Add parentheses about parameter of MBEDTLS_X509_ID_FLAG
The `id` parameter of the public `MBEDTLS_X509_ID_FLAG` macro was
used in a subtraction without being surrounded by parentheses.
Since some operators bind less strongly than subtraction, this
could lead to erroneous evaluation of `MBEDTLS_X509_ID_FLAG`.
For example, `MBEDTLS_X509_ID_FLAG( 1 << 2 )` would evaluate
evaluate to
`1 << ( 1 << 2 - 1 ) == 1 << ( 1 << 1 ) == 4`
instead of the intended
`1 << ( ( 1 << 2 ) - 1 ) == 1 << ( 4 - 1 ) == 8`.
This commit fixes this by adding parentheses about the `id`
parameter in the definition of `MBEDTLS_X509_ID_FLAG`.
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index ac23cff..d725e29 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -98,7 +98,7 @@
* Build flag from an algorithm/curve identifier (pk, md, ecp)
* Since 0 is always XXX_NONE, ignore it.
*/
-#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( id - 1 ) )
+#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( ( id ) - 1 ) )
/**
* Security profile for certificate verification.