Skip to content

Commit

Permalink
all cert with any EKU
Browse files Browse the repository at this point in the history 
Signed-off-by: Shiwei Zhang <[email protected]>
  • Loading branch information
@shizhMSFT
shizhMSFT committed Feb 18, 2022
1 parent 08d0ec5 commit be6e03f
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pkg/cose/verifier.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ type Verifier struct {
// The `Intermediates` in the verify options will be ignored and
// re-contrusted using the certificates in the incoming signature.
// An empty list of `KeyUsages` in the verify options implies
// `ExtKeyUsageCodeSigning`.
// `ExtKeyUsageAny`.
VerifyOptions x509.VerifyOptions

// TSAVerifyOptions is the verify option to verify the fetched timestamp
Expand Down Expand Up @@ -126,7 +126,7 @@ func (v *Verifier) verifySignerFromCertChain(certChain [][]byte, timeStampToken,
verifyOpts := v.VerifyOptions
verifyOpts.Intermediates = intermediates
if len(verifyOpts.KeyUsages) == 0 {
verifyOpts.KeyUsages = []x509.ExtKeyUsage{x509.ExtKeyUsageCodeSigning}
verifyOpts.KeyUsages = []x509.ExtKeyUsage{x509.ExtKeyUsageAny}
}

// verify the signing certificate
Expand Down

0 comments on commit be6e03f

Please sign in to comment.