Skip to content

Commit 1267d93

Browse files
hslatmanhslatman
authored
Merge pull request #811 from neverpanic/cal-allow-keyUsage-nonRepudiation
Accept nonRepudiation when unmarshalling keyUsage
2 parents 2e0bdc0 + f0c4a2f commit 1267d93

2 files changed

Lines changed: 7 additions & 1 deletion

File tree

x509util/extensions.go

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,8 @@ const (
4040
KeyUsageCRLSign = "crlSign"
4141
KeyUsageEncipherOnly = "encipherOnly"
4242
KeyUsageDecipherOnly = "decipherOnly"
43+
44+
keyUsageNonRepudiation = "nonRepudiation" // old name for contentCommitment
4345
)
4446

4547
// Names used for extended key usages.
@@ -727,7 +729,9 @@ func (k *KeyUsage) UnmarshalJSON(data []byte) error {
727729
switch convertName(s) {
728730
case convertName(KeyUsageDigitalSignature):
729731
ku = x509.KeyUsageDigitalSignature
730-
case convertName(KeyUsageContentCommitment):
732+
// support legacy name for better user experience for users coming from
733+
// OpenSSL
734+
case convertName(KeyUsageContentCommitment), convertName(keyUsageNonRepudiation):
731735
ku = x509.KeyUsageContentCommitment
732736
case convertName(KeyUsageKeyEncipherment):
733737
ku = x509.KeyUsageKeyEncipherment

x509util/extensions_test.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -519,6 +519,7 @@ func TestKeyUsage_UnmarshalJSON(t *testing.T) {
519519
// Normalized
520520
{"DigitalSignature", args{[]byte(`"DigitalSignature"`)}, KeyUsage(x509.KeyUsageDigitalSignature), false},
521521
{"ContentCommitment", args{[]byte(`"ContentCommitment"`)}, KeyUsage(x509.KeyUsageContentCommitment), false},
522+
{"NonRepudiation", args{[]byte(`"NonRepudiation"`)}, KeyUsage(x509.KeyUsageContentCommitment), false},
522523
{"KeyEncipherment", args{[]byte(`"KeyEncipherment"`)}, KeyUsage(x509.KeyUsageKeyEncipherment), false},
523524
{"DataEncipherment", args{[]byte(`"DataEncipherment"`)}, KeyUsage(x509.KeyUsageDataEncipherment), false},
524525
{"KeyAgreement", args{[]byte(`"KeyAgreement"`)}, KeyUsage(x509.KeyUsageKeyAgreement), false},
@@ -529,6 +530,7 @@ func TestKeyUsage_UnmarshalJSON(t *testing.T) {
529530
// Snake case
530531
{"digital_signature", args{[]byte(`"digital_signature"`)}, KeyUsage(x509.KeyUsageDigitalSignature), false},
531532
{"content_commitment", args{[]byte(`"content_commitment"`)}, KeyUsage(x509.KeyUsageContentCommitment), false},
533+
{"non_repudiation", args{[]byte(`"non_repudiation"`)}, KeyUsage(x509.KeyUsageContentCommitment), false},
532534
{"key_encipherment", args{[]byte(`"key_encipherment"`)}, KeyUsage(x509.KeyUsageKeyEncipherment), false},
533535
{"data_encipherment", args{[]byte(`"data_encipherment"`)}, KeyUsage(x509.KeyUsageDataEncipherment), false},
534536
{"key_agreement", args{[]byte(`"key_agreement"`)}, KeyUsage(x509.KeyUsageKeyAgreement), false},

0 commit comments

Comments
 (0)