As discussed, the Extensions struct requires a custom FromTLV as it needs to preserve the order of appearance of the extensions in the TLV, so as to serialize them in that same order in the "for-signing" DER.
As per the Matter spec:
"The extensions SHALL appear in the same order in the Matter certificate and in the corresponding X.509 certificates".
The fix is essentially a replica of the approach we are already utilizing for DistNames, as these have identical requirements w.r.t. preserving the order of appearance.
As discussed, the
Extensionsstruct requires a customFromTLVas it needs to preserve the order of appearance of the extensions in the TLV, so as to serialize them in that same order in the "for-signing" DER.As per the Matter spec: "The extensions SHALL appear in the same order in the Matter certificate and in the corresponding X.509 certificates".
The fix is essentially a replica of the approach we are already utilizing for
DistNames, as these have identical requirements w.r.t. preserving the order of appearance.