From 9ba88a32a426e658c4bbbe4f448e9548ed62280f Mon Sep 17 00:00:00 2001
From: Sun Yimin <emmansun@users.noreply.github.com>
Date: Thu, 27 Feb 2025 08:16:07 +0800
Subject: [PATCH] smx509: use bytes.Clone

---
 pkcs8/pkcs8.go         | 20 +++++++++++---------
 smx509/root_windows.go |  4 ++--
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/pkcs8/pkcs8.go b/pkcs8/pkcs8.go
index 5798450..7770f16 100644
--- a/pkcs8/pkcs8.go
+++ b/pkcs8/pkcs8.go
@@ -20,15 +20,17 @@ type Opts = pkcs.PBES2Opts
 type PBKDF2Opts = pkcs.PBKDF2Opts
 type ScryptOpts = pkcs.ScryptOpts
 
-var DefaultOpts = pkcs.DefaultOpts
-var SM3 = pkcs.SM3
-var SHA1 = pkcs.SHA1
-var SHA224 = pkcs.SHA224
-var SHA256 = pkcs.SHA256
-var SHA384 = pkcs.SHA384
-var SHA512 = pkcs.SHA512
-var SHA512_224 = pkcs.SHA512_224
-var SHA512_256 = pkcs.SHA512_256
+var (
+	DefaultOpts = pkcs.DefaultOpts
+	SM3 = pkcs.SM3
+	SHA1 = pkcs.SHA1
+	SHA224 = pkcs.SHA224
+	SHA256 = pkcs.SHA256
+	SHA384 = pkcs.SHA384
+	SHA512 = pkcs.SHA512
+	SHA512_224 = pkcs.SHA512_224
+	SHA512_256 = pkcs.SHA512_256
+)
 
 // for encrypted private-key information
 type encryptedPrivateKeyInfo struct {
diff --git a/smx509/root_windows.go b/smx509/root_windows.go
index af035eb..8d82329 100644
--- a/smx509/root_windows.go
+++ b/smx509/root_windows.go
@@ -1,6 +1,7 @@
 package smx509
 
 import (
+	"bytes"
 	"crypto/x509"
 	"errors"
 	"syscall"
@@ -73,8 +74,7 @@ func extractSimpleChain(simpleChain **syscall.CertSimpleChain, count int) (chain
 		// Copy the buf, since ParseCertificate does not create its own copy.
 		cert := elements[i].CertContext
 		encodedCert := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:cert.Length:cert.Length]
-		buf := make([]byte, cert.Length)
-		copy(buf, encodedCert)
+		buf := bytes.Clone(encodedCert)
 		parsedCert, err := ParseCertificate(buf)
 		if err != nil {
 			return nil, err