From 64937856e07a7fc611bfd48ce30e8abd0e727406 Mon Sep 17 00:00:00 2001 From: Dave Rodgman <dave.rodgman@arm.com> Date: Mon, 15 Aug 2022 14:12:25 +0100 Subject: [PATCH] Correct order of extended key usage attributes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com> --- programs/x509/cert_write.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index d1c716b8a..2f51e19c8 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -445,13 +445,14 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "ext_key_usage" ) == 0 ) { + mbedtls_asn1_sequence **tail = &opt.ext_key_usage; + while( q != NULL ) { if( ( r = strchr( q, ',' ) ) != NULL ) *r++ = '\0'; ext_key_usage = mbedtls_calloc( 1, sizeof(mbedtls_asn1_sequence) ); - ext_key_usage->next = opt.ext_key_usage; ext_key_usage->buf.tag = MBEDTLS_ASN1_OID; if( strcmp( q, "serverAuth" ) == 0 ) SET_OID( ext_key_usage->buf, MBEDTLS_OID_SERVER_AUTH ); @@ -467,7 +468,9 @@ int main( int argc, char *argv[] ) SET_OID( ext_key_usage->buf, MBEDTLS_OID_OCSP_SIGNING ); else goto usage; - opt.ext_key_usage = ext_key_usage; + + *tail = ext_key_usage; + tail = &ext_key_usage->next; q = r; }