Verify S/MIME Signature

Delphi example to verify an S/MIME signature and unwrap the S/MIME to get the original MIME prior to signing/encrypting.

Download Chilkat MIME ActiveX

uses
    Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
    Dialogs, StdCtrls,
    CHILKATMIMELib_TLB,
    CHILKATCERTIFICATELib_TLB,
    OleCtrls;

...

procedure TForm1.Button1Click(Sender: TObject);
var
mime: CHILKATMIMELib_TLB.IChilkatMime;
success: Integer;
isEncrypted: Integer;
isSigned: Integer;
signerCert: CHILKATMIMELib_TLB.IChilkatCert;
encryptCert: CHILKATMIMELib_TLB.IChilkatCert;

begin
mime := CoChilkatMime.Create();

//  Any string argument automatically begins the 30-day trial.
success := mime.UnlockComponent('30-day trial');
if (success <> 1) then
  begin
    ShowMessage('MIME component unlock failed');
    Exit;
  end;

//  Load an S/MIME message from a file:
success := mime.LoadMimeFile('signedMime.txt');
if (success <> 1) then
  begin
    ShowMessage(mime.LastErrorText);
    Exit;
  end;

//  The ContainsEncryptedParts/ContainsSignedParts methods
//  can be called to determine if the MIME is encrypted and/or signed:
isEncrypted := mime.ContainsEncryptedParts();
isSigned := mime.ContainsSignedParts();

//  We don't want the "unwrap extras".  You'll see what those
//  are in a few moments...
mime.UnwrapExtras := 0;

//  To verify the signature, call UnwrapSecurity.  This will
//  verify the signature(s) and decrypt the S/MIME and restore
//  the MIME to the unsigned/unencrypted state.
//  The results of what was found are present in the MIME object's
//  properties, as well as extra header fields that are added
//  to the unwrapped MIME.
success := mime.UnwrapSecurity();
if (success <> 1) then
  begin
    //  UnwrapSecurity returns 1 if all signatures were
    //  verified and all parts decrypted.
    ShowMessage(mime.LastErrorText);
    Exit;
  end;

//  The mime.UnwrapExtras property controls whether or not
//  these additional fields are added to the unwrapped MIME:
// 
//  X-NumPartsSigned: 1
//  X-SignaturesValid: yes
//  X-NumPartsEncrypted: 1
//  X-Decrypted: no
// 
//  The X-NumPartsSigned/X-SignaturesValid headers are added
//  if the MIME was signed.
// 
//  The X-NumPartsEncrypted/X-Decrypted headers are added
//  if the MIME was encrypted.
// 

//  If the MIME was signed, get the certificate used for signing.
if (isSigned = 1) then
  begin
    //  The NumSignerCerts property indicates how many certificates
    //  were used for signing.  This example will assume the value is 1.
    //  To get the 1st signer cert, call GetSignerCert with an index of 0:

    signerCert := mime.GetSignerCert(0) As CHILKATMIMELib_TLB.IChilkatCert;
    if (not (signerCert = nil )) then
      begin
        Memo1.Lines.Add('**** Signer Cert: '
             + signerCert.SubjectCN);
      end;
  end;

//  If the MIME was encrypted, get the certificate used for encryption:
if (isEncrypted = 1) then
  begin
    //  The NumEncryptCerts property indicates how many certificates
    //  were used for encrypting.  This example will assume the value is 1.
    //  To get the 1st encrypt cert, call GetEncryptCert with an index of 0:

    encryptCert := mime.GetEncryptCert(0) As CHILKATMIMELib_TLB.IChilkatCert;
    if (not (encryptCert = nil )) then
      begin
        Memo1.Lines.Add('**** Encrypt Cert: '
             + encryptCert.SubjectCN);
      end;
  end;

//  Display the unwrapped MIME:
Memo1.Lines.Add(mime.GetMime());

//  Save the unwrapped MIME to a file:
mime.SaveMime('unwrappedMime.txt');
end;