From 15f94b2f988771f00077af4abca1365345fc1861 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Tue, 21 Jan 2014 11:45:15 -0800
Subject: [PATCH] 1. Resized sample PKCS7 signed data attribute. 2. Removed
 unnecessary PKCS7 signed data attribute.

---
 ctaocrypt/test/test.c    | 14 ++++----------
 cyassl/ctaocrypt/pkcs7.h |  1 +
 2 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c
index 9bd1ffa2b..92099ba24 100644
--- a/ctaocrypt/test/test.c
+++ b/ctaocrypt/test/test.c
@@ -4144,13 +4144,9 @@ int pkcs7signed_test(void)
     byte senderNonceOid[] =
                { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
                  0x09, 0x05 };
-    byte pkiStatusOid[] =
-               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
-                 0x09, 0x03 };
     byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1];
     byte messageType[] = { 0x13, 2, '1', '9' };
-    byte senderNonce[34];
-    byte pkiStatus[] = { 0x13, 1, '0' };
+    byte senderNonce[PKCS7_NONCE_SZ + 2];
 
     PKCS7Attrib attribs[] =
     {
@@ -4159,9 +4155,7 @@ int pkcs7signed_test(void)
         { messageTypeOid, sizeof(messageTypeOid),
                      messageType, sizeof(messageType) },
         { senderNonceOid, sizeof(senderNonceOid),
-                     senderNonce, sizeof(senderNonce) },
-        { pkiStatusOid, sizeof(pkiStatusOid),
-                     pkiStatus, sizeof(pkiStatus) }
+                     senderNonce, sizeof(senderNonce) }
     };
 
     dataSz = (word32) strlen(data);
@@ -4203,8 +4197,8 @@ int pkcs7signed_test(void)
 
     ret = InitRng(&rng);
     senderNonce[0] = 0x04;
-    senderNonce[1] = 0x20;
-    RNG_GenerateBlock(&rng, &senderNonce[2], 32);
+    senderNonce[1] = PKCS7_NONCE_SZ;
+    RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
 
     PKCS7_InitWithCert(&msg, certDer, certDerSz);
     msg.privateKey = keyDer;
diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h
index 5d5d801d6..8ff9c281f 100644
--- a/cyassl/ctaocrypt/pkcs7.h
+++ b/cyassl/ctaocrypt/pkcs7.h
@@ -47,6 +47,7 @@ enum PKCS7_TYPES {
 };
 
 enum Pkcs7_Misc {
+    PKCS7_NONCE_SZ       = 16,
     MAX_ENCRYPTED_KEY_SZ = 512,           /* max enc. key size, RSA <= 4096 */
     MAX_CONTENT_KEY_LEN  = DES3_KEYLEN,   /* highest current cipher is 3DES */
     MAX_RECIP_SZ         = MAX_VERSION_SZ +