Add buffer holding raw ExtKeyUsage extension data to CRT struct

The previous commits replace the use of dynamically allocated linked lists
for X.509 name inspection. This commit is the first in a series which attempts
the same for the `ExtendedKeyUsage` extension. So far, when a CRT is parsed,
the extension is traversed and converted into a dynamically allocated linked
list, which is then search through whenever the usage of a CRT needs to be
checked through `mbedtls_x509_check_extended_key_usage()`.

As a first step, this commit introduces a raw buffer holding the bounds
of the `ExtendedKeyUsage` extension to the `mbedtls_x509_crt` structure.

include/mbedtls/x509_crt.h

@@ -87,7 +87,8 @@ typedef struct mbedtls_x509_crt
 
     unsigned int key_usage;     /**< Optional key usage extension value: See the values in x509.h */
 
-    mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
+    mbedtls_x509_sequence ext_key_usage;    /**< Optional list of extended key usage OIDs. */
+    mbedtls_x509_buf_raw ext_key_usage_raw; /**< Raw data of ExtendedKeyUsage extensions.  */
 
     unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */
 

library/x509_crt.c

@@ -697,6 +697,8 @@ static int x509_get_crt_ext( unsigned char **p,
 
         case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE:
             /* Parse extended key usage */
+            crt->ext_key_usage_raw.p = *p;
+            crt->ext_key_usage_raw.len = end_ext_octet - *p;
             if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
                     &crt->ext_key_usage ) ) != 0 )
                 return( ret );