Open Genbox opened 8 years ago
FWIW, I ended up implementing my own extension for X509Certificate to get this functionality in MimeKit.
A set of bit flags:
https://github.com/jstedfast/MimeKit/blob/master/MimeKit/Cryptography/X509KeyUsageFlags.cs
and the extension method:
Actually ended up not using X509Certificate as most of the API is not really functional in my case. I'd rather see the KeyUsage bits exposed as a flags enum (like @jstedfast did) and store the enum value, instead of checking against an array of bool.
I would have made a pull request for this as I did implement the change in the BC library, however, I was not keen on changing 30 unit tests as well.
The X509Certificate class exposes KeyUsage as a bool[], which is require the user to know the ordering of the bits in the KeyUsage field. It would be a lot more user friendly to expose the KeyUsage class, and provide an API in the KeyUsage class to test for a specific key usage.
Example: