Correct order of extended key usage attributes
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index d1c716b..2f51e19 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -445,13 +445,14 @@
}
else if( strcmp( p, "ext_key_usage" ) == 0 )
{
+ mbedtls_asn1_sequence **tail = &opt.ext_key_usage;
+
while( q != NULL )
{
if( ( r = strchr( q, ',' ) ) != NULL )
*r++ = '\0';
ext_key_usage = mbedtls_calloc( 1, sizeof(mbedtls_asn1_sequence) );
- ext_key_usage->next = opt.ext_key_usage;
ext_key_usage->buf.tag = MBEDTLS_ASN1_OID;
if( strcmp( q, "serverAuth" ) == 0 )
SET_OID( ext_key_usage->buf, MBEDTLS_OID_SERVER_AUTH );
@@ -467,7 +468,9 @@
SET_OID( ext_key_usage->buf, MBEDTLS_OID_OCSP_SIGNING );
else
goto usage;
- opt.ext_key_usage = ext_key_usage;
+
+ *tail = ext_key_usage;
+ tail = &ext_key_usage->next;
q = r;
}