Replace trivial uses of ASN1_STRING_data()

Almost entirely mechanical diff that ensures that for read-only accesses
we use the const correct ASN1_STRING_get0_data(). Arguably, in most
places the better fix would be to reach into ASN1_STRING but then we
have to think and bikeshed...

ok beck kenjiro

5 files changed, 13 insertions, 13 deletions

diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
index 502db42a73..0615de1ccb 100644
--- a/src/lib/libcrypto/asn1/a_type.c
+++ b/src/lib/libcrypto/asn1/a_type.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_type.c,v 1.28 2025/05/10 05:54:38 tb Exp $ */
+/* $OpenBSD: a_type.c,v 1.29 2025/12/05 14:19:27 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -227,14 +227,14 @@ int
 ASN1_TYPE_get_octetstring(const ASN1_TYPE *a, unsigned char *data, int max_len)
 {
         int ret, num;
-        unsigned char *p;
+        const unsigned char *p;
 
         if ((a->type != V_ASN1_OCTET_STRING) ||
             (a->value.octet_string == NULL)) {
                 ASN1error(ASN1_R_DATA_IS_WRONG);
                 return (-1);
         }
-        p = ASN1_STRING_data(a->value.octet_string);
+        p = ASN1_STRING_get0_data(a->value.octet_string);
         ret = ASN1_STRING_length(a->value.octet_string);
         if (ret < max_len)
                 num = ret;
@@ -298,7 +298,7 @@ ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *at, long *num, unsigned char *dat
                 len = ASN1_STRING_length(ios->value);
                 if (len > max_len)
                         len = max_len;
-                memcpy(data, ASN1_STRING_data(ios->value), len);
+                memcpy(data, ASN1_STRING_get0_data(ios->value), len);
         }
 
         ret = ASN1_STRING_length(ios->value);
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c
index bdb0c39ad5..a5e82ef7ff 100644
--- a/src/lib/libcrypto/asn1/p8_pkey.c
+++ b/src/lib/libcrypto/asn1/p8_pkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p8_pkey.c,v 1.25 2024/07/08 14:48:49 beck Exp $ */
+/* $OpenBSD: p8_pkey.c,v 1.26 2025/12/05 14:19:27 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -168,7 +168,7 @@ PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg, const unsigned char **pk,
         if (ppkalg != NULL)
                 *ppkalg = p8->pkeyalg->algorithm;
         if (pk != NULL) {
-                *pk = ASN1_STRING_data(p8->pkey);
+                *pk = ASN1_STRING_get0_data(p8->pkey);
                 *ppklen = ASN1_STRING_length(p8->pkey);
         }
         if (pa != NULL)
diff --git a/src/lib/libcrypto/ts/ts_lib.c b/src/lib/libcrypto/ts/ts_lib.c
index 7e40101752..d497fed9d8 100644
--- a/src/lib/libcrypto/ts/ts_lib.c
+++ b/src/lib/libcrypto/ts/ts_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_lib.c,v 1.15 2025/01/07 14:22:19 tb Exp $ */
+/* $OpenBSD: ts_lib.c,v 1.16 2025/12/05 14:19:27 tb Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2002.
  */
@@ -155,7 +155,7 @@ TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *a)
 
         BIO_printf(bio, "Message data:\n");
         msg = TS_MSG_IMPRINT_get_msg(a);
-        BIO_dump_indent(bio, (const char *)ASN1_STRING_data(msg),
+        BIO_dump_indent(bio, (const char *)ASN1_STRING_get0_data(msg),
             ASN1_STRING_length(msg), 4);
 
         return 1;
diff --git a/src/lib/libcrypto/ts/ts_rsp_verify.c b/src/lib/libcrypto/ts/ts_rsp_verify.c
index d38bb3b460..e9a778bb88 100644
--- a/src/lib/libcrypto/ts/ts_rsp_verify.c
+++ b/src/lib/libcrypto/ts/ts_rsp_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_rsp_verify.c,v 1.31 2025/05/10 05:54:39 tb Exp $ */
+/* $OpenBSD: ts_rsp_verify.c,v 1.32 2025/12/05 14:19:27 tb Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2002.
  */
@@ -667,7 +667,7 @@ TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
                 ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
                 if (i > 0)
                         strlcat(result, "/", length);
-                strlcat(result, (const char *)ASN1_STRING_data(current), length);
+                strlcat(result, (const char *)ASN1_STRING_get0_data(current), length);
         }
         return result;
 }
@@ -771,7 +771,7 @@ TS_check_imprints(X509_ALGOR *algor_a, unsigned char *imprint_a, unsigned len_a,
 
         /* Compare octet strings. */
         ret = len_a == (unsigned) ASN1_STRING_length(b->hashed_msg) &&
-            memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;
+            memcmp(imprint_a, ASN1_STRING_get0_data(b->hashed_msg), len_a) == 0;
 
 err:
         if (!ret)
diff --git a/src/lib/libcrypto/ts/ts_verify_ctx.c b/src/lib/libcrypto/ts/ts_verify_ctx.c
index 23e2557308..b2b160c511 100644
--- a/src/lib/libcrypto/ts/ts_verify_ctx.c
+++ b/src/lib/libcrypto/ts/ts_verify_ctx.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_verify_ctx.c,v 1.15 2025/05/10 05:54:39 tb Exp $ */
+/* $OpenBSD: ts_verify_ctx.c,v 1.16 2025/12/05 14:19:27 tb Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2003.
  */
@@ -215,7 +215,7 @@ TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
         ret->imprint_len = ASN1_STRING_length(msg);
         if (!(ret->imprint = malloc(ret->imprint_len)))
                 goto err;
-        memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
+        memcpy(ret->imprint, ASN1_STRING_get0_data(msg), ret->imprint_len);
 
         /* Setting nonce. */
         if ((nonce = TS_REQ_get_nonce(req)) != NULL) {