mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 14:00:48 +02:00
Address copilot feedback
This commit is contained in:
@@ -8732,6 +8732,8 @@ static int WriteCSRToBuffer(WOLFSSL* ssl, DerBuffer** certExts,
|
||||
if (tmpSz > (OPAQUE8_LEN + OPAQUE24_LEN) &&
|
||||
certExts[extIdx] == NULL) {
|
||||
/* csr extension is not zero */
|
||||
if (tmpSz > 0xFFFF)
|
||||
return BUFFER_E;
|
||||
extSz[extIdx] = (word16)tmpSz;
|
||||
|
||||
ret = AllocDer(&certExts[extIdx], extSz[extIdx] + ex_offset,
|
||||
|
||||
+11
-5
@@ -41520,13 +41520,19 @@ static int DecodeOcspReqExtensions(const byte* source, word32 sz,
|
||||
int length = (int)dataASN[CERTEXTASN_IDX_VAL].length;
|
||||
|
||||
if (oid == OCSP_NONCE_OID) {
|
||||
/* Extract nonce data - get data inside inner OCTET_STRING */
|
||||
ret = GetOctetString(source, &idx, &length, sz);
|
||||
/* Parse inner OCTET STRING from the extension value buffer
|
||||
* using a local index to avoid relying on the outer idx. */
|
||||
const byte* extData = dataASN[CERTEXTASN_IDX_VAL].data.ref.data;
|
||||
word32 extDataSz = dataASN[CERTEXTASN_IDX_VAL].data.ref.length;
|
||||
word32 localIdx = 0;
|
||||
int innerLen = (int)extDataSz;
|
||||
|
||||
ret = GetOctetString(extData, &localIdx, &innerLen, extDataSz);
|
||||
if (ret >= 0) {
|
||||
ret = 0;
|
||||
if (length <= (int)sizeof(req->nonce)) {
|
||||
XMEMCPY(req->nonce, source + idx, (size_t)length);
|
||||
req->nonceSz = length;
|
||||
if (innerLen <= (int)sizeof(req->nonce)) {
|
||||
XMEMCPY(req->nonce, extData + localIdx, (size_t)innerLen);
|
||||
req->nonceSz = innerLen;
|
||||
}
|
||||
else {
|
||||
/* Nonce too large */
|
||||
|
||||
@@ -5071,6 +5071,9 @@ extern void uITRON4_free(void *p) ;
|
||||
#ifndef WOLFSSL_CERT_GEN
|
||||
#error "HAVE_OCSP_RESPONDER requires WOLFSSL_CERT_GEN"
|
||||
#endif
|
||||
#ifdef NO_SHA
|
||||
#error "HAVE_OCSP_RESPONDER requires SHA-1 (NO_SHA is defined)"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
||||
Reference in New Issue
Block a user