public ActionResult SignAndEncrypt(SignedAsymmetricModel model) { if (model.Action == "encrypt") { var plainTextAsBytes = Encoding.Unicode.GetBytes(model.PlainText); var recipientCertificate = LoadCertificate(model.RecipientThumbprint); var signingCertificate = LoadCertificate(model.SenderThumbprint); // Sign message var signatureContentInfo = new ContentInfo(plainTextAsBytes); var signedCms = new SignedCms(signatureContentInfo); var cmsSigner = new CmsSigner(signingCertificate); signedCms.ComputeSignature(cmsSigner); var signedMessageAsBytes = signedCms.Encode(); // Encrypt var encryptedContentInfo = new ContentInfo(signedMessageAsBytes); var envelopedCms = new EnvelopedCms(encryptedContentInfo); var cmsRecipient = new CmsRecipient(recipientCertificate); envelopedCms.Encrypt(cmsRecipient); var envelopeAsBytes = envelopedCms.Encode(); model.Envelope = Convert.ToBase64String(envelopeAsBytes); model.PlainText = string.Empty; } else if (model.Action == "decrypt") { // Decrypt var cipherTextAsBytes = Convert.FromBase64String(model.Envelope); var envelopedCms = new EnvelopedCms(); envelopedCms.Decode(cipherTextAsBytes); envelopedCms.Decrypt(); var encodedSignedCMS = envelopedCms.Encode(); var signedCms = new SignedCms(); signedCms.Decode(encodedSignedCMS); signedCms.CheckSignature(true); var plainTextAsBytes = signedCms.ContentInfo.Content; model.PlainText = UnicodeEncoding.Unicode.GetString(plainTextAsBytes); model.SenderSubject = signedCms.SignerInfos[0].Certificate.Subject; model.Envelope = string.Empty; } model.RecipientThumbprint = RecipientThumbprint; model.SenderThumbprint = SenderThumbprint; ModelState.Clear(); return(View(model)); }