first addition of verify sign stream data

tests/api.c

@@ -15343,18 +15343,29 @@ static void test_wc_PKCS7_EncodeSignedData_ex(void)
 
     AssertIntEQ(wc_PKCS7_VerifySignedData_ex(NULL, hashBuf, hashSz, outputHead,
         outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
+
     AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, NULL, hashSz, outputHead,
-        outputHeadSz, outputFoot, outputFootSz), ASN_PARSE_E);
+        outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
+#ifndef NO_PKCS7_STREAM
     AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
-        outputHeadSz, outputFoot, outputFootSz), ASN_PARSE_E);
+        outputHeadSz, outputFoot, outputFootSz), WC_PKCS7_WANT_READ_E);
+#else
+    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
+        outputHeadSz, outputFoot, outputFootSz), BUFFER_E);
+#endif
     AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, NULL,
         outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
     AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, 0, outputFoot, outputFootSz), BAD_FUNC_ARG);
     AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
-        outputHead, outputHeadSz, NULL, outputFootSz), ASN_PARSE_E);
+        outputHead, outputHeadSz, NULL, outputFootSz), BAD_FUNC_ARG);
+#ifndef NO_PKCS7_STREAM
     AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
-        outputHead, outputHeadSz, outputFoot, 0), ASN_PARSE_E);
+        outputHead, outputHeadSz, outputFoot, 0), WC_PKCS7_WANT_READ_E);
+#else
+    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+        outputHead, outputHeadSz, outputFoot, 0), BUFFER_E);
+#endif
 
     printf(resultFmt, passed);
 

wolfcrypt/test/test.c

@@ -21411,6 +21411,20 @@ static int pkcs7signed_run_SingleShotVectors(
             wc_PKCS7_Free(pkcs7);
             return -9565;
         }
+#ifndef NO_PKCS7_STREAM
+        {
+            word32 z;
+            for (z = 0; z < outSz && ret != 0; z++) {
+                ret = wc_PKCS7_VerifySignedData(pkcs7, out + z, 1);
+                if (ret < 0 && ret != WC_PKCS7_WANT_READ_E) {
+                    XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+                    wc_PKCS7_Free(pkcs7);
+                    printf("unexpected error %d\n", ret);
+                    return -9565;
+                }
+            }
+        }
+#endif
 
         if (pkcs7->singleCert == NULL || pkcs7->singleCertSz == 0) {
             XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);

wolfssl/wolfcrypt/pkcs7.h

@@ -96,6 +96,12 @@ enum PKCS7_STATE {
     WC_PKCS7_STAGE5,
     WC_PKCS7_STAGE6,
 
+    WC_PKCS7_VERIFY_STAGE2,
+    WC_PKCS7_VERIFY_STAGE3,
+    WC_PKCS7_VERIFY_STAGE4,
+    WC_PKCS7_VERIFY_STAGE5,
+    WC_PKCS7_VERIFY_STAGE6,
+
     /* parse info set */
     WC_PKCS7_INFOSET_START,
     WC_PKCS7_INFOSET_BER,