C# - Encrypt Email - S/MIME

The following c# example codes demonstrate how to encrypt email to S/MIME format with digital signature.

Email Encryption

After the recipient received your email with digital signature, the recipient can get your digital certificate public key from your digital signature. Then the recipient can encrypt an email with your public key and send it to you. Only you can decrypt this email with your private key. That is how S/MIME can protect your email content. If you don’t expose your digital certificate private key to others, none can read your email which is encrypted by your public key.

If you received an email with digital signature, your email client usually stores the public key of the sender in “Control Panel” -> “Internet Options” -> “Content” -> “Certificates” -> “Other People”.

Then you can use the following code to encrypt email and send it to your recipient.

Installation

Before you can use the following codes, please download EASendMail SMTP Component and install it on your machine at first. Full sample proejcts are included in this installer.

Install from NuGet

You can also install the run-time assembly by NuGet. Run the following command in the NuGet Package Manager Console:

Install-Package EASendMail

Note

If you install it by NuGet, no sample projects are installed, only .NET assembly is installed.

Add Reference

To use EASendMail SMTP Component in your project, the first step is Add reference of EASendMail to your project. Please create or open your project with Visual Studio, then go to menu -> Project -> Add Reference -> .NET -> Browse..., and select EASendMail{version}.dll from your disk, click Open -> OK, the reference of EASendMail will be added to your project, and you can start to use it to send email in your project.

add reference in c#/vb.net/c++/cli/clr

.NET Assembly

Because EASendMail has separate builds for .Net Framework, please refer to the following table and choose the correct dll.

Separate builds of run-time assembly for .Net Framework 1.1, 2.0, 3.5, 4.0, 4.5 and .Net Compact Framework 2.0, 3.5.

File .NET Framework Version
EASendMail.dll Built with .NET Framework 1.1
It requires .NET Framework 1.1, 2.0, 3.5 or later version.
EASendMail20.dll Built with .NET Framework 2.0
It requires .NET Framework 2.0, 3.5 or later version.
EASendMail35.dll Built with .NET Framework 3.5
It requires .NET Framework 3.5 or later version.
EASendMaill40.dll Built with .NET Framework 4.0
It requires .NET Framework 4.0 or later version.
EASendMaill45.dll Built with .NET Framework 4.5
It requires .NET Framework 4.5 or later version.
EASendMailCF20.dll Built with .NET Compact Framework 2.0
It requires .NET Compact Framework 2.0, 3.5 or later version.
EASendMailCF35.dll Built with .NET Compact Framework 3.5
It requires .NET Compact Framework 3.5 or later version.

C# - Encrypt Email - S/MIME - Example

The following example codes demonstrate encrypting email message with digital signature - S/MIME. In order to run it correctly, please change SMTP server, user, password, sender, recipient value to yours.

Note

To get full sample projects, please download and install EASendMail on your machine.

using System;
using System.Collections.Generic;
using System.Text;

// Add EASendMail namespace
using EASendMail;

namespace mysendemail
{
    class Program
    {
        static void Main(string[] args)
        {
            SmtpMail oMail = new SmtpMail("TryIt");
            SmtpClient oSmtp = new SmtpClient();

            // Set sender email address, please change it to yours
            oMail.From = "test@emailarchitect.net";

            // Set recipient email address, please change it to yours
            oMail.To = "support@emailarchitect.net";

            // Set email subject
            oMail.Subject = "test encrypted email from c#";

            // Set email body
            oMail.TextBody = "this is a test email with email encryption";

            // Your SMTP server address
            SmtpServer oServer = new SmtpServer("smtp.emailarchitect.net");

            //User and password for ESMTP authentication, if your server doesn't require
            //User authentication, please remove the following codes.
            oServer.User = "test@emailarchitect.net";
            oServer.Password = "testpassword";

            try
            {
                // Find certificate by email adddress in My Personal Store.
                // Once the certificate is loaded to From, the email content
                // will be signed automatically
                oMail.From.Certificate.FindSubject(oMail.From.Address,
                    Certificate.CertificateStoreLocation.CERT_SYSTEM_STORE_CURRENT_USER,
                    "My");
            }
            catch (Exception exp)
            {
                Console.WriteLine("No sign certificate found for <" +
                    oMail.From.Address + ">:" + exp.Message);
            }


            int count = oMail.To.Count;
            for (int i = 0; i < count; i++)
            {
                MailAddress oAddress = oMail.To[i] as MailAddress;
                try
                {
                    // Find certificate by email adddress in My Other Peoples Store.
                    // The certificate can be also imported by *.cer file like this:
                    // oAddress.Certificate.Load("c:\\encrypt1.cer");
                    // Once the certificate is loaded to MailAddress, the email content
                    // will be encrypted automatically

                    oAddress.Certificate.FindSubject(oAddress.Address,
                        Certificate.CertificateStoreLocation.CERT_SYSTEM_STORE_CURRENT_USER,
                        "AddressBook");
                }
                catch (Exception ep)
                {
                    try
                    {
                        oAddress.Certificate.FindSubject(oAddress.Address,
                            Certificate.CertificateStoreLocation.CERT_SYSTEM_STORE_CURRENT_USER,
                            "My");
                    }
                    catch (Exception exp)
                    {
                        Console.WriteLine("No encryption certificate found for <" +
                            oAddress.Address + ">:" + exp.Message);
                    }
                }
            }

            // If your smtp server requires SSL connection, please add this line
            // oServer.ConnectType = SmtpConnectType.ConnectSSLAuto;

            try
            {
                Console.WriteLine("start to send encrypted email ...");
                oSmtp.SendMail(oServer, oMail);
                Console.WriteLine("email was sent successfully!");
            }
            catch (Exception ep)
            {
                Console.WriteLine("failed to send email with the following error:");
                Console.WriteLine(ep.Message);
            }
        }
    }
}

Encryption Algorithm

You can use SmtpMail.EncryptionAlgorithm property to set RC2, RC4, 3DES, AES128, AES192 or AES256 encryption algorithm. RSAES-OAEP (AES128, AES192 and AES256) is recommended.

Appendix

Comments

If you have any comments or questions about above example codes, please click here to add your comments.