How to send encrypted mail in C#

It was a request of one of my client to send the mail as encrypted so that this kept secure while sending to customers. So after a search I found Jason Niver's code to be very handy to use. So I am sharing this will all so next time it becomes little bit easy to get.
 

using System;

using System.Text;

using System.Net.Mail;

using System.IO;

using System.Security.Cryptography.Pkcs;

using System.Security.Cryptography.X509Certificates;

 

namespace CommonUtilities

{

    //requires reference to System.Security

    class EmailUtil

    {

        public static void SendEncryptedEmail(string[] to, string from, string subject, string body, string[] attachments)

        {

            MailMessage message = new MailMessage();

            message.From = new MailAddress(from);

            message.Subject = subject;

 

            if (attachments != null && attachments.Length > 0)

            {

                StringBuilder buffer = new StringBuilder();

                buffer.Append("MIME-Version: 1.0\r\n");

                buffer.Append("Content-Type: multipart/mixed; boundary=unique-boundary-1\r\n");

                buffer.Append("\r\n");

                buffer.Append("This is a multi-part message in MIME format.\r\n");

                buffer.Append("--unique-boundary-1\r\n");

                buffer.Append("Content-Type: text/plain\r\n");  //could use text/html as well here if you want a html message

                buffer.Append("Content-Transfer-Encoding: 7Bit\r\n\r\n");

                buffer.Append(body);

                if (!body.EndsWith("\r\n"))

                    buffer.Append("\r\n");

                buffer.Append("\r\n\r\n");

 

                foreach (string filename in attachments)

                {

                    FileInfo fileInfo = new FileInfo(filename);

                    buffer.Append("--unique-boundary-1\r\n");

                    buffer.Append("Content-Type: application/octet-stream; file=" + fileInfo.Name + "\r\n");

                    buffer.Append("Content-Transfer-Encoding: base64\r\n");

                    buffer.Append("Content-Disposition: attachment; filename=" + fileInfo.Name + "\r\n");

                    buffer.Append("\r\n");

                    byte[] binaryData = File.ReadAllBytes(filename);

 

                    string base64Value = Convert.ToBase64String(binaryData, 0, binaryData.Length);

                    int position = 0;

                    while (position < base64Value.Length)

                    {

                        int chunkSize = 100;

                        if (base64Value.Length - (position + chunkSize) < 0)

                            chunkSize = base64Value.Length - position;

                        buffer.Append(base64Value.Substring(position, chunkSize));

                        buffer.Append("\r\n");

                        position += chunkSize;

                    }

                    buffer.Append("\r\n");

                }

 

                body = buffer.ToString();

            }

            else

            {

                body = "Content-Type: text/plain\r\nContent-Transfer-Encoding: 7Bit\r\n\r\n" + body;

            }

 

            byte[] messageData = Encoding.ASCII.GetBytes(body);

            ContentInfo content = new ContentInfo(messageData);

            EnvelopedCms envelopedCms = new EnvelopedCms(content);

            CmsRecipientCollection toCollection = new CmsRecipientCollection();

            foreach (string address in to)

            {

                message.To.Add(new MailAddress(address));

                X509Certificate2 certificate = null; //Need to load from store or from file the client's cert

                CmsRecipient recipient = new CmsRecipient(SubjectIdentifierType.SubjectKeyIdentifier, certificate);

                toCollection.Add(recipient);

            }

 

            envelopedCms.Encrypt(toCollection);

            byte[] encryptedBytes = envelopedCms.Encode();

 

            //add digital signature:

            SignedCms signedCms = new SignedCms(new ContentInfo(encryptedBytes));

            X509Certificate2 signerCertificate = null; //Need to load from store or from file the signer's cert

            CmsSigner signer = new CmsSigner(SubjectIdentifierType.SubjectKeyIdentifier, signerCertificate);

            signedCms.ComputeSignature(signer);

            encryptedBytes = signedCms.Encode();

            //end digital signature section

 

            MemoryStream stream = new MemoryStream(encryptedBytes);

            AlternateView view = new AlternateView(stream, "application/pkcs7-mime; smime-type=signed-data;name=smime.p7m");

            message.AlternateViews.Add(view);

 

            SmtpClient client = new SmtpClient("your.smtp.mailhost");

            //add authentication info if required by your smtp server etc...

            //client.Credentials = CredentialCache.DefaultCredentials;

            client.Send(message);

        }

    }

}

Now its time to install the certificate, for this go with the bellow codes.

using System.Security.Cryptography.X509Certificates;

 

private X509Certificate GetCertificate()

{

    X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);

    store.Open(OpenFlags.ReadOnly);

    X509Certificate2Collection certs = store.Certificates.Find(X509FindType.FindBySerialNumber, “123456”, true);

    store.Close();

    return certs[0];

}

Sources:
1. Sending encrypted mail
2. Using certificates from the Windows certificate store