In bouncycastle I can create a DEROctetString starting from a KeyUsage.
How can I obtain KeyUsage starting from a DEROctetString then?
Example:
DEROctetString derString = new DEROctetString(new KeyUsage(KeyUsage.digitalSignature));
KeyUsage ku = ...(some code to get back KeyUsage starting from derString)...
I need this because I'm able to create Certificate Requests with KeyU开发者_C百科sage extension request, but then, given the Certificate Request alone, I'm not able to get back the KeyUsage extension.
I've found the solution using ASN1InputStream:
ASN1InputStream ais = new ASN1InputStream(derOctetString.getOctetStream());
KeyUsage ku = new KeyUsage((DERBitString) ais.readObject());
That works!
KeyUsage is defined as this in X.509,
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1),
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }
So it's wrong to create Octet String for it. If you create DERBitString, KeyUsage has a constructor for it.
精彩评论