2 // KeyUsageExtension.cs: Handles X.509 KeyUsage extensions.
5 // Sebastien Pouliot (spouliot@motus.com)
7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
14 using Mono.Security.X509;
16 namespace Mono.Security.X509.Extensions {
19 * id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
21 * KeyUsage ::= BIT STRING {
22 * digitalSignature (0),
24 * keyEncipherment (2),
25 * dataEncipherment (3),
33 // note: because nothing is simple in ASN.1 bits are reversed
35 public enum KeyUsage {
36 digitalSignature = 0x80,
37 nonRepudiation = 0x40,
38 keyEncipherment = 0x20,
39 dataEncipherment = 0x10,
48 public class KeyUsageExtension : X509Extension {
52 public KeyUsageExtension (ASN1 asn1) : base (asn1) {}
54 public KeyUsageExtension (X509Extension extension) : base (extension) {}
56 protected override void Decode ()
58 ASN1 bitString = new ASN1 (extnValue.Value);
59 if (bitString.Tag != 0x03)
60 throw new ArgumentException ("Invalid KeyUsage extension");
61 int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
62 while (i < bitString.Value.Length)
63 kubits = (kubits << 8) + bitString.Value [i++];
66 public override string Name {
67 get { return "Key Usage"; }
70 public bool Support (KeyUsage usage)
72 int x = Convert.ToInt32 (usage);
73 return ((x & kubits) == x);
76 public override string ToString ()
78 const string separator = " , ";
79 StringBuilder sb = new StringBuilder ();
80 if (Support (KeyUsage.digitalSignature))
81 sb.Append ("Digital Signature");
82 if (Support (KeyUsage.nonRepudiation)) {
84 sb.Append (separator);
85 sb.Append ("Non-Repudiation");
87 if (Support (KeyUsage.keyEncipherment)) {
89 sb.Append (separator);
90 sb.Append ("Key Encipherment");
92 if (Support (KeyUsage.dataEncipherment)) {
94 sb.Append (separator);
95 sb.Append ("Data Encipherment");
97 if (Support (KeyUsage.keyAgreement)) {
99 sb.Append (separator);
100 sb.Append ("Key Agreement");
102 if (Support (KeyUsage.keyCertSign)) {
104 sb.Append (separator);
105 sb.Append ("Certificate Signing");
107 if (Support (KeyUsage.cRLSign)) {
109 sb.Append (separator);
110 sb.Append ("CRL Signing");
112 if (Support (KeyUsage.encipherOnly)) {
114 sb.Append (separator);
115 sb.Append ("Encipher Only "); // ???
117 if (Support (KeyUsage.decipherOnly)) {
119 sb.Append (separator);
120 sb.Append ("Decipher Only"); // ???
123 sb.Append (kubits.ToString ("X2"));
125 sb.Append (Environment.NewLine);
126 return sb.ToString ();