2 // KeyAttributesExtension.cs: Handles X.509 *DEPRECATED* KeyAttributes extensions.
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
8 // (C) 2004 Novell (http://www.novell.com)
12 // Permission is hereby granted, free of charge, to any person obtaining
13 // a copy of this software and associated documentation files (the
14 // "Software"), to deal in the Software without restriction, including
15 // without limitation the rights to use, copy, modify, merge, publish,
16 // distribute, sublicense, and/or sell copies of the Software, and to
17 // permit persons to whom the Software is furnished to do so, subject to
18 // the following conditions:
20 // The above copyright notice and this permission notice shall be
21 // included in all copies or substantial portions of the Software.
23 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
27 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
28 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
29 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
33 using System
.Globalization
;
37 using Mono
.Security
.X509
;
39 namespace Mono
.Security
.X509
.Extensions
{
40 // definition found @ http://groups.yahoo.com/group/ssl-talk/message/1964
42 // keyAttributes EXTENSION ::= {
43 // SYNTAX KeyAttributes
44 // IDENTIFIED BY { id-ce 2 } }
46 // KeyAttributes ::= SEQUENCE {
47 // keyIdentifier KeyIdentifier OPTIONAL,
48 // intendedKeyUsage KeyUsage OPTIONAL,
49 // privateKeyUsagePeriod PrivateKeyValidity OPTIONAL
51 // KeyUsage ::= BIT STRING {
52 // digitalSignature (0),
53 // nonRepudiation (1),
54 // keyEncipherment (2),
55 // dataEncipherment (3),
60 // PrivateKeyValidity ::= SEQUENCE {
61 // notBefore [0] GeneralizedTime OPTIONAL,
62 // notAfter [1] GeneralizedTime OPTIONAL
64 // ( CONSTRAINED BY { -- at least one component shall be present -- })
66 public class KeyAttributesExtension
: X509Extension
{
70 private DateTime notBefore
;
71 private DateTime notAfter
;
73 public KeyAttributesExtension () : base ()
78 public KeyAttributesExtension (ASN1 asn1
) : base (asn1
)
82 public KeyAttributesExtension (X509Extension extension
) : base (extension
)
86 protected override void Decode ()
88 ASN1 seq
= new ASN1 (extnValue
.Value
);
90 throw new ArgumentException ("Invalid KeyAttributesExtension extension");
92 // check for KeyIdentifier
95 if (item
.Tag
== 0x04) {
100 // check for KeyUsage
103 if (item
.Tag
== 0x03) {
105 int i
= 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
106 while (i
< item
.Value
.Length
)
107 kubits
= (kubits
<< 8) + item
.Value
[i
++];
110 // check for PrivateKeyValidity
113 if (item
.Tag
== 0x30) {
115 if (i
< item
.Count
) {
117 if (dt
.Tag
== 0x81) {
119 notBefore
= ASN1Convert
.ToDateTime (dt
);
122 if (i
< item
.Count
) {
125 notAfter
= ASN1Convert
.ToDateTime (dt
);
131 public byte[] KeyIdentifier
{
135 return (byte[]) keyId
.Clone ();
139 public override string Name
{
140 get { return "Key Attributes"; }
143 public DateTime NotAfter
{
144 get { return notAfter; }
147 public DateTime NotBefore
{
148 get { return notBefore; }
151 public bool Support (KeyUsages usage
)
153 int x
= Convert
.ToInt32 (usage
, CultureInfo
.InvariantCulture
);
154 return ((x
& kubits
) == x
);
157 public override string ToString ()
159 StringBuilder sb
= new StringBuilder ();
161 sb
.Append ("KeyID=");
163 while (x
< keyId
.Length
) {
164 sb
.Append (keyId
[x
].ToString ("X2", CultureInfo
.InvariantCulture
));
169 sb
.Append (Environment
.NewLine
);
173 sb
.Append ("Key Usage=");
174 const string separator
= " , ";
175 if (Support (KeyUsages
.digitalSignature
))
176 sb
.Append ("Digital Signature");
177 if (Support (KeyUsages
.nonRepudiation
)) {
179 sb
.Append (separator
);
180 sb
.Append ("Non-Repudiation");
182 if (Support (KeyUsages
.keyEncipherment
)) {
184 sb
.Append (separator
);
185 sb
.Append ("Key Encipherment");
187 if (Support (KeyUsages
.dataEncipherment
)) {
189 sb
.Append (separator
);
190 sb
.Append ("Data Encipherment");
192 if (Support (KeyUsages
.keyAgreement
)) {
194 sb
.Append (separator
);
195 sb
.Append ("Key Agreement");
197 if (Support (KeyUsages
.keyCertSign
)) {
199 sb
.Append (separator
);
200 sb
.Append ("Certificate Signing");
202 if (Support (KeyUsages
.cRLSign
)) {
204 sb
.Append (separator
);
205 sb
.Append ("CRL Signing");
207 if (Support (KeyUsages
.encipherOnly
)) {
209 sb
.Append (separator
);
210 sb
.Append ("Encipher Only "); // ???
212 if (Support (KeyUsages
.decipherOnly
)) {
214 sb
.Append (separator
);
215 sb
.Append ("Decipher Only"); // ???
218 sb
.Append (kubits
.ToString ("X2", CultureInfo
.InvariantCulture
));
220 sb
.Append (Environment
.NewLine
);
223 if (notBefore
!= DateTime
.MinValue
) {
224 sb
.Append ("Not Before=");
225 sb
.Append (notBefore
.ToString (CultureInfo
.CurrentUICulture
));
226 sb
.Append (Environment
.NewLine
);
228 if (notAfter
!= DateTime
.MinValue
) {
229 sb
.Append ("Not After=");
230 sb
.Append (notAfter
.ToString (CultureInfo
.CurrentUICulture
));
231 sb
.Append (Environment
.NewLine
);
233 return sb
.ToString ();