From 4ee4cb2068dceb23e494c07a0b976b798b462a47 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 15 Apr 2019 11:08:08 -0700
Subject: [PATCH] Improved readability for ECC signature max size calculations.

---
 wolfcrypt/src/ecc.c | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
index 05c0a9069..a3a140c1b 100644
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -7088,11 +7088,13 @@ int wc_ecc_sig_size_calc(int sz)
     int maxSigSz = 0;
 
     /* calculate based on key bits */
-    maxSigSz = (sz * 2) + (SIG_HEADER_SZ - 1) + ECC_MAX_PAD_SZ;
+    /* maximum possible signature header size is 7 bytes plus 2 bytes padding */
+    maxSigSz = (sz * 2) + SIG_HEADER_SZ + ECC_MAX_PAD_SZ;
 
-    /* if total length exceeds 127 then add 1 */
-    if (maxSigSz >= 127)
-        maxSigSz += 1;
+    /* if total length is less than or equal to 128 then subtract 1 */
+    if (maxSigSz <= 128) {
+        maxSigSz -= 1;
+    }
 
     return maxSigSz;
 }
@@ -7111,15 +7113,15 @@ int wc_ecc_sig_size(ecc_key* key)
         extra byte for r and s, so add 2 */
     keySz = key->dp->size;
     orderBits = wc_ecc_get_curve_order_bit_count(key->dp);
-    /* signature header is minimum of 6 */
-    maxSigSz = (keySz * 2) + (SIG_HEADER_SZ - 1);
+    /* maximum possible signature header size is 7 bytes */
+    maxSigSz = (keySz * 2) + SIG_HEADER_SZ;
     if ((orderBits % 8) == 0) {
         /* MSB can be set, so add 2 */
         maxSigSz += ECC_MAX_PAD_SZ;
     }
-    /* if total length exceeds 127 then add 1 */
-    if (maxSigSz >= 127) {
-        maxSigSz += 1;
+    /* if total length is less than or equal to 128 then subtract 1 */
+    if (maxSigSz <= 128) {
+        maxSigSz -= 1;
     }
 
     return maxSigSz;