IPWorks EDI 2022 macOS Edition
Version 22.0 [Build 8431]

AS1Sender Module

Properties   Methods   Events   Config Settings   Errors  

The AS1Sender module implements an AS1 / EDI-INT client, capable of sending EDI messages over electronic mail.

Syntax

IPWorksEDI.As1sender

Remarks

The AS1Sender component is used to send EDI or other messages over SMTP/S, using the AS1 protocol specified in RFC 3335. The class is also used to retrieve and verify server responses.

A typical AS1 transaction is as follows:

(1) The sender sends an EDI document to the receiver using SMTP or SMTPS. Typically the document will be signed and encrypted (particularly if TLS/SSL is not used). A signed receipt will also be requested.

(2) The receiver decrypts the message and verifies the signature.

(3) The receiver sends a signed receipt back to the client. The signature is over the hash of an MDN, which contains a hash of the received message.

When sending an EDI message, the client should specify, at a minimum, From and SendTo, MailServer, and EDIDataData and EDIDataEDIType. The Send method should then be invoked.

To secure the EDI transmission, the message may be signed and/or encrypted by setting the appropriate certificates. By default, the class will apply message security if the appropriate certificates are specified. To sign the data set SigningCert. To encrypt, set RecipientCerts.

TLS/SSL will also be used if SSLStartMode is set. In case your trading partner is using a self-signed certificate with their mail server it will be necessary to set SSLAcceptServerCert or trap the SSLServerAuthentication event to accept the certificate.

The message may also be compressed by setting CompressionFormat.

To request a receipt, or Message Disposition Notification (MDN), simply set the MDNTo property. The MDN will be returned in a separate email response. The MDNOptions property may be used to customize the request. By default, the class will request a signed MDN over an SHA1 hash.

Validating AS1 MDNs

AS1 MDNs are returned asynchronously in a separate email. Generally MDNs will not be returned immediately.

The class supports the use of the POP/S protocol for receiving e-mail. To receive an MDN, set the MailServer, User, and Password properties, and call Connect. At this point you may search your mailbox using the MailMessage properties; when you have found the appropriate message you should invoke ReadReceipt, which will set MDNReceipt. If the receipt is indeed an MDN it will also be parsed (although not verified) and MessageId will be set. If the message is not an MDN an exception will be thrown.

You should then use the values of From and MessageId to look up your trading partner's certificates, the MDNOptions requested, and the OriginalContentMIC calculated when you sent the original message (you must store this value externally to verify signed receipts). Finally, invoke VerifyReceipt.

Property List


The following is the full list of the properties of the module with short descriptions. Click on the links for further details.

AttachmentsCollection of files attached to the current message.
CompressionFormatThe compression format (if any) to use.
ConnectedThis shows whether the module is connected.
EDIDataThe EDI or other data to be sent.
EncryptionAlgorithmThe algorithm used to encrypt the EDI data.
FirewallA set of properties related to firewall access.
FromThe sender of the original message.
LocalHostThe name of the local host or user-assigned IP interface through which connections are initiated or accepted.
LogDirectoryThe path to a directory for logging.
LogFileThe log file written.
MailMessageCcThe value of the Cc header of the mail message.
MailMessageCountThe number of messages waiting in the mailbox.
MailMessageDateThe message date for the currently selected message.
MailMessageFromThe sender of the mail message.
MailMessageHeadersThe message headers for the currently selected message.
MailMessageNumberThe message number on the incoming mail server.
MailMessageReplyToThe value of the ReplyTo header of the mail message.
MailMessageSizeThe size of the mail message.
MailMessageSubjectThe subject of the mail message.
MailMessageTextThe text of the mail message.
MailMessageToThe recipient of the mail message.
MailMessageUIDThe unique id of the mail message.
MailServerThe address of your mail server.
MDNOptionsUsed to indicate the options requested for the MDN receipt.
MDNReceiptThe MDN receipt returned from the server.
MDNToThe system to which an MDN should be directed.
MessageIdThe Id of the message.
OriginalContentMICThe Message Integrity Check(s) (one-way hash) of the outgoing message.
PasswordThe password for your incoming mail server.
ReceiptSignerCertEncodedThis is the certificate (PEM/base64 encoded).
ReceiptSignerCertStoreThis is the name of the certificate store for the client certificate.
ReceiptSignerCertStorePasswordIf the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
ReceiptSignerCertStoreTypeThis is the type of certificate store for this certificate.
ReceiptSignerCertSubjectThis is the subject of the certificate used for client authentication.
RecipientCertCountThe number of records in the RecipientCert arrays.
RecipientCertEncodedThis is the certificate (PEM/base64 encoded).
RecipientCertStoreThis is the name of the certificate store for the client certificate.
RecipientCertStorePasswordIf the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
RecipientCertStoreTypeThis is the type of certificate store for this certificate.
RecipientCertSubjectThis is the subject of the certificate used for client authentication.
SendToThe recipient of the message.
SignatureAlgorithmSignature algorithm to be used in outgoing messages.
SigningCertEncodedThis is the certificate (PEM/base64 encoded).
SigningCertStoreThis is the name of the certificate store for the client certificate.
SigningCertStorePasswordIf the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
SigningCertStoreTypeThis is the type of certificate store for this certificate.
SigningCertSubjectThis is the subject of the certificate used for client authentication.
SSLAcceptServerCertEncodedThis is the certificate (PEM/base64 encoded).
SSLCertEncodedThis is the certificate (PEM/base64 encoded).
SSLCertStoreThis is the name of the certificate store for the client certificate.
SSLCertStorePasswordIf the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
SSLCertStoreTypeThis is the type of certificate store for this certificate.
SSLCertSubjectThis is the subject of the certificate used for client authentication.
SSLProviderThis specifies the SSL/TLS implementation to use.
SSLServerCertEncodedThis is the certificate (PEM/base64 encoded).
SSLStartModeDetermines how the module starts the SSL negotiation. By default, SSL will not be used.
SubjectThe subject of the message.
UserThe username for your incoming mail server.

Method List


The following is the full list of the methods of the module with short descriptions. Click on the links for further details.

ConfigSets or retrieves a configuration setting.
ConnectConnects to the incoming mail server.
DeleteMessageDeletes the message specified by MailMessageNumber .
DisconnectDisconnects from the incoming mail server.
ProcessQueueSend the messages queued for sending.
QueryMessageSizeReturns the size in bytes of the current message.
QueryMessageUIDReturns the unique identifier of the message as specified by the server.
QueuePrepares and queues the message to the specified directory.
ReadReceiptReads and parses (but does not verify) an MDN receipt.
ResetResets the state of the control.
SelectMailMessageSelects and obtains information about the specified message.
SendPrepares and sends the AS1 message.
SetRequestHeaderAllows the user to set or add arbitrary HTTP request headers.
VerifyReceiptVerifies an MDN receipt.

Event List


The following is the full list of the events fired by the module with short descriptions. Click on the links for further details.

ConnectionStatusThis event is fired to indicate changes in the connection state.
EndTransferFired when the message text completes transferring.
ErrorInformation about errors during data delivery.
HeaderThis event is fired for every message header being retrieved.
LogFired with log information while processing a message.
PITrailTraces the commands sent to the mail server, and the respective replies.
SSLServerAuthenticationFired after the server presents its certificate to the client.
SSLStatusShows the progress of the secure connection.
StartTransferFired when the message text starts transferring (on either a send or receive).
TransferFired while the message text gets transferred to or from MailServer .

Config Settings


The following is a list of config settings for the module with short descriptions. Click on the links for further details.

LogFilenameThe base name of the log file.
POPPortThe POP mail port to be used, if different than MailServer.
POPServerThe POP server to be used, if different than MailServer.
SMTPAuthMechanismThe authentication mechanism used to connect to the SMTP server.
SMTPPasswordThe password used for authentication.
SMTPPortThe SMTP mail port to be used, if different than MailServer.
SMTPServerThe SMTP server to be used, if different than MailServer.
SMTPSSLStartModeDetermines how SSL negotiation starts with the SMTP server.
SMTPUserThe user name used for authentication.
LogSSLPacketsControls whether SSL packets are logged when using the internal security API.
OpenSSLCADirThe path to a directory containing CA certificates.
OpenSSLCAFileName of the file containing the list of CA's trusted by your application.
OpenSSLCipherListA string that controls the ciphers to be used by SSL.
OpenSSLPrngSeedDataThe data to seed the pseudo random number generator (PRNG).
ReuseSSLSessionDetermines if the SSL session is reused.
SSLCACertsA newline separated list of CA certificate to use during SSL client authentication.
SSLCheckCRLWhether to check the Certificate Revocation List for the server certificate.
SSLCheckOCSPWhether to use OCSP to check the status of the server certificate.
SSLCipherStrengthThe minimum cipher strength used for bulk encryption.
SSLEnabledCipherSuitesThe cipher suite to be used in an SSL negotiation.
SSLEnabledProtocolsUsed to enable/disable the supported security protocols.
SSLEnableRenegotiationWhether the renegotiation_info SSL extension is supported.
SSLIncludeCertChainWhether the entire certificate chain is included in the SSLServerAuthentication event.
SSLKeyLogFileThe location of a file where per-session secrets are written for debugging purposes.
SSLNegotiatedCipherReturns the negotiated ciphersuite.
SSLNegotiatedCipherStrengthReturns the negotiated ciphersuite strength.
SSLNegotiatedCipherSuiteReturns the negotiated ciphersuite.
SSLNegotiatedKeyExchangeReturns the negotiated key exchange algorithm.
SSLNegotiatedKeyExchangeStrengthReturns the negotiated key exchange algorithm strength.
SSLNegotiatedVersionReturns the negotiated protocol version.
SSLSecurityFlagsFlags that control certificate verification.
SSLServerCACertsA newline separated list of CA certificate to use during SSL server certificate validation.
TLS12SignatureAlgorithmsDefines the allowed TLS 1.2 signature algorithms when SSLProvider is set to Internal.
TLS12SupportedGroupsThe supported groups for ECC.
TLS13KeyShareGroupsThe groups for which to pregenerate key shares.
TLS13SignatureAlgorithmsThe allowed certificate signature algorithms.
TLS13SupportedGroupsThe supported groups for (EC)DHE key exchange.
BuildInfoInformation about the product's build.
CodePageThe system code page used for Unicode to Multibyte translations.
LicenseInfoInformation about the current license.
UseInternalSecurityAPITells the module whether or not to use the system security libraries or an internal implementation.

Attachments Property (AS1Sender Module)

Collection of files attached to the current message.

Syntax

public var attachments: Array<EDIAttachment> {
  get {...}
}

@property (nonatomic,readwrite,assign,getter=attachmentCount,setter=setAttachmentCount:) int attachmentCount;

- (int)attachmentCount;
- (void)setAttachmentCount :(int)newAttachmentCount;

- (NSString*)attachmentContentType:(int)attachmentIndex;
- (void)setAttachmentContentType:(int)attachmentIndex :(NSString*)newAttachmentContentType;

- (NSString*)attachmentData:(int)attachmentIndex;
- (void)setAttachmentData:(int)attachmentIndex :(NSString*)newAttachmentData;

- (NSData*)attachmentDataB:(int)attachmentIndex;
- (void)setAttachmentDataB:(int)attachmentIndex :(NSData*)newAttachmentData;
- (NSString*)attachmentFilename:(int)attachmentIndex;
- (void)setAttachmentFilename:(int)attachmentIndex :(NSString*)newAttachmentFilename;

- (NSString*)attachmentHeaders:(int)attachmentIndex;
- (void)setAttachmentHeaders:(int)attachmentIndex :(NSString*)newAttachmentHeaders;

- (NSString*)attachmentName:(int)attachmentIndex;
- (void)setAttachmentName:(int)attachmentIndex :(NSString*)newAttachmentName;

 

Default Value

""

Remarks

The username for your incoming mail server. Set this before invoking Connect.

CompressionFormat Property (AS1Sender Module)

The compression format (if any) to use.

Syntax

public var compressionFormat: As1senderCompressionFormats {
  get {...}
  set {...}
}

public enum As1senderCompressionFormats: Int32 { case cfNone = 0 case cfZLIB = 1 }

@property (nonatomic,readwrite,assign,getter=compressionFormat,setter=setCompressionFormat:) int compressionFormat;

- (int)compressionFormat;
- (void)setCompressionFormat :(int)newCompressionFormat;

Default Value

0

Remarks

By default, outgoing data will not be compressed. Setting this property will instruct the class to compress the outgoing data using the indicated format.

Compression is highly recommended for large messages, as it will reduce network bandwidth and processing time required.

The compression algorithm used is Zlib, as required by RFC 3274 and defined in RFCs 1950 and 1951.

Connected Property (AS1Sender Module)

This shows whether the module is connected.

Syntax

public var connected: Bool {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=connected,setter=setConnected:) BOOL connected;

- (BOOL)connected;
- (void)setConnected :(BOOL)newConnected;

Default Value

False

Remarks

This property is used to determine whether or not the class is connected to the remote host.

Note: It is recommended to use the Connect or Disconnect method instead of setting this property.

EDIData Property (AS1Sender Module)

The EDI or other data to be sent.

Syntax

public var ediData: EDIData {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=EDIData,setter=setEDIData:) NSString* EDIData;

- (NSString*)EDIData;
- (void)setEDIData :(NSString*)newEDIData;

@property (nonatomic,readwrite,assign,getter=EDIDataB,setter=setEDIDataB:) NSData* EDIDataB;

- (NSData*)EDIDataB;
- (void)setEDIDataB :(NSData*)newEDIData;
@property (nonatomic,readwrite,assign,getter=EDIType,setter=setEDIType:) NSString* EDIType;

- (NSString*)EDIType;
- (void)setEDIType :(NSString*)newEDIType;

@property (nonatomic,readwrite,assign,getter=EDIFilename,setter=setEDIFilename:) NSString* EDIFilename;

- (NSString*)EDIFilename;
- (void)setEDIFilename :(NSString*)newEDIFilename;

@property (nonatomic,readwrite,assign,getter=EDIName,setter=setEDIName:) NSString* EDIName;

- (NSString*)EDIName;
- (void)setEDIName :(NSString*)newEDIName;

 

Default Value

""

Remarks

The username for your incoming mail server. Set this before invoking Connect.

EncryptionAlgorithm Property (AS1Sender Module)

The algorithm used to encrypt the EDI data.

Syntax

public var encryptionAlgorithm: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=encryptionAlgorithm,setter=setEncryptionAlgorithm:) NSString* encryptionAlgorithm;

- (NSString*)encryptionAlgorithm;
- (void)setEncryptionAlgorithm :(NSString*)newEncryptionAlgorithm;

Default Value

"3DES"

Remarks

If RecipientCerts contains a valid certificate, the data will be encrypted using this certificate and the algorithm specified in EncryptionAlgorithm. If EncryptionAlgorithm is set to the empty string, the data will not be encrypted.

The class supports "3DES", or industry-standard 168-bit Triple-DES encryption.

The class supports "AES" encryption with a default keysize of 128 bits. You may also set "AESCBC192" or "AESCBC256" for 192- and 256-bit keysizes.

Possible values are:

  • 3DES (default)
  • DES
  • AESCBC128
  • AESCBC192
  • AESCBC256
  • AESGCM128
  • AESGCM192
  • AESGCM256

Firewall Property (AS1Sender Module)

A set of properties related to firewall access.

Syntax

public var firewall: Firewall {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=firewallAutoDetect,setter=setFirewallAutoDetect:) BOOL firewallAutoDetect;

- (BOOL)firewallAutoDetect;
- (void)setFirewallAutoDetect :(BOOL)newFirewallAutoDetect;

@property (nonatomic,readwrite,assign,getter=firewallType,setter=setFirewallType:) int firewallType;

- (int)firewallType;
- (void)setFirewallType :(int)newFirewallType;

@property (nonatomic,readwrite,assign,getter=firewallHost,setter=setFirewallHost:) NSString* firewallHost;

- (NSString*)firewallHost;
- (void)setFirewallHost :(NSString*)newFirewallHost;

@property (nonatomic,readwrite,assign,getter=firewallPassword,setter=setFirewallPassword:) NSString* firewallPassword;

- (NSString*)firewallPassword;
- (void)setFirewallPassword :(NSString*)newFirewallPassword;

@property (nonatomic,readwrite,assign,getter=firewallPort,setter=setFirewallPort:) int firewallPort;

- (int)firewallPort;
- (void)setFirewallPort :(int)newFirewallPort;

@property (nonatomic,readwrite,assign,getter=firewallUser,setter=setFirewallUser:) NSString* firewallUser;

- (NSString*)firewallUser;
- (void)setFirewallUser :(NSString*)newFirewallUser;

 

Default Value

""

Remarks

The username for your incoming mail server. Set this before invoking Connect.

From Property (AS1Sender Module)

The sender of the original message.

Syntax

public var from: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=from,setter=setFrom:) NSString* from;

- (NSString*)from;
- (void)setFrom :(NSString*)newFrom;

Default Value

""

Remarks

The sender of the original message. The recipient is given by SendTo.

Note that From and SendTo correspond to the sender and recipient of the original message. For MDNs the roles are reversed, so that From indicates the recipient, and SendTo indicates the sender of the MDN.

LocalHost Property (AS1Sender Module)

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

Syntax

public var localHost: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=localHost,setter=setLocalHost:) NSString* localHost;

- (NSString*)localHost;
- (void)setLocalHost :(NSString*)newLocalHost;

Default Value

""

Remarks

The LocalHost property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface.

If the class is connected, the LocalHost property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface).

NOTE: LocalHost is not persistent. You must always set it in code, and never in the property window.

LogDirectory Property (AS1Sender Module)

The path to a directory for logging.

Syntax

public var logDirectory: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=logDirectory,setter=setLogDirectory:) NSString* logDirectory;

- (NSString*)logDirectory;
- (void)setLogDirectory :(NSString*)newLogDirectory;

Default Value

""

Remarks

Setting LogDirectory will instruct the component to log the details of each transmission to unique files in the specified directory. For each request processed, the class will log the original EDI data, the complete text of the outgoing request and the incoming response.

The class will write a file for each transmission, with extension ".log". In case of error an additional file will be written with extension ".err", and the error will be reported in both files. Raw AS1 messages created or downloaded by the class will be written with extension ".as1", and MDNs created or downloaded will be written with extension ".as1-mdn".

The filenames will be chosen automatically by the class. Each filename will be the system time, in the format YYYY-MM-DD-HH-MM-SS-MMMM, with extensions "-2", "-3", used in case files of those names already exist. After each transaction is processed LogFile will contain the name of the files just written, minus the extension ".log" or ".err".

If logs cannot be written an exception will be thrown.

LogFile Property (AS1Sender Module)

The log file written.

Syntax

public var logFile: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=logFile) NSString* logFile;

- (NSString*)logFile;

Default Value

""

Remarks

In case LogDirectory is specified two log files will be written in the specified directory and LogFile will contain the path.

LogFile will in fact refer to several files with appropriate extensions. A diagnostic log will be written with filename LogFile + ".log", and any EDI data read will be written with filename LogFile + ".dat". Raw AS1 messages and MDNs will also be written with extensions ".as1" and ".as1-mdn".

This property is read-only.

MailMessageCc Property (AS1Sender Module)

The value of the Cc header of the mail message.

Syntax

public var mailMessageCc: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageCc) NSString* mailMessageCc;

- (NSString*)mailMessageCc;

Default Value

""

Remarks

After calling SelectMailMessage this property will be populated with the value of the Cc header of the mail message.

This property is read-only.

MailMessageCount Property (AS1Sender Module)

The number of messages waiting in the mailbox.

Syntax

public var mailMessageCount: Int32 {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageCount) int mailMessageCount;

- (int)mailMessageCount;

Default Value

0

Remarks

When the class is not connected to the mail server, the value of the MailMessageCount property is 0. When connected, it contains the number of messages in the mailbox. You may set MailMessageNumber to any value between 1 and MailMessageCount to inspect a given message.

This property is read-only.

MailMessageDate Property (AS1Sender Module)

The message date for the currently selected message.

Syntax

public var mailMessageDate: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageDate) NSString* mailMessageDate;

- (NSString*)mailMessageDate;

Default Value

""

Remarks

The date will be formatted like the following example:

Wed, 29 Dec 2004 11:58:02 +0700

This property is read-only.

MailMessageFrom Property (AS1Sender Module)

The sender of the mail message.

Syntax

public var mailMessageFrom: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageFrom) NSString* mailMessageFrom;

- (NSString*)mailMessageFrom;

Default Value

""

Remarks

After calling SelectMailMessage this property will be populated. When processing AS1 transmissions, this will correspond to From. When processing MDNs, this will correspond to SendTo.

This property is read-only.

MailMessageHeaders Property (AS1Sender Module)

The message headers for the currently selected message.

Syntax

public var mailMessageHeaders: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageHeaders) NSString* mailMessageHeaders;

- (NSString*)mailMessageHeaders;

Default Value

""

Remarks

After calling SelectMailMessage this property will contain the full headers of the mail message as reported by the mail server.

This property is read-only.

MailMessageNumber Property (AS1Sender Module)

The message number on the incoming mail server.

Syntax

public var mailMessageNumber: Int32 {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=mailMessageNumber,setter=setMailMessageNumber:) int mailMessageNumber;

- (int)mailMessageNumber;
- (void)setMailMessageNumber :(int)newMailMessageNumber;

Default Value

0

Remarks

MailMessageNumber specifies a number between 1 and MailMessageCount, and serves as a message pointer to an incoming mail message.

Set this property before calling SelectMailMessage, QueryMessageSize or QueryMessageUID.

MailMessageReplyTo Property (AS1Sender Module)

The value of the ReplyTo header of the mail message.

Syntax

public var mailMessageReplyTo: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageReplyTo) NSString* mailMessageReplyTo;

- (NSString*)mailMessageReplyTo;

Default Value

""

Remarks

After calling SelectMailMessage this property will be populated with the value of the ReplyTo header of the mail message.

This property is read-only.

MailMessageSize Property (AS1Sender Module)

The size of the mail message.

Syntax

public var mailMessageSize: Int32 {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageSize) int mailMessageSize;

- (int)mailMessageSize;

Default Value

0

Remarks

After calling QueryMessageSize this property will be populated with the the size of the mail message.

Note: It is recommended to use the QueryMessageSize method instead of getting this property.

This property is read-only.

MailMessageSubject Property (AS1Sender Module)

The subject of the mail message.

Syntax

public var mailMessageSubject: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageSubject) NSString* mailMessageSubject;

- (NSString*)mailMessageSubject;

Default Value

""

Remarks

After calling SelectMailMessage this property will be populated with the subject of the mail message.

This property is read-only.

MailMessageText Property (AS1Sender Module)

The text of the mail message.

Syntax

public var mailMessageText: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageText) NSString* mailMessageText;

- (NSString*)mailMessageText;

Default Value

""

Remarks

The text of the mail message identified by MailMessageNumber, if it has been downloaded from the server. To read the message, invoke ReadRequest (receiver) or ReadReceipt (sender). In case the message is not as AS1 message this will throw an exception, but you may catch it and then read the value of MailMessageText.

This property is read-only.

MailMessageTo Property (AS1Sender Module)

The recipient of the mail message.

Syntax

public var mailMessageTo: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageTo) NSString* mailMessageTo;

- (NSString*)mailMessageTo;

Default Value

""

Remarks

After calling SelectMailMessage this property will be populated with the recipient of the mail message.

This property is read-only.

MailMessageUID Property (AS1Sender Module)

The unique id of the mail message.

Syntax

public var mailMessageUID: String {
  get {...}
}

@property (nonatomic,readonly,assign,getter=mailMessageUID) NSString* mailMessageUID;

- (NSString*)mailMessageUID;

Default Value

""

Remarks

After calling QueryMessageUID this property will be populated with the unique id of the mail message.

Note: It is recommended to use the QueryMessageUID method instead of getting this property.

This property is read-only.

MailServer Property (AS1Sender Module)

The address of your mail server.

Syntax

public var mailServer: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=mailServer,setter=setMailServer:) NSString* mailServer;

- (NSString*)mailServer;
- (void)setMailServer :(NSString*)newMailServer;

Default Value

""

Remarks

The address of your mail server. By default, the class will send outgoing mail via SMTP, and receive incoming mail via POP. Moreover, the class will assume that both servers are located at the address specified by MailServer.

In case you use different addresses for incoming and outgoing mail you should set the POPServer and SMTPServer configuration settings appropriately. You may also set POPPort and SMTPPort in case you use nonstandard ports.

To configure SSL you should set SSLStartMode. Note that if SSL is used for sending but not receiving, or vice versa, you should set SSLStartMode each time you send or receive a file.

MDNOptions Property (AS1Sender Module)

Used to indicate the options requested for the MDN receipt.

Syntax

public var mdnOptions: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=MDNOptions,setter=setMDNOptions:) NSString* MDNOptions;

- (NSString*)MDNOptions;
- (void)setMDNOptions :(NSString*)newMDNOptions;

Default Value

"signed-receipt-protocol=optional, pkcs7-signature; signed-receipt-micalg=optional, sha-256"

Remarks

By default, the class will request that the MDN be signed with a PKCS#7 signature over a SHA-256 hash, which is the industry standard.

Set MDNOptions to an empty string to request an unsigned receipt.

This property will automatically be updated when SignatureAlgorithm is set. Normally you will not need to set this property, however you can set a value here to override the automatically generated value.

The string format is that of the Disposition-Notification-Options HTTP header, as specified in RFC 3335. As a form of shorthand, you may set this property to "sha1", "sha-256", or "md5" to request the indicated hash algorithm.

MDNReceipt Property (AS1Sender Module)

The MDN receipt returned from the server.

Syntax

public var mdnReceipt: MDNReceipt {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=MDNReceiptContent,setter=setMDNReceiptContent:) NSString* MDNReceiptContent;

- (NSString*)MDNReceiptContent;
- (void)setMDNReceiptContent :(NSString*)newMDNReceiptContent;

@property (nonatomic,readwrite,assign,getter=MDNReceiptContentB,setter=setMDNReceiptContentB:) NSData* MDNReceiptContentB;

- (NSData*)MDNReceiptContentB;
- (void)setMDNReceiptContentB :(NSData*)newMDNReceiptContent;
@property (nonatomic,readonly,assign,getter=MDNReceiptHeaderCount) int MDNReceiptHeaderCount;

- (int)MDNReceiptHeaderCount;

@property (nonatomic,readonly,assign,getter=MDNReceiptHeaderField) NSString* MDNReceiptHeaderField;

- (NSString*)MDNReceiptHeaderField;

@property (nonatomic,readwrite,assign,getter=MDNReceiptHeaderIndex,setter=setMDNReceiptHeaderIndex:) int MDNReceiptHeaderIndex;

- (int)MDNReceiptHeaderIndex;
- (void)setMDNReceiptHeaderIndex :(int)newMDNReceiptHeaderIndex;

@property (nonatomic,readwrite,assign,getter=MDNReceiptHeaders,setter=setMDNReceiptHeaders:) NSString* MDNReceiptHeaders;

- (NSString*)MDNReceiptHeaders;
- (void)setMDNReceiptHeaders :(NSString*)newMDNReceiptHeaders;

@property (nonatomic,readonly,assign,getter=MDNReceiptHeaderValue) NSString* MDNReceiptHeaderValue;

- (NSString*)MDNReceiptHeaderValue;

@property (nonatomic,readonly,assign,getter=MDNReceiptMDN) NSString* MDNReceiptMDN;

- (NSString*)MDNReceiptMDN;

@property (nonatomic,readonly,assign,getter=MDNReceiptMessage) NSString* MDNReceiptMessage;

- (NSString*)MDNReceiptMessage;

@property (nonatomic,readonly,assign,getter=MDNReceiptMICValue) NSString* MDNReceiptMICValue;

- (NSString*)MDNReceiptMICValue;

@property (nonatomic,readonly,assign,getter=MDNReceiptSigningProtocol) NSString* MDNReceiptSigningProtocol;

- (NSString*)MDNReceiptSigningProtocol;

 

Default Value

""

Remarks

The username for your incoming mail server. Set this before invoking Connect.

MDNTo Property (AS1Sender Module)

The system to which an MDN should be directed.

Syntax

public var mdnTo: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=MDNTo,setter=setMDNTo:) NSString* MDNTo;

- (NSString*)MDNTo;
- (void)setMDNTo :(NSString*)newMDNTo;

Default Value

""

Remarks

If this property is set, a Disposition-Notification-To header will be added to the request, and an MDN will be requested. You should specify a valid email address; you might, for example, specify the same e-mail address as in From.

By default, the class will request a PKCS#7 signature signed over SHA-1. You may set MDNOptions to customize this.

MessageId Property (AS1Sender Module)

The Id of the message.

Syntax

public var messageId: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=messageId,setter=setMessageId:) NSString* messageId;

- (NSString*)messageId;
- (void)setMessageId :(NSString*)newMessageId;

Default Value

""

Remarks

The Id format is as in RFC 2822: id-left@id-right.

In AS1, customizing the MessageId is not supported. An appropriate MessageId will be generated by the class for each outgoing message. You should record this value after sending this value, and set it again when you verify the receipt.

OriginalContentMIC Property (AS1Sender Module)

The Message Integrity Check(s) (one-way hash) of the outgoing message.

Syntax

public var originalContentMIC: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=originalContentMIC,setter=setOriginalContentMIC:) NSString* originalContentMIC;

- (NSString*)originalContentMIC;
- (void)setOriginalContentMIC :(NSString*)newOriginalContentMIC;

Default Value

""

Remarks

A MIC will be calculated over the outgoing message using the same algorithm in the SignatureAlgorithm configuration used to sign the message. The property will be set when Post (in AS3, Send) is invoked, and the MIC will automatically be checked against the Original-Content-MIC in the MDN for synchronous MDNs.

The format is in RFC 3335, i.e. "w7AguNJEmhF/qIjJw6LnnA==, md5", with a newline at the end.

If you are requesting an asynchronous MDN, you must save this value externally so that it can be loaded when the MDN is received (you may also use AsyncMDNInfoDir).

Password Property (AS1Sender Module)

The password for your incoming mail server.

Syntax

public var password: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=password,setter=setPassword:) NSString* password;

- (NSString*)password;
- (void)setPassword :(NSString*)newPassword;

Default Value

""

Remarks

The password for your incoming mail server. Set this before invoking Connect.

ReceiptSignerCertEncoded Property (AS1Sender Module)

This is the certificate (PEM/base64 encoded).

Syntax

public var receiptSignerCertEncoded: String {
  get {...}
  set {...}
}

public var receiptSignerCertEncodedB: Data { get {...} set {...} }

@property (nonatomic,readwrite,assign,getter=receiptSignerCertEncoded,setter=setReceiptSignerCertEncoded:) NSString* receiptSignerCertEncoded;

- (NSString*)receiptSignerCertEncoded;
- (void)setReceiptSignerCertEncoded :(NSString*)newReceiptSignerCertEncoded;

@property (nonatomic,readwrite,assign,getter=receiptSignerCertEncodedB,setter=setReceiptSignerCertEncodedB:) NSData* receiptSignerCertEncodedB;

- (NSData*)receiptSignerCertEncodedB;
- (void)setReceiptSignerCertEncodedB :(NSData*)newReceiptSignerCertEncoded;

Default Value

""

Remarks

This is the certificate (PEM/base64 encoded). This property is used to assign a specific certificate. The ReceiptSignerCertStore and ReceiptSignerCertSubject properties also may be used to specify a certificate.

When ReceiptSignerCertEncoded is set, a search is initiated in the current ReceiptSignerCertStore for the private key of the certificate. If the key is found, ReceiptSignerCertSubject is updated to reflect the full subject of the selected certificate; otherwise, ReceiptSignerCertSubject is set to an empty string.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setReceiptSignerCertEncodedB(receiptSignerCertEncoded: Data) throws
public func setReceiptSignerCertEncoded(receiptSignerCertEncoded: String) throws

ReceiptSignerCertStore Property (AS1Sender Module)

This is the name of the certificate store for the client certificate.

Syntax

public var receiptSignerCertStore: String {
  get {...}
  set {...}
}

public var receiptSignerCertStoreB: Data { get {...} set {...} }

@property (nonatomic,readwrite,assign,getter=receiptSignerCertStore,setter=setReceiptSignerCertStore:) NSString* receiptSignerCertStore;

- (NSString*)receiptSignerCertStore;
- (void)setReceiptSignerCertStore :(NSString*)newReceiptSignerCertStore;

@property (nonatomic,readwrite,assign,getter=receiptSignerCertStoreB,setter=setReceiptSignerCertStoreB:) NSData* receiptSignerCertStoreB;

- (NSData*)receiptSignerCertStoreB;
- (void)setReceiptSignerCertStoreB :(NSData*)newReceiptSignerCertStore;

Default Value

"MY"

Remarks

This is the name of the certificate store for the client certificate.

The ReceiptSignerCertStoreType property denotes the type of the certificate store specified by ReceiptSignerCertStore. If the store is password protected, specify the password in ReceiptSignerCertStorePassword.

ReceiptSignerCertStore is used in conjunction with the ReceiptSignerCertSubject property to specify client certificates. If ReceiptSignerCertStore has a value, and ReceiptSignerCertSubject or ReceiptSignerCertEncoded is set, a search for a certificate is initiated. Please see the ReceiptSignerCertSubject property for details.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

ReceiptSignerCertStorePassword Property (AS1Sender Module)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

public var receiptSignerCertStorePassword: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=receiptSignerCertStorePassword,setter=setReceiptSignerCertStorePassword:) NSString* receiptSignerCertStorePassword;

- (NSString*)receiptSignerCertStorePassword;
- (void)setReceiptSignerCertStorePassword :(NSString*)newReceiptSignerCertStorePassword;

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

ReceiptSignerCertStoreType Property (AS1Sender Module)

This is the type of certificate store for this certificate.

Syntax

public var receiptSignerCertStoreType: As1senderReceiptSignerCertStoreTypes {
  get {...}
  set {...}
}

public enum As1senderReceiptSignerCertStoreTypes: Int32 { case cstUser = 0 case cstMachine = 1 case cstPFXFile = 2 case cstPFXBlob = 3 case cstJKSFile = 4 case cstJKSBlob = 5 case cstPEMKeyFile = 6 case cstPEMKeyBlob = 7 case cstPublicKeyFile = 8 case cstPublicKeyBlob = 9 case cstSSHPublicKeyBlob = 10 case cstP7BFile = 11 case cstP7BBlob = 12 case cstSSHPublicKeyFile = 13 case cstPPKFile = 14 case cstPPKBlob = 15 case cstXMLFile = 16 case cstXMLBlob = 17 case cstJWKFile = 18 case cstJWKBlob = 19 case cstSecurityKey = 20 case cstBCFKSFile = 21 case cstBCFKSBlob = 22 case cstAuto = 99 }

@property (nonatomic,readwrite,assign,getter=receiptSignerCertStoreType,setter=setReceiptSignerCertStoreType:) int receiptSignerCertStoreType;

- (int)receiptSignerCertStoreType;
- (void)setReceiptSignerCertStoreType :(int)newReceiptSignerCertStoreType;

Default Value

0

Remarks

This is the type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used the class will automatically determine the type. This property can take one of the following values:

0 (cstUser - default)For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java.
1 (cstMachine)For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java.
2 (cstPFXFile)The certificate store is the name of a PFX (PKCS12) file containing certificates.
3 (cstPFXBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format.
4 (cstJKSFile)The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java.
5 (cstJKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java.
6 (cstPEMKeyFile)The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)The certificate store is the name of a PKCS7 file containing certificates.
12 (cstP7BBlob)The certificate store is a string (binary) representing a certificate store in PKCS7 format.
13 (cstSSHPublicKeyFile)The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)The certificate store is a string that contains a JWK (JSON Web Key).
20 (cstSecurityKey)The certificate is present on a physical security key accessible via a PKCS11 interface.

To use a security key the necessary data must first be collected using the CertMgr class. The ListStoreCertificates method may be called after setting CertStoreType to cstSecurityKey, CertStorePassword to the PIN, and CertStore to the full path of the PKCS11 dll. The certificate information returned in the CertList event's CertEncoded parameter may be saved for later use.

When using a certificate, pass the previously saved security key information as the ReceiptSignerCertStore and set ReceiptSignerCertStorePassword to the PIN.

Code Example: SSH Authentication with Security Key certmgr.CertStoreType = CertStoreTypes.cstSecurityKey; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstSecurityKey, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);

21 (cstBCFKSFile)The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: this store type is only available in Java and .NET.
22 (cstBCFKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: this store type is only available in Java and .NET.
99 (cstAuto)The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

ReceiptSignerCertSubject Property (AS1Sender Module)

This is the subject of the certificate used for client authentication.

Syntax

public var receiptSignerCertSubject: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=receiptSignerCertSubject,setter=setReceiptSignerCertSubject:) NSString* receiptSignerCertSubject;

- (NSString*)receiptSignerCertSubject;
- (void)setReceiptSignerCertSubject :(NSString*)newReceiptSignerCertSubject;

Default Value

""

Remarks

This is the subject of the certificate used for client authentication.

This property must be set after all other certificate properites are set. When this property is set, a search is performed in the current certificate store certificate with matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are displayed below.

FieldMeaning
CNCommon Name. This is commonly a host name like www.server.com.
OOrganization
OUOrganizational Unit
LLocality
SState
CCountry
EEmail Address

If a field value contains a comma it must be quoted.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setReceiptSignerCertSubject(receiptSignerCertSubject: String) throws

RecipientCertCount Property (AS1Sender Module)

The number of records in the RecipientCert arrays.

Syntax

public var recipientCertCount: Int32 {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=recipientCertCount,setter=setRecipientCertCount:) int recipientCertCount;

- (int)recipientCertCount;
- (void)setRecipientCertCount :(int)newRecipientCertCount;

Default Value

0

Remarks

This property controls the size of the following arrays:

The array indices start at 0 and end at RecipientCertCount - 1.

RecipientCertEncoded Property (AS1Sender Module)

This is the certificate (PEM/base64 encoded).

Syntax

public var recipientCertEncoded: String {
  get {...}
  set {...}
}

public var recipientCertEncodedB: Data { get {...} set {...} }

- (NSString*)recipientCertEncoded:(int)recipientCertIndex;
- (void)setRecipientCertEncoded:(int)recipientCertIndex :(NSString*)newRecipientCertEncoded;

- (NSData*)recipientCertEncodedB:(int)recipientCertIndex;
- (void)setRecipientCertEncodedB:(int)recipientCertIndex :(NSData*)newRecipientCertEncoded;

Default Value

""

Remarks

This is the certificate (PEM/base64 encoded). This property is used to assign a specific certificate. The RecipientCertStore and RecipientCertSubject properties also may be used to specify a certificate.

When RecipientCertEncoded is set, a search is initiated in the current RecipientCertStore for the private key of the certificate. If the key is found, RecipientCertSubject is updated to reflect the full subject of the selected certificate; otherwise, RecipientCertSubject is set to an empty string.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setRecipientCertEncodedB(recipientCertEncoded: Data) throws
public func setRecipientCertEncoded(recipientCertEncoded: String) throws

RecipientCertStore Property (AS1Sender Module)

This is the name of the certificate store for the client certificate.

Syntax

public var recipientCertStore: String {
  get {...}
  set {...}
}

public var recipientCertStoreB: Data { get {...} set {...} }

- (NSString*)recipientCertStore:(int)recipientCertIndex;
- (void)setRecipientCertStore:(int)recipientCertIndex :(NSString*)newRecipientCertStore;

- (NSData*)recipientCertStoreB:(int)recipientCertIndex;
- (void)setRecipientCertStoreB:(int)recipientCertIndex :(NSData*)newRecipientCertStore;

Default Value

"MY"

Remarks

This is the name of the certificate store for the client certificate.

The RecipientCertStoreType property denotes the type of the certificate store specified by RecipientCertStore. If the store is password protected, specify the password in RecipientCertStorePassword.

RecipientCertStore is used in conjunction with the RecipientCertSubject property to specify client certificates. If RecipientCertStore has a value, and RecipientCertSubject or RecipientCertEncoded is set, a search for a certificate is initiated. Please see the RecipientCertSubject property for details.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

RecipientCertStorePassword Property (AS1Sender Module)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

public var recipientCertStorePassword: String {
  get {...}
  set {...}
}

- (NSString*)recipientCertStorePassword:(int)recipientCertIndex;
- (void)setRecipientCertStorePassword:(int)recipientCertIndex :(NSString*)newRecipientCertStorePassword;

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

RecipientCertStoreType Property (AS1Sender Module)

This is the type of certificate store for this certificate.

Syntax

public var recipientCertStoreType: As1senderRecipientCertStoreTypes {
  get {...}
  set {...}
}

public enum As1senderRecipientCertStoreTypes: Int32 { case cstUser = 0 case cstMachine = 1 case cstPFXFile = 2 case cstPFXBlob = 3 case cstJKSFile = 4 case cstJKSBlob = 5 case cstPEMKeyFile = 6 case cstPEMKeyBlob = 7 case cstPublicKeyFile = 8 case cstPublicKeyBlob = 9 case cstSSHPublicKeyBlob = 10 case cstP7BFile = 11 case cstP7BBlob = 12 case cstSSHPublicKeyFile = 13 case cstPPKFile = 14 case cstPPKBlob = 15 case cstXMLFile = 16 case cstXMLBlob = 17 case cstJWKFile = 18 case cstJWKBlob = 19 case cstSecurityKey = 20 case cstBCFKSFile = 21 case cstBCFKSBlob = 22 case cstAuto = 99 }

- (int)recipientCertStoreType:(int)recipientCertIndex;
- (void)setRecipientCertStoreType:(int)recipientCertIndex :(int)newRecipientCertStoreType;

Default Value

0

Remarks

This is the type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used the class will automatically determine the type. This property can take one of the following values:

0 (cstUser - default)For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java.
1 (cstMachine)For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java.
2 (cstPFXFile)The certificate store is the name of a PFX (PKCS12) file containing certificates.
3 (cstPFXBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format.
4 (cstJKSFile)The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java.
5 (cstJKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java.
6 (cstPEMKeyFile)The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)The certificate store is the name of a PKCS7 file containing certificates.
12 (cstP7BBlob)The certificate store is a string (binary) representing a certificate store in PKCS7 format.
13 (cstSSHPublicKeyFile)The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)The certificate store is a string that contains a JWK (JSON Web Key).
20 (cstSecurityKey)The certificate is present on a physical security key accessible via a PKCS11 interface.

To use a security key the necessary data must first be collected using the CertMgr class. The ListStoreCertificates method may be called after setting CertStoreType to cstSecurityKey, CertStorePassword to the PIN, and CertStore to the full path of the PKCS11 dll. The certificate information returned in the CertList event's CertEncoded parameter may be saved for later use.

When using a certificate, pass the previously saved security key information as the RecipientCertStore and set RecipientCertStorePassword to the PIN.

Code Example: SSH Authentication with Security Key certmgr.CertStoreType = CertStoreTypes.cstSecurityKey; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstSecurityKey, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);

21 (cstBCFKSFile)The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: this store type is only available in Java and .NET.
22 (cstBCFKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: this store type is only available in Java and .NET.
99 (cstAuto)The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

RecipientCertSubject Property (AS1Sender Module)

This is the subject of the certificate used for client authentication.

Syntax

public var recipientCertSubject: String {
  get {...}
  set {...}
}

- (NSString*)recipientCertSubject:(int)recipientCertIndex;
- (void)setRecipientCertSubject:(int)recipientCertIndex :(NSString*)newRecipientCertSubject;

Default Value

""

Remarks

This is the subject of the certificate used for client authentication.

This property must be set after all other certificate properites are set. When this property is set, a search is performed in the current certificate store certificate with matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are displayed below.

FieldMeaning
CNCommon Name. This is commonly a host name like www.server.com.
OOrganization
OUOrganizational Unit
LLocality
SState
CCountry
EEmail Address

If a field value contains a comma it must be quoted.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setRecipientCertSubject(recipientCertSubject: String) throws

SendTo Property (AS1Sender Module)

The recipient of the message.

Syntax

public var sendTo: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=sendTo,setter=setSendTo:) NSString* sendTo;

- (NSString*)sendTo;
- (void)setSendTo :(NSString*)newSendTo;

Default Value

""

Remarks

The recipient of the AS1 message. The originator is given by From.

Note that From and SendTo correspond to the sender and recipient of the original message. For MDNs the roles are reversed, so that From indicates the recipient, and SendTo indicates the sender of the MDN.

SignatureAlgorithm Property (AS1Sender Module)

Signature algorithm to be used in outgoing messages.

Syntax

public var signatureAlgorithm: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=signatureAlgorithm,setter=setSignatureAlgorithm:) NSString* signatureAlgorithm;

- (NSString*)signatureAlgorithm;
- (void)setSignatureAlgorithm :(NSString*)newSignatureAlgorithm;

Default Value

"sha-256"

Remarks

Signature Algorithm can be set to indicate the preferred signing algorithm. Possible values are:

  • sha1
  • md5
  • sha-256 (or sha256) (default)
  • sha-384 (or sha384)
  • sha-512 (or sha512)
  • sha-224 (or sha224)

The default value is "sha-256". When this property is set the MDNOptions property is automatically updated to request the MDN receipt be signed with the same algorithm.

SigningCertEncoded Property (AS1Sender Module)

This is the certificate (PEM/base64 encoded).

Syntax

public var signingCertEncoded: String {
  get {...}
  set {...}
}

public var signingCertEncodedB: Data { get {...} set {...} }

@property (nonatomic,readwrite,assign,getter=signingCertEncoded,setter=setSigningCertEncoded:) NSString* signingCertEncoded;

- (NSString*)signingCertEncoded;
- (void)setSigningCertEncoded :(NSString*)newSigningCertEncoded;

@property (nonatomic,readwrite,assign,getter=signingCertEncodedB,setter=setSigningCertEncodedB:) NSData* signingCertEncodedB;

- (NSData*)signingCertEncodedB;
- (void)setSigningCertEncodedB :(NSData*)newSigningCertEncoded;

Default Value

""

Remarks

This is the certificate (PEM/base64 encoded). This property is used to assign a specific certificate. The SigningCertStore and SigningCertSubject properties also may be used to specify a certificate.

When SigningCertEncoded is set, a search is initiated in the current SigningCertStore for the private key of the certificate. If the key is found, SigningCertSubject is updated to reflect the full subject of the selected certificate; otherwise, SigningCertSubject is set to an empty string.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setSigningCertEncodedB(signingCertEncoded: Data) throws
public func setSigningCertEncoded(signingCertEncoded: String) throws

SigningCertStore Property (AS1Sender Module)

This is the name of the certificate store for the client certificate.

Syntax

public var signingCertStore: String {
  get {...}
  set {...}
}

public var signingCertStoreB: Data { get {...} set {...} }

@property (nonatomic,readwrite,assign,getter=signingCertStore,setter=setSigningCertStore:) NSString* signingCertStore;

- (NSString*)signingCertStore;
- (void)setSigningCertStore :(NSString*)newSigningCertStore;

@property (nonatomic,readwrite,assign,getter=signingCertStoreB,setter=setSigningCertStoreB:) NSData* signingCertStoreB;

- (NSData*)signingCertStoreB;
- (void)setSigningCertStoreB :(NSData*)newSigningCertStore;

Default Value

"MY"

Remarks

This is the name of the certificate store for the client certificate.

The SigningCertStoreType property denotes the type of the certificate store specified by SigningCertStore. If the store is password protected, specify the password in SigningCertStorePassword.

SigningCertStore is used in conjunction with the SigningCertSubject property to specify client certificates. If SigningCertStore has a value, and SigningCertSubject or SigningCertEncoded is set, a search for a certificate is initiated. Please see the SigningCertSubject property for details.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

SigningCertStorePassword Property (AS1Sender Module)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

public var signingCertStorePassword: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=signingCertStorePassword,setter=setSigningCertStorePassword:) NSString* signingCertStorePassword;

- (NSString*)signingCertStorePassword;
- (void)setSigningCertStorePassword :(NSString*)newSigningCertStorePassword;

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

SigningCertStoreType Property (AS1Sender Module)

This is the type of certificate store for this certificate.

Syntax

public var signingCertStoreType: As1senderSigningCertStoreTypes {
  get {...}
  set {...}
}

public enum As1senderSigningCertStoreTypes: Int32 { case cstUser = 0 case cstMachine = 1 case cstPFXFile = 2 case cstPFXBlob = 3 case cstJKSFile = 4 case cstJKSBlob = 5 case cstPEMKeyFile = 6 case cstPEMKeyBlob = 7 case cstPublicKeyFile = 8 case cstPublicKeyBlob = 9 case cstSSHPublicKeyBlob = 10 case cstP7BFile = 11 case cstP7BBlob = 12 case cstSSHPublicKeyFile = 13 case cstPPKFile = 14 case cstPPKBlob = 15 case cstXMLFile = 16 case cstXMLBlob = 17 case cstJWKFile = 18 case cstJWKBlob = 19 case cstSecurityKey = 20 case cstBCFKSFile = 21 case cstBCFKSBlob = 22 case cstAuto = 99 }

@property (nonatomic,readwrite,assign,getter=signingCertStoreType,setter=setSigningCertStoreType:) int signingCertStoreType;

- (int)signingCertStoreType;
- (void)setSigningCertStoreType :(int)newSigningCertStoreType;

Default Value

0

Remarks

This is the type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used the class will automatically determine the type. This property can take one of the following values:

0 (cstUser - default)For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java.
1 (cstMachine)For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java.
2 (cstPFXFile)The certificate store is the name of a PFX (PKCS12) file containing certificates.
3 (cstPFXBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format.
4 (cstJKSFile)The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java.
5 (cstJKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java.
6 (cstPEMKeyFile)The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)The certificate store is the name of a PKCS7 file containing certificates.
12 (cstP7BBlob)The certificate store is a string (binary) representing a certificate store in PKCS7 format.
13 (cstSSHPublicKeyFile)The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)The certificate store is a string that contains a JWK (JSON Web Key).
20 (cstSecurityKey)The certificate is present on a physical security key accessible via a PKCS11 interface.

To use a security key the necessary data must first be collected using the CertMgr class. The ListStoreCertificates method may be called after setting CertStoreType to cstSecurityKey, CertStorePassword to the PIN, and CertStore to the full path of the PKCS11 dll. The certificate information returned in the CertList event's CertEncoded parameter may be saved for later use.

When using a certificate, pass the previously saved security key information as the SigningCertStore and set SigningCertStorePassword to the PIN.

Code Example: SSH Authentication with Security Key certmgr.CertStoreType = CertStoreTypes.cstSecurityKey; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstSecurityKey, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);

21 (cstBCFKSFile)The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: this store type is only available in Java and .NET.
22 (cstBCFKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: this store type is only available in Java and .NET.
99 (cstAuto)The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

SigningCertSubject Property (AS1Sender Module)

This is the subject of the certificate used for client authentication.

Syntax

public var signingCertSubject: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=signingCertSubject,setter=setSigningCertSubject:) NSString* signingCertSubject;

- (NSString*)signingCertSubject;
- (void)setSigningCertSubject :(NSString*)newSigningCertSubject;

Default Value

""

Remarks

This is the subject of the certificate used for client authentication.

This property must be set after all other certificate properites are set. When this property is set, a search is performed in the current certificate store certificate with matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are displayed below.

FieldMeaning
CNCommon Name. This is commonly a host name like www.server.com.
OOrganization
OUOrganizational Unit
LLocality
SState
CCountry
EEmail Address

If a field value contains a comma it must be quoted.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setSigningCertSubject(signingCertSubject: String) throws

SSLAcceptServerCertEncoded Property (AS1Sender Module)

This is the certificate (PEM/base64 encoded).

Syntax

public var sslAcceptServerCertEncoded: String {
  get {...}
  set {...}
}

public var sslAcceptServerCertEncodedB: Data { get {...} set {...} }

@property (nonatomic,readwrite,assign,getter=SSLAcceptServerCertEncoded,setter=setSSLAcceptServerCertEncoded:) NSString* SSLAcceptServerCertEncoded;

- (NSString*)SSLAcceptServerCertEncoded;
- (void)setSSLAcceptServerCertEncoded :(NSString*)newSSLAcceptServerCertEncoded;

@property (nonatomic,readwrite,assign,getter=SSLAcceptServerCertEncodedB,setter=setSSLAcceptServerCertEncodedB:) NSData* SSLAcceptServerCertEncodedB;

- (NSData*)SSLAcceptServerCertEncodedB;
- (void)setSSLAcceptServerCertEncodedB :(NSData*)newSSLAcceptServerCertEncoded;

Default Value

""

Remarks

This is the certificate (PEM/base64 encoded). This property is used to assign a specific certificate. The SSLAcceptServerCertStore and SSLAcceptServerCertSubject properties also may be used to specify a certificate.

When SSLAcceptServerCertEncoded is set, a search is initiated in the current SSLAcceptServerCertStore for the private key of the certificate. If the key is found, SSLAcceptServerCertSubject is updated to reflect the full subject of the selected certificate; otherwise, SSLAcceptServerCertSubject is set to an empty string.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setSSLAcceptServerCertEncodedB(sslAcceptServerCertEncoded: Data) throws
public func setSSLAcceptServerCertEncoded(sslAcceptServerCertEncoded: String) throws

SSLCertEncoded Property (AS1Sender Module)

This is the certificate (PEM/base64 encoded).

Syntax

public var sslCertEncoded: String {
  get {...}
  set {...}
}

public var sslCertEncodedB: Data { get {...} set {...} }

@property (nonatomic,readwrite,assign,getter=SSLCertEncoded,setter=setSSLCertEncoded:) NSString* SSLCertEncoded;

- (NSString*)SSLCertEncoded;
- (void)setSSLCertEncoded :(NSString*)newSSLCertEncoded;

@property (nonatomic,readwrite,assign,getter=SSLCertEncodedB,setter=setSSLCertEncodedB:) NSData* SSLCertEncodedB;

- (NSData*)SSLCertEncodedB;
- (void)setSSLCertEncodedB :(NSData*)newSSLCertEncoded;

Default Value

""

Remarks

This is the certificate (PEM/base64 encoded). This property is used to assign a specific certificate. The SSLCertStore and SSLCertSubject properties also may be used to specify a certificate.

When SSLCertEncoded is set, a search is initiated in the current SSLCertStore for the private key of the certificate. If the key is found, SSLCertSubject is updated to reflect the full subject of the selected certificate; otherwise, SSLCertSubject is set to an empty string.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setSSLCertEncodedB(sslCertEncoded: Data) throws
public func setSSLCertEncoded(sslCertEncoded: String) throws

SSLCertStore Property (AS1Sender Module)

This is the name of the certificate store for the client certificate.

Syntax

public var sslCertStore: String {
  get {...}
  set {...}
}

public var sslCertStoreB: Data { get {...} set {...} }

@property (nonatomic,readwrite,assign,getter=SSLCertStore,setter=setSSLCertStore:) NSString* SSLCertStore;

- (NSString*)SSLCertStore;
- (void)setSSLCertStore :(NSString*)newSSLCertStore;

@property (nonatomic,readwrite,assign,getter=SSLCertStoreB,setter=setSSLCertStoreB:) NSData* SSLCertStoreB;

- (NSData*)SSLCertStoreB;
- (void)setSSLCertStoreB :(NSData*)newSSLCertStore;

Default Value

"MY"

Remarks

This is the name of the certificate store for the client certificate.

The SSLCertStoreType property denotes the type of the certificate store specified by SSLCertStore. If the store is password protected, specify the password in SSLCertStorePassword.

SSLCertStore is used in conjunction with the SSLCertSubject property to specify client certificates. If SSLCertStore has a value, and SSLCertSubject or SSLCertEncoded is set, a search for a certificate is initiated. Please see the SSLCertSubject property for details.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

SSLCertStorePassword Property (AS1Sender Module)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

public var sslCertStorePassword: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=SSLCertStorePassword,setter=setSSLCertStorePassword:) NSString* SSLCertStorePassword;

- (NSString*)SSLCertStorePassword;
- (void)setSSLCertStorePassword :(NSString*)newSSLCertStorePassword;

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

SSLCertStoreType Property (AS1Sender Module)

This is the type of certificate store for this certificate.

Syntax

public var sslCertStoreType: As1senderSSLCertStoreTypes {
  get {...}
  set {...}
}

public enum As1senderSSLCertStoreTypes: Int32 { case cstUser = 0 case cstMachine = 1 case cstPFXFile = 2 case cstPFXBlob = 3 case cstJKSFile = 4 case cstJKSBlob = 5 case cstPEMKeyFile = 6 case cstPEMKeyBlob = 7 case cstPublicKeyFile = 8 case cstPublicKeyBlob = 9 case cstSSHPublicKeyBlob = 10 case cstP7BFile = 11 case cstP7BBlob = 12 case cstSSHPublicKeyFile = 13 case cstPPKFile = 14 case cstPPKBlob = 15 case cstXMLFile = 16 case cstXMLBlob = 17 case cstJWKFile = 18 case cstJWKBlob = 19 case cstSecurityKey = 20 case cstBCFKSFile = 21 case cstBCFKSBlob = 22 case cstAuto = 99 }

@property (nonatomic,readwrite,assign,getter=SSLCertStoreType,setter=setSSLCertStoreType:) int SSLCertStoreType;

- (int)SSLCertStoreType;
- (void)setSSLCertStoreType :(int)newSSLCertStoreType;

Default Value

0

Remarks

This is the type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used the class will automatically determine the type. This property can take one of the following values:

0 (cstUser - default)For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java.
1 (cstMachine)For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java.
2 (cstPFXFile)The certificate store is the name of a PFX (PKCS12) file containing certificates.
3 (cstPFXBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format.
4 (cstJKSFile)The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java.
5 (cstJKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java.
6 (cstPEMKeyFile)The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)The certificate store is the name of a PKCS7 file containing certificates.
12 (cstP7BBlob)The certificate store is a string (binary) representing a certificate store in PKCS7 format.
13 (cstSSHPublicKeyFile)The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)The certificate store is a string that contains a JWK (JSON Web Key).
20 (cstSecurityKey)The certificate is present on a physical security key accessible via a PKCS11 interface.

To use a security key the necessary data must first be collected using the CertMgr class. The ListStoreCertificates method may be called after setting CertStoreType to cstSecurityKey, CertStorePassword to the PIN, and CertStore to the full path of the PKCS11 dll. The certificate information returned in the CertList event's CertEncoded parameter may be saved for later use.

When using a certificate, pass the previously saved security key information as the SSLCertStore and set SSLCertStorePassword to the PIN.

Code Example: SSH Authentication with Security Key certmgr.CertStoreType = CertStoreTypes.cstSecurityKey; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstSecurityKey, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);

21 (cstBCFKSFile)The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: this store type is only available in Java and .NET.
22 (cstBCFKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: this store type is only available in Java and .NET.
99 (cstAuto)The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

SSLCertSubject Property (AS1Sender Module)

This is the subject of the certificate used for client authentication.

Syntax

public var sslCertSubject: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=SSLCertSubject,setter=setSSLCertSubject:) NSString* SSLCertSubject;

- (NSString*)SSLCertSubject;
- (void)setSSLCertSubject :(NSString*)newSSLCertSubject;

Default Value

""

Remarks

This is the subject of the certificate used for client authentication.

This property must be set after all other certificate properites are set. When this property is set, a search is performed in the current certificate store certificate with matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are displayed below.

FieldMeaning
CNCommon Name. This is commonly a host name like www.server.com.
OOrganization
OUOrganizational Unit
LLocality
SState
CCountry
EEmail Address

If a field value contains a comma it must be quoted.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setSSLCertSubject(sslCertSubject: String) throws

SSLProvider Property (AS1Sender Module)

This specifies the SSL/TLS implementation to use.

Syntax

public var sslProvider: As1senderSSLProviders {
  get {...}
  set {...}
}

public enum As1senderSSLProviders: Int32 { case sslpAutomatic = 0 case sslpPlatform = 1 case sslpInternal = 2 }

@property (nonatomic,readwrite,assign,getter=SSLProvider,setter=setSSLProvider:) int SSLProvider;

- (int)SSLProvider;
- (void)setSSLProvider :(int)newSSLProvider;

Default Value

0

Remarks

This property specifies the SSL/TLS implementation to use. In most cases the default value of 0 (Automatic) is recommended and should not be changed. When set to 0 (Automatic) the class will select whether to use the platform implementation or the internal implementation depending on the operating system as well as the TLS version being used.

Possible values are:

0 (sslpAutomatic - default)Automatically selects the appropriate implementation.
1 (sslpPlatform) Uses the platform/system implementation.
2 (sslpInternal) Uses the internal implementation.

Additional Notes

In most cases using the default value (Automatic) is recommended. The class will select a provider depending on the current platform.

When Automatic is selected the platform implementation will be used by default in all cases in the macOS edition.

SSLServerCertEncoded Property (AS1Sender Module)

This is the certificate (PEM/base64 encoded).

Syntax

public var sslServerCertEncoded: String {
  get {...}
}

public var sslServerCertEncodedB: Data { get {...} }

@property (nonatomic,readonly,assign,getter=SSLServerCertEncoded) NSString* SSLServerCertEncoded;

- (NSString*)SSLServerCertEncoded;

@property (nonatomic,readonly,assign,getter=SSLServerCertEncodedB) NSData* SSLServerCertEncodedB;

- (NSData*)SSLServerCertEncodedB;

Default Value

""

Remarks

This is the certificate (PEM/base64 encoded). This property is used to assign a specific certificate. The SSLServerCertStore and SSLServerCertSubject properties also may be used to specify a certificate.

When SSLServerCertEncoded is set, a search is initiated in the current SSLServerCertStore for the private key of the certificate. If the key is found, SSLServerCertSubject is updated to reflect the full subject of the selected certificate; otherwise, SSLServerCertSubject is set to an empty string.

This property is read-only.

If an error occurs when setting this property an error will not be thrown. This property has a related method which will throw an error:

public func setSSLServerCertEncodedB(sslServerCertEncoded: Data) throws
public func setSSLServerCertEncoded(sslServerCertEncoded: String) throws

SSLStartMode Property (AS1Sender Module)

Determines how the module starts the SSL negotiation. By default, SSL will not be used.

Syntax

public var sslStartMode: As1senderSSLStartModes {
  get {...}
  set {...}
}

public enum As1senderSSLStartModes: Int32 { case sslAutomatic = 0 case sslImplicit = 1 case sslExplicit = 2 case sslNone = 3 }

@property (nonatomic,readwrite,assign,getter=SSLStartMode,setter=setSSLStartMode:) int SSLStartMode;

- (int)SSLStartMode;
- (void)setSSLStartMode :(int)newSSLStartMode;

Default Value

3

Remarks

The SSLStartMode property may have one of the following values:

0 (sslAutomatic - default)If the remote port is set to the standard plaintext port of the protocol (where applicable), the class will behave the same as if SSLStartMode is set to sslExplicit. In all other cases, SSL negotiation will be implicit (sslImplicit).
1 (sslImplicit)The SSL negotiation will start immediately after the connection is established.
2 (sslExplicit)The class will first connect in plaintext, and then explicitly start SSL negotiation through a protocol command such as STARTTLS.
3 (sslNone)No SSL negotiation, no SSL security. All communication will be in plaintext mode.

Subject Property (AS1Sender Module)

The subject of the message.

Syntax

public var subject: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=subject,setter=setSubject:) NSString* subject;

- (NSString*)subject;
- (void)setSubject :(NSString*)newSubject;

Default Value

"AS1 Message"

Remarks

The human-readable subject of the outgoing message.

User Property (AS1Sender Module)

The username for your incoming mail server.

Syntax

public var user: String {
  get {...}
  set {...}
}

@property (nonatomic,readwrite,assign,getter=user,setter=setUser:) NSString* user;

- (NSString*)user;
- (void)setUser :(NSString*)newUser;

Default Value

""

Remarks

The username for your incoming mail server. Set this before invoking Connect.

Config Method (AS1Sender Module)

Sets or retrieves a configuration setting.

Syntax

public func config(configurationString: String) throws -> String
- (NSString*)config:(NSString*)configurationString;

Remarks

Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

Connect Method (AS1Sender Module)

Connects to the incoming mail server.

Syntax

public func connect() throws -> Void
- (void)connect;

Remarks

Connects to the incoming mail server specified by MailServer. You must set User and Password prior to calling Connect. The connection will be maintained until you call Disconnect.

If you wish to connect in SSL you should first set the SSLStartMode property. Note that it is not necessary to explicitly connect to an SMTP server for outgoing mail; a connection will be created and destroyed each time a mail is sent.

DeleteMessage Method (AS1Sender Module)

Deletes the message specified by MailMessageNumber .

Syntax

public func deleteMessage() throws -> Void
- (void)deleteMessage;

Remarks

Requests that the MailServer delete the message specified by MailMessageNumber. The message will not actually be deleted until the connection is closed.

Disconnect Method (AS1Sender Module)

Disconnects from the incoming mail server.

Syntax

public func disconnect() throws -> Void
- (void)disconnect;

Remarks

Disconnects from the incoming mail server specified by MailServer.

ProcessQueue Method (AS1Sender Module)

Send the messages queued for sending.

Syntax

public func processQueue(directory: String) throws -> Void
- (void)processQueue:(NSString*)directory;

Remarks

Invoking ProcessQueue sends the messages that have been queued by Queue.

QueryMessageSize Method (AS1Sender Module)

Returns the size in bytes of the current message.

Syntax

public func queryMessageSize() throws -> Int32
- (int)queryMessageSize;

Remarks

This method queries the server for the size in bytes of the message specified by MailMessageNumber. The method returns the size (in bytes) of the message.

QueryMessageUID Method (AS1Sender Module)

Returns the unique identifier of the message as specified by the server.

Syntax

public func queryMessageUID() throws -> String
- (NSString*)queryMessageUID;

Remarks

This method returns the unique identifier of the message specified by MailMessageNumber.

Queue Method (AS1Sender Module)

Prepares and queues the message to the specified directory.

Syntax

public func queue(directory: String) throws -> Void
- (void)queue:(NSString*)directory;

Remarks

Invoking Queue will prepare and queue the AS1 message. It will be signed if SigningCert is set, encrypted if RecipientCert is set, and compressed if CompressionFormat is set. A receipt will be requested if MDNTo is set. The queued message can then be sent by invoking ProcessQueue.

ReadReceipt Method (AS1Sender Module)

Reads and parses (but does not verify) an MDN receipt.

Syntax

public func readReceipt() throws -> Void
- (void)readReceipt;

Remarks

ReadReceipt will retrieve the file specified by MailMessageNumber from the mail server, store it in MDNReceipt and attempt to parse it as an MDN receipt. If the file is a valid MDN receipt, the class will determine the originator of the receipt and the MessageId of the original message. The originator of the receipt (your trading partner) will be stored in SendTo, the intended recipient (presumably your system) will be stored in From, and the original message Id will be stored in MessageId.

If you are not currently connected to a mail server, the class will process the receipt specified by MDNReceipt.

You should then look up the original message and set OriginalContentMIC to the value of OriginalContentMIC originally computed when the message was sent (you will need to save this information externally). You should also set ReceiptSignerCert based on the value of SendTo if necessary. Also, set MDNOptions to the value used when making the original request.

Finally, VerifyReceipt should be used to verify the receipt.

Reset Method (AS1Sender Module)

Resets the state of the control.

Syntax

public func reset() throws -> Void
- (void)reset;

Remarks

Reset resets the state of the class. All properties will be set to their default values.

SelectMailMessage Method (AS1Sender Module)

Selects and obtains information about the specified message.

Syntax

public func selectMailMessage() throws -> Void
- (void)selectMailMessage;

Remarks

This method selects the message specified by MailMessageNumber and retrieves information about it.

After calling this method properties such as MailMessageHeaders, MailMessageDate, MailMessageFrom, etc. will be populated and allow you to determine if this message is an AS1 message. Additional properties are exposed via the Config method.

If this message is an AS1 receipt (MDN), use ReadReceipt to read it. The MDNReceipt will then be populated with the receipt, and SendTo will be populated with the email address of the originator. (From and SendTo correspond to the originator and recipient of the original AS1 transmission.) You may then set trading partner information and invoke VerifyReceipt to verify the receipt.

Send Method (AS1Sender Module)

Prepares and sends the AS1 message.

Syntax

public func send() throws -> Void
- (void)send;

Remarks

Invoking Send will prepare and send the AS1 message. It will be signed if SigningCert is set, encrypted if RecipientCert is set, and compressed if CompressionFormat is set. A receipt will be requested if MDNTo is set.

You should set MailServer prior to sending.

SetRequestHeader Method (AS1Sender Module)

Allows the user to set or add arbitrary HTTP request headers.

Syntax

public func setRequestHeader(headerName: String, headerValue: String) throws -> Void
- (void)setRequestHeader:(NSString*)headerName :(NSString*)headerValue;

Remarks

HeaderName should contain the header name, and HeaderValue should contain its value. Use this to set headers such as To, Date, etc. Note that a default value for Date will automatically be determined and this method may be used to override the default.

SetRequestHeader may be used to set any header except for the following: AS2-To, AS2-From, AS2-Version, Subject, Message-Id, Disposition-Notification-To, Disposition-Notification-Options, Receipt-Delivery-Option, Host, Content-Length.

VerifyReceipt Method (AS1Sender Module)

Verifies an MDN receipt.

Syntax

public func verifyReceipt() throws -> Void
- (void)verifyReceipt;

Remarks

VerifyReceipt verifies the receipt in MDNReceipt against the values of OriginalContentMIC and MessageId and the preferences specified in MDNOptions. The method operates similarly to Post: After the method finishes, the MDNReceipt, ReceiptSigningProtocol, and ReceiptSignerCert properties will be populated with the appropriate values.

The method operates synchronously, and will throw an exception if any errors or warnings occur. Errors might include a failure to decrypt or authenticate the receipt, the absence of an MDN when one was requested, TCP/IP errors, or any errors reported by the server in the MDN. Warnings might include the return of an unsigned receipt when a signed receipt was requested, or other warnings reported by the server in the MDN.

If an exception is thrown the error code will correspond to the severity of the warning or error, allowing client software to determine whether or not to accept the reply. If multiple errors occur, the exception will return a special error code, and the error message will contain a line for each error's code and description; i.e. "423: Failed to authenticate sender". If the error(s) is/are not fatal processing will not be interrupted, and the relevant properties will be populated as normal.

You should first invoke ReadReceipt when it is not known which message the receipt is in response to. This will allow you to determine the original MessageId and originator of the receipt before trying to verify it.

ConnectionStatus Event (AS1Sender Module)

This event is fired to indicate changes in the connection state.

Syntax

func onConnectionStatus(connectionEvent: String, statusCode: Int32, description: String)
- (void)onConnectionStatus:(NSString*)connectionEvent :(int)statusCode :(NSString*)description;

Remarks

The ConnectionStatus event is fired when the connection state changes: for example, completion of a firewall or proxy connection or completion of a security handshake.

The ConnectionEvent parameter indicates the type of connection event. Values may include the following:

Firewall connection complete.
Secure Sockets Layer (SSL) or S/Shell handshake complete (where applicable).
Remote host connection complete.
Remote host disconnected.
SSL or S/Shell connection broken.
Firewall host disconnected.

StatusCode has the error code returned by the Transmission Control Protocol (TCP)/IP stack. Description contains a description of this code. The value of StatusCode is equal to the value of the error.

EndTransfer Event (AS1Sender Module)

Fired when the message text completes transferring.

Syntax

func onEndTransfer()
- (void)onEndTransfer;

Remarks

Fired when the message text completes transferring (on either a send or receive).

Error Event (AS1Sender Module)

Information about errors during data delivery.

Syntax

func onError(errorCode: Int32, description: String)
- (void)onError:(int)errorCode :(NSString*)description;

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the class .

ErrorCode contains an error code and Description contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

Header Event (AS1Sender Module)

This event is fired for every message header being retrieved.

Syntax

func onHeader(field: String, value: String)
- (void)onHeader:(NSString*)field :(NSString*)value;

Remarks

The Field parameter contains the name of the header (in the same case as it is delivered). The Value parameter contains the header contents.

If the header line being retrieved is a continuation header line, then the Field parameter contains "" (empty string).

Log Event (AS1Sender Module)

Fired with log information while processing a message.

Syntax

func onLog(logType: String, logMessage: Data)
- (void)onLog:(NSString*)logType :(NSData*)logMessage;

Remarks

This event fires once for each log message generated by the class. The verbosity is controlled by the LogLevel setting.

Log messages available through this event correspond to log files written to LogDirectory. This event provides a way to obtain log messages without relying on files on disk. This event fires regardless of the value of LogDirectory (i.e. when LogDirectory is empty the event will still fire).

The LogMessage event parameter holds the raw log data.

The LogType event parameter indicates the type of log. Possible values are:

"LOG" Information about the status of the process.
"ERR" An error was encountered.
"DAT" The EDI payload.
"REQ" The raw request
"MDN" The MDN response.
"DEBUG" Debug information.
"DAT.INPUT" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.ENCRYPT" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.COMPRESS" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.SIGN" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.DECRYPT" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.DECOMPRESS" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.VERIFY" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.DEBUG" Debug information when processing payload. Only applicable when LogDebug is True.

PITrail Event (AS1Sender Module)

Traces the commands sent to the mail server, and the respective replies.

Syntax

func onPITrail(direction: Int32, message: String)
- (void)onPITrail:(int)direction :(NSString*)message;

Remarks

The PITrail event is useful for debugging purposes. It shows all the interaction between the client and the server, line by line, except for message header and body transfers.

The Message parameter contains the full text of the message. The Direction parameter shows the originator of the message:

0 (Client)The Message originates from the client.
1 (Server)The Message originates from the server.
2 (Info)The Message is an informative message originating from the client software (the class code).

SSLServerAuthentication Event (AS1Sender Module)

Fired after the server presents its certificate to the client.

Syntax

func onSSLServerAuthentication(certEncoded: Data, certSubject: String, certIssuer: String, status: String, accept: inout Bool)
- (void)onSSLServerAuthentication:(NSData*)certEncoded :(NSString*)certSubject :(NSString*)certIssuer :(NSString*)status :(int*)accept;

Remarks

This event is where the client can decide whether to continue with the connection process or not. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK"). If it is decided to continue, you can override and accept the certificate by setting the Accept parameter to True.

