Skip unsupported extensions

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 3b3aa1c..baa0618 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -112,52 +112,47 @@
         }
 
         /*
-         * Detect supported extensions
+         * Detect supported extensions and skip unsupported extensions
          */
         ret = mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type);
 
-        if (ret != 0) {
-            *p = end_ext_data;
-            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
-                                     ret);
+        if (ret == 0) {
+            /* Forbid repeated extensions */
+            if ((csr->ext_types & ext_type) != 0) {
+                return (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                        MBEDTLS_ERR_ASN1_INVALID_DATA));
+            }
+
+            csr->ext_types |= ext_type;
+
+            switch (ext_type) {
+                case MBEDTLS_X509_EXT_KEY_USAGE:
+                    /* Parse key usage */
+                    if ((ret = mbedtls_x509_get_key_usage(p, end_ext_data,
+                                                            &csr->key_usage)) != 0) {
+                        return ret;
+                    }
+                    break;
+
+                case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME:
+                    /* Parse subject alt name */
+                    if ((ret = mbedtls_x509_get_subject_alt_name(p, end_ext_data,
+                                                                    &csr->subject_alt_names)) != 0) {
+                        return ret;
+                    }
+                    break;
+
+                case MBEDTLS_X509_EXT_NS_CERT_TYPE:
+                    /* Parse netscape certificate type */
+                    if ((ret = mbedtls_x509_get_ns_cert_type(p, end_ext_data,
+                                                                &csr->ns_cert_type)) != 0) {
+                        return ret;
+                    }
+                    break;
+                default:
+                    break;
+            }
         }
-
-        /* Forbid repeated extensions */
-        if ((csr->ext_types & ext_type) != 0) {
-            return (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
-                                      MBEDTLS_ERR_ASN1_INVALID_DATA));
-        }
-
-        csr->ext_types |= ext_type;
-
-        switch (ext_type) {
-            case MBEDTLS_X509_EXT_KEY_USAGE:
-                /* Parse key usage */
-                if ((ret = mbedtls_x509_get_key_usage(p, end_ext_data,
-                                                        &csr->key_usage)) != 0) {
-                    return ret;
-                }
-                break;
-
-            case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME:
-                /* Parse subject alt name */
-                if ((ret = mbedtls_x509_get_subject_alt_name(p, end_ext_data,
-                                                                &csr->subject_alt_names)) != 0) {
-                    return ret;
-                }
-                break;
-
-            case MBEDTLS_X509_EXT_NS_CERT_TYPE:
-                /* Parse netscape certificate type */
-                if ((ret = mbedtls_x509_get_ns_cert_type(p, end_ext_data,
-                                                            &csr->ns_cert_type)) != 0) {
-                    return ret;
-                }
-                break;
-            default:
-                break;
-        }
-
         *p = end_ext_data;
     }
 
@@ -201,7 +196,6 @@
 
         /* Check that this is an extension-request attribute */
         if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS9_CSR_EXT_REQ, &attr_oid) == 0) {
-
             if ((ret = mbedtls_asn1_get_tag(p, end, &len,
                                             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET)) != 0) {
                 return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index e809498..39aab7c 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -2756,7 +2756,7 @@
 
 X509 CSR ASN.1 (extensions: invalid extension type data)
 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551DFF04283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_OID_NOT_FOUND
+mbedtls_x509_csr_parse:"308201B13082011A020100300F310D300B06035504030C046574636430819F300D06092A864886F70D010101050003818D0030818902818100C73892C5C3F47010086BF81335ECF3011C8A250F9582361EAA1E9612551AACF87B75330B7057339CD995F14D4C4437C8BEC4A03FE4643CD3F3C902433DC37C5B8E79AA0984AE8213370ABF8569BD2A35626CB1FEE4ACE042B2417C7BE49D27149B2C076B8E433D3F6C763A469A1C700D259DBC08C740FCD8023762FF7DEBFC2D0203010001A062306006092A864886F70D01090E31533051300B0603551D0F040403020102302F0603551DFF04283026A02406082B06010505070804A018301606072B060104011103040B3132338081008180333231301106096086480186F8420101040403020780300D06092A864886F70D01010B05000381810093D6BEE3D49597074924A061BDF0D0D08EA9A81F94825B20EE3BE8008808430639C11CB8636C13E023EEDF31B247142582A3C7FC92F766688BF4DA185CCACC6C9E12CBCDB2DA2C96DF542AF2D6A867A8C97E6BAC994454EEE40F38AD60FC8A36AF2BA6B86465B082B569AFDAA9E606D71B37E3E174517DE91B17FE9C87905EE3":"CSR version   \: 1\nsubject name  \: CN=etcd\nsigned using  \: RSA with SHA-256\nRSA key size  \: 1024 bits\n\ncert. type        \: SSL Client\nkey usage         \: CRL Sign\n":0
 
 X509 File parse (no issues)
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C