nettle: mark non-compliant RSA-PSS salt length to be not-approved

According to FIPS 186-5 5.4, the salt length must be in the range between 0 and the hash length inclusive. While the use of those salt lengths is still allowed for compatibility, it is reported as non-approved operation through FIPS service indicator.

Checklist

• Commits have Signed-off-by: with name/author being identical to the commit author
• Code modified for feature
• Test suite updated with functionality tests
• Test suite updated with negative tests
• Documentation updated / NEWS entry present (for non-trivial changes)
• CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

Reviewer's checklist:

• Any issues marked for closing are addressed
• There is a test suite reasonably covering new functionality or modifications
• Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
• This feature/change has adequate documentation added
• No obvious mistakes in the code