ComponentPro UltimateMail

Creating an encrypted and signed mail message

See AlsoLanguage Filter: AllSend comments on this topic to ComponentPro

A message can be both encrypted and signed. This ensures to the sender that only the intended recipients are able to read the message content, and to the recipient that the message was indeed sent by the sender.

There are two ways to produce a message that is both encrypted and sign:

  • Sign the message first, then encrypt the signed message.
  • Encrypt the message first, then sign the encrypted message.

In the first case, no one but the recipient will be able to validate the signature and access the message content. In the second case, no one but the recipient will be able to access the message content, but anyone will be able to validate the signature. Both ways have their pros and cons, but there is a very strong reason to prefer the first way: Outlook Express does not handle the second way correctly, and reports the correct signature is not valid.

The example below shows how to sign the message first and then encrypt the signed message: 

using System;
using System.Security.Cryptography.X509Certificates;
using ComponentPro.Net.Mail;


// Create a new instance of the MailMessage class.
MailMessage msg = new MailMessage();

msg.Subject = "Hello";
msg.BodyText = "How are you?";

// Load a certificate file and sign the message.
msg.Sign(new X509Certificate2("mycert.pfx", "mypassword"));

// Load a certificate file and encrypt the message.
msg.Encrypt(new X509Certificate2("mycert.cer", "mypassword"));

See Also