RSA PSS: remove redundant check; changelog
Remove a check introduced in the previous buffer overflow fix with keys of
size 8N+1 which the subsequent fix for buffer start calculations made
redundant.
Added a changelog entry for the buffer start calculation fix.
diff --git a/ChangeLog b/ChangeLog
index 6f7637d..4a2e710 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,8 @@
* Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
Found by projectgus and jethrogb, #836.
* Fix usage help in ssl_server2 example. Found and fixed by Bei Lin.
+ * Fix some invalid RSA-PSS signatures with keys of size 8N+1 that were
+ accepted. Generating these signatures required the private key.
= mbed TLS 2.6.0 branch released 2017-08-10
diff --git a/library/rsa.c b/library/rsa.c
index b54960f..148f6b3 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1399,8 +1399,7 @@
while( p < hash_start - 1 && *p == 0 )
p++;
- if( p == hash_start ||
- *p++ != 0x01 )
+ if( *p++ != 0x01 )
{
mbedtls_md_free( &md_ctx );
return( MBEDTLS_ERR_RSA_INVALID_PADDING );