Add new function mbedtls_asn1_write_named_bitstring()
Add a new function mbedtls_asn1_write_named_bitstring() that removes
trailing 0s at the end of DER encoded bitstrings. The function is
implemented according to Hanno Becker's suggestions.
This commit also changes the functions x509write_crt_set_ns_cert_type
and crt_set_key_usage to call the new function as the use named
bitstrings instead of the regular bitstrings.
diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h
index 76c1780..80b31c3 100644
--- a/include/mbedtls/asn1write.h
+++ b/include/mbedtls/asn1write.h
@@ -277,6 +277,26 @@
const unsigned char *buf, size_t bits );
/**
+ * \brief Write a named bitstring tag (MBEDTLS_ASN1_BIT_STRING) and
+ * value in ASN.1 format
+ * Note: function works backwards in data buffer
+ *
+ * As stated in RFC5280 Appending B, trailing zeroes are
+ * omitted when encoding named bitstrings in DER.
+ *
+ * \param p Reference to current position pointer.
+ * \param start Start of the buffer (for bounds-checking).
+ * \param buf The bitstring.
+ * \param bits The total number of bits in the bitstring.
+ *
+ * \return The length written or a negative error code.
+ */
+int mbedtls_asn1_write_named_bitstring( unsigned char **p,
+ unsigned char *start,
+ const unsigned char *buf,
+ size_t bits );
+
+/**
* \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING)
* and value in ASN.1 format.
*