From 3a2337e1326f6b35ad930840f066c407b9bf19e6 Mon Sep 17 00:00:00 2001
From: Evgeny Margolis <emargolis@google.com>
Date: Wed, 24 Aug 2022 20:07:48 -0700
Subject: [PATCH] chip-cert: Added Request To Check that
 KeyUsageFlags::kDigitalSignat is Set for NOC Validation (#22061)

---
 src/tools/chip-cert/Cmd_ValidateCert.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/tools/chip-cert/Cmd_ValidateCert.cpp b/src/tools/chip-cert/Cmd_ValidateCert.cpp
index 6445207e8065da..3417f8d089ba27 100644
--- a/src/tools/chip-cert/Cmd_ValidateCert.cpp
+++ b/src/tools/chip-cert/Cmd_ValidateCert.cpp
@@ -191,6 +191,7 @@ bool Cmd_ValidateCert(int argc, char * argv[])
     uint32_t currentTime;
     res = chip::UnixEpochToChipEpochTime(static_cast<uint32_t>(time(nullptr)), currentTime);
     context.mEffectiveTime.Set<CurrentChipEpochTime>(currentTime);
+    context.mRequiredKeyUsages.Set(KeyUsageFlags::kDigitalSignature);
     VerifyTrueOrExit(res);
 
     err = certSet.FindValidCert(certToBeValidated->mSubjectDN, certToBeValidated->mSubjectKeyId, context, &validatedCert);