SSLStatus Event (AS1Sender Module)

Shows the progress of the secure connection.

Syntax

func onSSLStatus(message: String)
- (void)onSSLStatus:(NSString*)message;

Remarks

The event is fired for informational and logging purposes only. Used to track the progress of the connection.

StartTransfer Event (AS1Sender Module)

Fired when the message text starts transferring (on either a send or receive).

Syntax

func onStartTransfer()
- (void)onStartTransfer;

Remarks

Fired when the message text starts transferring (on either a send or receive).

Transfer Event (AS1Sender Module)

Fired while the message text gets transferred to or from MailServer .

Syntax

func onTransfer(bytesTransferred: Int64)
- (void)onTransfer:(long long)bytesTransferred;

Remarks

Fired while the message text gets transferred to or from MailServer.

EDIAttachment Type

This describes the file being attached.

Remarks

Information about the file's location that is being attached to the message is contained here.

Fields

contentType
String

The MIME content-type of this EDIAttachment.

dataB
Data

This property contains the attachment data.

In a receiver, the class decodes the attachment to the property when 's value is first queried. This property will contain the full decrypted text of the attachment.

data
String

This property contains the attachment data.

In a receiver, the class decodes the attachment to the property when 's value is first queried. This property will contain the full decrypted text of the attachment.

filename
String

The file name of the attachment. If IncomingDirectory has been specified, the attachment will be written to the specified directory and the name will be provided by this property. Otherwise, this will contain the name of the attachment as described in the .

headers
String

The class fills out each time any of the other properties for that EDIAttachment are changed. If additional headers are needed they should be appended after all the other propertys for that EDIAttachment are set.

name
String

is the final name to be associated with the contents of either the or properties. This corresponds to the filename attribute of the Content-Disposition header for this attachment.

Constructors

public init()
public init(filename: )
public init(filename: , contentType: )
public init(filename: , contentType: , headers: )

EDIData Type

The EDI payload of the AS2 message.

Remarks

The EDI payload of the AS2 message.

Fields

dataB
Data

This property contains the EDI payload of the transmission.

In a receiver, this property will only be populated if IncomingDirectory and have not been specified and ParseRequest finishes without an error, setting ScanResult to 0. If so, Data will contain the full decrypted text of the EDI message.

data
String

This property contains the EDI payload of the transmission.

In a receiver, this property will only be populated if IncomingDirectory and have not been specified and ParseRequest finishes without an error, setting ScanResult to 0. If so, Data will contain the full decrypted text of the EDI message.

ediType
String

The Content-Type of the EDI message. Sample values might be "application/edi-x12", "application/edifact" or "application/xml".

filename
String

In a sender, if is specified, the file specified will be used for the EDI payload of the transmission. will be populated with the name of the file.

In a receiver, when IncomingDirectory is set, this will be populated with the absolute path of the file which contains the processed message contents.

Note: When is set, the data will be written to the stream and this property will not be populated.

name
String

is the final name to be associated with the contents of either the or properties. This corresponds to the filename attribute of the Content-Disposition header for the EDI payload.

When constructing EDI data to be sent, will be set to the same value as , but can be overridden after setting to indicate that another name should be used in the outbound request's Content-Disposition MIME header.

When receiving EDI data, will be read out of the "filename" attribute of the inbound request's Content-Disposition MIME header.

Constructors

public init()
public init(data: , eDIType: )
public init(filename: , eDIType: )

Firewall Type

This is the firewall the component will connect through.

Remarks

When connecting through a firewall, this type is used to specify different properties of the firewall, such as the firewall and the .

Fields

autoDetect
Bool

This property tells the class whether or not to automatically detect and use firewall system settings, if available.

firewallType
FirewallTypes

This property determines the type of firewall to connect through. The applicable values are as follows:

fwNone (0)No firewall (default setting).
fwTunnel (1)Connect through a tunneling proxy. is set to 80.
fwSOCKS4 (2)Connect through a SOCKS4 Proxy. is set to 1080.
fwSOCKS5 (3)Connect through a SOCKS5 Proxy. is set to 1080.
fwSOCKS4A (10)Connect through a SOCKS4A Proxy. is set to 1080.

host
String

This property contains the name or IP address of firewall (optional). If a is given, the requested connections will be authenticated through the specified firewall when connecting.

If this property is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this property is set to the corresponding address. If the search is not successful, the class .

password
String

This property contains a password if authentication is to be used when connecting through the firewall. If is specified, the and properties are used to connect and authenticate to the given firewall. If the authentication fails, the class .

port
Int32

This property contains the transmission control protocol (TCP) port for the firewall . See the description of the property for details.

Note: This property is set automatically when is set to a valid value. See the description of the property for details.

user
String

This property contains a user name if authentication is to be used connecting through a firewall. If the is specified, this property and properties are used to connect and authenticate to the given Firewall. If the authentication fails, the class .

Constructors

public init()

MDNReceipt Type

The complete MDN Receipt returned by the receiver.

Remarks

The complete MDN Receipt contains the Message Disposition Notification (MDN) and an optional signature.

Fields

contentB
Data

This contains the entire content of the MDN Receipt. This is a multipart/report entity consisting of a machine readable (Message Disposition Notification) and a human readable , which itself may be embedded in a multipart/signed entity if requested by the AS2 sender.

content
String

This contains the entire content of the MDN Receipt. This is a multipart/report entity consisting of a machine readable (Message Disposition Notification) and a human readable , which itself may be embedded in a multipart/signed entity if requested by the AS2 sender.

headerCount
Int32

The number of headers in the MDN.

headerField
String

The field name of the MDN header currently selected by .

headerIndex
Int32

Which MDN header is currently selected to populate and .

Valid values are 0 to - 1.

headers
String

Headers contains all of the headers of the AS2 MDN Receipt as a single string. This will include headers such as AS2-From, AS2-To, Date, Content-Type, etc. In an AS2Sender, these will also contain the transport headers of the MDN Receipt (HTTP or SMTP headers, depending on the delivery option).

You can also use , , , and to easily iterate through each individual header.

headerValue
String

The value of the MDN header currently selected by .

mdn
String

MDN will contain the entire machine readable text of the Message Disposition Notification in the receipt. It will report either success or failure depending on the processing status of the receiver. In either case, it will be RFC-compliant.

message
String

The human-readable portion of the MDN receipt.

The human-readable portion of the MDN receipt that indicates the status of the message processing. This can be used to provide the user with a helpful message in the event that an error is encountered.

micValue
String

The Message Integrity Check(s) (one-way hash) of the original EDI message.

An MDN Receipt contains a MIC calculated over the EDI message that the receipt is in response to, to be matched on the sender side against a saved value for the original request to ensure that the integrity of the data that the receiver reports is preserved. When a signed receipt is requested, the MIC is be calculated using the algorithm used on the incoming message's signature, or SHA-1 if the incoming message is not signed.

The MIC will be base64 encoded and reported with the algorithm name as specified in RFC 3335; e.g., "w7AguNJEmhF/qIjJw6LnnA==, md5".

signingProtocol
String

This property contains the MIME type of the signature used, if any (i.e., "application/pkcs7-signature"), to create this MDNReceipt. It will contain an empty string if the receipt is unsigned.

Constructors

public init()
public init(headers: , content: )

Config Settings (AS1Sender Module)

The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

AS1 Config Settings

LogFilename:   The base name of the log file.

If set, this will be used as for the filename of the log file.

Note that only the base name should be specified as the component will append the appropriate file extension.

POPPort:   The POP mail port to be used, if different than MailServer.

The mail port to be used for POP (or POP/S). For implicit SSL, use port 995.

POPServer:   The POP server to be used, if different than MailServer.

The mail server to be used for POP (or POP/S), in case different than MailServer.

SMTPAuthMechanism:   The authentication mechanism used to connect to the SMTP server.

By default, SMTPAuthMechanism is set to 0, which sends the AUTH command is SMTPUser and SMTPPassword are set. SMTPAuthMechanism can be set to 1 to use the more secure CRAM-MD5 authentication command.

SMTPPassword:   The password used for authentication.

If SMTPPassword is set to a non empty string, then when connecting to the SMTPServer an AUTH or CRAM-MD5 (depending on SMTPAuthMechanism) command is sent for user authentication.

SMTPPort:   The SMTP mail port to be used, if different than MailServer.

The mail port to be used for SMTP (or POP/S). For implicit SSL, use port 465.

SMTPServer:   The SMTP server to be used, if different than MailServer.

The mail server to be used for SMTP (or SMTP/S), in case different than MailServer.

SMTPSSLStartMode:   Determines how SSL negotiation starts with the SMTP server.

0 ssl Automatic 1 ssl Implicit 2 ssl Explicit 3 ssl None Default These modes have the same interpretation as defined by the property SSLStartMode.

SMTPUser:   The user name used for authentication.

If SMTPUser is set to a non empty string, then when connecting to the SMTPServer an AUTH or CRAM-MD5 (depending on SMTPAuthMechanism) command is sent for user authentication.

SSL Config Settings

LogSSLPackets:   Controls whether SSL packets are logged when using the internal security API.

When SSLProvider is set to Internal, this setting controls whether SSL packets should be logged. By default, this setting is False, as it is only useful for debugging purposes.

When enabled, SSL packet logs are output using the SSLStatus event, which will fire each time an SSL packet is sent or received.

Enabling this setting has no effect if SSLProvider is set to Platform.

OpenSSLCADir:   The path to a directory containing CA certificates.

This functionality is available only when the provider is OpenSSL.

The path set by this property should point to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must hence be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). OpenSSL recommends to use the c_rehash utility to create the necessary links. Please refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.

OpenSSLCAFile:   Name of the file containing the list of CA's trusted by your application.

This functionality is available only when the provider is OpenSSL.

The file set by this property should contain a list of CA certificates in PEM format. The file can contain several CA certificates identified by

-----BEGIN CERTIFICATE-----

... (CA certificate in base64 encoding) ...

-----END CERTIFICATE-----

sequences. Before, between, and after the certificates text is allowed which can be used e.g. for descriptions of the certificates. Please refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.

OpenSSLCipherList:   A string that controls the ciphers to be used by SSL.

This functionality is available only when the provider is OpenSSL.

The format of this string is described in the OpenSSL man page ciphers(1) section "CIPHER LIST FORMAT". Please refer to it for details. The default string "DEFAULT" is determined at compile time and is normally equivalent to "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH".

OpenSSLPrngSeedData:   The data to seed the pseudo random number generator (PRNG).

This functionality is available only when the provider is OpenSSL.

By default OpenSSL uses the device file "/dev/urandom" to seed the PRNG and setting OpenSSLPrngSeedData is not required. If set, the string specified is used to seed the PRNG.

ReuseSSLSession:   Determines if the SSL session is reused.

If set to true, the class will reuse the context if and only if the following criteria are met:

  • The target host name is the same.
  • The system cache entry has not expired (default timeout is 10 hours).
  • The application process that calls the function is the same.
  • The logon session is the same.
  • The instance of the class is the same.

SSLCACerts:   A newline separated list of CA certificate to use during SSL client authentication.

This setting specifies one or more CA certificates to be included in the request when performing SSL client authentication. Some servers require the entire chain, including CA certificates, to be presented when performing SSL client authentication. The value of this setting is a newline (CrLf) separated list of certificates. For instance:

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
..
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

SSLCheckCRL:   Whether to check the Certificate Revocation List for the server certificate.

This setting specifies whether the class will check the Certificate Revocation List specified by the server certificate. If set to 1 or 2, the class will first obtain the list of CRL URLs from the server certificate's CRL distribution points extension. The class will then make HTTP requests to each CRL endpoint to check the validity of the server's certificate. If the certificate has been revoked or any other issues are found during validation the class .

When set to 0 (default) the CRL check will not be performed by the class. When set to 1, it will attempt to perform the CRL check, but will continue without an error if the server's certificate does not support CRL. When set to 2, it will perform the CRL check and will throw an error if CRL is not supported.

This configuration setting is only supported in the Java, C#, and C++ editions. In the C++ edition, it is only supported on Windows operating systems.

SSLCheckOCSP:   Whether to use OCSP to check the status of the server certificate.

This setting specifies whether the class will use OCSP to check the validity of the server certificate. If set to 1 or 2, the class will first obtain the OCSP URL from the server certificate's OCSP extension. The class will then locate the issuing certificate and make an HTTP request to the OCSP endpoint to check the validity of the server's certificate. If the certificate has been revoked or any other issues are found during validation the class .

When set to 0 (default) the class will not perform an OCSP check. When set to 1, it will attempt to perform the OCSP check, but will continue without an error if the server's certificate does not support OCSP. When set to 2, it will perform the OCSP check and will throw an error if OCSP is not supported.

This configuration setting is only supported in the Java, C#, and C++ editions. In the C++ edition, it is only supported on Windows operating systems.

SSLCipherStrength:   The minimum cipher strength used for bulk encryption.

This minimum cipher strength largely dependent on the security modules installed on the system. If the cipher strength specified is not supported, an error will be returned when connections are initiated.

Please note that this setting contains the minimum cipher strength requested from the security library. The actual cipher strength used for the connection is shown by the SSLStatus event.

Use this setting with caution. Requesting a lower cipher strength than necessary could potentially cause serious security vulnerabilities in your application.

When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the OpenSSLCipherList config setting.

SSLEnabledCipherSuites:   The cipher suite to be used in an SSL negotiation.

The enabled cipher suites to be used in SSL negotiation.

By default, the enabled cipher suites will include all available ciphers ("*").

The special value "*" means that the class will pick all of the supported cipher suites. If SSLEnabledCipherSuites is set to any other value, only the specified cipher suites will be considered.

Multiple cipher suites are separated by semicolons.

Example values when SSLProvider is set to Platform: obj.config("SSLEnabledCipherSuites=*"); obj.config("SSLEnabledCipherSuites=CALG_AES_256"); obj.config("SSLEnabledCipherSuites=CALG_AES_256;CALG_3DES"); Possible values when SSLProvider is set to Platform include:

  • CALG_3DES
  • CALG_3DES_112
  • CALG_AES
  • CALG_AES_128
  • CALG_AES_192
  • CALG_AES_256
  • CALG_AGREEDKEY_ANY
  • CALG_CYLINK_MEK
  • CALG_DES
  • CALG_DESX
  • CALG_DH_EPHEM
  • CALG_DH_SF
  • CALG_DSS_SIGN
  • CALG_ECDH
  • CALG_ECDH_EPHEM
  • CALG_ECDSA
  • CALG_ECMQV
  • CALG_HASH_REPLACE_OWF
  • CALG_HUGHES_MD5
  • CALG_HMAC
  • CALG_KEA_KEYX
  • CALG_MAC
  • CALG_MD2
  • CALG_MD4
  • CALG_MD5
  • CALG_NO_SIGN
  • CALG_OID_INFO_CNG_ONLY
  • CALG_OID_INFO_PARAMETERS
  • CALG_PCT1_MASTER
  • CALG_RC2
  • CALG_RC4
  • CALG_RC5
  • CALG_RSA_KEYX
  • CALG_RSA_SIGN
  • CALG_SCHANNEL_ENC_KEY
  • CALG_SCHANNEL_MAC_KEY
  • CALG_SCHANNEL_MASTER_HASH
  • CALG_SEAL
  • CALG_SHA
  • CALG_SHA1
  • CALG_SHA_256
  • CALG_SHA_384
  • CALG_SHA_512
  • CALG_SKIPJACK
  • CALG_SSL2_MASTER
  • CALG_SSL3_MASTER
  • CALG_SSL3_SHAMD5
  • CALG_TEK
  • CALG_TLS1_MASTER
  • CALG_TLS1PRF
Example values when SSLProvider is set to Internal: obj.config("SSLEnabledCipherSuites=*"); obj.config("SSLEnabledCipherSuites=TLS_DHE_DSS_WITH_AES_128_CBC_SHA"); obj.config("SSLEnabledCipherSuites=TLS_DHE_DSS_WITH_AES_128_CBC_SHA;TLS_DH_ANON_WITH_AES_128_CBC_SHA"); Possible values when SSLProvider is set to Internal include:
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
  • TLS_DH_RSA_WITH_AES_128_GCM_SHA256 (Not Recommended)
  • TLS_DH_RSA_WITH_AES_256_GCM_SHA384 (Not Recommended)
  • TLS_DH_DSS_WITH_AES_128_GCM_SHA256 (Not Recommended)
  • TLS_DH_DSS_WITH_AES_256_GCM_SHA384 (Not Recommended)
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
  • TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
  • TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
  • TLS_DHE_DSS_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_DSS_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
  • TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_RSA_WITH_DES_CBC_SHA
  • TLS_DHE_RSA_WITH_DES_CBC_SHA
  • TLS_DHE_DSS_WITH_DES_CBC_SHA
  • TLS_RSA_WITH_RC4_128_MD5
  • TLS_RSA_WITH_RC4_128_SHA

When TLS 1.3 is negotiated (see SSLEnabledProtocols) only the following cipher suites are supported:

  • TLS_AES_256_GCM_SHA384
  • TLS_CHACHA20_POLY1305_SHA256
  • TLS_AES_128_GCM_SHA256

SSLEnabledCipherSuites is used together with SSLCipherStrength.

SSLEnabledProtocols:   Used to enable/disable the supported security protocols.

Used to enable/disable the supported security protocols.

Not all supported protocols are enabled by default (the value of this setting is 4032). If you want more granular control over the enabled protocols, you can set this property to the binary 'OR' of one or more of the following values:

TLS1.312288 (Hex 3000)
TLS1.23072 (Hex C00) (Default)
TLS1.1768 (Hex 300) (Default)
TLS1 192 (Hex C0) (Default)
SSL3 48 (Hex 30)
SSL2 12 (Hex 0C)

SSLEnabledProtocols - TLS 1.3 Notes

By default when TLS 1.3 is enabled the class will use the internal TLS implementation when the SSLProvider is set to Automatic for all editions.

In editions which are designed to run on Windows SSLProvider can be set to Platform to use the platform implementation instead of the internal implementation. When configured in this manner, please note that the platform provider is only supported on Windows 11 / Windows Server 2022 and up. The default internal provider is available on all platforms and is not restricted to any specific OS version.

If set to 1 (Platform provider) please be aware of the following notes:

  • The platform provider is only available on Windows 11 / Windows Server 2022 and up.
  • SSLEnabledCipherSuites and other similar SSL configuration settings are not supported.
  • If SSLEnabledProtocols includes both TLS 1.3 and TLS 1.2 the above restrictions are still applicable even if TLS 1.2 is negotiated. Enabling TLS 1.3 with the platform provider changes the implementation used for all TLS versions.

SSLEnableRenegotiation:   Whether the renegotiation_info SSL extension is supported.

This setting specifies whether the renegotiation_info SSL extension will be used in the request when using the internal security API. This setting is by default, but can be set to to disable the extension.

This setting is only applicable when SSLProvider is set to Internal.

SSLIncludeCertChain:   Whether the entire certificate chain is included in the SSLServerAuthentication event.

This setting specifies whether the Encoded parameter of the SSLServerAuthentication event contains the full certificate chain. By default this value is False and only the leaf certificate will be present in the Encoded parameter of the SSLServerAuthentication event.

If set to True all certificates returned by the server will be present in the Encoded parameter of the SSLServerAuthentication event. This includes the leaf certificate, any intermediate certificate, and the root certificate.

SSLKeyLogFile:   The location of a file where per-session secrets are written for debugging purposes.

This setting optionally specifies the full path to a file on disk where per-session secrets are stored for debugging purposes.

When set, the class will save the session secrets in the same format as the SSLKEYLOGFILE environment variable functionality used by most major browsers and tools such as Chrome, Firefox, and cURL. This file can then be used in tools such as Wireshark to decrypt TLS traffice for debugging purposes. When writing to this file the class will only append, it will not overwrite previous values.

Note: This setting is only applicable when SSLProvider is set to Internal.

SSLNegotiatedCipher:   Returns the negotiated ciphersuite.

Returns the ciphersuite negotiated during the SSL handshake.

Note: For server components (e.g. TCPServer) this is a per-connection setting accessed by passing the ConnectionId. For example: server.Config("SSLNegotiatedCipher[connId]");

SSLNegotiatedCipherStrength:   Returns the negotiated ciphersuite strength.

Returns the strength of the ciphersuite negotiated during the SSL handshake.

Note: For server components (e.g.TCPServer) this is a per-connection setting accessed by passing the ConnectionId. For example: server.Config("SSLNegotiatedCipherStrength[connId]");

SSLNegotiatedCipherSuite:   Returns the negotiated ciphersuite.

Returns the ciphersuite negotiated during the SSL handshake represented as a single string.

Note: For server components (e.g. TCPServer) this is a per-connection setting accessed by passing the ConnectionId. For example: server.Config("SSLNegotiatedCipherSuite[connId]");

SSLNegotiatedKeyExchange:   Returns the negotiated key exchange algorithm.

Returns the key exchange algorithm negotiated during the SSL handshake.

Note: For server components (e.g. TCPServer) this is a per-connection setting accessed by passing the ConnectionId. For example: server.Config("SSLNegotiatedKeyExchange[connId]");

SSLNegotiatedKeyExchangeStrength:   Returns the negotiated key exchange algorithm strength.

Returns the strenghth of the key exchange algorithm negotiated during the SSL handshake.

Note: For server components (e.g. TCPServer) this is a per-connection setting accessed by passing the ConnectionId. For example: server.Config("SSLNegotiatedKeyExchangeStrength[connId]");

SSLNegotiatedVersion:   Returns the negotiated protocol version.

Returns the protocol version negotiated during the SSL handshake.

Note: For server components (e.g. TCPServer) this is a per-connection setting accessed by passing the ConnectionId. For example: server.Config("SSLNegotiatedVersion[connId]");

SSLSecurityFlags:   Flags that control certificate verification.

The following flags are defined (specified in hexadecimal notation). They can be or-ed together to exclude multiple conditions:

0x00000001Ignore time validity status of certificate.
0x00000002Ignore time validity status of CTL.
0x00000004Ignore non-nested certificate times.
0x00000010Allow unknown Certificate Authority.
0x00000020Ignore wrong certificate usage.
0x00000100Ignore unknown certificate revocation status.
0x00000200Ignore unknown CTL signer revocation status.
0x00000400Ignore unknown Certificate Authority revocation status.
0x00000800Ignore unknown Root revocation status.
0x00008000Allow test Root certificate.
0x00004000Trust test Root certificate.
0x80000000Ignore non-matching CN (certificate CN not-matching server name).

This functionality is currently not available when the provider is OpenSSL.

SSLServerCACerts:   A newline separated list of CA certificate to use during SSL server certificate validation.

This setting optionally specifies one or more CA certificates to be used when verifying the server certificate. When verifying the server's certificate the certificates trusted by the system will be used as part of the verification process. If the server's CA certificates are not installed to the trusted system store, they may be specified here so they are included when performing the verification process. This setting should only be set if the server's CA certificates are not already trusted on the system and cannot be installed to the trusted system store.

The value of this setting is a newline (CrLf) separated list of certificates. For instance:

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
..
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

TLS12SignatureAlgorithms:   Defines the allowed TLS 1.2 signature algorithms when SSLProvider is set to Internal.

This setting specifies the allowed server certificate signature algorithms when SSLProvider is set to Internal and SSLEnabledProtocols is set to allow TLS 1.2.

When specified the class will verify that the server certificate signature algorithm is among the values specified in this setting. If the server certificate signature algorithm is unsupported the class .

The format of this value is a comma separated list of hash-signature combinations. For instance: TCPClient.SSLProvider = TCPClientSSLProviders.sslpInternal; TCPClient.Config("SSLEnabledProtocols=3072"); //TLS 1.2 TCPClient.Config("TLS12SignatureAlgorithms=sha256-rsa,sha256-dsa,sha1-rsa,sha1-dsa"); The default value for this setting is sha512-ecdsa,sha512-rsa,sha512-dsa,sha384-ecdsa,sha384-rsa,sha384-dsa,sha256-ecdsa,sha256-rsa,sha256-dsa,sha224-ecdsa,sha224-rsa,sha224-dsa,sha1-ecdsa,sha1-rsa,sha1-dsa.

In order to not restrict the server's certificate signature algorithm, specify an empty string as the value for this setting, which will cause the signature_algorithms TLS 1.2 extension to not be sent.

TLS12SupportedGroups:   The supported groups for ECC.

This setting specifies a comma separated list of named groups used in TLS 1.2 for ECC.

The default value is ecdhe_secp256r1,ecdhe_secp384r1,ecdhe_secp521r1.

When using TLS 1.2 and SSLProvider is set to Internal, the values refer to the supported groups for ECC. The following values are supported:

  • "ecdhe_secp256r1" (default)
  • "ecdhe_secp384r1" (default)
  • "ecdhe_secp521r1" (default)

TLS13KeyShareGroups:   The groups for which to pregenerate key shares.

This setting specifies a comma separated list of named groups used in TLS 1.3 for key exchange. The groups specified here will have key share data pregenerated locally before establishing a connection. This can prevent an additional round trip during the handshake if the group is supported by the server.

The default value is set to balance common supported groups and the computational resources required to generate key shares. As a result only some groups are included by default in this setting.

Note: All supported groups can always be used during the handshake even if not listed here, but if a group is used which is not present in this list it will incur an additional round trip and time to generate the key share for that group.

In most cases this setting does not need to be modified. This should only be modified if there is a specific reason to do so.

The default value is ecdhe_x25519,ecdhe_secp256r1,ecdhe_secp384r1,ffdhe_2048,ffdhe_3072

The values are ordered from most preferred to least preferred. The following values are supported:

  • "ecdhe_x25519" (default)
  • "ecdhe_x448"
  • "ecdhe_secp256r1" (default)
  • "ecdhe_secp384r1" (default)
  • "ecdhe_secp521r1"
  • "ffdhe_2048" (default)
  • "ffdhe_3072" (default)
  • "ffdhe_4096"
  • "ffdhe_6144"
  • "ffdhe_8192"

TLS13SignatureAlgorithms:   The allowed certificate signature algorithms.

This setting holds a comma separated list of allowed signature algorithms. Possible values are:

  • "ed25519" (default)
  • "ed448" (default)
  • "ecdsa_secp256r1_sha256" (default)
  • "ecdsa_secp384r1_sha384" (default)
  • "ecdsa_secp521r1_sha512" (default)
  • "rsa_pkcs1_sha256" (default)
  • "rsa_pkcs1_sha384" (default)
  • "rsa_pkcs1_sha512" (default)
  • "rsa_pss_sha256" (default)
  • "rsa_pss_sha384" (default)
  • "rsa_pss_sha512" (default)
The default value is rsa_pss_sha256,rsa_pss_sha384,rsa_pss_sha512,rsa_pkcs1_sha256,rsa_pkcs1_sha384,rsa_pkcs1_sha512,ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384,ecdsa_secp521r1_sha512,ed25519,ed448. This setting is only applicable when SSLEnabledProtocols includes TLS 1.3.
TLS13SupportedGroups:   The supported groups for (EC)DHE key exchange.

This setting specifies a comma separated list of named groups used in TLS 1.3 for key exchange. This setting should only be modified if there is a specific reason to do so.

The default value is ecdhe_x25519,ecdhe_x448,ecdhe_secp256r1,ecdhe_secp384r1,ecdhe_secp521r1,ffdhe_2048,ffdhe_3072,ffdhe_4096,ffdhe_6144,ffdhe_8192

The values are ordered from most preferred to least preferred. The following values are supported:

  • "ecdhe_x25519" (default)
  • "ecdhe_x448" (default)
  • "ecdhe_secp256r1" (default)
  • "ecdhe_secp384r1" (default)
  • "ecdhe_secp521r1" (default)
  • "ffdhe_2048" (default)
  • "ffdhe_3072" (default)
  • "ffdhe_4096" (default)
  • "ffdhe_6144" (default)
  • "ffdhe_8192" (default)

Base Config Settings

BuildInfo:   Information about the product's build.

When queried, this setting will return a string containing information about the product's build.

CodePage:   The system code page used for Unicode to Multibyte translations.

The default code page is Unicode UTF-8 (65001).

