Ticket #305 (new Bug)
When encrypting email, Mulberry does not check key usage on SMIME X509 certificates
|Reported by:||yitzchakgottlieb||Owned by:||Cyrus Daboo|
If Mulberry has two certificates for a given recipient, one used for signing (non-repudiation) and the other used for encrypting, Mulberry will not necessarily choose the encryption certificate to encrypt email to that recipient. This problem is related to ticket 302, but is distinct in that it refers only to recipient certificates. I believe this is because neither Mulberry nor Openssl check the key usage field of the certificate before encrypting with it.