Closed robcordes closed 7 months ago
getExtKeyUsage() seems to return proper value for the certificate.
> x.getExtKeyUsage()
{
extname: 'keyUsage',
critical: true,
names: [ 'digitalSignature', 'keyEncipherment' ]
}
Hi, Thanks for getting back to me. However it is the getExtExtKeyUsage() method for the extend keyusages extension that I am referring.
Beste regards,
Rob Cordes
On Feb 9, 2024, at 01:28, Kenji Urushima @.***> wrote:
getExtKeyUsage(
getExtExtKeyUsage() returns proper value as following:
> x.getExtExtKeyUsage()
{ extname: 'extKeyUsage', array: [ 'clientAuth', 'serverAuth' ] }
I've confirmed that the certificate has no critical flag for extKeyUsage.
Then wouldn’t you agree that one would have false returned and true when set ?Sent from my mobileOn 9 Feb 2024, at 08:48, Kenji Urushima @.***> wrote: getExtExtKeyUsage() returns proper value as following:
x.getExtExtKeyUsage() { extname: 'extKeyUsage', array: [ 'clientAuth', 'serverAuth' ] }
That certificate has no critical flag for extKeyUsage.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>
Yes, that means no critical flag for extKeyUsage.
Allright then this is according to spec then. A bit weird though as when an attribute takes false of true as a boolean, one would expect the attribute to be always present. Anyway if this the expected behavior then that is okay of course. Thanks.
Best regards,
Rob Cordes
On Feb 9, 2024, at 10:56, Kenji Urushima @.***> wrote:
Yes, that means no critical flag for extKeyUsage.
— Reply to this email directly, view it on GitHub https://github.com/kjur/jsrsasign/issues/611#issuecomment-1935630113, or unsubscribe https://github.com/notifications/unsubscribe-auth/AENQQRGCKOXMJQFSS3S4PS3YSXXEXAVCNFSM6AAAAABDABHU7KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMZVGYZTAMJRGM. You are receiving this because you authored the thread.
cert file is in PEM format attached. Extension renamed to txt due to Git not wanting to upload pem files through the gui.
PKIO-issued-client.t05i0014ru075.idd.mindef.nl.txt