[PATCH v4 4/6] KEYS: X.509: Parse Key Usage
Mimi Zohar
zohar at linux.ibm.com
Wed Feb 8 21:02:12 UTC 2023
On Mon, 2023-02-06 at 21:59 -0500, Eric Snowberg wrote:
> Parse the X.509 Key Usage. The key usage extension defines the purpose of
> the key contained in the certificate.
>
> id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
>
> KeyUsage ::= BIT STRING {
> digitalSignature (0),
> contentCommitment (1),
> keyEncipherment (2),
> dataEncipherment (3),
> keyAgreement (4),
> keyCertSign (5),
> cRLSign (6),
> encipherOnly (7),
> decipherOnly (8) }
>
> If the keyCertSign or digitalSignature is set, store it in the
> public_key structure. This will be used in a follow on patch that
> requires knowing the certificate key usage type.
>
> Link: https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.3
> Signed-off-by: Eric Snowberg <eric.snowberg at oracle.com>
Reviewed-by: Mimi Zohar <zohar at linux.ibm.com>
More information about the Linux-security-module-archive
mailing list