--- /dev/null
+//
+// BasicConstraintsExtension.cs: Handles X.509 BasicConstrains extensions.
+//
+// Author:
+// Sebastien Pouliot <sebastien@ximian.com>
+//
+// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
+// (C) 2004 Novell (http://www.novell.com)
+//
+
+using System;
+using System.Globalization;
+using System.Text;
+
+using Mono.Security;
+using Mono.Security.X509;
+
+namespace Mono.Security.X509.Extensions {
+
+ // References:
+ // 1. RFC 3280: Internet X.509 Public Key Infrastructure, Section 4.2.1.10
+ // http://www.ietf.org/rfc/rfc3280.txt
+
+ /* id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 }
+ *
+ * BasicConstraints ::= SEQUENCE {
+ * cA BOOLEAN DEFAULT FALSE,
+ * pathLenConstraint INTEGER (0..MAX) OPTIONAL
+ * }
+ */
+#if INSIDE_CORLIB
+ internal
+#else
+ public
+#endif
+ class BasicConstraintsExtension : X509Extension {
+
+ private bool cA;
+ private int pathLenConstraint;
+
+ public BasicConstraintsExtension () : base ()
+ {
+ extnOid = "2.5.29.19";
+ }
+
+ public BasicConstraintsExtension (ASN1 asn1) : base (asn1) {}
+
+ public BasicConstraintsExtension (X509Extension extension) : base (extension) {}
+
+ protected override void Decode ()
+ {
+ // default values
+ cA = false;
+ pathLenConstraint = 0; // no constraint
+
+ ASN1 sequence = new ASN1 (extnValue.Value);
+ if (sequence.Tag != 0x30)
+ throw new ArgumentException ("Invalid BasicConstraints extension");
+ int n = 0;
+ ASN1 a = sequence [n++];
+ if ((a != null) && (a.Tag == 0x01)) {
+ cA = (a.Value [0] == 0xFF);
+ a = sequence [n++];
+ }
+ if ((a != null) && (a.Tag == 0x02))
+ pathLenConstraint = ASN1Convert.ToInt32 (a);
+ }
+
+ protected override void Encode ()
+ {
+ if (extnValue == null) {
+ extnValue = new ASN1 (0x30);
+ if (cA)
+ extnValue.Add (new ASN1 (0x01, new byte[] { 0xFF }));
+ if (pathLenConstraint > 0)
+ extnValue.Add (ASN1Convert.FromInt32 (pathLenConstraint));
+ }
+ }
+
+ public bool CertificateAuthority {
+ get { return cA; }
+ set { cA = value; }
+ }
+
+ public override string Name {
+ get { return "Basic Constraints"; }
+ }
+
+ public int PathLenConstraint {
+ get { return pathLenConstraint; }
+ set { pathLenConstraint = value; }
+ }
+
+ public override string ToString ()
+ {
+ StringBuilder sb = new StringBuilder ();
+ sb.Append ("Subject Type=");
+ sb.Append ((cA) ? "CA" : "End Entity");
+ sb.Append (Environment.NewLine);
+ sb.Append ("Path Length Constraint=");
+ if (pathLenConstraint == 0)
+ sb.Append ("None");
+ else
+ sb.Append (pathLenConstraint.ToString (CultureInfo.InvariantCulture));
+ sb.Append (Environment.NewLine);
+ return sb.ToString ();
+ }
+ }
+}
--- /dev/null
+2004-04-28 Sebastien Pouliot <sebastien@ximian.com>
+
+ * BasicConstaintExtension.cs: New in corlib. In sync with
+ Mono.Security.dll version.
+ * KeyUsageExtension.cs: New in corlib. In sync with Mono.Security.dll
+ version.
+ * SubjectKeyIdentifierExtension.cs: New in corlib. In sync with
+ Mono.Security.dll version.
--- /dev/null
+//
+// KeyUsageExtension.cs: Handles X.509 KeyUsage extensions.
