2 // NetscapeCertTypeExtension.cs: Handles Netscape CertType extensions.
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2004 Novell (http://www.novell.com)
14 using Mono.Security.X509;
16 namespace Mono.Security.X509.Extensions {
19 // a. Netscape Certificate Extensions Navigator 3.0 Version
20 // http://wp.netscape.com/eng/security/cert-exts.html
21 // b. Netscape Certificate Extensions Communicator 4.0 Version
22 // http://wp.netscape.com/eng/security/comm4-cert-exts.html
23 // c. 2.16.840.1.113730.1.1 - Netscape certificate type
24 // http://www.alvestrand.no/objectid/2.16.840.1.113730.1.1.html
26 public class NetscapeCertTypeExtension : X509Extension {
29 * bit-0 SSL client - this cert is certified for SSL client authentication use
30 * bit-1 SSL server - this cert is certified for SSL server authentication use
31 * bit-2 S/MIME - this cert is certified for use by clients(New in PR3)
32 * bit-3 Object Signing - this cert is certified for signing objects such as Java applets and plugins(New in PR3)
33 * bit-4 Reserved - this bit is reserved for future use
34 * bit-5 SSL CA - this cert is certified for issuing certs for SSL use
35 * bit-6 S/MIME CA - this cert is certified for issuing certs for S/MIME use(New in PR3)
36 * bit-7 Object Signing CA - this cert is certified for issuing certs for Object Signing(New in PR3)
39 // note: because nothing is simple in ASN.1 bits are reversed
41 public enum CertType {
48 ObjectSigningCA = 0x01
53 public NetscapeCertTypeExtension () : base ()
55 extnOid = "2.16.840.1.113730.1.1";
58 public NetscapeCertTypeExtension (ASN1 asn1) : base (asn1) {}
60 public NetscapeCertTypeExtension (X509Extension extension) : base (extension) {}
62 protected override void Decode ()
64 ASN1 bitString = new ASN1 (extnValue.Value);
65 if (bitString.Tag != 0x03)
66 throw new ArgumentException ("Invalid NetscapeCertType extension");
67 int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
68 while (i < bitString.Value.Length)
69 ctbits = (ctbits << 8) + bitString.Value [i++];
72 public override string Name {
73 get { return "NetscapeCertType"; }
76 /* public CertType Type {
77 get { return ctbits; }
78 set { ctbits = value; }
81 public bool Support (CertType usage)
83 int x = Convert.ToInt32 (usage);
84 return ((x & ctbits) == x);
87 public override string ToString ()
89 const string separator = " , ";
90 StringBuilder sb = new StringBuilder ();
91 if (Support (CertType.SslClient))
92 sb.Append ("SSL Client Authentication");
93 if (Support (CertType.SslServer)) {
95 sb.Append (separator);
96 sb.Append ("SSL Server Authentication");
98 if (Support (CertType.Smime)) {
100 sb.Append (separator);
103 if (Support (CertType.ObjectSigning)) {
105 sb.Append (separator);
106 sb.Append ("Object Signing");
108 if (Support (CertType.SslCa)) {
110 sb.Append (separator);
111 sb.Append ("SSL CA");
113 if (Support (CertType.SmimeCa)) {
115 sb.Append (separator);
116 sb.Append ("SMIME CA");
118 if (Support (CertType.ObjectSigningCA)) {
120 sb.Append (separator);
121 sb.Append ("Object Signing CA");
124 sb.Append (ctbits.ToString ("X2"));
126 sb.Append (Environment.NewLine);
127 return sb.ToString ();