2 // CertificatePoliciesExtension.cs: Handles X.509 CertificatePolicies extensions.
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2004 Novell (http://www.novell.com)
11 // Permission is hereby granted, free of charge, to any person obtaining
12 // a copy of this software and associated documentation files (the
13 // "Software"), to deal in the Software without restriction, including
14 // without limitation the rights to use, copy, modify, merge, publish,
15 // distribute, sublicense, and/or sell copies of the Software, and to
16 // permit persons to whom the Software is furnished to do so, subject to
17 // the following conditions:
19 // The above copyright notice and this permission notice shall be
20 // included in all copies or substantial portions of the Software.
22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
32 using System.Collections;
36 using Mono.Security.X509;
38 namespace Mono.Security.X509.Extensions {
41 * id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 }
43 * anyPolicy OBJECT IDENTIFIER ::= { id-ce-certificate-policies 0 }
45 * certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
47 * PolicyInformation ::= SEQUENCE {
48 * policyIdentifier CertPolicyId,
49 * policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL
52 * CertPolicyId ::= OBJECT IDENTIFIER
54 * PolicyQualifierInfo ::= SEQUENCE {
55 * policyQualifierId PolicyQualifierId,
56 * qualifier ANY DEFINED BY policyQualifierId
59 * -- policyQualifierIds for Internet policy qualifiers
60 * id-qt OBJECT IDENTIFIER ::= { id-pkix 2 }
61 * id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 }
62 * id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 }
64 * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
66 * Qualifier ::= CHOICE {
68 * userNotice UserNotice
71 * CPSuri ::= IA5String
73 * UserNotice ::= SEQUENCE {
74 * noticeRef NoticeReference OPTIONAL,
75 * explicitText DisplayText OPTIONAL
78 * NoticeReference ::= SEQUENCE {
79 * organization DisplayText,
80 * noticeNumbers SEQUENCE OF INTEGER
83 * DisplayText ::= CHOICE {
84 * ia5String IA5String (SIZE (1..200)),
85 * visibleString VisibleString (SIZE (1..200)),
86 * bmpString BMPString (SIZE (1..200)),
87 * utf8String UTF8String (SIZE (1..200))
91 // note: partial implementation (only policyIdentifier OID are supported)
92 public class CertificatePoliciesExtension : X509Extension {
94 private Hashtable policies;
96 public CertificatePoliciesExtension () : base ()
98 extnOid = "2.5.29.32";
99 policies = new Hashtable ();
102 public CertificatePoliciesExtension (ASN1 asn1) : base (asn1)
106 public CertificatePoliciesExtension (X509Extension extension) : base (extension)
110 protected override void Decode ()
112 policies = new Hashtable ();
113 ASN1 sequence = new ASN1 (extnValue.Value);
114 if (sequence.Tag != 0x30)
115 throw new ArgumentException ("Invalid CertificatePolicies extension");
116 // for every policy OID
117 for (int i=0; i < sequence.Count; i++) {
118 policies.Add (ASN1Convert.ToOid (sequence [i][0]), null);
122 public override string Name {
123 get { return "Certificate Policies"; }
126 public override string ToString ()
128 StringBuilder sb = new StringBuilder ();
130 foreach (DictionaryEntry policy in policies) {
133 sb.Append ("]Certificate Policy:");
134 sb.Append (Environment.NewLine);
135 sb.Append ("\tPolicyIdentifier=");
136 sb.Append ((string)policy.Key);
137 sb.Append (Environment.NewLine);
139 return sb.ToString ();