diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c
index 87eeeb8a7..88322416d 100644
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@@ -754,6 +754,21 @@ static int wc_PKCS7_BuildSignedAttributes(PKCS7* pkcs7, ESD* esd,
                     const byte* messageDigestOid, word32 messageDigestOidSz,
                     const byte* signingTimeOid, word32 signingTimeOidSz)
 {
+    /* contentType OID (1.2.840.113549.1.9.3) */
+    byte contentTypeOid[] =
+            { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01,
+                             0x09, 0x03 };
+
+    /* messageDigest OID (1.2.840.113549.1.9.4) */
+    byte messageDigestOid[] =
+            { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
+                             0x09, 0x04 };
+
+    /* signingTime OID () */
+    byte signingTimeOid[] =
+            { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
+                             0x09, 0x05};
+
     int hashSz;
 
 #ifdef NO_ASN_TIME
@@ -765,9 +780,10 @@ static int wc_PKCS7_BuildSignedAttributes(PKCS7* pkcs7, ESD* esd,
 #endif
     word32 cannedAttribsCount;
 
-    if (pkcs7 == NULL || esd == NULL || contentTypeOid == NULL ||
-        contentType == NULL || messageDigestOid == NULL)
+    if (pkcs7 == NULL || esd == NULL || contentType == NULL ||
+        messageDigestOid == NULL) {
         return BAD_FUNC_ARG;
+    }
 
     hashSz = wc_HashGetDigestSize(esd->hashType);
     if (hashSz < 0)
@@ -782,16 +798,16 @@ static int wc_PKCS7_BuildSignedAttributes(PKCS7* pkcs7, ESD* esd,
     cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib);
 
     cannedAttribs[0].oid     = contentTypeOid;
-    cannedAttribs[0].oidSz   = contentTypeOidSz;
+    cannedAttribs[0].oidSz   = sizeof(contentTypeOid);
     cannedAttribs[0].value   = contentType;
     cannedAttribs[0].valueSz = contentTypeSz;
     cannedAttribs[1].oid     = messageDigestOid;
-    cannedAttribs[1].oidSz   = messageDigestOidSz;
+    cannedAttribs[1].oidSz   = sizeof(messageDigestOid);
     cannedAttribs[1].value   = esd->contentDigest;
     cannedAttribs[1].valueSz = hashSz + 2;  /* ASN.1 heading */
 #ifndef NO_ASN_TIME
     cannedAttribs[2].oid     = signingTimeOid;
-    cannedAttribs[2].oidSz   = signingTimeOidSz;
+    cannedAttribs[2].oidSz   = sizeof(signingTimeOid);
     cannedAttribs[2].value   = (byte*)signingTime;
     cannedAttribs[2].valueSz = signingTimeSz;
 #endif
@@ -1224,11 +1240,8 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
     if (pkcs7->signedAttribsSz != 0) {
 
         /* build up signed attributes */
-        ret = wc_PKCS7_BuildSignedAttributes(pkcs7, esd,
-                                    contentTypeOid, sizeof(contentTypeOid),
-                                    pkcs7->contentType, pkcs7->contentTypeSz,
-                                    messageDigestOid, sizeof(messageDigestOid),
-                                    signingTimeOid, sizeof(signingTimeOid));
+        ret = wc_PKCS7_BuildSignedAttributes(pkcs7, esd, pkcs7->contentType,
+                                             pkcs7->contentTypeSz);
         if (ret < 0) {
             return MEMORY_E;
         }