mcs/class/corlib/Mono.Security.X509.Extensions/KeyUsageExtension.cs

   1 //
   2 // KeyUsageExtension.cs: Handles X.509 KeyUsage extensions.
   3 //
   4 // Author:
   5 //      Sebastien Pouliot  <sebastien@ximian.com>
   6 //
   7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
   8 // (C) 2004 Novell (http://www.novell.com)
   9 //
  10
  11 //
  12 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
  13 //
  14 // Permission is hereby granted, free of charge, to any person obtaining
  15 // a copy of this software and associated documentation files (the
  16 // "Software"), to deal in the Software without restriction, including
  17 // without limitation the rights to use, copy, modify, merge, publish,
  18 // distribute, sublicense, and/or sell copies of the Software, and to
  19 // permit persons to whom the Software is furnished to do so, subject to
  20 // the following conditions:
  21 //
  22 // The above copyright notice and this permission notice shall be
  23 // included in all copies or substantial portions of the Software.
  24 //
  25 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  26 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  27 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  28 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  29 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  30 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  31 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  32 //
  33
  34 using System;
  35 using System.Globalization;
  36 using System.Text;
  37
  38 using Mono.Security;
  39 using Mono.Security.X509;
  40
  41 namespace Mono.Security.X509.Extensions {
  42
  43         /*
  44          * id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
  45          *
  46          * KeyUsage ::= BIT STRING {
  47          *      digitalSignature        (0),
  48          *      nonRepudiation          (1),
  49          *      keyEncipherment         (2),
  50          *      dataEncipherment        (3),
  51          *      keyAgreement            (4),
  52          *      keyCertSign             (5),
  53          *      cRLSign                 (6),
  54          *      encipherOnly            (7),
  55          *      decipherOnly            (8)
  56          * }
  57          */
  58         // note: because nothing is simple in ASN.1 bits are reversed
  59         [Flags]
  60 #if INSIDE_CORLIB
  61         internal
  62 #else
  63         public
  64 #endif
  65         enum KeyUsages {
  66                 digitalSignature = 0x80,
  67                 nonRepudiation = 0x40,
  68                 keyEncipherment = 0x20,
  69                 dataEncipherment = 0x10,
  70                 keyAgreement = 0x08,
  71                 keyCertSign = 0x04,
  72                 cRLSign = 0x02,
  73                 encipherOnly = 0x01,
  74                 decipherOnly = 0x800,
  75                 none = 0x0
  76         }
  77
  78 #if INSIDE_CORLIB
  79         internal
  80 #else
  81         public
  82 #endif
  83         class KeyUsageExtension : X509Extension {
  84
  85                 private int kubits;
  86
  87                 public KeyUsageExtension (ASN1 asn1) : base (asn1) {}
  88
  89                 public KeyUsageExtension (X509Extension extension) : base (extension) {}
  90
  91                 protected override void Decode ()
  92                 {
  93                         ASN1 bitString = new ASN1 (extnValue.Value);
  94                         if (bitString.Tag != 0x03)
  95                                 throw new ArgumentException ("Invalid KeyUsage extension");
  96                         int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
  97                         while (i < bitString.Value.Length)
  98                                 kubits = (kubits << 8) + bitString.Value [i++];
  99                 }
 100
 101                 public override string Name {
 102                         get { return "Key Usage"; }
 103                 }
 104
 105                 public bool Support (KeyUsages usage)
 106                 {
 107                         int x = Convert.ToInt32 (usage, CultureInfo.InvariantCulture);
 108                         return ((x & kubits) == x);
 109                 }
 110
 111                 public override string ToString ()
 112                 {
 113                         const string separator = " , ";
 114                         StringBuilder sb = new StringBuilder ();
 115                         if (Support (KeyUsages.digitalSignature))
 116                                 sb.Append ("Digital Signature");
 117                         if (Support (KeyUsages.nonRepudiation)) {
 118                                 if (sb.Length > 0)
 119                                         sb.Append (separator);
 120                                 sb.Append ("Non-Repudiation");
 121                         }
 122                         if (Support (KeyUsages.keyEncipherment)) {
 123                                 if (sb.Length > 0)
 124                                         sb.Append (separator);
 125                                 sb.Append ("Key Encipherment");
 126                         }
 127                         if (Support (KeyUsages.dataEncipherment)) {
 128                                 if (sb.Length > 0)
 129                                         sb.Append (separator);
 130                                 sb.Append ("Data Encipherment");
 131                         }
 132                         if (Support (KeyUsages.keyAgreement)) {
 133                                 if (sb.Length > 0)
 134                                         sb.Append (separator);
 135                                 sb.Append ("Key Agreement");
 136                         }
 137                         if (Support (KeyUsages.keyCertSign)) {
 138                                 if (sb.Length > 0)
 139                                         sb.Append (separator);
 140                                 sb.Append ("Certificate Signing");
 141                         }
 142                         if (Support (KeyUsages.cRLSign)) {
 143                                 if (sb.Length > 0)
 144                                         sb.Append (separator);
 145                                 sb.Append ("CRL Signing");
 146                         }
 147                         if (Support (KeyUsages.encipherOnly)) {
 148                                 if (sb.Length > 0)
 149                                         sb.Append (separator);
 150                                 sb.Append ("Encipher Only ");   // ???
 151                         }
 152                         if (Support (KeyUsages.decipherOnly)) {
 153                                 if (sb.Length > 0)
 154                                         sb.Append (separator);
 155                                 sb.Append ("Decipher Only");    // ???
 156                         }
 157                         sb.Append ("(");
 158                         sb.Append (kubits.ToString ("X2", CultureInfo.InvariantCulture));
 159                         sb.Append (")");
 160                         sb.Append (Environment.NewLine);
 161                         return sb.ToString ();
 162                 }
 163         }
 164 }