void LoadPkcs12 (Stream stream, string password)
{
var pkcs12 = new Pkcs12Store (stream, password.ToCharArray ());
foreach (string alias in pkcs12.Aliases) {
if (!pkcs12.IsKeyEntry (alias))
continue;
var chain = pkcs12.GetCertificateChain (alias);
var key = pkcs12.GetKey (alias);
if (!key.Key.IsPrivate || chain.Length == 0)
continue;
var flags = chain[0].Certificate.GetKeyUsageFlags ();
if (flags != X509KeyUsageFlags.None && (flags & SecureMimeContext.DigitalSignatureKeyUsageFlags) == 0)
continue;
CheckCertificateCanBeUsedForSigning (chain[0].Certificate);
CertificateChain = new X509CertificateChain ();
Certificate = chain[0].Certificate;
PrivateKey = key.Key;
foreach (var entry in chain)
CertificateChain.Add (entry.Certificate);
break;
}
if (PrivateKey == null)
throw new ArgumentException ("The stream did not contain a private key.", "stream");
}