2 // KeyAttributesExtension.cs: Handles X.509 *DEPRECATED* KeyAttributes extensions.
5 // Sebastien Pouliot (spouliot@motus.com)
7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
14 using Mono.Security.X509;
16 namespace Mono.Security.X509.Extensions {
17 // definition found @ http://groups.yahoo.com/group/ssl-talk/message/1964
19 // keyAttributes EXTENSION ::= {
20 // SYNTAX KeyAttributes
21 // IDENTIFIED BY { id-ce 2 } }
23 // KeyAttributes ::= SEQUENCE {
24 // keyIdentifier KeyIdentifier OPTIONAL,
25 // intendedKeyUsage KeyUsage OPTIONAL,
26 // privateKeyUsagePeriod PrivateKeyValidity OPTIONAL
28 // KeyUsage ::= BIT STRING {
29 // digitalSignature (0),
30 // nonRepudiation (1),
31 // keyEncipherment (2),
32 // dataEncipherment (3),
37 // PrivateKeyValidity ::= SEQUENCE {
38 // notBefore [0] GeneralizedTime OPTIONAL,
39 // notAfter [1] GeneralizedTime OPTIONAL
41 // ( CONSTRAINED BY { -- at least one component shall be present -- })
43 public class KeyAttributesExtension : X509Extension {
47 private DateTime notBefore;
48 private DateTime notAfter;
50 public KeyAttributesExtension () : base ()
55 public KeyAttributesExtension (ASN1 asn1) : base (asn1) {}
57 public KeyAttributesExtension (X509Extension extension) : base (extension) {}
59 protected override void Decode ()
61 ASN1 seq = new ASN1 (extnValue.Value);
63 throw new ArgumentException ("Invalid KeyAttributesExtension extension");
65 // check for KeyIdentifier
68 if (item.Tag == 0x04) {
76 if (item.Tag == 0x03) {
78 int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
79 while (i < item.Value.Length)
80 kubits = (kubits << 8) + item.Value [i++];
83 // check for PrivateKeyValidity
86 if (item.Tag == 0x30) {
92 notBefore = ASN1Convert.ToDateTime (dt);
98 notAfter = ASN1Convert.ToDateTime (dt);
104 public byte[] KeyIdentifier {
105 get { return keyId; }
108 public override string Name {
109 get { return "Key Attributes"; }
112 public DateTime NotAfter {
113 get { return notAfter; }
116 public DateTime NotBefore {
117 get { return notBefore; }
120 public bool Support (KeyUsage usage)
122 int x = Convert.ToInt32 (usage);
123 return ((x & kubits) == x);
126 public override string ToString ()
128 StringBuilder sb = new StringBuilder ();
130 sb.Append ("KeyID=");
132 while (x < keyId.Length) {
133 sb.Append (keyId [x].ToString ("X2"));
138 sb.Append (Environment.NewLine);
142 sb.Append ("Key Usage=");
143 const string separator = " , ";
144 if (Support (KeyUsage.digitalSignature))
145 sb.Append ("Digital Signature");
146 if (Support (KeyUsage.nonRepudiation)) {
148 sb.Append (separator);
149 sb.Append ("Non-Repudiation");
151 if (Support (KeyUsage.keyEncipherment)) {
153 sb.Append (separator);
154 sb.Append ("Key Encipherment");
156 if (Support (KeyUsage.dataEncipherment)) {
158 sb.Append (separator);
159 sb.Append ("Data Encipherment");
161 if (Support (KeyUsage.keyAgreement)) {
163 sb.Append (separator);
164 sb.Append ("Key Agreement");
166 if (Support (KeyUsage.keyCertSign)) {
168 sb.Append (separator);
169 sb.Append ("Certificate Signing");
171 if (Support (KeyUsage.cRLSign)) {
173 sb.Append (separator);
174 sb.Append ("CRL Signing");
176 if (Support (KeyUsage.encipherOnly)) {
178 sb.Append (separator);
179 sb.Append ("Encipher Only "); // ???
181 if (Support (KeyUsage.decipherOnly)) {
183 sb.Append (separator);
184 sb.Append ("Decipher Only"); // ???
187 sb.Append (kubits.ToString ("X2"));
189 sb.Append (Environment.NewLine);
192 if (notBefore != DateTime.MinValue) {
193 sb.Append ("Not Before=");
194 sb.Append (notBefore.ToString ());
195 sb.Append (Environment.NewLine);
197 if (notAfter != DateTime.MinValue) {
198 sb.Append ("Not After=");
199 sb.Append (notAfter.ToString ());
200 sb.Append (Environment.NewLine);
202 return sb.ToString ();