From b3891da757f3abf06016d062e35bef5ef65709d6 Mon Sep 17 00:00:00 2001
From: Arlen Yan <arlen.yan@gmail.com>
Date: Fri, 9 Aug 2024 11:59:49 -0700
Subject: [PATCH] Allow rsa pkcs#1 decryption of ciphertexts less-than or equal
 to key-size for compatibility with other implementations, such as Tom Wu's
 jsbn/rsa library which seems to occasionally produce ciphertext octet-strings
 shorter than key-size if it contains leading zero octets.

---
 src/rust/src/backend/rsa.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/rust/src/backend/rsa.rs b/src/rust/src/backend/rsa.rs
index 3c01e74219fb..63a3da5861ad 100644
--- a/src/rust/src/backend/rsa.rs
+++ b/src/rust/src/backend/rsa.rs
@@ -316,10 +316,10 @@ impl RsaPrivateKey {
     ) -> CryptographyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
         let key_size_bytes =
             usize::try_from((self.pkey.rsa().unwrap().n().num_bits() + 7) / 8).unwrap();
-        if key_size_bytes != ciphertext.len() {
+        if key_size_bytes <= ciphertext.len() {
             return Err(CryptographyError::from(
                 pyo3::exceptions::PyValueError::new_err(
-                    "Ciphertext length must be equal to key size.",
+                    "Ciphertext length must be less-than or equal to key size.",
                 ),
             ));
         }