During private key loading, there is no indication if the provided 'aux data' is corrupted

[MarkLuk]

Either the library should provide means to check aux data integrity before passing it to hss_load_private_key or hss_load_private_key shall return an indication that aux data is corrupted.

Something like

hash-sigs/hss_generate.c

Line 400 in 73310fd

expanded_aux = hss_expand_aux_data( aux_data, len_aux_data, &temp_aux,

Check if expanded_aux is 0 and return a warning to the user via info->error_code