From 487887dc1eff9aa8a2176f282a8926cc714466ed Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 17 Apr 2026 22:13:26 +0000
Subject: [PATCH 1/2] chore(deps): bump thirdparty/libtomcrypt from `3223b87`
 to `2e441a1`

Bumps [thirdparty/libtomcrypt](https://github.com/libtom/libtomcrypt) from `3223b87` to `2e441a1`.
- [Release notes](https://github.com/libtom/libtomcrypt/releases)
- [Commits](https://github.com/libtom/libtomcrypt/compare/3223b87588dee9eb2ed6c7bfd7e01ffae0a607f2...2e441a17df132db9a0acaefdfaaa73a734fba8e7)

---
updated-dependencies:
- dependency-name: thirdparty/libtomcrypt
  dependency-version: 2e441a17df132db9a0acaefdfaaa73a734fba8e7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 thirdparty/libtomcrypt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/thirdparty/libtomcrypt b/thirdparty/libtomcrypt
index 3223b875..2e441a17 160000
--- a/thirdparty/libtomcrypt
+++ b/thirdparty/libtomcrypt
@@ -1 +1 @@
-Subproject commit 3223b87588dee9eb2ed6c7bfd7e01ffae0a607f2
+Subproject commit 2e441a17df132db9a0acaefdfaaa73a734fba8e7

From 535f0e299c23965e0b6cc8e0ec3401c141c37f66 Mon Sep 17 00:00:00 2001
From: Jan Laupetin <jan@laupetin.net>
Date: Sun, 19 Apr 2026 21:26:34 +0100
Subject: [PATCH 2/2] chore: use libtomcrypt rsa_verify_hash_v2 as old method
 was deprecated

---
 src/Cryptography/Algorithms/AlgorithmRsa.cpp | 25 +++++++++++++-------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/src/Cryptography/Algorithms/AlgorithmRsa.cpp b/src/Cryptography/Algorithms/AlgorithmRsa.cpp
index 450fdf71..50059f41 100644
--- a/src/Cryptography/Algorithms/AlgorithmRsa.cpp
+++ b/src/Cryptography/Algorithms/AlgorithmRsa.cpp
@@ -1,6 +1,7 @@
 #include "AlgorithmRsa.h"
 
 #include "Internal/CryptoLibrary.h"
+#include "tomcrypt_private.h"
 
 using namespace cryptography;
 
@@ -29,15 +30,21 @@ namespace
             const int padding = GetPaddingMode();
 
             int result;
-            rsa_verify_hash_ex(signature,
-                               static_cast<unsigned long>(signatureSize),
-                               signedData,
-                               static_cast<unsigned long>(signedDataSize),
-                               padding,
-                               hashId,
-                               8,
-                               &result,
-                               &m_key);
+            const ltc_rsa_parameters rsaParams{
+                .saltlen = 8,
+                .hash_idx = hashId,
+                .mgf1_hash_idx = hashId,
+            };
+            ltc_rsa_op_parameters params{
+                .params = rsaParams,
+                .padding = padding,
+                .wprng = -1,
+                .prng = nullptr,
+                .u = {},
+            };
+
+            rsa_verify_hash_v2(
+                signature, static_cast<unsigned long>(signatureSize), signedData, static_cast<unsigned long>(signedDataSize), &params, &result, &m_key);
 
             return result == 1;
         }