library: x509: simplify RSA-PSS management - Do not store RSA-PSS signature options in CRL/CRT/CSR structures; - During the parsing phase, just ensure that MGF1 hash alg is the same as the one used for the message. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

commit: 68878ccdd0c24e9522652e334175a48f488fadfd [log] [tgz]
author: Valerio Setti <valerio.setti@nordicsemi.no> Thu Apr 10 23:30:26 2025 +0200
committer: Valerio Setti <valerio.setti@nordicsemi.no> Wed May 07 09:06:52 2025 +0200
tree: fe6a07dcc79a6be30687a29f019e5832f24fba88
parent: 2439c4c14a5de74fe651861a265bf6488addc073 [diff] [blame]
diff --git a/library/x509_crl.c b/library/x509_crl.c
index bc4fdbb..81af93b 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c

@@ -389,8 +389,7 @@
     crl->version++;
 
     if ((ret = mbedtls_x509_get_sig_alg(&crl->sig_oid, &sig_params1,
-                                        &crl->sig_md, &crl->sig_pk,
-                                        &crl->sig_opts)) != 0) {
+                                        &crl->sig_md, &crl->sig_pk)) != 0) {
         mbedtls_x509_crl_free(crl);
         return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG;
     }
@@ -676,10 +675,6 @@
     mbedtls_x509_crl_entry *entry_prv;
 
     while (crl_cur != NULL) {
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-        mbedtls_free(crl_cur->sig_opts);
-#endif
-
         mbedtls_asn1_free_named_data_list_shallow(crl_cur->issuer.next);
 
         entry_cur = crl_cur->entry.next;
commit	68878ccdd0c24e9522652e334175a48f488fadfd	[log] [tgz]
author	Valerio Setti <valerio.setti@nordicsemi.no>	Thu Apr 10 23:30:26 2025 +0200
committer	Valerio Setti <valerio.setti@nordicsemi.no>	Wed May 07 09:06:52 2025 +0200
tree	fe6a07dcc79a6be30687a29f019e5832f24fba88
parent	2439c4c14a5de74fe651861a265bf6488addc073 [diff] [blame]