The following is a list of valid code page identifiers:

IdentifierName
037IBM EBCDIC - U.S./Canada
437OEM - United States
500IBM EBCDIC - International
708Arabic - ASMO 708
709Arabic - ASMO 449+, BCON V4
710Arabic - Transparent Arabic
720Arabic - Transparent ASMO
737OEM - Greek (formerly 437G)
775OEM - Baltic
850OEM - Multilingual Latin I
852OEM - Latin II
855OEM - Cyrillic (primarily Russian)
857OEM - Turkish
858OEM - Multilingual Latin I + Euro symbol
860OEM - Portuguese
861OEM - Icelandic
862OEM - Hebrew
863OEM - Canadian-French
864OEM - Arabic
865OEM - Nordic
866OEM - Russian
869OEM - Modern Greek
870IBM EBCDIC - Multilingual/ROECE (Latin-2)
874ANSI/OEM - Thai (same as 28605, ISO 8859-15)
875IBM EBCDIC - Modern Greek
932ANSI/OEM - Japanese, Shift-JIS
936ANSI/OEM - Simplified Chinese (PRC, Singapore)
949ANSI/OEM - Korean (Unified Hangul Code)
950ANSI/OEM - Traditional Chinese (Taiwan; Hong Kong SAR, PRC)
1026IBM EBCDIC - Turkish (Latin-5)
1047IBM EBCDIC - Latin 1/Open System
1140IBM EBCDIC - U.S./Canada (037 + Euro symbol)
1141IBM EBCDIC - Germany (20273 + Euro symbol)
1142IBM EBCDIC - Denmark/Norway (20277 + Euro symbol)
1143IBM EBCDIC - Finland/Sweden (20278 + Euro symbol)
1144IBM EBCDIC - Italy (20280 + Euro symbol)
1145IBM EBCDIC - Latin America/Spain (20284 + Euro symbol)
1146IBM EBCDIC - United Kingdom (20285 + Euro symbol)
1147IBM EBCDIC - France (20297 + Euro symbol)
1148IBM EBCDIC - International (500 + Euro symbol)
1149IBM EBCDIC - Icelandic (20871 + Euro symbol)
1200Unicode UCS-2 Little-Endian (BMP of ISO 10646)
1201Unicode UCS-2 Big-Endian
1250ANSI - Central European
1251ANSI - Cyrillic
1252ANSI - Latin I
1253ANSI - Greek
1254ANSI - Turkish
1255ANSI - Hebrew
1256ANSI - Arabic
1257ANSI - Baltic
1258ANSI/OEM - Vietnamese
1361Korean (Johab)
10000MAC - Roman
10001MAC - Japanese
10002MAC - Traditional Chinese (Big5)
10003MAC - Korean
10004MAC - Arabic
10005MAC - Hebrew
10006MAC - Greek I
10007MAC - Cyrillic
10008MAC - Simplified Chinese (GB 2312)
10010MAC - Romania
10017MAC - Ukraine
10021MAC - Thai
10029MAC - Latin II
10079MAC - Icelandic
10081MAC - Turkish
10082MAC - Croatia
12000Unicode UCS-4 Little-Endian
12001Unicode UCS-4 Big-Endian
20000CNS - Taiwan
20001TCA - Taiwan
20002Eten - Taiwan
20003IBM5550 - Taiwan
20004TeleText - Taiwan
20005Wang - Taiwan
20105IA5 IRV International Alphabet No. 5 (7-bit)
20106IA5 German (7-bit)
20107IA5 Swedish (7-bit)
20108IA5 Norwegian (7-bit)
20127US-ASCII (7-bit)
20261T.61
20269ISO 6937 Non-Spacing Accent
20273IBM EBCDIC - Germany
20277IBM EBCDIC - Denmark/Norway
20278IBM EBCDIC - Finland/Sweden
20280IBM EBCDIC - Italy
20284IBM EBCDIC - Latin America/Spain
20285IBM EBCDIC - United Kingdom
20290IBM EBCDIC - Japanese Katakana Extended
20297IBM EBCDIC - France
20420IBM EBCDIC - Arabic
20423IBM EBCDIC - Greek
20424IBM EBCDIC - Hebrew
20833IBM EBCDIC - Korean Extended
20838IBM EBCDIC - Thai
20866Russian - KOI8-R
20871IBM EBCDIC - Icelandic
20880IBM EBCDIC - Cyrillic (Russian)
20905IBM EBCDIC - Turkish
20924IBM EBCDIC - Latin-1/Open System (1047 + Euro symbol)
20932JIS X 0208-1990 & 0121-1990
20936Simplified Chinese (GB2312)
21025IBM EBCDIC - Cyrillic (Serbian, Bulgarian)
21027Extended Alpha Lowercase
21866Ukrainian (KOI8-U)
28591ISO 8859-1 Latin I
28592ISO 8859-2 Central Europe
28593ISO 8859-3 Latin 3
28594ISO 8859-4 Baltic
28595ISO 8859-5 Cyrillic
28596ISO 8859-6 Arabic
28597ISO 8859-7 Greek
28598ISO 8859-8 Hebrew
28599ISO 8859-9 Latin 5
28605ISO 8859-15 Latin 9
29001Europa 3
38598ISO 8859-8 Hebrew
50220ISO 2022 Japanese with no halfwidth Katakana
50221ISO 2022 Japanese with halfwidth Katakana
50222ISO 2022 Japanese JIS X 0201-1989
50225ISO 2022 Korean
50227ISO 2022 Simplified Chinese
50229ISO 2022 Traditional Chinese
50930Japanese (Katakana) Extended
50931US/Canada and Japanese
50933Korean Extended and Korean
50935Simplified Chinese Extended and Simplified Chinese
50936Simplified Chinese
50937US/Canada and Traditional Chinese
50939Japanese (Latin) Extended and Japanese
51932EUC - Japanese
51936EUC - Simplified Chinese
51949EUC - Korean
51950EUC - Traditional Chinese
52936HZ-GB2312 Simplified Chinese
54936Windows XP: GB18030 Simplified Chinese (4 Byte)
57002ISCII Devanagari
57003ISCII Bengali
57004ISCII Tamil
57005ISCII Telugu
57006ISCII Assamese
57007ISCII Oriya
57008ISCII Kannada
57009ISCII Malayalam
57010ISCII Gujarati
57011ISCII Punjabi
65000Unicode UTF-7
65001Unicode UTF-8

The following is a list of valid code page identifiers for Mac OS only:

IdentifierName
1ASCII
2NEXTSTEP
3JapaneseEUC
4UTF8
5ISOLatin1
6Symbol
7NonLossyASCII
8ShiftJIS
9ISOLatin2
10Unicode
11WindowsCP1251
12WindowsCP1252
13WindowsCP1253
14WindowsCP1254
15WindowsCP1250
21ISO2022JP
30MacOSRoman
10UTF16String
0x90000100UTF16BigEndian
0x94000100UTF16LittleEndian
0x8c000100UTF32String
0x98000100UTF32BigEndian
0x9c000100UTF32LittleEndian
65536Proprietary

LicenseInfo:   Information about the current license.

When queried, this setting will return a string containing information about the license this instance of a class is using. It will return the following information:

  • Product: The product the license is for.
  • Product Key: The key the license was generated from.
  • License Source: Where the license was found (e.g., RuntimeLicense, License File).
  • License Type: The type of license installed (e.g., Royalty Free, Single Server).
  • Last Valid Build: The last valid build number for which the license will work.
UseInternalSecurityAPI:   Tells the class whether or not to use the system security libraries or an internal implementation.

When set to , the class will use the system security libraries by default to perform cryptographic functions where applicable.

Setting this setting to tells the class to use the internal implementation instead of using the system security libraries.

This setting is set to by default on all platforms.

Trappable Errors (AS1Sender Module)

AS1Sender Errors

501   Unable to parse the receipt.
502   The receipt is signed with an unsupported signature format (details follow).
511   Unsupported compression algorithm requested.
521   A Message Integrity Check was requested, but not provided in the MDN.
522   The Message Integrity Check returned in the MDN is incorrect.
523   Unable to parse Message Integrity Check.
524   Unrequested hashing algorithm used (check MDNOptions).
525   The Message ID returned in the MDN does not match.
531   The receipt was unsigned, and a signed receipt was expected.
532   The receipt signature could not be verified.
533   An MDN was expected, but was not returned.
600   Failure reported in MDN: Unsupported signing protocol.
601   Failure reported in MDN: Unsupported MIC algorithms.
602   Failure reported in MDN: Other (details follow).
611   Error reported in MDN: Decryption failed.
612   Error reported in MDN: Authentication failed.
613   Error reported in MDN: Could not verify content integrity.
614   Error reported in MDN: Unexpected processing error.
615   Error reported in MDN: Other (details follow).
621   Warning reported in MDN: Authentication failed, processing continued by receiver.
622   Warning reported in MDN: Other (details follow).
831   I/O Error (details follow).

POP Errors

116   MailPort cannot be zero. Please specify a valid service port number.
118   Firewall error. Error message contains detailed description.
171   POP protocol error. Description contains the server reply.
172   Error communicating with server. Error text is attached.
173   Please specify a valid MailServer.
174   Busy executing current method.

TCPClient Errors

100   You cannot change the RemotePort at this time. A connection is in progress.
101   You cannot change the RemoteHost (Server) at this time. A connection is in progress.
102   The RemoteHost address is invalid (0.0.0.0).
104   Already connected. If you want to reconnect, close the current connection first.
106   You cannot change the LocalPort at this time. A connection is in progress.
107   You cannot change the LocalHost at this time. A connection is in progress.
112   You cannot change MaxLineLength at this time. A connection is in progress.
116   RemotePort cannot be zero. Please specify a valid service port number.
117   You cannot change the UseConnection option while the class is active.
135   Operation would block.
201   Timeout.
211   Action impossible in control's present state.
212   Action impossible while not connected.
213   Action impossible while listening.
301   Timeout.
302   Could not open file.
434   Unable to convert string to selected CodePage.
1105   Already connecting. If you want to reconnect, close the current connection first.
1117   You need to connect first.
1119   You cannot change the LocalHost at this time. A connection is in progress.
1120   Connection dropped by remote host.

TCP/IP Errors

10004   [10004] Interrupted system call.
10009   [10009] Bad file number.
10013   [10013] Access denied.
10014   [10014] Bad address.
10022   [10022] Invalid argument.
10024   [10024] Too many open files.
10035   [10035] Operation would block.
10036   [10036] Operation now in progress.
10037   [10037] Operation already in progress.
10038   [10038] Socket operation on non-socket.
10039   [10039] Destination address required.
10040   [10040] Message too long.
10041   [10041] Protocol wrong type for socket.
10042   [10042] Bad protocol option.
10043   [10043] Protocol not supported.
10044   [10044] Socket type not supported.
10045   [10045] Operation not supported on socket.
10046   [10046] Protocol family not supported.
10047   [10047] Address family not supported by protocol family.
10048   [10048] Address already in use.
10049   [10049] Can't assign requested address.
10050   [10050] Network is down.
10051   [10051] Network is unreachable.
10052   [10052] Net dropped connection or reset.
10053   [10053] Software caused connection abort.
10054   [10054] Connection reset by peer.
10055   [10055] No buffer space available.
10056   [10056] Socket is already connected.
10057   [10057] Socket is not connected.
10058   [10058] Can't send after socket shutdown.
10059   [10059] Too many references, can't splice.
10060   [10060] Connection timed out.
10061   [10061] Connection refused.
10062   [10062] Too many levels of symbolic links.
10063   [10063] File name too long.
10064   [10064] Host is down.
10065   [10065] No route to host.
10066   [10066] Directory not empty
10067   [10067] Too many processes.
10068   [10068] Too many users.
10069   [10069] Disc Quota Exceeded.
10070   [10070] Stale NFS file handle.
10071   [10071] Too many levels of remote in path.
10091   [10091] Network subsystem is unavailable.
10092   [10092] WINSOCK DLL Version out of range.
10093   [10093] Winsock not loaded yet.
11001   [11001] Host not found.
11002   [11002] Non-authoritative 'Host not found' (try again or check DNS setup).
11003   [11003] Non-recoverable errors: FORMERR, REFUSED, NOTIMP.
11004   [11004] Valid name, no data record (check DNS setup).

SMTP Errors

118   Firewall Error. Error message contains detailed description.
161   SMTP protocol error. Description contains the server reply.
162   Error communicating with server. Error text is attached.
163   Please specify a MailServer.
164   Please specify a sender (From).
165   Please specify a recipient.
166   Busy executing current method.
301   Operation interrupted.
302   Can't open AttachedFile.

TCPClient Errors

100   You cannot change the RemotePort at this time. A connection is in progress.
101   You cannot change the RemoteHost (Server) at this time. A connection is in progress.
102   The RemoteHost address is invalid (0.0.0.0).
104   Already connected. If you want to reconnect, close the current connection first.
106   You cannot change the LocalPort at this time. A connection is in progress.
107   You cannot change the LocalHost at this time. A connection is in progress.
112   You cannot change MaxLineLength at this time. A connection is in progress.
116   RemotePort cannot be zero. Please specify a valid service port number.
117   You cannot change the UseConnection option while the class is active.
135   Operation would block.
201   Timeout.
211   Action impossible in control's present state.
212   Action impossible while not connected.
213   Action impossible while listening.
301   Timeout.
302   Could not open file.
434   Unable to convert string to selected CodePage.
1105   Already connecting. If you want to reconnect, close the current connection first.
1117   You need to connect first.
1119   You cannot change the LocalHost at this time. A connection is in progress.
1120   Connection dropped by remote host.

TCP/IP Errors

10004   [10004] Interrupted system call.
10009   [10009] Bad file number.
10013   [10013] Access denied.
10014   [10014] Bad address.
10022   [10022] Invalid argument.
10024   [10024] Too many open files.
10035   [10035] Operation would block.
10036   [10036] Operation now in progress.
10037   [10037] Operation already in progress.
10038   [10038] Socket operation on non-socket.
10039   [10039] Destination address required.
10040   [10040] Message too long.
10041   [10041] Protocol wrong type for socket.
10042   [10042] Bad protocol option.
10043   [10043] Protocol not supported.
10044   [10044] Socket type not supported.
10045   [10045] Operation not supported on socket.
10046   [10046] Protocol family not supported.
10047   [10047] Address family not supported by protocol family.
10048   [10048] Address already in use.
10049   [10049] Can't assign requested address.
10050   [10050] Network is down.
10051   [10051] Network is unreachable.
10052   [10052] Net dropped connection or reset.
10053   [10053] Software caused connection abort.
10054   [10054] Connection reset by peer.
10055   [10055] No buffer space available.
10056   [10056] Socket is already connected.
10057   [10057] Socket is not connected.
10058   [10058] Can't send after socket shutdown.
10059   [10059] Too many references, can't splice.
10060   [10060] Connection timed out.
10061   [10061] Connection refused.
10062   [10062] Too many levels of symbolic links.
10063   [10063] File name too long.
10064   [10064] Host is down.
10065   [10065] No route to host.
10066   [10066] Directory not empty
10067   [10067] Too many processes.
10068   [10068] Too many users.
10069   [10069] Disc Quota Exceeded.
10070   [10070] Stale NFS file handle.
10071   [10071] Too many levels of remote in path.
10091   [10091] Network subsystem is unavailable.
10092   [10092] WINSOCK DLL Version out of range.
10093   [10093] Winsock not loaded yet.
11001   [11001] Host not found.
11002   [11002] Non-authoritative 'Host not found' (try again or check DNS setup).
11003   [11003] Non-recoverable errors: FORMERR, REFUSED, NOTIMP.
11004   [11004] Valid name, no data record (check DNS setup).

SMIME Errors

10191   Invalid index (RecipientIndex).
10192   Message decoding error (code).
10193   Unexpected message type.
10194   Unsupported hashing/signing algorithm.
10195   The message does not have any signers.
10196   The message signature could not be verified.
10197   Could not locate a suitable decryption certificate.
10198   The signer certificate could not be found.
10199   No signing certificate was supplied for signing the message.
10201   The specified certificate was not the one required.
10202   The specified certificate could not be found.
10221   Could not acquire CSP.
10222   Type validation error.
10223   Unsupported key size.
10224   Unrecognized Content-Type object identifier.
10225   Unrecognized public key format.
10226   No choices specified.
10228   Must specify output stream.
10280   Invalid part index.
10281   Unknown MIME type.
10283   No MIME-boundary found.
10280   Error decoding certificate.

Copyright (c) 2023 /n software inc. - All rights reserved.
IPWorks EDI 2022 macOS Edition - Version 22.0 [Build 8431]