XCLN: Unable to Validate S/MIME Message by Using CDO (329627)


The information in this article applies to:

  • Microsoft Exchange 2000 Server
This article was previously published under Q329627

SYMPTOMS

If you use Collaboration Data Objects (CDO) and CAPICOM to validate Secure MIME (S/MIME) signatures, the validation fails.

MORE INFORMATION

The following code sample illustrates how this validation would typically occur. First the caller requested the message content that is stored in the first body part of the message. Next the caller requested the S/MIME signature that is stored in the second body part of the message. Then the caller sent each body part to CAPICOM for signature validation.

Private Sub Command1_Click(ByVal eventSender As System.Object, ByVal eventArgs As System.EventArgs) Handles Command1.Click
Dim oCDO As New CDO.Message
Dim oST As ADODB.Stream
Dim sContent, sSignature As String

oST = oCDO.GetStream
oST.Type = ADODB.StreamTypeEnum.adTypeText
oST.LoadFromFile("Test.eml")
oST.Flush()

sContent = oCDO.BodyPart.BodyParts(1).GetStream.ReadText
sSignature = oCDO.BodyPart.BodyParts(2).GetEncodedContentStream.ReadText

Dim oC As New CAPICOM.SignedData oC.Content = sContent
oC.Verify(sSignature, True, CAPICOM.CAPICOM_SIGNED_DATA_VERIFY_FLAG.CAPICOM_VERIFY_SIGNATURE_ONLY)
MsgBox("done")
End Sub

RESOLUTION

A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem. This fix may receive additional testing. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Microsoft Exchange 2000 Server service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/default.aspx?scid=fh;EN-US;CNTACTMS

NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The typical support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

Component: CDO

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
   Date         Time   Version       Size        File name
   --------------------------------------------------------
   23-Nov-2002  02:42  6.1.3940.32   2,531,088  Cdosys.dll
This hotfix introduces a new flag that must be set before the caller requests the message body parts. This flag instructs CDO to return any requested body part in its original format to maintain high message fidelity of the message body stream. For example, in the scenario described in the "More Information" section of this article, the following two lines of code are added before the caller requests a pointer to the message body stream:

oCDO.Fields.Item("urn:schemas:mailheader:x-cdostreamhighfidelity") = True
oCDO.Fields.Update

Note Because of file dependencies, this update requires Microsoft Exchange 2000 Server Service Pack 3 (SP3). For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

301378 How to Obtain the Latest Exchange 2000 Server Service Pack

STATUS

Microsoft has confirmed that this is a problem in Microsoft Exchange 2000 Server.
Modification Type:MinorLast Reviewed:10/6/2005
Keywords:kbQFE kbbug kbExchange2000preSP4fix kbfix KB329627
©2004 Microsoft Corporation. All rights reserved.