From af70edb99daa2bb311f4c1eb713c761f574bc813 Mon Sep 17 00:00:00 2001
From: Kareem <kareem@wolfssl.com>
Date: Mon, 21 Mar 2022 10:50:06 -0700
Subject: [PATCH] Strip trailing zeroes from cert buffer when using
 IOTSAFE_NO_GETDATA.

---
 wolfcrypt/src/port/iotsafe/iotsafe.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/wolfcrypt/src/port/iotsafe/iotsafe.c b/wolfcrypt/src/port/iotsafe/iotsafe.c
index 748f24cde..4ea3c11c3 100644
--- a/wolfcrypt/src/port/iotsafe/iotsafe.c
+++ b/wolfcrypt/src/port/iotsafe/iotsafe.c
@@ -495,6 +495,17 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
             off += ret/2;
 #ifdef IOTSAFE_NO_GETDATA
             if (XSTRNCMP(&resp[ret-4], "0000", 4) == 0) {
+                /* Strip trailing zeros */
+                for (int idx = 0; idx < off-1; idx+=2) {
+                    if (content[idx] == 0 && content[idx+1] == 0) {
+                        off = idx;
+#ifdef DEBUG_IOTSAFE
+                        WOLFSSL_MSG("Stripped trailing zeros from cert buffer.");
+                        WOLFSSL_BUFFER(content, off);
+#endif
+                        break;
+                    }
+                }
                 break;
             }
 #endif
@@ -503,6 +514,7 @@ static int iotsafe_readfile(uint8_t *file_id, uint16_t file_id_sz,
             return -1;
         }
     }
+
     return off;
 }