mcs/class/System.Security/System.Security.Cryptography.X509Certificates/X509KeyUsageExtension.cs

   1 //
   2 // System.Security.Cryptography.X509Certificates.X509KeyUsageExtension
   3 //
   4 // Authors:
   5 //      Tim Coleman (tim@timcoleman.com)
   6 //      Sebastien Pouliot  <sebastien@ximian.com>
   7 //
   8 // Copyright (C) Tim Coleman, 2004
   9 // Copyright (C) 2004-2005 Novell Inc. (http://www.novell.com)
  10 //
  11 // Permission is hereby granted, free of charge, to any person obtaining
  12 // a copy of this software and associated documentation files (the
  13 // "Software"), to deal in the Software without restriction, including
  14 // without limitation the rights to use, copy, modify, merge, publish,
  15 // distribute, sublicense, and/or sell copies of the Software, and to
  16 // permit persons to whom the Software is furnished to do so, subject to
  17 // the following conditions:
  18 //
  19 // The above copyright notice and this permission notice shall be
  20 // included in all copies or substantial portions of the Software.
  21 //
  22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  29 //
  30
  31 #if NET_2_0
  32
  33 using System.Text;
  34
  35 using Mono.Security;
  36
  37 namespace System.Security.Cryptography.X509Certificates {
  38
  39         public sealed class X509KeyUsageExtension : X509Extension {
  40
  41                 internal const string oid = "2.5.29.15";
  42                 internal const string friendlyName = "Key Usage";
  43
  44                 internal const X509KeyUsageFlags all = X509KeyUsageFlags.EncipherOnly | X509KeyUsageFlags.CRLSign |
  45                         X509KeyUsageFlags.KeyCertSign | X509KeyUsageFlags.KeyAgreement | X509KeyUsageFlags.DataEncipherment |
  46                         X509KeyUsageFlags.KeyEncipherment | X509KeyUsageFlags.NonRepudiation |
  47                         X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.DecipherOnly;
  48
  49                 private X509KeyUsageFlags _keyUsages;
  50                 private AsnDecodeStatus _status;
  51
  52                 // constructors
  53
  54                 public X509KeyUsageExtension ()
  55                 {
  56                         _oid = new Oid (oid, friendlyName);
  57                 }
  58
  59                 public X509KeyUsageExtension (AsnEncodedData encodedKeyUsage, bool critical)
  60                 {
  61                         // ignore the Oid provided by encodedKeyUsage (our rules!)
  62                         _oid = new Oid (oid, friendlyName);
  63                         _raw = encodedKeyUsage.RawData;
  64                         base.Critical = critical;
  65                         _status = Decode (this.RawData);
  66                 }
  67
  68                 public X509KeyUsageExtension (X509KeyUsageFlags keyUsages, bool critical)
  69                 {
  70                         _oid = new Oid (oid, friendlyName);
  71                         base.Critical = critical;
  72                         _keyUsages = GetValidFlags (keyUsages);
  73                         RawData = Encode ();
  74                 }
  75
  76                 // properties
  77
  78                 public X509KeyUsageFlags KeyUsages {
  79                         get {
  80                                 switch (_status) {
  81                                 case AsnDecodeStatus.Ok:
  82                                 case AsnDecodeStatus.InformationNotAvailable:
  83                                         return _keyUsages;
  84                                 default:
  85                                         throw new CryptographicException ("Badly encoded extension.");
  86                                 }
  87                         }
  88                 }
  89
  90                 // methods
  91
  92                 public override void CopyFrom (AsnEncodedData encodedData)
  93                 {
  94                         if (encodedData == null)
  95                                 throw new ArgumentException ("encodedData");
  96 // MS BUG                       throw new ArgumentNullException ("encodedData");
  97
  98                         X509Extension ex = (encodedData as X509Extension);
  99                         if (ex == null)
 100                                 throw new ArgumentException (Locale.GetText ("Wrong type."), "encodedData");
 101
 102                         if (ex._oid == null)
 103                                 _oid = new Oid (oid, friendlyName);
 104                         else
 105                                 _oid = new Oid (ex._oid);
 106
 107                         RawData = ex.RawData;
 108                         base.Critical = ex.Critical;
 109                         // and we deal with the rest later
 110                         _status = Decode (this.RawData);
 111                 }
 112
 113                 // internal
 114
 115                 internal X509KeyUsageFlags GetValidFlags (X509KeyUsageFlags flags)
 116                 {
 117                         if ((flags & all) != flags)
 118                                 return (X509KeyUsageFlags) 0;
 119                         return flags;
 120                 }
 121
 122                 internal AsnDecodeStatus Decode (byte[] extension)
 123                 {
 124                         if ((extension == null) || (extension.Length == 0))
 125                                 return AsnDecodeStatus.BadAsn;
 126                         if (extension [0] != 0x03)
 127                                 return AsnDecodeStatus.BadTag;
 128                         if (extension.Length < 3)
 129                                 return AsnDecodeStatus.BadLength;
 130                         if (extension.Length < 4)
 131                                 return AsnDecodeStatus.InformationNotAvailable;
 132
 133                         try {
 134                                 ASN1 ex = new ASN1 (extension);
 135                                 int kubits = 0;
 136                                 int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
