From 2a33f24dc91ba8678359599fc0de0d6e343ac6f4 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Mon, 27 Feb 2023 15:05:50 +1000
Subject: [PATCH] RSA padding - no pad length check fix

Perform correct length check of input bytes based on bits in key in
wc_RsaPad_ex when no padding to be done.
---
 wolfcrypt/src/rsa.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
index 958089b82..b521c8a8c 100644
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -1580,11 +1580,14 @@ int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
 
     #ifdef WC_RSA_NO_PADDING
         case WC_RSA_NO_PAD:
+        {
+            int bytes = (bits + WOLFSSL_BIT_SIZE - 1) / WOLFSSL_BIT_SIZE;
+
             WOLFSSL_MSG("wolfSSL Using NO padding");
 
             /* In the case of no padding being used check that input is exactly
              * the RSA key length */
-            if (bits <= 0 || inputLen != ((word32)bits/WOLFSSL_BIT_SIZE)) {
+            if ((bits <= 0) || (inputLen != (word32)bytes)) {
                 WOLFSSL_MSG("Bad input size");
                 ret = RSA_PAD_E;
             }
@@ -1593,6 +1596,7 @@ int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
                 ret = 0;
             }
             break;
+        }
     #endif
 
         default: