开发者

From DEROctetString to KeyUsage

开发者 https://www.devze.com 2023-01-05 02:27 出处:网络
In bouncycastle I can create a DEROctetString starting from a KeyUsage. How can I obtain KeyUsage starting from a DEROctetString then?

In bouncycastle I can create a DEROctetString starting from a KeyUsage.

How can I obtain KeyUsage starting from a DEROctetString then?

Example:

DEROctetString derString = new DEROctetString(new KeyUsage(KeyUsage.digitalSignature));
KeyUsage ku = ...(some code to get back KeyUsage starting from derString)...

I need this because I'm able to create Certificate Requests with KeyU开发者_C百科sage extension request, but then, given the Certificate Request alone, I'm not able to get back the KeyUsage extension.


I've found the solution using ASN1InputStream:

ASN1InputStream ais = new ASN1InputStream(derOctetString.getOctetStream());
KeyUsage ku = new KeyUsage((DERBitString) ais.readObject());

That works!


KeyUsage is defined as this in X.509,

 id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }

 KeyUsage ::= BIT STRING {
      digitalSignature        (0),
      nonRepudiation          (1),
      keyEncipherment         (2),
      dataEncipherment        (3),
      keyAgreement            (4),
      keyCertSign             (5),
      cRLSign                 (6),
      encipherOnly            (7),
      decipherOnly            (8) }

So it's wrong to create Octet String for it. If you create DERBitString, KeyUsage has a constructor for it.

0

精彩评论

暂无评论...
验证码 换一张
取 消