gnutls_pubkey_verify_data2: do not utilize GNUTLS_VERIFY_USE_RSA_PSS

This flag is not required for verification since the signature algorithm
is sufficient to detect RSA-PSS without requiring any flags.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

2 files changed, 1 insertions, 3 deletions

diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h
index dec5db4e3f..2182a96597 100644
--- a/lib/includes/gnutls/abstract.h
+++ b/lib/includes/gnutls/abstract.h
@@ -52,7 +52,6 @@ typedef enum gnutls_pubkey_flags {
 } gnutls_pubkey_flags_t;
 
 #define GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA GNUTLS_VERIFY_USE_TLS1_RSA
-#define GNUTLS_PUBKEY_VERIFY_FLAG_RSA_PSS GNUTLS_VERIFY_USE_RSA_PSS
 
 typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
 					 void *userdata,
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h
index cc30a5fd6c..b67e7c0271 100644
--- a/lib/includes/gnutls/x509.h
+++ b/lib/includes/gnutls/x509.h
@@ -964,8 +964,7 @@ typedef enum gnutls_certificate_verify_flags {
 	GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS = 1 << 12,
 	GNUTLS_VERIFY_USE_TLS1_RSA = 1 << 13,
 	GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS = 1 << 14,
-	GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 = 1 << 15,
-	GNUTLS_VERIFY_USE_RSA_PSS = 1 << 16
+	GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 = 1 << 15
 	/* cannot exceed 2^24 due to GNUTLS_PROFILE_TO_VFLAGS() */
 } gnutls_certificate_verify_flags;