Add regression test for #524

3 files changed, 58 insertions, 2 deletions

diff --git a/crypto/Contributors.html b/crypto/Contributors.html
index b3cf33bac..1f8ef780c 100644
--- a/crypto/Contributors.html
+++ b/crypto/Contributors.html
@@ -269,7 +269,7 @@ University of Wollongong, Institute of Cybersecurity and Cryptology, under the s
 		<p>Matthew Sitton (https://github.com/mdsitton) - Addition of missing ALPN Protocol names.</p>
 	    </li>
 	    <li>
-		<p>Jozef Gajdo&scaron; (https://github.com/harrison314) - Time constructor optimization, RevokedStatus fix, improved thread-safe singleton code (e.g. X509Certificate/X509Crl cached encoding), SubjectPublicKeyInfo support in OpenSsl.PemWriter.</p>
+			<p>Jozef Gajdo&scaron; (https://github.com/harrison314) - Time constructor optimization, RevokedStatus fix, improved thread-safe singleton code (e.g. X509Certificate/X509Crl cached encoding), SubjectPublicKeyInfo support in OpenSsl.PemWriter, fixed PSS raw signing over spans.</p>
 	    </li>
 		<li>
 			<p>Ben Adams (https://github.com/benaadams) - Performance optimization for AES-NI.</p>
diff --git a/crypto/Readme.html b/crypto/Readme.html
index ee726b5a4..76afc29a4 100644
--- a/crypto/Readme.html
+++ b/crypto/Readme.html
@@ -32,6 +32,8 @@
                                 <a href="#mozTocId3413">Notes:</a>
                                 <ol>
                                     <li>
+                                        <a href="#mozTocId85332">Release 2.3.1</a>
+                                    <li>
                                         <a href="#mozTocId85331">Release 2.3.0</a>
                                     <li>
                                         <a href="#mozTocId85330">Release 2.2.1</a>
@@ -329,6 +331,22 @@
         <hr style="WIDTH: 100%; HEIGHT: 2px">
         <h3><a class="mozTocH3" name="mozTocId3413"></a>Notes:</h3>
 
+        <h4><a class="mozTocH4" name="mozTocId85332"></a>Release 2.3.1, TBD</h4>
+        <h5>Defects Fixed</h5>
+        <ul>
+            <li>PSS: Fixed regression in 2.3.0 when updating signer from a span.</li>
+        </ul>
+        <h5>Additional Features and Functionality</h5>
+        <ul>
+        </ul>
+        <h5>Additional Notes</h5>
+        <ul>
+            <li>
+                See the (cumulative) list of GitHub pull requests that we have accepted at
+                <a href="https://github.com/bcgit/bc-csharp/pulls?q=is%3Apr+is%3Aclosed">bcgit/bc-csharp</a>.
+            </li>
+        </ul>
+
         <h4><a class="mozTocH4" name="mozTocId85331"></a>Release 2.3.0, Monday February 5, 2024</h4>
         <h5>Defects Fixed</h5>
         <ul>
diff --git a/crypto/test/src/crypto/test/PSSTest.cs b/crypto/test/src/crypto/test/PSSTest.cs
index 599c2c8c7..72558e62f 100644
--- a/crypto/test/src/crypto/test/PSSTest.cs
+++ b/crypto/test/src/crypto/test/PSSTest.cs
@@ -4,6 +4,7 @@ using NUnit.Framework;
 
 using Org.BouncyCastle.Crypto.Digests;
 using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Crypto.Signers;
 using Org.BouncyCastle.Math;
@@ -215,7 +216,44 @@ namespace Org.BouncyCastle.Crypto.Tests
 			get { return "PSSTest"; }
 		}
 
-		private void doTestSig(
+		[Test]
+        public void TestRegression_GitHub_bc_csharp_524()
+		{
+            SecureRandom secureRandom = new SecureRandom();
+
+            var kpg = new RsaKeyPairGenerator();
+			kpg.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(17), secureRandom, 1024, 100));
+            var keyPair = kpg.GenerateKeyPair();
+
+			var digest = new Sha256Digest();
+
+			var hash = SecureRandom.GetNextBytes(secureRandom, digest.GetDigestSize());
+
+			var signer = PssSigner.CreateRawSigner(new RsaBlindedEngine(), digest);
+            signer.Init(true, keyPair.Private);
+            // NOTE: .NET Core 3.1 has Span<T>, but is tested against our .NET Standard 2.0 assembly.
+            //#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+            signer.BlockUpdate(hash);
+#else
+			signer.BlockUpdate(hash, 0, hash.Length);
+#endif
+            byte[] signature = signer.GenerateSignature();
+
+            signer.Init(false, keyPair.Public);
+			// NOTE: .NET Core 3.1 has Span<T>, but is tested against our .NET Standard 2.0 assembly.
+//#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+            signer.BlockUpdate(hash);
+#else
+			signer.BlockUpdate(hash, 0, hash.Length);
+#endif
+            bool verified = signer.VerifySignature(signature);
+
+			Assert.IsTrue(verified);
+        }
+
+        private void doTestSig(
 			int					id,
 			RsaKeyParameters	pub,
 			RsaKeyParameters	prv,