aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/cryptography/x509.py2
-rw-r--r--tests/test_x509.py13
2 files changed, 15 insertions, 0 deletions
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 668bc2ef..afd28f20 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -1472,6 +1472,8 @@ class CertificateSigningRequestBuilder(object):
extension = Extension(
OID_SUBJECT_ALTERNATIVE_NAME, critical, extension
)
+ elif isinstance(extension, KeyUsage):
+ extension = Extension(OID_KEY_USAGE, critical, extension)
else:
raise NotImplementedError('Unsupported X.509 extension.')
# TODO: This is quadratic in the number of extensions
diff --git a/tests/test_x509.py b/tests/test_x509.py
index df315cc3..ac910392 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -866,6 +866,19 @@ class TestCertificateSigningRequestBuilder(object):
).add_extension(
x509.SubjectAlternativeName([x509.DNSName(u"cryptography.io")]),
critical=False,
+ ).add_extension(
+ x509.KeyUsage(
+ digital_signature=True,
+ content_commitment=True,
+ key_encipherment=False,
+ data_encipherment=False,
+ key_agreement=False,
+ key_cert_sign=True,
+ crl_sign=False,
+ encipher_only=False,
+ decipher_only=False
+ ),
+ critical=False
)
with pytest.raises(NotImplementedError):
builder.sign(private_key, hashes.SHA256(), backend)
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-15 21:58:01 +0000