoInitialize( NULL );
    IMailPtr oSmtp = NULL;
    oSmtp.CreateInstance( "EASendMailObj.Mail");
    oSmtp->LicenseCode = _T("TryIt");

    // Set your sender email address
    oSmtp->FromAddr = _T("test@emailarchitect.net");

    // Add recipient email address
    oSmtp->AddRecipientEx( _T("support@emailarchitect.net"), 0 );

    // Set email subject
    oSmtp->Subject = _T("Encrypted email from Visual C++ (S/MIME)");

    // Set email body
    oSmtp->BodyText = _T("this is a test encrypted email sent from Visual C++");

    // Your SMTP server address
    oSmtp->ServerAddr = _T("smtp.emailarchitect.net");

    // User and password for ESMTP authentication, if your server doesn't
    // require User authentication, please remove the following codes.
    oSmtp->UserName = _T("test@emailarchitect.net");
    oSmtp->Password = _T("testpassword");

    // If your smtp server requires SSL connection, please add this line
    // oSmtp->SSL_init();

    //add signer digital signature
    if( oSmtp->SignerCert->FindSubject(_T("test@emailarchitect.net"),
        CERT_SYSTEM_STORE_CURRENT_USER , _T("my")) == VARIANT_FALSE )
    {
        _tprintf(_T("Error with signer certificate; %s\r\n"),
            (const TCHAR*)oSmtp->SignerCert->GetLastError());
        return 0;
    }
    if( oSmtp->SignerCert->HasPrivateKey == VARIANT_FALSE )
    {
        _tprintf(_T("certificate does not have a private key, it can not sign email.\r\n" ));
        return 0;
    }

    // Find the encrypting certificate for every recipients
    ICertificatePtr oCert = NULL;
    oCert.CreateInstance("EASendMailObj.Certificate");
    if( oCert->FindSubject(_T("support@emailarchitect.net"),
            CERT_SYSTEM_STORE_CURRENT_USER, _T("AddressBook")) == VARIANT_FALSE )
    {
        if(oCert->FindSubject(_T("support@emailarchitect.net"),
                CERT_SYSTEM_STORE_CURRENT_USER, _T("my")) == VARIANT_FALSE )
        {
            _tprintf( _T("Encrypting certificate not found; %s\r\n"),
                    (const TCHAR*)oCert->GetLastError());
            oCert.Release();
            return 0;
        }
    }
    // Add encrypting certificate
    oSmtp->RecipientsCerts->Add( oCert );
    oCert.Release();

    _tprintf(_T("Start to send email ...\r\n" ));

    if( oSmtp->SendMail() == 0 )
    {
        _tprintf( _T("email was sent successfully!\r\n"));
    }
    else
    {
        _tprintf( _T("failed to send email with the following error: %s\r\n"),
            (const TCHAR*)oSmtp->GetLastErrDescription());
    }
    if( oSmtp != NULL )
        oSmtp.Release();
    return 0;
}

If you received digital signed and encrypted email by Windows Mail(Outlook Express), it looks like this:

Visual C++ sign and encrypt email

Encryption Algorithm

You can use EncryptionAlgorithm property to set RC2, RC4, 3DES, AES128, AES192 or AES256 encryption algorithm. RSAES-OAEP (AES128, AES192 and AES256) is recommended.

Next Section

At next section I will introduce how to send email with event handler in asynchronous mode.

Appendix

Comments

If you have any comments or questions about above example codes, please click here to add your comments.