public override bool IsCompatible(CipherSuite cipherSuite, X509Certificate certificate)
{
// TODO check cipherSuite == RSA/DSS
// cert signed with RSA
if (!RSAKeyReader.IsRSAIdentifier(certificate.SignatureAlgorithm.Algorithm))
{
return(false);
}
// TODO ?
return(true);
}
public bool IsCompatible(CipherSuite cipherSuite, X509Certificate certificate)
{
// cert signed with RSA
if (!RSAKeyReader.IsRSAIdentifier(certificate.SignatureAlgorithm.Algorithm))
{
return(false);
}
// cert has RSA public key
if (!(certificate.SubjectPublicKey is RSAPublicKey))
{
return(false);
}
// TODO ?
return(true);
}
public virtual bool IsCompatible(CipherSuite cipherSuite, X509Certificate certificate)
{
var signatureAlgorithm = CipherSuitesRegistry.MapSignatureAlgorithm(cipherSuite);
var requiresECKey = Equals(CipherSuitesRegistry.MapKeyExchange(cipherSuite), ECIdentifiers.ECDH);
if (signatureAlgorithm.Equals(ECIdentifiers.ECDSA))
{
if (certificate.SignatureAlgorithm.Algorithm != ECIdentifiers.ECDSAWithSHA256)
{
return(false);
}
if (!(certificate.SubjectPublicKey is ECPublicKey))
{
return(false);
}
return(true);
}
if (signatureAlgorithm.Equals(RSAIdentifiers.RSASig))
{
if (!RSAKeyReader.IsRSAIdentifier(certificate.SignatureAlgorithm.Algorithm))
{
return(false);
}
if (requiresECKey && !(certificate.SubjectPublicKey is ECPublicKey))
{
return(false);
}
if (!requiresECKey && !(certificate.SubjectPublicKey is RSAPublicKey))
{
return(false);
}
return(true);
}
return(false);
}