mtrojnar · olszomal · Dec 16, 2025 · Dec 16, 2025
diff --git a/osslsigncode.c b/osslsigncode.c
@@ -2535,9 +2535,17 @@ static int verify_authenticode(FILE_FORMAT_CTX *ctx, PKCS7 *p7, time_t time, X50
         if (!crlok)
             goto out;
     }
-    /* check extended key usage flag XKU_CODE_SIGN */
+    /*
+     * Verify that:
+     * - extendedKeyUsage, if present, permits codeSigning (RFC 5280 section 4.2.1.12)
+     * - keyUsage, if present, permits digitalSignature (RFC 5280 section 4.2.1.3)
+     */
     if (!(X509_get_extended_key_usage(signer) & XKU_CODE_SIGN)) {
-        fprintf(stderr, "Unsupported Signer's certificate purpose XKU_CODE_SIGN\n");
+        fprintf(stderr, "Signer certificate rejected: extendedKeyUsage does not permit codeSigning\n");
+        goto out;
+    }
+    if (!(X509_get_key_usage(signer) & X509v3_KU_DIGITAL_SIGNATURE)) {
+        fprintf(stderr, "Signer certificate rejected: keyUsage does not permit digitalSignature\n");
         goto out;
     }
 

diff --git a/tests/make_certificates.py b/tests/make_certificates.py
@@ -338,6 +338,17 @@ def make_cert(self, public_key, not_before, days) -> Certificate:
         authority_key = AuthorityKeyIdentifier.from_issuer_subject_key_identifier(
             self.issuer_cert.extensions.get_extension_for_class(SubjectKeyIdentifier).value
         )
+        key_usage = KeyUsage(
+            digital_signature=True,
+            content_commitment=False,
+            key_encipherment=False,
+            data_encipherment=False,
+            key_agreement=False,
+            key_cert_sign=False,
+            crl_sign=False,
+            encipher_only=False,
+            decipher_only=False
+        )
         extended_key_usage = ExtendedKeyUsage(
             [ExtendedKeyUsageOID.CODE_SIGNING]
         )
@@ -352,6 +363,7 @@ def make_cert(self, public_key, not_before, days) -> Certificate:
             .add_extension(BasicConstraints(ca=False, path_length=None), critical=False)
             .add_extension(SubjectKeyIdentifier.from_public_key(public_key), critical=False)
             .add_extension(authority_key, critical=False)
+            .add_extension(key_usage, critical=False)
             .add_extension(extended_key_usage, critical=False)
             .add_extension(self.create_x509_crldp(), critical=False)
             .sign(self.issuer_key, SHA256())