@@ -413,7 +413,8 @@ CVC_verify_signature(const CVC_CERT *cert, int protocol, EVP_PKEY *key)
413413 body_buf = BUF_MEM_create_init (body , (size_t ) body_len );
414414
415415 /* Get signature from certificate and convert it to a X9.62 representation */
416- signature = BUF_MEM_create_init (cert -> signature -> data , cert -> signature -> length );
416+ signature = BUF_MEM_create_init (ASN1_STRING_get0_data (cert -> signature ),
417+ ASN1_STRING_length (cert -> signature ));
417418
418419 r = EAC_verify (protocol , key , signature , body_buf );
419420
@@ -468,12 +469,12 @@ enum cvc_terminal_role
468469CVC_get_role (const CVC_CHAT * chat )
469470{
470471 if (!chat || !chat -> relative_authorization
471- || !chat -> relative_authorization -> data
472- || chat -> relative_authorization -> length < 1 )
472+ || !ASN1_STRING_get0_data ( chat -> relative_authorization )
473+ || ASN1_STRING_length ( chat -> relative_authorization ) < 1 )
473474 return -1 ;
474475
475476 /* The left most bits encode the terminal type */
476- return (chat -> relative_authorization -> data [0 ] >> 6 ) & 3 ;
477+ return (ASN1_STRING_get0_data ( chat -> relative_authorization ) [0 ] >> 6 ) & 3 ;
477478}
478479
479480EVP_PKEY *
@@ -549,9 +550,11 @@ CVC_pubkey2rsa(const CVC_PUBKEY *public_key, EVP_PKEY *out)
549550 goto err ;
550551
551552 check (RSA_set0_key (rsa ,
552- BN_bin2bn (public_key -> cont1 -> data , public_key -> cont1 -> length ,
553+ BN_bin2bn (ASN1_STRING_get0_data (public_key -> cont1 ),
554+ ASN1_STRING_length (public_key -> cont1 ),
553555 NULL ),
554- BN_bin2bn (public_key -> cont2 -> data , public_key -> cont2 -> length ,
556+ BN_bin2bn (ASN1_STRING_get0_data (public_key -> cont2 ),
557+ ASN1_STRING_length (public_key -> cont2 ),
555558 NULL ), NULL ),
556559 "Internal error" );
557560
@@ -617,8 +620,8 @@ CVC_pubkey2eckey(int all_parameters, const CVC_PUBKEY *public_key,
617620 point = EC_POINT_new (group );
618621 check (point
619622 && EC_POINT_oct2point (group , point ,
620- public_key -> cont6 -> data ,
621- public_key -> cont6 -> length ,
623+ ASN1_STRING_get0_data ( public_key -> cont6 ) ,
624+ ASN1_STRING_length ( public_key -> cont6 ) ,
622625 bn_ctx )
623626 && EC_KEY_set_public_key (ec , point )
624627 && EC_KEY_check_key (ec ),
@@ -737,7 +740,8 @@ CVC_verify_request_signature(const CVC_CERT_REQUEST *request)
737740 body_buf = BUF_MEM_create_init (body , (size_t ) body_len );
738741
739742 /* Get signature from certificate and convert it to a X9.62 representation */
740- inner_signature = BUF_MEM_create_init (request -> inner_signature -> data , request -> inner_signature -> length );
743+ inner_signature = BUF_MEM_create_init (ASN1_STRING_get0_data (request -> inner_signature ),
744+ ASN1_STRING_length (request -> inner_signature ));
741745
742746 r = EAC_verify (nid , key , inner_signature , body_buf );
743747
@@ -771,8 +775,8 @@ CVC_verify_authentication_request_signatures(EAC_CTX *ctx,
771775
772776 /* find the original certificate for verification of the outer signature */
773777 trust_anchor = ctx -> ta_ctx -> lookup_cvca_cert (
774- authentication -> certificate_authority_reference -> data ,
775- authentication -> certificate_authority_reference -> length );
778+ ASN1_STRING_get0_data ( authentication -> certificate_authority_reference ) ,
779+ ASN1_STRING_length ( authentication -> certificate_authority_reference ) );
776780 if (!trust_anchor )
777781 goto err ;
778782
@@ -788,16 +792,16 @@ CVC_verify_authentication_request_signatures(EAC_CTX *ctx,
788792 if (request_len <= 0 )
789793 goto err ;
790794 data = BUF_MEM_create (
791- authentication -> certificate_authority_reference -> length
795+ ASN1_STRING_length ( authentication -> certificate_authority_reference )
792796 + (size_t ) request_len );
793797 memcpy (data -> data , request , request_len );
794798 memcpy (data -> data + request_len ,
795- authentication -> certificate_authority_reference -> data ,
796- authentication -> certificate_authority_reference -> length );
799+ ASN1_STRING_get0_data ( authentication -> certificate_authority_reference ) ,
800+ ASN1_STRING_length ( authentication -> certificate_authority_reference ) );
797801
798802 outer_signature = BUF_MEM_create_init (
799- authentication -> outer_signature -> data ,
800- authentication -> outer_signature -> length );
803+ ASN1_STRING_get0_data ( authentication -> outer_signature ) ,
804+ ASN1_STRING_length ( authentication -> outer_signature ) );
801805
802806 r = EAC_verify (ctx -> ta_ctx -> protocol , ctx -> ta_ctx -> pub_key ,
803807 outer_signature , data );
@@ -904,7 +908,7 @@ cvc_chat_print_authorizations(BIO *bio, const CVC_CHAT *chat, int indent)
904908 const char * * strings ;
905909
906910 if (!bio || !chat || !chat -> relative_authorization
907- || !chat -> relative_authorization -> data )
911+ || !ASN1_STRING_get0_data ( chat -> relative_authorization ) )
908912 goto err ;
909913
910914 /* Figure out what kind of CHAT we have */
@@ -926,15 +930,15 @@ cvc_chat_print_authorizations(BIO *bio, const CVC_CHAT *chat, int indent)
926930 }
927931
928932 /* Sanity check: Does the received CHAT have the correct length? */
929- if (chat -> relative_authorization -> length != rel_auth_num_bytes )
933+ if (ASN1_STRING_length ( chat -> relative_authorization ) != rel_auth_num_bytes )
930934 goto err ;
931935
932936 /* Dump the relative authorization bit string in human readable form.
