Overview#
KeyUsage is a Certificate Extensions and defined in RFC 5280 in regards to X.509 Certificate defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.The usage restriction might be employed when a key that could be used for more than one operation is to be restricted. For example, when an RSA key should be used only to verify signatures on objects other than public key certificates and CRLs, the digitalSignature and/or nonRepudiation bits would be asserted.
Likewise, when an RSA key should be used only for key management, the keyEncipherment bit would be asserted.
Conforming CAs MUST include this extension in certificates that contain public keys that are used to validate digital signatures on other public key certificates or CRLs. When present, conforming CAs SHOULD mark this extension as critical.
1 2 3 4 5 6 7 8 9 10 11 12
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1), -- recent editions of X.509 have -- renamed this bit to contentCommitment
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }
The meaning of the encipherOnly bit is undefined in the absence of the keyAgreement bit. When the encipherOnly bit is asserted and the keyAgreement bit is also set, the subject public key may be used only for enciphering data while performing key agreement.
The meaning of the decipherOnly bit is undefined in the absence of the keyAgreement bit. When the decipherOnly bit is asserted and the keyAgreement bit is also set, the subject public key may be used only for deciphering data while performing key agreement.
If the keyUsage extension is present, then the subject public key MUST NOT be used to verify signatures on certificates or CRLs unless the corresponding keyCertSign or cRLSign bit is set. If the subject public key is only to be used for verifying signatures on certificates and/or CRLs, then the digitalSignature and nonRepudiation bits SHOULD NOT be set. However, the digitalSignature and/or nonRepudiation bits MAY be set in addition to the keyCertSign and/or cRLSign bits if the subject public key is to be used to verify Digital Signatures on certificates and/or CRLs as well as other objects.
Combining the nonRepudiation bit in the KeyUsage certificate extension with other keyUsage bits may have security implications depending on the context in which the certificate is to be used.
Further distinctions between the digitalSignature and nonRepudiation bits may be provided in specific certificate policies.
This profile does not restrict the combinations of bits that may be set in an instantiation of the KeyUsage extension. However, appropriate values for keyUsage extensions for particular algorithms are specified in RFC 3279, RFC 4055, and RFC 4491. When the keyUsage extension appears in a certificate, at least one of the bits MUST be set to 1.