Allow empty ns_cert_type, key_usage while parsing certificates

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/library/x509_crt.c b/library/x509_crt.c
index a4eb712..f77991e 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -573,6 +573,11 @@
         return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
     }
 
+    if (bs.len == 0) {
+        *ns_cert_type = 0;
+        return 0;
+    }
+
     if (bs.len != 1) {
         return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
                                  MBEDTLS_ERR_ASN1_INVALID_LENGTH);
@@ -595,6 +600,11 @@
         return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
     }
 
+    if (bs.len == 0) {
+        *key_usage = 0;
+        return 0;
+    }
+
     if (bs.len < 1) {
         return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
                                  MBEDTLS_ERR_ASN1_INVALID_LENGTH);