2 // KeyAttributesExtension.cs: Handles X.509 *DEPRECATED* KeyAttributes extensions.
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
8 // (C) 2004 Novell (http://www.novell.com)
12 // Permission is hereby granted, free of charge, to any person obtaining
13 // a copy of this software and associated documentation files (the
14 // "Software"), to deal in the Software without restriction, including
15 // without limitation the rights to use, copy, modify, merge, publish,
16 // distribute, sublicense, and/or sell copies of the Software, and to
17 // permit persons to whom the Software is furnished to do so, subject to
18 // the following conditions:
20 // The above copyright notice and this permission notice shall be
21 // included in all copies or substantial portions of the Software.
23 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
27 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
28 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
29 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
33 using System.Globalization;
37 using Mono.Security.X509;
39 namespace Mono.Security.X509.Extensions {
40 // definition found @ http://groups.yahoo.com/group/ssl-talk/message/1964
42 // keyAttributes EXTENSION ::= {
43 // SYNTAX KeyAttributes
44 // IDENTIFIED BY { id-ce 2 } }
46 // KeyAttributes ::= SEQUENCE {
47 // keyIdentifier KeyIdentifier OPTIONAL,
48 // intendedKeyUsage KeyUsage OPTIONAL,
49 // privateKeyUsagePeriod PrivateKeyValidity OPTIONAL
51 // KeyUsage ::= BIT STRING {
52 // digitalSignature (0),
53 // nonRepudiation (1),
54 // keyEncipherment (2),
55 // dataEncipherment (3),
60 // PrivateKeyValidity ::= SEQUENCE {
61 // notBefore [0] GeneralizedTime OPTIONAL,
62 // notAfter [1] GeneralizedTime OPTIONAL
64 // ( CONSTRAINED BY { -- at least one component shall be present -- })
66 public class KeyAttributesExtension : X509Extension {
70 private DateTime notBefore;
71 private DateTime notAfter;
73 public KeyAttributesExtension () : base ()
78 public KeyAttributesExtension (ASN1 asn1) : base (asn1)
82 public KeyAttributesExtension (X509Extension extension) : base (extension)
86 protected override void Decode ()
88 ASN1 seq = new ASN1 (extnValue.Value);
90 throw new ArgumentException ("Invalid KeyAttributesExtension extension");
92 // check for KeyIdentifier
95 if (item.Tag == 0x04) {
100 // check for KeyUsage
103 if (item.Tag == 0x03) {
105 int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
106 while (i < item.Value.Length)
107 kubits = (kubits << 8) + item.Value [i++];
110 // check for PrivateKeyValidity
113 if (item.Tag == 0x30) {
115 if (i < item.Count) {
117 if (dt.Tag == 0x81) {
119 notBefore = ASN1Convert.ToDateTime (dt);
122 if (i < item.Count) {
125 notAfter = ASN1Convert.ToDateTime (dt);
131 public byte[] KeyIdentifier {
135 return (byte[]) keyId.Clone ();
139 public override string Name {
140 get { return "Key Attributes"; }
143 public DateTime NotAfter {
144 get { return notAfter; }
147 public DateTime NotBefore {
148 get { return notBefore; }
151 public bool Support (KeyUsages usage)
153 int x = Convert.ToInt32 (usage, CultureInfo.InvariantCulture);
154 return ((x & kubits) == x);
157 public override string ToString ()
159 StringBuilder sb = new StringBuilder ();
161 sb.Append ("KeyID=");
163 while (x < keyId.Length) {
164 sb.Append (keyId [x].ToString ("X2", CultureInfo.InvariantCulture));
169 sb.Append (Environment.NewLine);
173 sb.Append ("Key Usage=");
174 const string separator = " , ";
175 if (Support (KeyUsages.digitalSignature))
176 sb.Append ("Digital Signature");
177 if (Support (KeyUsages.nonRepudiation)) {
179 sb.Append (separator);
180 sb.Append ("Non-Repudiation");
182 if (Support (KeyUsages.keyEncipherment)) {
184 sb.Append (separator);
185 sb.Append ("Key Encipherment");
187 if (Support (KeyUsages.dataEncipherment)) {
189 sb.Append (separator);
190 sb.Append ("Data Encipherment");
192 if (Support (KeyUsages.keyAgreement)) {
194 sb.Append (separator);
195 sb.Append ("Key Agreement");
197 if (Support (KeyUsages.keyCertSign)) {
199 sb.Append (separator);
200 sb.Append ("Certificate Signing");
202 if (Support (KeyUsages.cRLSign)) {
204 sb.Append (separator);
205 sb.Append ("CRL Signing");
207 if (Support (KeyUsages.encipherOnly)) {
209 sb.Append (separator);
210 sb.Append ("Encipher Only "); // ???
212 if (Support (KeyUsages.decipherOnly)) {
214 sb.Append (separator);
215 sb.Append ("Decipher Only"); // ???
218 sb.Append (kubits.ToString ("X2", CultureInfo.InvariantCulture));
220 sb.Append (Environment.NewLine);
223 if (notBefore != DateTime.MinValue) {
224 sb.Append ("Not Before=");
225 sb.Append (notBefore.ToString (CultureInfo.CurrentUICulture));
226 sb.Append (Environment.NewLine);
228 if (notAfter != DateTime.MinValue) {
229 sb.Append ("Not After=");
230 sb.Append (notAfter.ToString (CultureInfo.CurrentUICulture));
231 sb.Append (Environment.NewLine);
233 return sb.ToString ();