Expose ecdsa_signature_to_asn1

Expose ecdsa_signature_to_asn1 in the API. It's useful when converting
between RFC 4492 format and other representations that might be used
in external crypto processors.
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index b730953..8a96c02 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -142,7 +142,7 @@
     rnd_pseudo_info rnd_info;
     unsigned char hash[32];
     unsigned char sig[200];
-    size_t sig_len, i;
+    size_t sig_len, max_sig_len, i;
 
     mbedtls_ecdsa_init( &ctx );
     memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
@@ -162,8 +162,10 @@
     TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
                  sig, sig_len ) == 0 );
 
-    /* check we didn't write past the announced length */
-    for( i = sig_len; i < sizeof( sig ); i++ )
+    /* check we didn't write past the maximum length */
+    max_sig_len = MBEDTLS_ECDSA_MAX_SIG_LEN( ctx.grp.pbits );
+    TEST_ASSERT( sig_len <= max_sig_len );
+    for( i = max_sig_len; i < sizeof( sig ); i++ )
         TEST_ASSERT( sig[i] == 0x2a );
 
     /* try verification with invalid length */