From c5b657bfc8e0291912c4ba50a8fa0f6e0082cb53 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri, 7 May 2021 22:25:41 -0400
Subject: certtool: when making X25519 or X448 certs, always use "key
 agreement"
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is related to #1227 -- but in this case, it's enforcing a
requirement of RFC 8410 §5.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
 src/certtool.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/certtool.c b/src/certtool.c
index 1e0814a51f..825a306bc9 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -566,6 +566,10 @@ generate_certificate(gnutls_privkey_t * ret_key,
 				if (result)
 					usage |=
 					    GNUTLS_KEY_KEY_ENCIPHERMENT;
+			} else if (pk == GNUTLS_PK_ECDH_X25519 ||
+                                   pk == GNUTLS_PK_ECDH_X448) {
+                                /* X25519 and X448 are only for key agreement. */
+                                usage |= GNUTLS_KEY_KEY_AGREEMENT;
 			} else {
 				usage |= GNUTLS_KEY_DIGITAL_SIGNATURE;
 			}
-- 
cgit v1.2.1