Address copilot feedback

This commit is contained in:
Juliusz Sosinowicz
2026-03-02 21:36:58 +01:00
parent fcd6c4f203
commit 10be06d747
3 changed files with 16 additions and 5 deletions
+2
View File
@@ -8732,6 +8732,8 @@ static int WriteCSRToBuffer(WOLFSSL* ssl, DerBuffer** certExts,
if (tmpSz > (OPAQUE8_LEN + OPAQUE24_LEN) &&
certExts[extIdx] == NULL) {
/* csr extension is not zero */
if (tmpSz > 0xFFFF)
return BUFFER_E;
extSz[extIdx] = (word16)tmpSz;
ret = AllocDer(&certExts[extIdx], extSz[extIdx] + ex_offset,
+11 -5
View File
@@ -41520,13 +41520,19 @@ static int DecodeOcspReqExtensions(const byte* source, word32 sz,
int length = (int)dataASN[CERTEXTASN_IDX_VAL].length;
if (oid == OCSP_NONCE_OID) {
/* Extract nonce data - get data inside inner OCTET_STRING */
ret = GetOctetString(source, &idx, &length, sz);
/* Parse inner OCTET STRING from the extension value buffer
* using a local index to avoid relying on the outer idx. */
const byte* extData = dataASN[CERTEXTASN_IDX_VAL].data.ref.data;
word32 extDataSz = dataASN[CERTEXTASN_IDX_VAL].data.ref.length;
word32 localIdx = 0;
int innerLen = (int)extDataSz;
ret = GetOctetString(extData, &localIdx, &innerLen, extDataSz);
if (ret >= 0) {
ret = 0;
if (length <= (int)sizeof(req->nonce)) {
XMEMCPY(req->nonce, source + idx, (size_t)length);
req->nonceSz = length;
if (innerLen <= (int)sizeof(req->nonce)) {
XMEMCPY(req->nonce, extData + localIdx, (size_t)innerLen);
req->nonceSz = innerLen;
}
else {
/* Nonce too large */
+3
View File
@@ -5071,6 +5071,9 @@ extern void uITRON4_free(void *p) ;
#ifndef WOLFSSL_CERT_GEN
#error "HAVE_OCSP_RESPONDER requires WOLFSSL_CERT_GEN"
#endif
#ifdef NO_SHA
#error "HAVE_OCSP_RESPONDER requires SHA-1 (NO_SHA is defined)"
#endif
#endif
#ifdef __cplusplus