[gnutls-devel] GnuTLS | Read Certificate Transparency (RFC 6962) SCT extension (!1367)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sat Mar 20 11:44:10 CET 2021
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1367 was reviewed by Daiki Ueno
--
Daiki Ueno started a new discussion on lib/x509/x509_ext.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1367#note_533996244
> + * In version 1, it has a fixed length of 32 bytes.
> + */
> + if (length <= SCT_V1_LOGID_SIZE) {
Why this comparison is `<=`, not `<`?
--
Daiki Ueno started a new discussion on lib/x509/x509_ext.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1367#note_533996247
> +
> + /* Timestamp */
> + if (length <= sizeof(uint64_t)) {
Ditto, use `<`.
--
Daiki Ueno started a new discussion on lib/x509/x509_ext.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1367#note_533996248
> +
> + length -= sig_length;
> + if (length) {
Check `length > sig_length` before subtracting; otherwise unsigned arithmetic wraps around.
--
Daiki Ueno started a new discussion on lib/x509/x509_ext.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1367#note_533996249
> + * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error value.
> + **/
> +int gnutls_x509_ext_ct_import_scts(const gnutls_datum_t *ext, gnutls_x509_ct_scts_t scts)
I suggest swapping the order of arguments, to match other `_import` functions.
--
Daiki Ueno started a new discussion on lib/x509/x509_ext.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1367#note_533996250
> +
> + length = _gnutls_read_uint16(scts_content.data);
> + if (length <= 4) {
Use `<`.
--
Daiki Ueno started a new discussion on tests/x509cert-ct.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1367#note_533996251
> +void doit(void)
> +{
> + int ret, scts_printed = 0;
nit: better use `bool` for `scts_printed`.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1367
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210320/95aa4eba/attachment.html>
More information about the Gnutls-devel
mailing list