Re: query on key usage OIDs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On 15 Jul 2021, at 11:55 pm, SIMON BABY <simonkbaby@xxxxxxxxx> wrote:
> 
> I am looking for openssl APIs to get all the OIDs associated with user certificate Key usage extension. For example my sample Key usage extension from the certificate is below:
> X509v3 extensions:
>             X509v3 Key Usage: critical
>                 Digital Signature, Key Encipherment
> 
> I am looking for the APIs used to get the OIDs associated with  Digital Signature and Key Encipherment from the certificate.

There are no keyUsage OIDs, the field is a bitstring:

   https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3

      id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }

      KeyUsage ::= BIT STRING {
           digitalSignature        (0),
           nonRepudiation          (1), -- recent editions of X.509 have
                                        -- renamed this bit to contentCommitment
           keyEncipherment         (2),
           dataEncipherment        (3),
           keyAgreement            (4),
           keyCertSign             (5),
           cRLSign                 (6),
           encipherOnly            (7),
           decipherOnly            (8) }

There are OIDs in the extendedKeyUsage:

    https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12

-- 
	Viktor.





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux