RSA: Fix buffer overflow in PSS signature verification
Fix buffer overflow in RSA-PSS signature verification when the hash is
too large for the key size. Found by Seth Terashima, Qualcomm.
Added a non-regression test and a positive test with the smallest
permitted key size for a SHA-512 hash.
diff --git a/ChangeLog b/ChangeLog
index a89f2a4..292acef 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,11 @@
= mbed TLS x.x.x released xxxx-xx-xx
+Security
+ * Fix buffer overflow in RSA-PSS verification when the hash is too
+ large for the key size. Found by Seth Terashima, Qualcomm Product
+ Security Initiative, Qualcomm Technologies Inc.
+
Features
* Allow comments in test data files.