From d33d100526dd34d025a7b681eae32496d1576a36 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Thu, 8 Oct 2020 13:07:07 -0700
Subject: [PATCH] Fix for possible malformed encrypted key with DES3 causing
 negative length. If length is less than DES_BLOCK_SIZE then it could result
 in a negative `der->length`. ZD 11057

---
 wolfcrypt/src/asn.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 5e0b7784a..5fd5a4ef7 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -10672,7 +10672,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
                 #ifndef NO_DES3
                     if (info->cipherType == WC_CIPHER_DES3) {
                         /* Assuming there is padding:
-                         *      (der->length > 0 &&
+                         *      (der->length > 0 && der->length > DES_BLOCK_SIZE &&
                          *       (der->length % DES_BLOCK_SIZE) != 0)
                          * and assuming the last value signifies the number of
                          * padded bytes IE if last value is 0x08 then there are
@@ -10682,9 +10682,10 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
                          * der->length -= padVal;
                          */
                         if (der->length > 0 &&
+                            der->length > DES_BLOCK_SIZE &&
                             (der->length % DES_BLOCK_SIZE) != 0) {
                             padVal = der->buffer[der->length-1];
-                            if (padVal <= DES_BLOCK_SIZE) {
+                            if (padVal < DES_BLOCK_SIZE) {
                                 der->length -= padVal;
                             }
                         }