2 // KeyUsageExtension.cs: Handles X.509 KeyUsage extensions.
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
8 // (C) 2004 Novell (http://www.novell.com)
12 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
14 // Permission is hereby granted, free of charge, to any person obtaining
15 // a copy of this software and associated documentation files (the
16 // "Software"), to deal in the Software without restriction, including
17 // without limitation the rights to use, copy, modify, merge, publish,
18 // distribute, sublicense, and/or sell copies of the Software, and to
19 // permit persons to whom the Software is furnished to do so, subject to
20 // the following conditions:
22 // The above copyright notice and this permission notice shall be
23 // included in all copies or substantial portions of the Software.
25 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
29 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
30 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
31 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
35 using System
.Globalization
;
39 using Mono
.Security
.X509
;
41 namespace Mono
.Security
.X509
.Extensions
{
44 * id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
46 * KeyUsage ::= BIT STRING {
47 * digitalSignature (0),
49 * keyEncipherment (2),
50 * dataEncipherment (3),
58 // note: because nothing is simple in ASN.1 bits are reversed
66 digitalSignature
= 0x80,
67 nonRepudiation
= 0x40,
68 keyEncipherment
= 0x20,
69 dataEncipherment
= 0x10,
83 class KeyUsageExtension
: X509Extension
{
87 public KeyUsageExtension (ASN1 asn1
) : base (asn1
) {}
89 public KeyUsageExtension (X509Extension extension
) : base (extension
) {}
91 protected override void Decode ()
93 ASN1 bitString
= new ASN1 (extnValue
.Value
);
94 if (bitString
.Tag
!= 0x03)
95 throw new ArgumentException ("Invalid KeyUsage extension");
96 int i
= 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
97 while (i
< bitString
.Value
.Length
)
98 kubits
= (kubits
<< 8) + bitString
.Value
[i
++];
101 public override string Name
{
102 get { return "Key Usage"; }
105 public bool Support (KeyUsages usage
)
107 int x
= Convert
.ToInt32 (usage
, CultureInfo
.InvariantCulture
);
108 return ((x
& kubits
) == x
);
111 public override string ToString ()
113 const string separator
= " , ";
114 StringBuilder sb
= new StringBuilder ();
115 if (Support (KeyUsages
.digitalSignature
))
116 sb
.Append ("Digital Signature");
117 if (Support (KeyUsages
.nonRepudiation
)) {
119 sb
.Append (separator
);
120 sb
.Append ("Non-Repudiation");
122 if (Support (KeyUsages
.keyEncipherment
)) {
124 sb
.Append (separator
);
125 sb
.Append ("Key Encipherment");
127 if (Support (KeyUsages
.dataEncipherment
)) {
129 sb
.Append (separator
);
130 sb
.Append ("Data Encipherment");
132 if (Support (KeyUsages
.keyAgreement
)) {
134 sb
.Append (separator
);
135 sb
.Append ("Key Agreement");
137 if (Support (KeyUsages
.keyCertSign
)) {
139 sb
.Append (separator
);
140 sb
.Append ("Certificate Signing");
142 if (Support (KeyUsages
.cRLSign
)) {
144 sb
.Append (separator
);
145 sb
.Append ("CRL Signing");
147 if (Support (KeyUsages
.encipherOnly
)) {
149 sb
.Append (separator
);
150 sb
.Append ("Encipher Only "); // ???
152 if (Support (KeyUsages
.decipherOnly
)) {
154 sb
.Append (separator
);
155 sb
.Append ("Decipher Only"); // ???
158 sb
.Append (kubits
.ToString ("X2", CultureInfo
.InvariantCulture
));
160 sb
.Append (Environment
.NewLine
);
161 return sb
.ToString ();