rsa: Prevent usage of long salt in FIPS mode
fdd2a8b3329eUnpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

rsa: Prevent usage of long salt in FIPS mode

* cipher/rsa-common.c (_gcry_rsa_pss_encode): Prevent usage of large
  salt lengths
  (_gcry_rsa_pss_verify): Ditto.
* tests/basic.c (check_pubkey_sign): Check longer salt length fails in
  FIPS mode
* tests/t-rsa-pss.c (one_test_sexp): Fix function name in error message

Backport the master commit of:
bf1e62e59200b2046680d1d3d1599facc88cfe63