From e91c7a819a076f59226157249ba89bb0727f4e66 Mon Sep 17 00:00:00 2001
From: CAFB385655BEB1060E85B6C080B432F8EB2A2AF78459BD6532124977B933154A
 <133057011+iadgovuser59@users.noreply.github.com>
Date: Wed, 20 Nov 2024 18:17:20 -0500
Subject: [PATCH] Adding clientAuth to issued certificates (#883)

---
 .../provision/helper/IssuedCertificateAttributeHelper.java  | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/IssuedCertificateAttributeHelper.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/IssuedCertificateAttributeHelper.java
index 34e7db42..240dceef 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/IssuedCertificateAttributeHelper.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/IssuedCertificateAttributeHelper.java
@@ -55,9 +55,11 @@ public final class IssuedCertificateAttributeHelper {
         try {
             extension = new Extension(Extension.extendedKeyUsage, true,
                     new ExtendedKeyUsage(new KeyPurposeId[] {
-                            KeyPurposeId.getInstance(TCG_KP_AIK_CERTIFICATE_ATTRIBUTE)}).getEncoded());
+                            KeyPurposeId.getInstance(TCG_KP_AIK_CERTIFICATE_ATTRIBUTE),
+                            KeyPurposeId.getInstance(KeyPurposeId.id_kp_clientAuth)
+                            }).getEncoded());
         } catch (IOException e) {
-//            log.error("Error generating extended key usage extension");
+            log.error("Error generating extended key usage extension");
         }
         EXTENDED_KEY_USAGE_EXTENSION = extension;
     }