Merge pull request #8917 from gilles-peskine-arm/mbedtls_pk_decrypt-USE_PSA_CRYPTO-changelog-correction mbedtls_pk_decrypt/encrypt actually check the padding mode

commit: 1c191c13178c19053524d288a75debb50ba22039 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Mar 12 07:53:54 2024 +0000
committer: GitHub <noreply@github.com> Tue Mar 12 07:53:54 2024 +0000
tree: db7b67cd4209532b0548d64bd8340e80587d158d
parent: 66ebde46dfe241e88eaa36a95551a2e791d91a9e [diff]
parent: 88c2755a3049304973031a3cacbfbd5dff1b63eb [diff]
diff --git a/ChangeLog.d/8824.txt b/ChangeLog.d/8824.txt
index abc305f..6d6bcb7 100644
--- a/ChangeLog.d/8824.txt
+++ b/ChangeLog.d/8824.txt

@@ -1,7 +1,8 @@
 Bugfix
    * Fix mbedtls_pk_sign(), mbedtls_pk_verify(), mbedtls_pk_decrypt() and
      mbedtls_pk_encrypt() on non-opaque RSA keys to honor the padding mode in
-     the RSA context. Before, if MBEDTLS_USE_PSA_CRYPTO was enabled, they always
-     used PKCS#1 v1.5 even when the RSA context was configured for PKCS#1 v2.1
-     (PSS/OAEP). Fixes #8824.
+     the RSA context. Before, if MBEDTLS_USE_PSA_CRYPTO was enabled and the
+     RSA context was configured for PKCS#1 v2.1 (PSS/OAEP), the sign/verify
+     functions performed a PKCS#1 v1.5 signature instead and the
+     encrypt/decrypt functions returned an error. Fixes #8824.
commit	1c191c13178c19053524d288a75debb50ba22039	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Tue Mar 12 07:53:54 2024 +0000
committer	GitHub <noreply@github.com>	Tue Mar 12 07:53:54 2024 +0000
tree	db7b67cd4209532b0548d64bd8340e80587d158d
parent	66ebde46dfe241e88eaa36a95551a2e791d91a9e [diff]
parent	88c2755a3049304973031a3cacbfbd5dff1b63eb [diff]