Fixed RSAES_Dedoce() so that it would not accept a pad that was less than 8 bytes.
diff --git a/TPMCmd/tpm/src/crypt/CryptRsa.c b/TPMCmd/tpm/src/crypt/CryptRsa.c
index b42322f..1d8b1e9 100644
--- a/TPMCmd/tpm/src/crypt/CryptRsa.c
+++ b/TPMCmd/tpm/src/crypt/CryptRsa.c
@@ -563,7 +563,7 @@
// Make sure that pSize has not gone over the end and that there are at least 8
// bytes of pad data.
fail = (pSize > coded->size) | fail;
- fail = ((pSize - 2) < 8) | fail;
+ fail = ((pSize - 2) <= 8) | fail;
if((message->size < (UINT16)(coded->size - pSize)) || fail)
return TPM_RC_VALUE;
message->size = coded->size - pSize;
