01: package org.bouncycastle.jce;
02:
03: import org.bouncycastle.asn1.ASN1Encodable;
04: import org.bouncycastle.asn1.DERObject;
05: import org.bouncycastle.asn1.x509.KeyUsage;
06:
07: /**
08: * A holding class for constructing an X509 Key Usage extension.
09: *
10: * <pre>
11: * id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
12: *
13: * KeyUsage ::= BIT STRING {
14: * digitalSignature (0),
15: * nonRepudiation (1),
16: * keyEncipherment (2),
17: * dataEncipherment (3),
18: * keyAgreement (4),
19: * keyCertSign (5),
20: * cRLSign (6),
21: * encipherOnly (7),
22: * decipherOnly (8) }
23: * </pre>
24: */
25: public class X509KeyUsage extends ASN1Encodable {
26: public static final int digitalSignature = 1 << 7;
27: public static final int nonRepudiation = 1 << 6;
28: public static final int keyEncipherment = 1 << 5;
29: public static final int dataEncipherment = 1 << 4;
30: public static final int keyAgreement = 1 << 3;
31: public static final int keyCertSign = 1 << 2;
32: public static final int cRLSign = 1 << 1;
33: public static final int encipherOnly = 1 << 0;
34: public static final int decipherOnly = 1 << 15;
35:
36: private int usage = 0;
37:
38: /**
39: * Basic constructor.
40: *
41: * @param usage - the bitwise OR of the Key Usage flags giving the
42: * allowed uses for the key.
43: * e.g. (X509KeyUsage.keyEncipherment | X509KeyUsage.dataEncipherment)
44: */
45: public X509KeyUsage(int usage) {
46: this .usage = usage;
47: }
48:
49: public DERObject toASN1Object() {
50: return new KeyUsage(usage);
51: }
52: }
|