Stop misusing MBEDTLS_X509_RSASSA_PSS_SUPPORT in TLS code #10641
Description
Suggested enhancement
This macro, as its documentation says, is about parsing and verifying certificates that are signed using RSA-PSS by the issuing CA.
This has absolutely nothing to do with whether the public key contained in the certificate (or the associated private key) is going to be used to verify (or create) RSA-PSS signatures. In fact, as certificate could be signed with RSA-PSS by its issuing CA, while containing an ECC key. Or it would be signed with ECDSA by its issuing CA and contain an RSA key, that could be used to verify PSS signatures.
Therefore, using this macro in TLS code (mostly 1.3) to decide whether an RSA-PSS handshake signature can be done was always wrong.
We should fix it, and fix the dependencies in the tests as well.
Justification
Mbed TLS needs this because our dependencies are already complex enough without misusing our own macros.