System.Net.ServicePointManager.ChainValidationHelper.CheckCertificateUsage C# (CSharp) Method

			static bool CheckCertificateUsage (X509Certificate2 cert) 
			{
				try {
					// certificate extensions are required for this
					// we "must" accept older certificates without proofs
					if (cert.Version < 3)
						return true;

					X509KeyUsageExtension kux = (X509KeyUsageExtension) cert.Extensions ["2.5.29.15"];
					X509EnhancedKeyUsageExtension eku = (X509EnhancedKeyUsageExtension) cert.Extensions ["2.5.29.37"];
					if (kux != null && eku != null) {
						// RFC3280 states that when both KeyUsageExtension and 
						// ExtendedKeyUsageExtension are present then BOTH should
						// be valid
						if ((kux.KeyUsages & s_flags) == 0)
							return false;
						return eku.EnhancedKeyUsages ["1.3.6.1.5.5.7.3.1"] != null ||
							eku.EnhancedKeyUsages ["2.16.840.1.113730.4.1"] != null;
					} else if (kux != null) {
						return ((kux.KeyUsages & s_flags) != 0);
					} else if (eku != null) {
						// Server Authentication (1.3.6.1.5.5.7.3.1) or
						// Netscape Server Gated Crypto (2.16.840.1.113730.4)
						return eku.EnhancedKeyUsages ["1.3.6.1.5.5.7.3.1"] != null ||
							eku.EnhancedKeyUsages ["2.16.840.1.113730.4.1"] != null;
					}

					// last chance - try with older (deprecated) Netscape extensions
					X509Extension ext = cert.Extensions ["2.16.840.1.113730.1.1"];
					if (ext != null) {
						string text = ext.NetscapeCertType (false);
						return text.IndexOf ("SSL Server Authentication") != -1;
					}
					return true;
				} catch (Exception e) {
					Console.Error.WriteLine ("ERROR processing certificate: {0}", e);
					Console.Error.WriteLine ("Please, report this problem to the Mono team");
					return false;
				}
			}