Merge pull request #5010 from gilles-peskine-arm/psa-rsa-pss_any_salt

PSA: fix salt length for PSS verification
2025-08-08 17:42:09 +03:00 · 2021-10-29 16:36:36 +02:00
parent f660c7c923 f6892dec2a
commit 4313d3ac87
8 changed files with 314 additions and 49 deletions
--- a/ChangeLog.d/psa_alg_rsa_pss.txt
+++ b/ChangeLog.d/psa_alg_rsa_pss.txt
@@ -0,0 +1,5 @@
+Bugfix
+   * Fix PSA_ALG_RSA_PSS verification accepting an arbitrary salt length.
+     This algorithm now accepts only the same salt length for verification
+     that it produces when signing, as documented. Use the new algorithm
+     PSA_ALG_RSA_PSS_ANY_SALT to accept any salt length. Fixes #4946.