From 90a3daa88766521daa3f065d419121cc6cc2686a Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 29 Jan 2018 12:09:12 -0800
Subject: [PATCH 1/2] Adds curve information to public key import for
 `wc_EccPublicKeyDecode`. Cleanup to remove the `ECC_CHECK_PUBLIC_KEY_OID`
 define. The call to `wc_ecc_get_oid` does the same check as `CheckCurve`.

---
 wolfcrypt/src/asn.c | 21 ++++++++-------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index ad803db67..f5870169a 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -10548,9 +10548,8 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
 {
     int    length;
     int    ret;
-#ifdef ECC_CHECK_PUBLIC_KEY_OID
+    int    curve_id = ECC_CURVE_DEF;
     word32 oidSum;
-#endif
 
     if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
         return BAD_FUNC_ARG;
@@ -10566,17 +10565,14 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
         return ret;
 
     /* ecc params information */
-#ifdef ECC_CHECK_PUBLIC_KEY_OID
     ret = GetObjectId(input, inOutIdx, &oidSum, oidIgnoreType, inSz);
     if (ret != 0)
         return ret;
-    if (CheckCurve(oidSum) < 0)
+
+    /* get curve id */
+    curve_id = wc_ecc_get_oid(oidSum, NULL, 0);
+    if (curve_id < 0)
         return ECC_CURVE_OID_E;
-#else
-    ret = SkipObjectId(input, inOutIdx, inSz);
-    if (ret != 0)
-        return ret;
-#endif
 
     /* key header */
     ret = CheckBitString(input, inOutIdx, NULL, inSz, 1, NULL);
@@ -10584,8 +10580,10 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
         return ret;
 
     /* This is the raw point data compressed or uncompressed. */
-    if (wc_ecc_import_x963(input + *inOutIdx, inSz - *inOutIdx, key) != 0)
+    if (wc_ecc_import_x963_ex(input + *inOutIdx, inSz - *inOutIdx, key,
+                                                            curve_id) != 0) {
         return ASN_ECC_KEY_E;
+    }
 
     return 0;
 }
@@ -10860,9 +10858,6 @@ int wc_Ed25519PublicKeyDecode(const byte* input, word32* inOutIdx,
 {
     int    length;
     int    ret;
-#ifdef ECC_CHECK_PUBLIC_KEY_OID
-    word32 oidSum;
-#endif
 
     if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
         return BAD_FUNC_ARG;

From 9d7374348b2a9d1d11d4fbb49804289c82e46320 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 29 Jan 2018 15:58:04 -0800
Subject: [PATCH 2/2] Fix the `ecc_decode_test` to use a real OID (instead of
 1), so the tests work properly.

---
 wolfcrypt/test/test.c | 26 +++++++++++++++++---------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index a67148fe5..d04666bb3 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -13778,7 +13778,11 @@ static int ecc_decode_test(void)
     word32     inSz;
     word32     inOutIdx;
     ecc_key    key;
-    const byte good[] = { 0x30, 0x0d, 0x30, 0x0b, 0x06, 0x00, 0x06, 0x01, 0x01,
+
+    /* SECP256R1 OID: 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 */
+
+    const byte good[] = { 0x30, 0x14, 0x30, 0x0b, 0x06, 0x00,
+            0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
             0x03, 0x04, 0x00, 0x04, 0x01, 0x01 };
     const byte badNoObjId[] = { 0x30, 0x08, 0x30, 0x06, 0x03, 0x04,
             0x00, 0x04, 0x01, 0x01 };
@@ -13788,14 +13792,18 @@ static int ecc_decode_test(void)
             0x06, 0x00, 0x03, 0x04, 0x00, 0x04, 0x01, 0x01 };
     const byte badObj2d1Len[] = { 0x30, 0x0c, 0x30, 0x0a, 0x06, 0x00,
             0x06, 0x07, 0x03, 0x04, 0x00, 0x04, 0x01, 0x01 };
-    const byte badNotBitStr[] = { 0x30, 0x0d, 0x30, 0x0b, 0x06, 0x00,
-            0x06, 0x01, 0x01, 0x04, 0x04, 0x00, 0x04, 0x01, 0x01 };
-    const byte badBitStrLen[] = { 0x30, 0x0d, 0x30, 0x0b, 0x06, 0x00,
-            0x06, 0x01, 0x01, 0x03, 0x05, 0x00, 0x04, 0x01, 0x01 };
-    const byte badNoBitStrZero[] = { 0x30, 0x0c, 0x30, 0x0a, 0x06, 0x00,
-            0x06, 0x01, 0x01, 0x03, 0x03, 0x04, 0x01, 0x01 };
-    const byte badPoint[] = { 0x30, 0x0b, 0x30, 0x09, 0x06, 0x00, 0x06, 0x01,
-            0x01, 0x03, 0x03, 0x00, 0x04, 0x01 };
+    const byte badNotBitStr[] = { 0x30, 0x14, 0x30, 0x0b, 0x06, 0x00,
+            0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
+            0x04, 0x04, 0x00, 0x04, 0x01, 0x01 };
+    const byte badBitStrLen[] = { 0x30, 0x14, 0x30, 0x0b, 0x06, 0x00,
+            0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
+            0x03, 0x05, 0x00, 0x04, 0x01, 0x01 };
+    const byte badNoBitStrZero[] = { 0x30, 0x13, 0x30, 0x0a, 0x06, 0x00,
+            0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
+            0x03, 0x03, 0x04, 0x01, 0x01 };
+    const byte badPoint[] = { 0x30, 0x12, 0x30, 0x09, 0x06, 0x00,
+            0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
+            0x03, 0x03, 0x00, 0x04, 0x01 };
 
     XMEMSET(&key, 0, sizeof(key));
     wc_ecc_init(&key);