Sample code for 30+ languages & platforms
Tcl

Send aes-gcm authEnvelopedData Encrypted Email

See more SMTP Examples

Note: This example requires Chilkat v10.0.0 or later

Demonstrates how to send encrypted email using 128-bit AES in GCM mode.

"AES-GCM" (Advanced Encryption Standard - Galois/Counter Mode) is a cryptographic algorithm that provides both encryption and integrity protection (authentication). When used in the context of email security with "authEnvelopedData", it often refers to a method of securely sending encrypted and authenticated email content.

Here’s a brief breakdown:

  • AES-GCM: Combines symmetric encryption (AES) with authentication, ensuring both the confidentiality and integrity of the message. It generates an authentication tag to detect any unauthorized changes.
  • authEnvelopedData: Refers to a type of structure used in secure email protocols (like S/MIME) to package encrypted content. It contains the encrypted data and associated encrypted session keys.
  • Email Security: When applied to emails, AES-GCM ensures the email content is encrypted (confidential) and also tamper-resistant (authenticated), with the encryption keys typically shared securely using asymmetric encryption (e.g., public key infrastructure, or PKI).

In short, AES-GCM with "authEnvelopedData" provides a way to encrypt and authenticate emails, making them confidential and resistant to tampering.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# The mailman object is used for sending and receiving email.
set mailman [new_CkMailMan]

CkMailMan_put_SmtpHost $mailman "smtp.example.com"

CkMailMan_put_SmtpUsername $mailman "my_smtp_login"
CkMailMan_put_SmtpPassword $mailman "my_smtp_password"

# The typical SMTP ports are 465 for implicit SSL/TLS or 587 for explicit SSL/TLS
CkMailMan_put_SmtpPort $mailman 465
CkMailMan_put_SmtpSsl $mailman 1

# Use the recipient's certificate for encryption.
set cert [new_CkCert]

set success [CkCert_LoadFromFile $cert "c:/someDir/recipient_cert.cer"]
if {$success != 1} then {
    puts [CkCert_lastErrorText $cert]
    delete_CkMailMan $mailman
    delete_CkCert $cert
    exit
}

set email [new_CkEmail]

CkEmail_put_Subject $email "This email is encrypted"
CkEmail_put_Body $email "This is AES-GCM encrypted mail"
CkEmail_put_From $email "Mary <mary@example1.com>"
set success [CkEmail_AddTo $email "Joe" "joe@example.com"]

# Specify that AES-GCM w/ authEnvelopedData is to be used. 
# Also specify other params..
CkEmail_put_Pkcs7CryptAlg $email "aes-gcm"
CkEmail_put_Pkcs7KeyLength $email 128
CkEmail_put_OaepPadding $email 1
CkEmail_put_OaepHash $email "sha256"
CkEmail_put_OaepMgfHash $email "sha256"

# Indicate the email is to be sent encrypted.
CkEmail_put_SendEncrypted $email 1

# Specify the certificate to be used for encryption.
set success [CkEmail_SetEncryptCert $email $cert]

set success [CkMailMan_SendEmail $mailman $email]
if {$success != 1} then {
    puts [CkMailMan_lastErrorText $mailman]
} else {
    puts "Mail Sent!"
}


delete_CkMailMan $mailman
delete_CkCert $cert
delete_CkEmail $email