+//
+// Author:
+// Sebastien Pouliot <sebastien@ximian.com>
+//
+// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
+// (C) 2004 Novell (http://www.novell.com)
+//
+
+using System;
+using System.Globalization;
+using System.Text;
+
+using Mono.Security;
+using Mono.Security.X509;
+
+namespace Mono.Security.X509.Extensions {
+
+ /*
+ * id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
+ *
+ * KeyUsage ::= BIT STRING {
+ * digitalSignature (0),
+ * nonRepudiation (1),
+ * keyEncipherment (2),
+ * dataEncipherment (3),
+ * keyAgreement (4),
+ * keyCertSign (5),
+ * cRLSign (6),
+ * encipherOnly (7),
+ * decipherOnly (8)
+ * }
+ */
+ // note: because nothing is simple in ASN.1 bits are reversed
+ [Flags]
+#if INSIDE_CORLIB
+ internal
+#else
+ public
+#endif
+ enum KeyUsages {
+ digitalSignature = 0x80,
+ nonRepudiation = 0x40,
+ keyEncipherment = 0x20,
+ dataEncipherment = 0x10,
+ keyAgreement = 0x08,
+ keyCertSign = 0x04,
+ cRLSign = 0x02,
+ encipherOnly = 0x01,
+ decipherOnly = 0x800,
+ none = 0x0
+ }
+
+#if INSIDE_CORLIB
+ internal
+#else
+ public
+#endif
+ class KeyUsageExtension : X509Extension {
+
+ private int kubits;
+
+ public KeyUsageExtension (ASN1 asn1) : base (asn1) {}
+
+ public KeyUsageExtension (X509Extension extension) : base (extension) {}
+
+ protected override void Decode ()
+ {
+ ASN1 bitString = new ASN1 (extnValue.Value);
+ if (bitString.Tag != 0x03)
+ throw new ArgumentException ("Invalid KeyUsage extension");
+ int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
+ while (i < bitString.Value.Length)
+ kubits = (kubits << 8) + bitString.Value [i++];
+ }
+
+ public override string Name {
+ get { return "Key Usage"; }
+ }
+
+ public bool Support (KeyUsages usage)
+ {
+ int x = Convert.ToInt32 (usage, CultureInfo.InvariantCulture);
+ return ((x & kubits) == x);
+ }
+
+ public override string ToString ()
+ {
+ const string separator = " , ";
+ StringBuilder sb = new StringBuilder ();
+ if (Support (KeyUsages.digitalSignature))
+ sb.Append ("Digital Signature");
+ if (Support (KeyUsages.nonRepudiation)) {
+ if (sb.Length > 0)
+ sb.Append (separator);
+ sb.Append ("Non-Repudiation");
+ }
+ if (Support (KeyUsages.keyEncipherment)) {
+ if (sb.Length > 0)
+ sb.Append (separator);
+ sb.Append ("Key Encipherment");
+ }
+ if (Support (KeyUsages.dataEncipherment)) {
+ if (sb.Length > 0)
+ sb.Append (separator);
+ sb.Append ("Data Encipherment");
+ }
+ if (Support (KeyUsages.keyAgreement)) {
+ if (sb.Length > 0)
+ sb.Append (separator);
+ sb.Append ("Key Agreement");
+ }
+ if (Support (KeyUsages.keyCertSign)) {
+ if (sb.Length > 0)
+ sb.Append (separator);
+ sb.Append ("Certificate Signing");
+ }
+ if (Support (KeyUsages.cRLSign)) {
+ if (sb.Length > 0)
+ sb.Append (separator);
+ sb.Append ("CRL Signing");
+ }
+ if (Support (KeyUsages.encipherOnly)) {
+ if (sb.Length > 0)
+ sb.Append (separator);
+ sb.Append ("Encipher Only "); // ???
+ }
+ if (Support (KeyUsages.decipherOnly)) {
+ if (sb.Length > 0)
+ sb.Append (separator);
+ sb.Append ("Decipher Only"); // ???
+ }
+ sb.Append ("(");
+ sb.Append (kubits.ToString ("X2", CultureInfo.InvariantCulture));
+ sb.Append (")");
+ sb.Append (Environment.NewLine);
+ return sb.ToString ();
+ }
+ }
+}
--- /dev/null
+//
+// SubjectKeyIdentifierExtension.cs: Handles X.509 SubjectKeyIdentifier extensions.
+//
+// Author:
+// Sebastien Pouliot <sebastien@ximian.com>
+//
+// (C) 2004 Novell (http://www.novell.com)
+//
+
+using System;
+using System.Globalization;
+using System.Text;
+
+using Mono.Security;
+using Mono.Security.X509;
+
+namespace Mono.Security.X509.Extensions {
+
+ /*
+ * id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 }
+ *
+ * SubjectKeyIdentifier ::= KeyIdentifier
+ *
+ * KeyIdentifier ::= OCTET STRING
+ */
+
+#if INSIDE_CORLIB
+ internal
+#else
+ public
+#endif
+ class SubjectKeyIdentifierExtension : X509Extension {
+
+ private byte[] ski;
+
+ public SubjectKeyIdentifierExtension () : base ()
+ {
+ extnOid = "2.5.29.14";
+ }
+
+ public SubjectKeyIdentifierExtension (ASN1 asn1) : base (asn1)
+ {
+ }
+
+ public SubjectKeyIdentifierExtension (X509Extension extension) : base (extension)
+ {
+ }
+
+ protected override void Decode ()
+ {
+ ASN1 sequence = new ASN1 (extnValue.Value);
+ if (sequence.Tag != 0x04)
+ throw new ArgumentException ("Invalid SubjectKeyIdentifier extension");
+ ski = sequence.Value;
+ }
+
+ public override string Name {
+ get { return "Subject Key Identifier"; }
+ }
+
+ public byte[] Identifier {
+ get {
+ if (ski == null)
+ return null;
+ return (byte[]) ski.Clone ();
+ }
+ }
+
+ public override string ToString ()
+ {
+ if (ski == null)
+ return null;
+
+ StringBuilder sb = new StringBuilder ();
+ int x = 0;
+ while (x < ski.Length) {
+ sb.Append (ski [x].ToString ("X2", CultureInfo.InvariantCulture));
+ if (x % 2 == 1)
+ sb.Append (" ");
+ x++;
+ }
+ return sb.ToString ();
+ }
+ }
+}