From d09b63c76b03864ad0af75cd8a753ac673961a1b Mon Sep 17 00:00:00 2001
From: Alexandre Laroche <alexandre.laroche@exfo.com>
Date: Tue, 21 Jan 2025 07:37:17 -0500
Subject: [PATCH] Add support for EK certificate extended key usage

---
 src/crypto/x509/x509.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index 2283f6cac3a353..06fcbb6e4f99d4 100644
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -621,6 +621,7 @@ var (
 	oidExtKeyUsageNetscapeServerGatedCrypto      = asn1.ObjectIdentifier{2, 16, 840, 1, 113730, 4, 1}
 	oidExtKeyUsageMicrosoftCommercialCodeSigning = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 1, 22}
 	oidExtKeyUsageMicrosoftKernelCodeSigning     = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 61, 1, 1}
+	oidExtKeyUsageEkCertificate                  = asn1.ObjectIdentifier{2, 23, 133, 8, 1}
 )
 
 // ExtKeyUsage represents an extended set of actions that are valid for a given key.
@@ -642,6 +643,7 @@ const (
 	ExtKeyUsageNetscapeServerGatedCrypto
 	ExtKeyUsageMicrosoftCommercialCodeSigning
 	ExtKeyUsageMicrosoftKernelCodeSigning
+	ExtKeyUsageEkCertificate
 )
 
 // extKeyUsageOIDs contains the mapping between an ExtKeyUsage and its OID.
@@ -663,6 +665,7 @@ var extKeyUsageOIDs = []struct {
 	{ExtKeyUsageNetscapeServerGatedCrypto, oidExtKeyUsageNetscapeServerGatedCrypto},
 	{ExtKeyUsageMicrosoftCommercialCodeSigning, oidExtKeyUsageMicrosoftCommercialCodeSigning},
 	{ExtKeyUsageMicrosoftKernelCodeSigning, oidExtKeyUsageMicrosoftKernelCodeSigning},
+	{ExtKeyUsageEkCertificate, oidExtKeyUsageEkCertificate},
 }
 
 func extKeyUsageFromOID(oid asn1.ObjectIdentifier) (eku ExtKeyUsage, ok bool) {