Send encrypted email using S/MIME (AES‑256)
In many cases it is required to use better that standard encryption algorithms. With Mail.dll it is easy to specify algorithm that is used for encryption. In this article we’ll show how to send S/MIME encrypted and signed email using Mail.dll email component and AES-256 and SHA-512.
If you don’t need to specify encryption algorithm you can lean on default values: send encrypted email using S/MIME.
Encryption algorithm selection is done through Algorithm property of the EncryptionConfiguration class. You can use CommonOids class static properties to retrieve common oids (object identifiers): TrippleDes (3-DES), Aes128, Aes256.
Encryption using MailBuilder
EncryptionConfiguration encryption = new EncryptionConfiguration(); encryption.Algorithm = new Oid(CommonOids.Aes256); encryption.Certificates.Add(new X509Certificate2(...)); encryption.Certificates.Add(new X509Certificate2(...)); SignatureConfiguration signature = new SignatureConfiguration( new X509Certificate2(...)); signature.Algorithm = new Oid(CommonOids.Sha512); MailBuilder builder = new MailBuilder(); builder.Text = "Encrypted and signed"; builder.EncryptWith(encryption); builder.SignWith(signature); IMail mail = builder.Create();
Encryption using fluent interface
EncryptionConfiguration encryption = new EncryptionConfiguration(); encryption.Algorithm = new Oid(CommonOids.Aes256); encryption.Certificates.Add(new X509Certificate2(...)); encryption.Certificates.Add(new X509Certificate2(...)); SignatureConfiguration signature = new SignatureConfiguration( new X509Certificate2(...)); signature.Algorithm = new Oid(CommonOids.Sha512); IMail mail = Mail.Text("Encrypted") .EncryptWith(encryption) .SignWith(signature) .Create();
Remember to encrypt your emails with both sender’s and receiver’s certificates. This way both parties are able to decrypt such emails.
Sending email using SMTP
Now we can connect to SMTP server and send the email we recently created:
using (Smtp client = new Smtp()) { client.Connect("smtp.example.com"); // or ConnectSSL client.UseBestLogin("user", "password"); client.SendMessage(email); client.Close(); }