static void CheckCertificateCanBeUsedForSigning (X509Certificate certificate) { var flags = certificate.GetKeyUsageFlags (); if (flags != X509KeyUsageFlags.None && (flags & SecureMimeContext.DigitalSignatureKeyUsageFlags) == 0) throw new ArgumentException ("The certificate cannot be used for signing."); }
/// <summary> /// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class. /// </summary> /// <remarks> /// <para>The initial value of the <see cref="MimeKit.Cryptography.DigestAlgorithm"/> will /// be set to <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the /// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be /// initialized to empty tables.</para> /// </remarks> /// <param name="certificate">The signer's certificate.</param> /// <param name="key">The signer's private key.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="certificate"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="key"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.ArgumentException"> /// <para><paramref name="certificate"/> cannot be used for signing.</para> /// <para>-or-</para> /// <para><paramref name="key"/> is not a private key.</para> /// </exception> public CmsSigner (X509Certificate certificate, AsymmetricKeyParameter key) : this () { if (certificate == null) throw new ArgumentNullException ("certificate"); var flags = certificate.GetKeyUsageFlags (); if (flags != X509KeyUsageFlags.None && (flags & X509KeyUsageFlags.DigitalSignature) == 0) throw new ArgumentException ("The certificate cannot be used for signing.", "certificate"); if (key == null) throw new ArgumentNullException ("key"); if (!key.IsPrivate) throw new ArgumentException ("The key must be a private key.", "key"); CertificateChain = new X509CertificateChain (); CertificateChain.Add (certificate); Certificate = certificate; PrivateKey = key; }