X509KeyUsageExtension Class

Definition

Defines the usage of a key contained within an X.509 certificate. This class cannot be inherited.

public ref class X509KeyUsageExtension sealed : System::Security::Cryptography::X509Certificates::X509Extension
public sealed class X509KeyUsageExtension : System.Security.Cryptography.X509Certificates.X509Extension
type X509KeyUsageExtension = class
    inherit X509Extension
Public NotInheritable Class X509KeyUsageExtension
Inherits X509Extension
Inheritance
X509KeyUsageExtension

Examples

The following code example demonstrates how to open a user's personal certificate store and display information about each certificate in the store. This example uses the X509KeyUsageExtension class to display the information.

#using <System.dll>
#using <system.security.dll>

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
   try
   {
      X509Store^ store = gcnew X509Store( L"MY",StoreLocation::CurrentUser );
      store->Open( static_cast<OpenFlags>(OpenFlags::ReadOnly | OpenFlags::OpenExistingOnly) );
      X509Certificate2Collection^ collection = dynamic_cast<X509Certificate2Collection^>(store->Certificates);
      for ( int i = 0; i < collection->Count; i++ )
      {
         System::Collections::IEnumerator^ myEnum = collection[ i ]->Extensions->GetEnumerator();
         while ( myEnum->MoveNext() )
         {
            X509Extension^ extension = safe_cast<X509Extension^>(myEnum->Current);
            Console::WriteLine( L"{0}({1})", extension->Oid->FriendlyName, extension->Oid->Value );
            if ( extension->Oid->FriendlyName == L"Key Usage" )
            {
               X509KeyUsageExtension^ ext = dynamic_cast<X509KeyUsageExtension^>(extension);
               Console::WriteLine( ext->KeyUsages );
            }
            if ( extension->Oid->FriendlyName == L"Basic Constraints" )
            {
               X509BasicConstraintsExtension^ ext = dynamic_cast<X509BasicConstraintsExtension^>(extension);
               Console::WriteLine( ext->CertificateAuthority );
               Console::WriteLine( ext->HasPathLengthConstraint );
               Console::WriteLine( ext->PathLengthConstraint );
            }
            if ( extension->Oid->FriendlyName == L"Subject Key Identifier" )
            {
               X509SubjectKeyIdentifierExtension^ ext = dynamic_cast<X509SubjectKeyIdentifierExtension^>(extension);
               Console::WriteLine( ext->SubjectKeyIdentifier );
            }
            if ( extension->Oid->FriendlyName == L"Enhanced Key Usage" )
            {
               X509EnhancedKeyUsageExtension^ ext = dynamic_cast<X509EnhancedKeyUsageExtension^>(extension);
               OidCollection^ oids = ext->EnhancedKeyUsages;
               System::Collections::IEnumerator^ myEnum1 = oids->GetEnumerator();
               while ( myEnum1->MoveNext() )
               {
                  Oid^ oid = safe_cast<Oid^>(myEnum1->Current);
                  Console::WriteLine( L"{0}({1})", oid->FriendlyName, oid->Value );
               }
            }
         }

      }
      store->Close();
   }
   catch ( CryptographicException^ ) 
   {
      Console::WriteLine( L"Information could not be written out for this certificate." );
   }

}
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

public class CertSelect
{
    public static void Main()
    {
        try
        {
            X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
            store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

            X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
            for (int i = 0; i < collection.Count; i++)
            {
                foreach (X509Extension extension in collection[i].Extensions)
                {
                    Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")");

                    if (extension.Oid.FriendlyName == "Key Usage")
                    {
                        X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
                        Console.WriteLine(ext.KeyUsages);
                    }

                    if (extension.Oid.FriendlyName == "Basic Constraints")
                    {
                        X509BasicConstraintsExtension ext = (X509BasicConstraintsExtension)extension;
                        Console.WriteLine(ext.CertificateAuthority);
                        Console.WriteLine(ext.HasPathLengthConstraint);
                        Console.WriteLine(ext.PathLengthConstraint);
                    }

                    if (extension.Oid.FriendlyName == "Subject Key Identifier")
                    {
                        X509SubjectKeyIdentifierExtension ext = (X509SubjectKeyIdentifierExtension)extension;
                        Console.WriteLine(ext.SubjectKeyIdentifier);
                    }

