RSA: Fix another buffer overflow in PSS signature verification Fix buffer overflow in RSA-PSS signature verification when the masking operation results in an all-zero buffer. This could happen at any key size.

commit: 511bb84c609e1b39cc9e470f4f9132accb412591 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Tue Oct 17 19:02:13 2017 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Tue Oct 17 19:33:48 2017 +0200
tree: f9752a05c9bfb857780dbde2480111df21bb2b68
parent: 55db24ca506cf5831bd31e32d26e5db2cc0264f9 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index d2c5f6b..9b3dc5c 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -6,6 +6,8 @@
    * Fix buffer overflow in RSA-PSS verification when the hash is too
      large for the key size. Found by Seth Terashima, Qualcomm Product
      Security Initiative, Qualcomm Technologies Inc.
+   * Fix buffer overflow in RSA-PSS verification when the unmasked
+     data is all zeros.
 
 = mbed TLS 1.3.21 branch released 2017-08-10
commit	511bb84c609e1b39cc9e470f4f9132accb412591	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Oct 17 19:02:13 2017 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Oct 17 19:33:48 2017 +0200
tree	f9752a05c9bfb857780dbde2480111df21bb2b68
parent	55db24ca506cf5831bd31e32d26e5db2cc0264f9 [diff] [blame]