library: x509: simplify RSA-PSS management
- Do not store RSA-PSS signature options in CRL/CRT/CSR structures;
- During the parsing phase, just ensure that MGF1 hash alg is the same
as the one used for the message.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 8e5fdb6..c4a1284 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -407,8 +407,7 @@
}
if ((ret = mbedtls_x509_get_sig_alg(&csr->sig_oid, &sig_params,
- &csr->sig_md, &csr->sig_pk,
- &csr->sig_opts)) != 0) {
+ &csr->sig_md, &csr->sig_pk)) != 0) {
mbedtls_x509_csr_free(csr);
return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG;
}
@@ -621,10 +620,6 @@
mbedtls_pk_free(&csr->pk);
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- mbedtls_free(csr->sig_opts);
-#endif
-
mbedtls_asn1_free_named_data_list_shallow(csr->subject.next);
mbedtls_asn1_sequence_free(csr->subject_alt_names.next);