mbedtls/ChangeLog.d/psa-rsa-verify-alt-fix.txt

Bugfix
   * psa_verify_hash() was relying on implementation-specific behavior of
     mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT
     implementations. This reliance is now removed. Fixes #3990.
   * Disallow inputs of length different from the corresponding hash when
     signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates
     that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.)
Add ChangeLog entry Signed-off-by: Janos Follath <janos.follath@arm.com> 2021-06-15 17:08:29 +02:00			`Bugfix`
			`* psa_verify_hash() was relying on implementation-specific behavior of`
			`mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT`
			`implementations. This reliance is now removed. Fixes #3990.`
			`* Disallow inputs of length different from the corresponding hash when`
			`signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates`
			`that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.)`