Thank you for your information.
I see your point, however, as long as you are having a TLS session, your TLS context should remain, and not freed.
As long as you have your TLS context, the peer PK context is not freed.
As I see it, you need to have signature verification from the remote peer, during TLS sessions, so you should have the
mbedtls_pk_context in the peer certificate of your
However, I see your point, we will consider having a way to get hte peer PK context.
Mbed TLS Team member