v2.0

The module no longer treats certificates with no Key Extension as suitable for encryption / decryption. This is because of two things: 1, some signing-only certificates have been found during demonstrations and tests which do not reflect this in the form of a Key Usage extension, and 2, when you look at the Public Key object on an RSA certificate that's only meant for signing, even the Public Key doesn't reflect this. Based on my tests so far, it's only when you look at the Private Key object that you get the authoritative data on whether a particular certificate is suitable for decrypting data.

Since we can't count on having this data directly from the private key, the only source I can trust to figure this out from the "public-only" view of a cert is the Key Usage extension.

Since this is a breaking change, the version number of the module is now 2.0 (according to semantic versioning.)