Either the library should provide means to check aux data integrity before passing it to hss_load_private_key or hss_load_private_key shall return an indication that aux data is corrupted.
Something like
|
expanded_aux = hss_expand_aux_data( aux_data, len_aux_data, &temp_aux, |
Check if expanded_aux is 0 and return a warning to the user via info->error_code
Either the library should provide means to check
aux dataintegrity before passing it tohss_load_private_keyorhss_load_private_keyshall return an indication thataux datais corrupted.Something like
hash-sigs/hss_generate.c
Line 400 in 73310fd
Check if
expanded_auxis 0 and return a warning to the user viainfo->error_code