Verification of deterministic RSA-PSS signature fails

Description of problem:

gnutls fails to verify signatures generated using GNUTLS_SIGN_RSA_PSS_RSAE_SHA256 algorithm and passing the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag.

Version of gnutls used:

Current master (6df0dab7)

Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)

n/a

How reproducible:

100%

Steps to Reproduce:

Compile and run the following reproducer code: reproducer.c

Actual results:

The reproducer outputs:

Verification failed!

Expected results:

The reproducer outputs:

Verification succeeded!