+1 vote

Does Mail.dll support certificates based on electrical curve cryptography instead of RSA for S/MIME en-/de-cryption?

by
edited

1 Answer

0 votes

Mail.dll supports anything that underlying .NET implementation and OS does support.
This applies to TLS, email signing and encryption (S/MIME).

ECC (Elliptic Curve Cryptography) is supported for sure on .net 6, 7 and 8.

X509Certificate2 certificate;

using (ECDsaCng ecdsa = new ECDsaCng())
{
    CertificateRequest request = new CertificateRequest(
        new X500DistinguishedName("CN=my signer"),
        ecdsa,
        HashAlgorithmName.SHA256);

    certificate = request.CreateSelfSigned(
        DateTimeOffset.Now.AddDays(-1),
        DateTimeOffset.Now.AddDays(1));
}

MailBuilder builder = new MailBuilder();
builder.Subject = "Subject";
builder.SignWith(
    new SignatureConfiguration(certificate)
    {
        Algorithm = new Oid(CommonOids.Sha256)
    });

IMail mail = builder.Create();

mail.CheckSignature(true); // true as cert is self-signed

SignedCms signedCms = mail.GetSignedCms();
Assert.AreEqual(
    "sha256ECDSA",
    signedCms.SignerInfos[0].SignatureAlgorithm.FriendlyName);
by (298k points)
...