static void CheckCertificateCanBeUsedForSigning (X509Certificate certificate)
{
var flags = certificate.GetKeyUsageFlags ();
if (flags != X509KeyUsageFlags.None && (flags & SecureMimeContext.DigitalSignatureKeyUsageFlags) == 0)
throw new ArgumentException ("The certificate cannot be used for signing.");
}
/// <summary>
/// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class.
/// </summary>
/// <remarks>
/// <para>The initial value of the <see cref="MimeKit.Cryptography.DigestAlgorithm"/> will
/// be set to <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the
/// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be
/// initialized to empty tables.</para>
/// </remarks>
/// <param name="certificate">The signer's certificate.</param>
/// <param name="key">The signer's private key.</param>
/// <exception cref="System.ArgumentNullException">
/// <para><paramref name="certificate"/> is <c>null</c>.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is <c>null</c>.</para>
/// </exception>
/// <exception cref="System.ArgumentException">
/// <para><paramref name="certificate"/> cannot be used for signing.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is not a private key.</para>
/// </exception>
public CmsSigner (X509Certificate certificate, AsymmetricKeyParameter key) : this ()
{
if (certificate == null)
throw new ArgumentNullException ("certificate");
var flags = certificate.GetKeyUsageFlags ();
if (flags != X509KeyUsageFlags.None && (flags & X509KeyUsageFlags.DigitalSignature) == 0)
throw new ArgumentException ("The certificate cannot be used for signing.", "certificate");
if (key == null)
throw new ArgumentNullException ("key");
if (!key.IsPrivate)
throw new ArgumentException ("The key must be a private key.", "key");
CertificateChain = new X509CertificateChain ();
CertificateChain.Add (certificate);
Certificate = certificate;
PrivateKey = key;
}
