Make use of X509_get_signature_info() in check_sig_level()
If an auth_level (i.e., security_level, but not quite, because Viktor) was
set on the X509_VERIFY_PARAM in the X509_STORE_CTX, the verifier would
reject RSA-PSS or EdDSA certificates for insufficient security bits due to
incorrect use of OBJ_find_sigid_algs() (this was also a bug in the initial
security level implementation in OpenSSL 1.1).
Using X509_get_signature_info() fixes this while preserving behavior for
all other algorithms.
Reported by Steffen Ullrich as one of multiple issues with RSA-PSS.
ok jsing