From f183ccafa88d2c18aabf0bda0ae6208f9ac98868 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Thu, 27 Jul 2017 18:35:59 +0200
Subject: [PATCH] Added support for extended key usage extension.

The NSSDB.create_request() has been modified to support extended
key usage extension.

https://pagure.io/dogtagpki/issue/2280

Change-Id: I9d1b6f8b21dbb956b54bdde9cfd878ed5522b5b1
---
 base/common/python/pki/nssdb.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/base/common/python/pki/nssdb.py b/base/common/python/pki/nssdb.py
index fe156f00a53..872d68ef1a7 100644
--- a/base/common/python/pki/nssdb.py
+++ b/base/common/python/pki/nssdb.py
@@ -209,6 +209,7 @@ def create_request(self, subject_dn, request_file, noise_file=None,
                        hash_alg=None,
                        basic_constraints_ext=None,
                        key_usage_ext=None,
+                       extended_key_usage_ext=None,
                        generic_exts=None):
 
         tmpdir = tempfile.mkdtemp()
@@ -289,6 +290,17 @@ def create_request(self, subject_dn, request_file, noise_file=None,
 
                 keystroke += '\n'
 
+            if extended_key_usage_ext:
+
+                cmd.extend(['--extKeyUsage'])
+
+                usages = []
+                for usage in extended_key_usage_ext:
+                    if extended_key_usage_ext[usage]:
+                        usages.append(usage)
+
+                cmd.extend([','.join(usages)])
+
             if generic_exts:
 
                 cmd.extend(['--extGeneric'])