                    if (extension.Oid.FriendlyName == "Enhanced Key Usage")
                    {
                        X509EnhancedKeyUsageExtension ext = (X509EnhancedKeyUsageExtension)extension;
                        OidCollection oids = ext.EnhancedKeyUsages;
                        foreach (Oid oid in oids)
                        {
                            Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")");
                        }
                    }
                }
            }
            store.Close();
        }
        catch (CryptographicException)
        {
            Console.WriteLine("Information could not be written out for this certificate.");
        }
    }
}
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates



Module CertSelect

    Sub Main()
        Try
            Dim store As New X509Store("MY", StoreLocation.CurrentUser)
            store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)

            Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
            For i As Integer = 0 To collection.Count - 1
                Dim extension As X509Extension
                For Each extension In collection(i).Extensions
                    Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")")


                    If extension.Oid.FriendlyName = "Key Usage" Then
                        Dim ext As X509KeyUsageExtension = CType(extension, X509KeyUsageExtension)
                        Console.WriteLine(ext.KeyUsages)
                    End If

                    If extension.Oid.FriendlyName = "Basic Constraints" Then
                        Dim ext As X509BasicConstraintsExtension = CType(extension, X509BasicConstraintsExtension)
                        Console.WriteLine(ext.CertificateAuthority)
                        Console.WriteLine(ext.HasPathLengthConstraint)
                        Console.WriteLine(ext.PathLengthConstraint)
                    End If

                    If extension.Oid.FriendlyName = "Subject Key Identifier" Then
                        Dim ext As X509SubjectKeyIdentifierExtension = CType(extension, X509SubjectKeyIdentifierExtension)
                        Console.WriteLine(ext.SubjectKeyIdentifier)
                    End If

                    If extension.Oid.FriendlyName = "Enhanced Key Usage" Then
                        Dim ext As X509EnhancedKeyUsageExtension = CType(extension, X509EnhancedKeyUsageExtension)
                        Dim oids As OidCollection = ext.EnhancedKeyUsages
                        Dim oid As Oid
                        For Each oid In oids
                            Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")")
                        Next oid
                    End If
                Next extension
            Next i
            store.Close()
        Catch
            Console.WriteLine("Information could not be written out for this certificate.")
        End Try

    End Sub
End Module

Remarks

The X509KeyUsageExtension class uses the flags in the X509KeyUsageFlags enumeration to define or determine key usage.

Constructors

X509KeyUsageExtension()

Initializes a new instance of the X509KeyUsageExtension class.

X509KeyUsageExtension(AsnEncodedData, Boolean)

Initializes a new instance of the X509KeyUsageExtension class using an AsnEncodedData object and a value that identifies whether the extension is critical.

X509KeyUsageExtension(X509KeyUsageFlags, Boolean)

Initializes a new instance of the X509KeyUsageExtension class using the specified X509KeyUsageFlags value and a value that identifies whether the extension is critical.

Properties

Critical

Gets a Boolean value indicating whether the extension is critical.

(Inherited from X509Extension)
KeyUsages

Gets the key usage flag associated with the certificate.

Oid

Gets or sets the Oid value for an AsnEncodedData object.

(Inherited from AsnEncodedData)
RawData

Gets or sets the Abstract Syntax Notation One (ASN.1)-encoded data represented in a byte array.

(Inherited from AsnEncodedData)

Methods

CopyFrom(AsnEncodedData)

Initializes a new instance of the X509KeyUsageExtension class using an AsnEncodedData object.

Equals(Object)

Determines whether the specified object is equal to the current object.

(Inherited from Object)
Format(Boolean)

Returns a formatted version of the Abstract Syntax Notation One (ASN.1)-encoded data as a string.

(Inherited from AsnEncodedData)
GetHashCode()

Serves as the default hash function.

(Inherited from Object)
GetType()

Gets the Type of the current instance.

(Inherited from Object)
MemberwiseClone()

Creates a shallow copy of the current Object.

(Inherited from Object)
ToString()

Returns a string that represents the current object.

(Inherited from Object)

Applies to