From 9bfbdfe695c598611171c9a7012a406cb9b40262 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Tue, 28 Jan 2020 15:43:03 -0800
Subject: [PATCH 1/2] Fix for `wc_EccPublicKeyDecode` to use the length from
 ASN sequence, not the provided `inSz`. Also checked the case where the
 sequence number is larger than supplied `inSz` and it will properly return
 ASN_PARSE_E. ZD 9791

---
 wolfcrypt/src/asn.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index e9971d958..ea1b153bb 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -15028,7 +15028,7 @@ static int EccKeyParamCopy(char** dst, char* src)
 int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
                           ecc_key* key, word32 inSz)
 {
-    int    length;
+    int    tot_len, length;
     int    ret;
     int    curve_id = ECC_CURVE_DEF;
     word32 oidSum, localIdx;
@@ -15037,7 +15037,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
     if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
         return BAD_FUNC_ARG;
 
-    if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+    if (GetSequence(input, inOutIdx, &tot_len, inSz) < 0)
         return ASN_PARSE_E;
 
     if (GetSequence(input, inOutIdx, &length, inSz) < 0)
@@ -15211,7 +15211,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
         return ret;
 
     /* This is the raw point data compressed or uncompressed. */
-    if (wc_ecc_import_x963_ex(input + *inOutIdx, inSz - *inOutIdx, key,
+    if (wc_ecc_import_x963_ex(input + *inOutIdx, tot_len - *inOutIdx, key,
                                                             curve_id) != 0) {
         return ASN_ECC_KEY_E;
     }

From 32f478d3351df0da4fa584e581e09b16853cb8cd Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Thu, 30 Jan 2020 08:38:22 -0800
Subject: [PATCH 2/2] Better fix for using the ASN.1 provided length, not
 provided `inSz`. Confirmed `CheckBitString` will check case where `inSz <
 ASN.1 length`.

---
 wolfcrypt/src/asn.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index ea1b153bb..0d12753f6 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -15028,7 +15028,7 @@ static int EccKeyParamCopy(char** dst, char* src)
 int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
                           ecc_key* key, word32 inSz)
 {
-    int    tot_len, length;
+    int    length;
     int    ret;
     int    curve_id = ECC_CURVE_DEF;
     word32 oidSum, localIdx;
@@ -15037,7 +15037,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
     if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
         return BAD_FUNC_ARG;
 
-    if (GetSequence(input, inOutIdx, &tot_len, inSz) < 0)
+    if (GetSequence(input, inOutIdx, &length, inSz) < 0)
         return ASN_PARSE_E;
 
     if (GetSequence(input, inOutIdx, &length, inSz) < 0)
@@ -15211,7 +15211,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
         return ret;
 
     /* This is the raw point data compressed or uncompressed. */
-    if (wc_ecc_import_x963_ex(input + *inOutIdx, tot_len - *inOutIdx, key,
+    if (wc_ecc_import_x963_ex(input + *inOutIdx, length, key,
                                                             curve_id) != 0) {
         return ASN_ECC_KEY_E;
     }