diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index f29c990e6..b38ee124d 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -3465,20 +3465,21 @@ word32 SetBitString(word32 len, byte unusedBits, byte* output)
 
 /* sets the terminating 0x00 0x00 at the end of an indefinite length
  * returns the number of bytes written */
-word32 SetIndefEnd(byte* in)
+word32 SetIndefEnd(byte* output)
 {
-    byte terminate[] = { 0x00, 0x00 };
+    byte terminate[ASN_INDEF_END_SZ] = { 0x00, 0x00 };
 
-    if (in != NULL) {
-        XMEMCPY(in, terminate, 2);
+    if (output != NULL) {
+        XMEMCPY(output, terminate, ASN_INDEF_END_SZ);
     }
-    return 2;
+
+    return (word32)ASN_INDEF_END_SZ;
 }
 
 
 /* Breaks an octet string up into chunks for use with streaming
  * returns 0 on success and updates idx */
-int StreamOctetString(const byte* in, word32 inSz, byte* out, word32* outSz,
+int StreamOctetString(const byte* inBuf, word32 inBufSz, byte* out, word32* outSz,
     word32* idx)
 {
     word32 i  = 0;
@@ -3487,13 +3488,13 @@ int StreamOctetString(const byte* in, word32 inSz, byte* out, word32* outSz,
 
     if (tmp) tmp += outIdx;
 
-    while (i < inSz) {
-        int ret, sz;
+    while (i < inBufSz) {
+        word32 ret, sz;
 
         sz = BER_OCTET_LENGTH;
 
-        if ((sz + i) > inSz) {
-            sz = inSz - i;
+        if ((sz + i) > inBufSz) {
+            sz = inBufSz - i;
         }
 
         ret = SetOctetString(sz, tmp);
@@ -3502,10 +3503,10 @@ int StreamOctetString(const byte* in, word32 inSz, byte* out, word32* outSz,
         }
 
         if (tmp) {
-            if (ret + sz + i + outIdx > *outSz) {
+            if ((word32)ret + sz + i + outIdx > *outSz) {
                 return BUFFER_E;
             }
-            XMEMCPY(tmp + ret, in + i, sz);
+            XMEMCPY(tmp + ret, inBuf + i, sz);
             tmp += sz + ret;
         }
         outIdx += sz;
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
index 78a057131..395981407 100644
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -2101,8 +2101,8 @@ WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx);
 
 WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
                                 word32* derSz);
-WOLFSSL_LOCAL int StreamOctetString(const byte* in, word32 inSz, byte* out, word32* outSz,
-    word32* idx);
+WOLFSSL_LOCAL int StreamOctetString(const byte* inBuf, word32 inBufSz,
+    byte* out, word32* outSz, word32* idx);
 
 WOLFSSL_ASN_API void FreeAltNames(DNS_entry* altNames, void* heap);
 WOLFSSL_ASN_API DNS_entry* AltNameNew(void* heap);
@@ -2280,7 +2280,7 @@ WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output);
 WOLFSSL_LOCAL word32 SetLengthEx(word32 length, byte* output, byte isIndef);
 WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output);
 WOLFSSL_LOCAL word32 SetSequenceEx(word32 len, byte* output, byte isIndef);
-WOLFSSL_LOCAL word32 SetIndefEnd(byte* in);
+WOLFSSL_LOCAL word32 SetIndefEnd(byte* output);
 WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output);
 WOLFSSL_LOCAL word32 SetOctetStringEx(word32 len, byte* output, byte indef);
 WOLFSSL_LOCAL int SetASNInt(int len, byte firstByte, byte* output);