2 // System.Security.Cryptography.X509Certificates.X509KeyUsageExtension
5 // Tim Coleman (tim@timcoleman.com)
6 // Sebastien Pouliot <sebastien@ximian.com>
8 // Copyright (C) Tim Coleman, 2004
9 // Copyright (C) 2004-2005 Novell Inc. (http://www.novell.com)
11 // Permission is hereby granted, free of charge, to any person obtaining
12 // a copy of this software and associated documentation files (the
13 // "Software"), to deal in the Software without restriction, including
14 // without limitation the rights to use, copy, modify, merge, publish,
15 // distribute, sublicense, and/or sell copies of the Software, and to
16 // permit persons to whom the Software is furnished to do so, subject to
17 // the following conditions:
19 // The above copyright notice and this permission notice shall be
20 // included in all copies or substantial portions of the Software.
22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
33 extern alias MonoSecurity;
37 using MonoSecurity::Mono.Security;
39 namespace System.Security.Cryptography.X509Certificates {
41 public sealed class X509KeyUsageExtension : X509Extension {
43 internal const string oid = "2.5.29.15";
44 internal const string friendlyName = "Key Usage";
46 internal const X509KeyUsageFlags all = X509KeyUsageFlags.EncipherOnly | X509KeyUsageFlags.CrlSign |
47 X509KeyUsageFlags.KeyCertSign | X509KeyUsageFlags.KeyAgreement | X509KeyUsageFlags.DataEncipherment |
48 X509KeyUsageFlags.KeyEncipherment | X509KeyUsageFlags.NonRepudiation |
49 X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.DecipherOnly;
51 private X509KeyUsageFlags _keyUsages;
52 private AsnDecodeStatus _status;
56 public X509KeyUsageExtension ()
58 _oid = new Oid (oid, friendlyName);
61 public X509KeyUsageExtension (AsnEncodedData encodedKeyUsage, bool critical)
63 // ignore the Oid provided by encodedKeyUsage (our rules!)
64 _oid = new Oid (oid, friendlyName);
65 _raw = encodedKeyUsage.RawData;
66 base.Critical = critical;
67 _status = Decode (this.RawData);
70 public X509KeyUsageExtension (X509KeyUsageFlags keyUsages, bool critical)
72 _oid = new Oid (oid, friendlyName);
73 base.Critical = critical;
74 _keyUsages = GetValidFlags (keyUsages);
80 public X509KeyUsageFlags KeyUsages {
83 case AsnDecodeStatus.Ok:
84 case AsnDecodeStatus.InformationNotAvailable:
87 throw new CryptographicException ("Badly encoded extension.");
94 public override void CopyFrom (AsnEncodedData encodedData)
96 if (encodedData == null)
97 throw new ArgumentNullException ("encodedData");
99 X509Extension ex = (encodedData as X509Extension);
101 throw new ArgumentException (Locale.GetText ("Wrong type."), "encodedData");
104 _oid = new Oid (oid, friendlyName);
106 _oid = new Oid (ex._oid);
108 RawData = ex.RawData;
109 base.Critical = ex.Critical;
110 // and we deal with the rest later
111 _status = Decode (this.RawData);
116 internal X509KeyUsageFlags GetValidFlags (X509KeyUsageFlags flags)
118 if ((flags & all) != flags)
119 return (X509KeyUsageFlags) 0;
123 internal AsnDecodeStatus Decode (byte[] extension)
125 if ((extension == null) || (extension.Length == 0))
126 return AsnDecodeStatus.BadAsn;
127 if (extension [0] != 0x03)
128 return AsnDecodeStatus.BadTag;
129 if (extension.Length < 3)
130 return AsnDecodeStatus.BadLength;
131 if (extension.Length < 4)
132 return AsnDecodeStatus.InformationNotAvailable;
135 ASN1 ex = new ASN1 (extension);
137 int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
138 while (i < ex.Value.Length)
139 kubits = (kubits << 8) + ex.Value [i++];
141 _keyUsages = GetValidFlags ((X509KeyUsageFlags)kubits);
144 return AsnDecodeStatus.BadAsn;
147 return AsnDecodeStatus.Ok;
150 internal byte[] Encode ()
153 int kubits = (int)_keyUsages;
157 ex = new ASN1 (0x03, new byte[] { empty });
159 // count empty bits (applicable to first byte only)
160 int ku = ((kubits < Byte.MaxValue) ? kubits : (kubits >> 8));
161 while (((ku & 0x01) == 0x00) && (empty < 8)) {
166 if (kubits <= Byte.MaxValue) {
167 ex = new ASN1 (0x03, new byte[] { empty, (byte)kubits });
169 ex = new ASN1 (0x03, new byte[] { empty, (byte)kubits, (byte)(kubits >> 8) });
173 return ex.GetBytes ();
176 internal override string ToString (bool multiLine)
179 case AsnDecodeStatus.BadAsn:
181 case AsnDecodeStatus.BadTag:
182 case AsnDecodeStatus.BadLength:
183 return FormatUnkownData (_raw);
184 case AsnDecodeStatus.InformationNotAvailable:
185 return "Information Not Available";
188 if (_oid.Value != oid)
189 return String.Format ("Unknown Key Usage ({0})", _oid.Value);
191 return "Information Not Available";
193 StringBuilder sb = new StringBuilder ();
195 if ((_keyUsages & X509KeyUsageFlags.DigitalSignature) != 0) {
196 sb.Append ("Digital Signature");
198 if ((_keyUsages & X509KeyUsageFlags.NonRepudiation) != 0) {
201 sb.Append ("Non-Repudiation");
203 if ((_keyUsages & X509KeyUsageFlags.KeyEncipherment) != 0) {
206 sb.Append ("Key Encipherment");
208 if ((_keyUsages & X509KeyUsageFlags.DataEncipherment) != 0) {
211 sb.Append ("Data Encipherment");
213 if ((_keyUsages & X509KeyUsageFlags.KeyAgreement) != 0) {
216 sb.Append ("Key Agreement");
218 if ((_keyUsages & X509KeyUsageFlags.KeyCertSign) != 0) {
221 sb.Append ("Certificate Signing");
223 if ((_keyUsages & X509KeyUsageFlags.CrlSign) != 0) {
226 sb.Append ("Off-line CRL Signing, CRL Signing");
228 if ((_keyUsages & X509KeyUsageFlags.EncipherOnly) != 0) {
231 sb.Append ("Encipher Only");
233 if ((_keyUsages & X509KeyUsageFlags.DecipherOnly) != 0) {
236 sb.Append ("Decipher Only");
239 int ku = (int)_keyUsages;
241 sb.Append (((byte)ku).ToString ("x2"));
242 if (ku > Byte.MaxValue) {
244 sb.Append (((byte)(ku >> 8)).ToString ("x2"));
249 sb.Append (Environment.NewLine);
251 return sb.ToString ();