933937 * Each set Bit means one authorization */
934938 for (i = 0 ; i < rel_auth_len ; i ++ ) {
935939 if (i % 8 == 0 && i != 0 )
936940 j ++ ;
937- if (CHECK_BIT (chat -> relative_authorization -> data [rel_auth_num_bytes - j ],
941+ if (CHECK_BIT (ASN1_STRING_get0_data ( chat -> relative_authorization ) [rel_auth_num_bytes - j ],
938942 i % 8 )) {
939943 if (!BIO_indent (bio , indent , 80 )
940944 || !BIO_printf (bio , "%s\n" , strings [i ]))
@@ -955,7 +959,7 @@ cvc_chat_print(BIO *bio, const CVC_CHAT *chat, int indent)
955959 int ok = 0 , nid = 0 , role ;
956960
957961 if (!bio || !chat || !chat -> relative_authorization
958- || !chat -> relative_authorization -> data )
962+ || !ASN1_STRING_get0_data ( chat -> relative_authorization ) )
959963 goto err ;
960964
961965 /* Figure out what kind of CHAT we have */
@@ -1015,7 +1019,7 @@ CVC_get_profile_identifier(const CVC_CERT *cert)
10151019 long l ;
10161020
10171021 if (!cert || !cert -> body || !cert -> body -> certificate_profile_identifier ||
1018- !cert -> body -> certificate_profile_identifier -> data )
1022+ !ASN1_STRING_get0_data ( cert -> body -> certificate_profile_identifier ) )
10191023 return -1 ;
10201024 l = ASN1_INTEGER_get (cert -> body -> certificate_profile_identifier );
10211025 return (l == 0 ) ? 0 : -1 ; /* The only specified version number is 0 right now */
@@ -1027,14 +1031,15 @@ cvc_get_reference_string(ASN1_OCTET_STRING *ref)
10271031 char * ret = NULL ;
10281032
10291033 check (ref , "Invalid input" );
1030- check (is_chr (ref -> data , ref -> length ), "Invalid certificate reference" );
1034+ check (is_chr (ASN1_STRING_get0_data (ref ), ASN1_STRING_length (ref )),
1035+ "Invalid certificate reference" );
10311036
1032- ret = malloc (ref -> length + 1 );
1037+ ret = malloc (ASN1_STRING_length ( ref ) + 1 );
10331038 check (ret , "Not enough memory" );
10341039
1035- memcpy (ret , ref -> data , ref -> length );
1040+ memcpy (ret , ASN1_STRING_get0_data ( ref ), ASN1_STRING_length ( ref ) );
10361041 /* Null-terminate string */
1037- ret [ref -> length ] = '\0' ;
1042+ ret [ASN1_STRING_length ( ref ) ] = '\0' ;
10381043
10391044err :
10401045 return ret ;
@@ -1044,26 +1049,28 @@ char *
10441049cvc_get_date_string (ASN1_OCTET_STRING * date )
10451050{
10461051 char * ret ;
1052+ const unsigned char * d ;
10471053
1048- if (!date || !date -> data || date -> length != 6
1049- || !is_bcd (date -> data , date -> length ))
1054+ if (!date || !ASN1_STRING_get0_data ( date ) || ASN1_STRING_length ( date ) != 6
1055+ || !is_bcd (ASN1_STRING_get0_data ( date ), ASN1_STRING_length ( date ) ))
10501056 return NULL ;
10511057
10521058 ret = malloc (11 );
10531059 if (!ret )
10541060 return NULL ;
10551061
1062+ d = ASN1_STRING_get0_data (date );
10561063 /* Convert to ASCII date */
10571064 ret [0 ] = '2' ;
10581065 ret [1 ] = '0' ;
1059- ret [2 ] = date -> data [0 ] + 0x30 ;
1060- ret [3 ] = date -> data [1 ] + 0x30 ;
1066+ ret [2 ] = d [0 ] + 0x30 ;
1067+ ret [3 ] = d [1 ] + 0x30 ;
10611068 ret [4 ] = '-' ;
1062- ret [5 ] = date -> data [2 ] + 0x30 ;
1063- ret [6 ] = date -> data [3 ] + 0x30 ;
1069+ ret [5 ] = d [2 ] + 0x30 ;
1070+ ret [6 ] = d [3 ] + 0x30 ;
10641071 ret [7 ] = '-' ;
1065- ret [8 ] = date -> data [4 ] + 0x30 ;
