library: x509: simplify RSA-PSS management - Do not store RSA-PSS signature options in CRL/CRT/CSR structures; - During the parsing phase, just ensure that MGF1 hash alg is the same as the one used for the message. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

commit: 68878ccdd0c24e9522652e334175a48f488fadfd [log] [tgz]
author: Valerio Setti <valerio.setti@nordicsemi.no> Thu Apr 10 23:30:26 2025 +0200
committer: Valerio Setti <valerio.setti@nordicsemi.no> Wed May 07 09:06:52 2025 +0200
tree: fe6a07dcc79a6be30687a29f019e5832f24fba88
parent: 2439c4c14a5de74fe651861a265bf6488addc073 [diff] [blame]
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 5d26ebb..47907f2 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -1163,8 +1163,7 @@
     crt->version++;
 
     if ((ret = mbedtls_x509_get_sig_alg(&crt->sig_oid, &sig_params1,
-                                        &crt->sig_md, &crt->sig_pk,
-                                        &crt->sig_opts)) != 0) {
+                                        &crt->sig_md, &crt->sig_pk)) != 0) {
         mbedtls_x509_crt_free(crt);
         return ret;
     }
@@ -3203,10 +3202,6 @@
     while (cert_cur != NULL) {
         mbedtls_pk_free(&cert_cur->pk);
 
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-        mbedtls_free(cert_cur->sig_opts);
-#endif
-
         mbedtls_asn1_free_named_data_list_shallow(cert_cur->issuer.next);
         mbedtls_asn1_free_named_data_list_shallow(cert_cur->subject.next);
         mbedtls_asn1_sequence_free(cert_cur->ext_key_usage.next);
commit	68878ccdd0c24e9522652e334175a48f488fadfd	[log] [tgz]
author	Valerio Setti <valerio.setti@nordicsemi.no>	Thu Apr 10 23:30:26 2025 +0200
committer	Valerio Setti <valerio.setti@nordicsemi.no>	Wed May 07 09:06:52 2025 +0200
tree	fe6a07dcc79a6be30687a29f019e5832f24fba88
parent	2439c4c14a5de74fe651861a265bf6488addc073 [diff] [blame]