commit 7f6f4e690727f6f9c69422ff26dc4f2d283165b0
author Valerio Setti <valerio.setti@nordicsemi.no> Wed Apr 23 11:29:51 2025 +0200
committer Valerio Setti <valerio.setti@nordicsemi.no> Wed May 07 09:06:52 2025 +0200
tree a8d80c577f14c3b1346853b091cbbd4a16f707e7
parent d24dfad7af48e167d1f202e7901db18429a71ca4

library: pass NULL options parameter to mbedtls_pk_verify_ext()

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

library/ssl_tls13_generic.c

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index deba2ae..70175e0 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -227,11 +227,6 @@
     unsigned char verify_hash[PSA_HASH_MAX_SIZE];
     size_t verify_hash_len;
 
-    void const *options = NULL;
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-    mbedtls_pk_rsassa_pss_options rsassa_pss_options;
-#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-
     /*
      * struct {
      *     SignatureScheme algorithm;
@@ -304,16 +299,8 @@
     }
 
     MBEDTLS_SSL_DEBUG_BUF(3, "verify hash", verify_hash, verify_hash_len);
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-    if (sig_alg == MBEDTLS_PK_RSASSA_PSS) {
-        rsassa_pss_options.mgf1_hash_id = md_alg;
 
-        rsassa_pss_options.expected_salt_len = PSA_HASH_LENGTH(hash_alg);
-        options = (const void *) &rsassa_pss_options;
-    }
-#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-
-    if ((ret = mbedtls_pk_verify_ext(sig_alg, options,
+    if ((ret = mbedtls_pk_verify_ext(sig_alg, NULL,
                                      &ssl->session_negotiate->peer_cert->pk,
                                      md_alg, verify_hash, verify_hash_len,
                                      p, signature_len)) == 0) {