Tim Van Wassenhove

Passionate geek, interested in Technology. Proud father of two

02 Feb 2010

Verify that a X509Certificate can be used for key exchange

Here is another method that earned it’s place in my ever growing toolbox:

public static bool CanDoKeyExchange(this X509Certificate2 certificate)
{
	if (!certificate.HasPrivateKey) return false;

	var privateKey = certificate.PrivateKey as RSACryptoServiceProvider;
	if (privateKey == null) return false;

	var canDoKeyExchange = privateKey.CspKeyContainerInfo.KeyNumber == KeyNumber.Exchange;
	return canDoKeyExchange;
}