From 2b5c4ffa7f579ecb0703fc7663c34fa64cdfcc8c Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 13 Nov 2017 14:35:15 -0800
Subject: [PATCH] Enhancement to allow override of maximum sig/algos using new
 `WOLFSSL_MAX_SIGALGO` define (default is 32).

---
 src/internal.c     | 6 +++---
 wolfssl/internal.h | 9 +++++++--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 540376aa9..e71218679 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -22772,11 +22772,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                             return BUFFER_ERROR;
 
                         XMEMCPY(clSuites.hashSigAlgo, &input[i],
-                            min(clSuites.hashSigAlgoSz, HELLO_EXT_SIGALGO_MAX));
+                            min(clSuites.hashSigAlgoSz, WOLFSSL_MAX_SIGALGO));
                         i += clSuites.hashSigAlgoSz;
 
-                        if (clSuites.hashSigAlgoSz > HELLO_EXT_SIGALGO_MAX)
-                            clSuites.hashSigAlgoSz = HELLO_EXT_SIGALGO_MAX;
+                        if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO)
+                            clSuites.hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
                     }
 #ifdef HAVE_EXTENDED_MASTER
                     else if (extId == HELLO_EXT_EXTMS)
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index 4dc29fe2c..cf40dce5e 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -1034,7 +1034,6 @@ enum Misc {
     HELLO_EXT_TYPE_SZ     = 2,  /* length of a hello extension type */
     HELLO_EXT_SZ_SZ       = 2,  /* length of a hello extension size */
     HELLO_EXT_SIGALGO_SZ  = 2,  /* length of number of items in sigalgo list */
-    HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */
 
     DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */
     DTLS_RECORD_HEADER_SZ    = 13, /* normal + epoch(2) + seq_num(6) */
@@ -1192,6 +1191,12 @@ enum Misc {
     /* 150 suites for now! */
 #endif
 
+/* number of items in the signature algo list */
+#ifndef WOLFSSL_MAX_SIGALGO
+    #define WOLFSSL_MAX_SIGALGO 32
+#endif
+
+
 /* set minimum ECC key size allowed */
 #ifndef WOLFSSL_MIN_ECC_BITS
     #ifdef WOLFSSL_MAX_STRENGTH
@@ -1527,7 +1532,7 @@ typedef struct Suites {
     word16 suiteSz;                 /* suite length in bytes        */
     word16 hashSigAlgoSz;           /* SigAlgo extension length in bytes */
     byte   suites[WOLFSSL_MAX_SUITE_SZ];
-    byte   hashSigAlgo[HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */
+    byte   hashSigAlgo[WOLFSSL_MAX_SIGALGO]; /* sig/algo to offer */
     byte   setSuites;               /* user set suites from default */
     byte   hashAlgo;                /* selected hash algorithm */
     byte   sigAlgo;                 /* selected sig algorithm */