smx509: use bytes.Clone

pkcs8/pkcs8.go

@@ -20,15 +20,17 @@ type Opts = pkcs.PBES2Opts
 type PBKDF2Opts = pkcs.PBKDF2Opts
 type ScryptOpts = pkcs.ScryptOpts
 
-var DefaultOpts = pkcs.DefaultOpts
+var (
-var SM3 = pkcs.SM3
+	DefaultOpts = pkcs.DefaultOpts
-var SHA1 = pkcs.SHA1
+	SM3 = pkcs.SM3
-var SHA224 = pkcs.SHA224
+	SHA1 = pkcs.SHA1
-var SHA256 = pkcs.SHA256
+	SHA224 = pkcs.SHA224
-var SHA384 = pkcs.SHA384
+	SHA256 = pkcs.SHA256
-var SHA512 = pkcs.SHA512
+	SHA384 = pkcs.SHA384
-var SHA512_224 = pkcs.SHA512_224
+	SHA512 = pkcs.SHA512
-var SHA512_256 = pkcs.SHA512_256
+	SHA512_224 = pkcs.SHA512_224
+	SHA512_256 = pkcs.SHA512_256
+)
 
 // for encrypted private-key information
 type encryptedPrivateKeyInfo struct {

smx509/root_windows.go

@@ -1,6 +1,7 @@
 package smx509
 
 import (
+	"bytes"
 	"crypto/x509"
 	"errors"
 	"syscall"
@@ -73,8 +74,7 @@ func extractSimpleChain(simpleChain **syscall.CertSimpleChain, count int) (chain
 		// Copy the buf, since ParseCertificate does not create its own copy.
 		cert := elements[i].CertContext
 		encodedCert := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:cert.Length:cert.Length]
-		buf := make([]byte, cert.Length)
+		buf := bytes.Clone(encodedCert)
-		copy(buf, encodedCert)
 		parsedCert, err := ParseCertificate(buf)
 		if err != nil {
 			return nil, err