 137                                 while (i < ex.Value.Length)
 138                                         kubits = (kubits << 8) + ex.Value [i++];
 139
 140                                 _keyUsages = GetValidFlags ((X509KeyUsageFlags)kubits);
 141                         }
 142                         catch {
 143                                 return AsnDecodeStatus.BadAsn;
 144                         }
 145
 146                         return AsnDecodeStatus.Ok;
 147                 }
 148
 149                 internal byte[] Encode ()
 150                 {
 151                         ASN1 ex = null;
 152                         int kubits = (int)_keyUsages;
 153                         byte empty = 0;
 154
 155                         if (kubits == 0) {
 156                                 ex = new ASN1 (0x03, new byte[] { empty });
 157                         } else {
 158                                 // count empty bits (applicable to first byte only)
 159                                 int ku = ((kubits < Byte.MaxValue) ? kubits : (kubits >> 8));
 160                                 while (((ku & 0x01) == 0x00) && (empty < 8)) {
 161                                         empty++;
 162                                         ku >>= 1;
 163                                 }
 164
 165                                 if (kubits <= Byte.MaxValue) {
 166                                         ex = new ASN1 (0x03, new byte[] { empty, (byte)kubits });
 167                                 } else {
 168                                         ex = new ASN1 (0x03, new byte[] { empty, (byte)kubits, (byte)(kubits >> 8) });
 169                                 }
 170                         }
 171
 172                         return ex.GetBytes ();
 173                 }
 174
 175                 internal override string ToString (bool multiLine)
 176                 {
 177                         switch (_status) {
 178                         case AsnDecodeStatus.BadAsn:
 179                                 return String.Empty;
 180                         case AsnDecodeStatus.BadTag:
 181                         case AsnDecodeStatus.BadLength:
 182                                 return FormatUnkownData (_raw);
 183                         case AsnDecodeStatus.InformationNotAvailable:
 184                                 return "Information Not Available";
 185                         }
 186
 187                         if (_oid.Value != oid)
 188                                 return String.Format ("Unknown Key Usage ({0})", _oid.Value);
 189                         if (_keyUsages == 0)
 190                                 return "Information Not Available";
 191
 192                         StringBuilder sb = new StringBuilder ();
 193
 194                         if ((_keyUsages & X509KeyUsageFlags.DigitalSignature) != 0) {
 195                                 sb.Append ("Digital Signature");
 196                         }
 197                         if ((_keyUsages & X509KeyUsageFlags.NonRepudiation) != 0) {
 198                                 if (sb.Length > 0)
 199                                         sb.Append (", ");
 200                                 sb.Append ("Non-Repudiation");
 201                         }
 202                         if ((_keyUsages & X509KeyUsageFlags.KeyEncipherment) != 0) {
 203                                 if (sb.Length > 0)
 204                                         sb.Append (", ");
 205                                 sb.Append ("Key Encipherment");
 206                         }
 207                         if ((_keyUsages & X509KeyUsageFlags.DataEncipherment) != 0) {
 208                                 if (sb.Length > 0)
 209                                         sb.Append (", ");
 210                                 sb.Append ("Data Encipherment");
 211                         }
 212                         if ((_keyUsages & X509KeyUsageFlags.KeyAgreement) != 0) {
 213                                 if (sb.Length > 0)
 214                                         sb.Append (", ");
 215                                 sb.Append ("Key Agreement");
 216                         }
 217                         if ((_keyUsages & X509KeyUsageFlags.KeyCertSign) != 0) {
 218                                 if (sb.Length > 0)
 219                                         sb.Append (", ");
 220                                 sb.Append ("Certificate Signing");
 221                         }
 222                         if ((_keyUsages & X509KeyUsageFlags.CRLSign) != 0) {
 223                                 if (sb.Length > 0)
 224                                         sb.Append (", ");
 225                                 sb.Append ("Off-line CRL Signing, CRL Signing");
 226                         }
 227                         if ((_keyUsages & X509KeyUsageFlags.EncipherOnly) != 0) {
 228                                 if (sb.Length > 0)
 229                                         sb.Append (", ");
 230                                 sb.Append ("Encipher Only");
 231                         }
 232                         if ((_keyUsages & X509KeyUsageFlags.DecipherOnly) != 0) {
 233                                 if (sb.Length > 0)
 234                                         sb.Append (", ");
 235                                 sb.Append ("Decipher Only");
 236                         }
 237
 238                         int ku = (int)_keyUsages;
 239                         sb.Append (" (");
 240                         sb.Append (((byte)ku).ToString ("x2"));
 241                         if (ku > Byte.MaxValue) {
 242                                 sb.Append (" ");
 243                                 sb.Append (((byte)(ku >> 8)).ToString ("x2"));
 244                         }
 245                         sb.Append (")");
 246
 247                         if (multiLine)
 248                                 sb.Append (Environment.NewLine);
 249
 250                         return sb.ToString ();
 251                 }
 252         }
 253 }
 254
 255 #endif