1066- ret [9 ] = date -> data [5 ] + 0x30 ;
1072+ ret [8 ] = d [4 ] + 0x30 ;
1073+ ret [9 ] = d [5 ] + 0x30 ;
10671074 ret [10 ] = '\0' ;
10681075
10691076 return ret ;
@@ -1081,28 +1088,28 @@ certificate_description_print(BIO *bio,
10811088
10821089 if (!BIO_indent (bio , indent , 80 )
10831090 || !BIO_printf (bio , "%s\t%s\n" , cert_desc_field_strings [0 ],
1084- desc -> issuerName -> data ))
1091+ ASN1_STRING_get0_data ( desc -> issuerName ) ))
10851092 return 0 ;
10861093 if (desc -> issuerURL ) {
10871094 if (!BIO_indent (bio , indent , 80 )
10881095 || !BIO_printf (bio , "%s\t%s\n" , cert_desc_field_strings [1 ],
1089- desc -> issuerURL -> data ))
1096+ ASN1_STRING_get0_data ( desc -> issuerURL ) ))
10901097 return 0 ;
10911098 }
10921099 if (!BIO_indent (bio , indent , 80 )
10931100 || !BIO_printf (bio , "%s\t%s\n" , cert_desc_field_strings [2 ],
1094- desc -> subjectName -> data ))
1101+ ASN1_STRING_get0_data ( desc -> subjectName ) ))
10951102 return 0 ;
10961103 if (desc -> subjectURL ) {
10971104 if (!BIO_indent (bio , indent , 80 )
10981105 || !BIO_printf (bio , "%s\t%s\n" , cert_desc_field_strings [3 ],
1099- desc -> subjectURL -> data ))
1106+ ASN1_STRING_get0_data ( desc -> subjectURL ) ))
11001107 return 0 ;
11011108 }
11021109 if (desc -> redirectURL ) {
11031110 if (!BIO_indent (bio , indent , 80 )
11041111 || !BIO_printf (bio , "%s\t%s\n" , cert_desc_field_strings [4 ],
1105- desc -> redirectURL -> data ))
1112+ ASN1_STRING_get0_data ( desc -> redirectURL ) ))
11061113 return 0 ;
11071114 }
11081115 if (desc -> commCertificates ) {
@@ -1114,7 +1121,7 @@ certificate_description_print(BIO *bio,
11141121 for (i = 0 ; i < count ; i ++ ) {
11151122 s = sk_value ((_STACK * ) desc -> commCertificates -> values , i );
11161123 if (!BIO_puts (bio , "\n" )
1117- || !BIO_dump_indent (bio , (char * ) s -> data , s -> length , indent + 2 ))
1124+ || !BIO_dump_indent (bio , (const char * ) ASN1_STRING_get0_data ( s ), ASN1_STRING_length ( s ) , indent + 2 ))
11181125 return 0 ;
11191126 }
11201127 }
@@ -1124,7 +1131,8 @@ certificate_description_print(BIO *bio,
11241131 if (nid == NID_id_plainFormat ) {
11251132 if (!BIO_indent (bio , indent , 80 )
11261133 || !BIO_printf (bio , "%s\n%.*s\n" , cert_desc_field_strings [5 ],
1127- desc -> termsOfUsage -> length , desc -> termsOfUsage -> data ))
1134+ ASN1_STRING_length (desc -> termsOfUsage ),
1135+ ASN1_STRING_get0_data (desc -> termsOfUsage )))
11281136 return 0 ;
11291137 ret = 1 ;
11301138 } else if (nid == NID_id_htmlFormat ) {
@@ -1219,13 +1227,13 @@ CVC_check_description(const CVC_CERT *cv, const unsigned char *cert_desc_in,
12191227 goto err ;
12201228
12211229 /* Check whether or not the hash in the certificate has the correct size */
1222- if (hash_check -> length != desc_hash -> length ) {
1230+ if (ASN1_STRING_length ( hash_check ) != desc_hash -> length ) {
12231231 ret = 0 ;
12241232 goto err ;
12251233 }
12261234
12271235 /* Compare it with the hash in the certificate */
1228- if (!memcmp (desc_hash -> data , hash_check -> data , desc_hash -> length ))
1236+ if (!memcmp (desc_hash -> data , ASN1_STRING_get0_data ( hash_check ) , desc_hash -> length ))
12291237 ret = 1 ;
12301238 } else
12311239 ret = 0 ;
0 commit comments