Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Key usage error message #164

Closed
JeyJeyGao opened this issue Sep 6, 2023 · 0 comments · Fixed by #169
Closed

Key usage error message #164

JeyJeyGao opened this issue Sep 6, 2023 · 0 comments · Fixed by #169
Assignees
@JeyJeyGao
Labels
enhancement New feature or request
Milestone
1.1.0

Comments

@JeyJeyGao
Copy link
Contributor

What is not working as expected?

Error: certificate-chain is invalid, invalid self-signed certificate. Error: certificate with subject "CN=xx.com,O=Notary,L=xx,ST=CA,C=US": key usage must not have the bit positions for ContentCommitment, KeyEncipherment, DataEncipherment, KeyAgreement, CertSign, CRLSign, EncipherOnly, DecipherOnly set

If the certificate has more key usages than DigitalSignature, the error message will display all the other key usages. However, this can be confusing if the user didn't set those key usages.

What did you expect to happen?

The error message should either state that there should be only one DigitalSignature key usage or mention the specific key usages that the certificate actually has and should not exist, instead of all of them.

How can we reproduce it?

sign with a certificate that has unnecessary key usages

Describe your environment

Linux

What is the version of your notation-core-go Library?

v1.0.0
@JeyJeyGao JeyJeyGao added the enhancement New feature or request label Sep 6, 2023
@yizha1 yizha1 added this to the 1.1.0 milestone Sep 12, 2023
This was referenced Oct 18, 2023
Closed
Closed
@JeyJeyGao JeyJeyGao mentioned this issue Oct 20, 2023
Merged
JeyJeyGao added a commit that referenced this issue Oct 26, 2023
@JeyJeyGao
fix: update key usage error message to make it clear (#169)
c834adc 
Resolves #164 
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>

---------

Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@JeyJeyGao JeyJeyGao

Labels
enhancement New feature or request
Projects
None yet
Milestone
1.1.0
Development

Successfully merging a pull request may close this issue.

fix: update key usage error message to make it clear JeyJeyGao/notation-core-go
2 participants
@JeyJeyGao @yizha1