5 files changed, 13 insertions, 13 deletions
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
index 502db42a73..0615de1ccb 100644
--- a/src/lib/libcrypto/asn1/a_type.c
+++ b/src/lib/libcrypto/asn1/a_type.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_type.c,v 1.28 2025/05/10 05:54:38 tb Exp $ */
+/* $OpenBSD: a_type.c,v 1.29 2025/12/05 14:19:27 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -227,14 +227,14 @@ int
 ASN1_TYPE_get_octetstring(const ASN1_TYPE *a, unsigned char *data, int max_len)
 {
        int ret, num;
-        unsigned char *p;
+        const unsigned char *p;
        if ((a->type != V_ASN1_OCTET_STRING) ||
            (a->value.octet_string == NULL)) {
                ASN1error(ASN1_R_DATA_IS_WRONG);
                return (-1);
        }
-        p = ASN1_STRING_data(a->value.octet_string);
+        p = ASN1_STRING_get0_data(a->value.octet_string);
        ret = ASN1_STRING_length(a->value.octet_string);
        if (ret < max_len)
                num = ret;
@@ -298,7 +298,7 @@ ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *at, long *num, unsigned char *dat
                len = ASN1_STRING_length(ios->value);
                if (len > max_len)
                        len = max_len;
-                memcpy(data, ASN1_STRING_data(ios->value), len);
+                memcpy(data, ASN1_STRING_get0_data(ios->value), len);
        }
        ret = ASN1_STRING_length(ios->value);
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c
index bdb0c39ad5..a5e82ef7ff 100644
--- a/src/lib/libcrypto/asn1/p8_pkey.c
+++ b/src/lib/libcrypto/asn1/p8_pkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p8_pkey.c,v 1.25 2024/07/08 14:48:49 beck Exp $ */
+/* $OpenBSD: p8_pkey.c,v 1.26 2025/12/05 14:19:27 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -168,7 +168,7 @@ PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg, const unsigned char **pk,
        if (ppkalg != NULL)
                *ppkalg = p8->pkeyalg->algorithm;
        if (pk != NULL) {
-                *pk = ASN1_STRING_data(p8->pkey);
+                *pk = ASN1_STRING_get0_data(p8->pkey);
                *ppklen = ASN1_STRING_length(p8->pkey);
        }
        if (pa != NULL)
diff --git a/src/lib/libcrypto/ts/ts_lib.c b/src/lib/libcrypto/ts/ts_lib.c
index 7e40101752..d497fed9d8 100644
--- a/src/lib/libcrypto/ts/ts_lib.c
+++ b/src/lib/libcrypto/ts/ts_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_lib.c,v 1.15 2025/01/07 14:22:19 tb Exp $ */
+/* $OpenBSD: ts_lib.c,v 1.16 2025/12/05 14:19:27 tb Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
 * project 2002.
 */
@@ -155,7 +155,7 @@ TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *a)
        BIO_printf(bio, "Message data:\n");
        msg = TS_MSG_IMPRINT_get_msg(a);
-        BIO_dump_indent(bio, (const char *)ASN1_STRING_data(msg),
+        BIO_dump_indent(bio, (const char *)ASN1_STRING_get0_data(msg),
            ASN1_STRING_length(msg), 4);
        return 1;
diff --git a/src/lib/libcrypto/ts/ts_rsp_verify.c b/src/lib/libcrypto/ts/ts_rsp_verify.c
index d38bb3b460..e9a778bb88 100644
--- a/src/lib/libcrypto/ts/ts_rsp_verify.c
+++ b/src/lib/libcrypto/ts/ts_rsp_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_rsp_verify.c,v 1.31 2025/05/10 05:54:39 tb Exp $ */
+/* $OpenBSD: ts_rsp_verify.c,v 1.32 2025/12/05 14:19:27 tb Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
 * project 2002.
 */
@@ -667,7 +667,7 @@ TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
                ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
                if (i > 0)
                        strlcat(result, "/", length);
-                strlcat(result, (const char *)ASN1_STRING_data(current), length);
+                strlcat(result, (const char *)ASN1_STRING_get0_data(current), length);
        }
        return result;
 }
@@ -771,7 +771,7 @@ TS_check_imprints(X509_ALGOR *algor_a, unsigned char *imprint_a, unsigned len_a,
        /* Compare octet strings. */
        ret = len_a == (unsigned) ASN1_STRING_length(b->hashed_msg) &&
-            memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;
+            memcmp(imprint_a, ASN1_STRING_get0_data(b->hashed_msg), len_a) == 0;
 err:
        if (!ret)
diff --git a/src/lib/libcrypto/ts/ts_verify_ctx.c b/src/lib/libcrypto/ts/ts_verify_ctx.c
index 23e2557308..b2b160c511 100644
--- a/src/lib/libcrypto/ts/ts_verify_ctx.c
+++ b/src/lib/libcrypto/ts/ts_verify_ctx.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_verify_ctx.c,v 1.15 2025/05/10 05:54:39 tb Exp $ */
+/* $OpenBSD: ts_verify_ctx.c,v 1.16 2025/12/05 14:19:27 tb Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
 * project 2003.
 */
@@ -215,7 +215,7 @@ TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
        ret->imprint_len = ASN1_STRING_length(msg);
        if (!(ret->imprint = malloc(ret->imprint_len)))
                goto err;
-        memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
+        memcpy(ret->imprint, ASN1_STRING_get0_data(msg), ret->imprint_len);
        /* Setting nonce. */
        if ((nonce = TS_REQ_get_nonce(req)) != NULL) {

diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c index 502db42a73..0615de1ccb 100644 --- a/src/lib/libcrypto/asn1/a_type.c +++ b/src/lib/libcrypto/asn1/a_type.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: a_type.c,v 1.28 2025/05/10 05:54:38 tb Exp $ */	1	/* $OpenBSD: a_type.c,v 1.29 2025/12/05 14:19:27 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -227,14 +227,14 @@ int
227	ASN1_TYPE_get_octetstring(const ASN1_TYPE a, unsigned char data, int max_len)	227	ASN1_TYPE_get_octetstring(const ASN1_TYPE a, unsigned char data, int max_len)
228	{	228	{
229	int ret, num;	229	int ret, num;
230	unsigned char *p;	230	const unsigned char *p;
231		231
232	if ((a->type != V_ASN1_OCTET_STRING) \|\|	232	if ((a->type != V_ASN1_OCTET_STRING) \|\|
233	(a->value.octet_string == NULL)) {	233	(a->value.octet_string == NULL)) {
234	ASN1error(ASN1_R_DATA_IS_WRONG);	234	ASN1error(ASN1_R_DATA_IS_WRONG);
235	return (-1);	235	return (-1);
236	}	236	}
237	p = ASN1_STRING_data(a->value.octet_string);	237	p = ASN1_STRING_get0_data(a->value.octet_string);
238	ret = ASN1_STRING_length(a->value.octet_string);	238	ret = ASN1_STRING_length(a->value.octet_string);
239	if (ret < max_len)	239	if (ret < max_len)
240	num = ret;	240	num = ret;
@@ -298,7 +298,7 @@ ASN1_TYPE_get_int_octetstring(const ASN1_TYPE at, long num, unsigned char *dat
298	len = ASN1_STRING_length(ios->value);	298	len = ASN1_STRING_length(ios->value);
299	if (len > max_len)	299	if (len > max_len)
300	len = max_len;	300	len = max_len;
301	memcpy(data, ASN1_STRING_data(ios->value), len);	301	memcpy(data, ASN1_STRING_get0_data(ios->value), len);
302	}	302	}
303		303
304	ret = ASN1_STRING_length(ios->value);	304	ret = ASN1_STRING_length(ios->value);


diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c index bdb0c39ad5..a5e82ef7ff 100644 --- a/src/lib/libcrypto/asn1/p8_pkey.c +++ b/src/lib/libcrypto/asn1/p8_pkey.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: p8_pkey.c,v 1.25 2024/07/08 14:48:49 beck Exp $ */	1	/* $OpenBSD: p8_pkey.c,v 1.26 2025/12/05 14:19:27 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -168,7 +168,7 @@ PKCS8_pkey_get0(const ASN1_OBJECT ppkalg, const unsigned char pk,
168	if (ppkalg != NULL)	168	if (ppkalg != NULL)
169	*ppkalg = p8->pkeyalg->algorithm;	169	*ppkalg = p8->pkeyalg->algorithm;
170	if (pk != NULL) {	170	if (pk != NULL) {
171	*pk = ASN1_STRING_data(p8->pkey);	171	*pk = ASN1_STRING_get0_data(p8->pkey);
172	*ppklen = ASN1_STRING_length(p8->pkey);	172	*ppklen = ASN1_STRING_length(p8->pkey);
173	}	173	}
174	if (pa != NULL)	174	if (pa != NULL)


diff --git a/src/lib/libcrypto/ts/ts_lib.c b/src/lib/libcrypto/ts/ts_lib.c index 7e40101752..d497fed9d8 100644 --- a/src/lib/libcrypto/ts/ts_lib.c +++ b/src/lib/libcrypto/ts/ts_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ts_lib.c,v 1.15 2025/01/07 14:22:19 tb Exp $ */	1	/* $OpenBSD: ts_lib.c,v 1.16 2025/12/05 14:19:27 tb Exp $ */
2	/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL	2	/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3	* project 2002.	3	* project 2002.
4	*/	4	*/
@@ -155,7 +155,7 @@ TS_MSG_IMPRINT_print_bio(BIO bio, TS_MSG_IMPRINT a)
155		155
156	BIO_printf(bio, "Message data:\n");	156	BIO_printf(bio, "Message data:\n");
157	msg = TS_MSG_IMPRINT_get_msg(a);	157	msg = TS_MSG_IMPRINT_get_msg(a);
158	BIO_dump_indent(bio, (const char *)ASN1_STRING_data(msg),	158	BIO_dump_indent(bio, (const char *)ASN1_STRING_get0_data(msg),
159	ASN1_STRING_length(msg), 4);	159	ASN1_STRING_length(msg), 4);
160		160
161	return 1;	161	return 1;


diff --git a/src/lib/libcrypto/ts/ts_rsp_verify.c b/src/lib/libcrypto/ts/ts_rsp_verify.c index d38bb3b460..e9a778bb88 100644 --- a/src/lib/libcrypto/ts/ts_rsp_verify.c +++ b/src/lib/libcrypto/ts/ts_rsp_verify.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ts_rsp_verify.c,v 1.31 2025/05/10 05:54:39 tb Exp $ */	1	/* $OpenBSD: ts_rsp_verify.c,v 1.32 2025/12/05 14:19:27 tb Exp $ */
2	/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL	2	/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3	* project 2002.	3	* project 2002.
4	*/	4	*/
@@ -667,7 +667,7 @@ TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
667	ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);	667	ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
668	if (i > 0)	668	if (i > 0)
669	strlcat(result, "/", length);	669	strlcat(result, "/", length);
670	strlcat(result, (const char *)ASN1_STRING_data(current), length);	670	strlcat(result, (const char *)ASN1_STRING_get0_data(current), length);
671	}	671	}
672	return result;	672	return result;
673	}	673	}
@@ -771,7 +771,7 @@ TS_check_imprints(X509_ALGOR algor_a, unsigned char imprint_a, unsigned len_a,
771		771
772	/* Compare octet strings. */	772	/* Compare octet strings. */
773	ret = len_a == (unsigned) ASN1_STRING_length(b->hashed_msg) &&	773	ret = len_a == (unsigned) ASN1_STRING_length(b->hashed_msg) &&
774	memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;	774	memcmp(imprint_a, ASN1_STRING_get0_data(b->hashed_msg), len_a) == 0;
775		775
776	err:	776	err:
777	if (!ret)	777	if (!ret)


diff --git a/src/lib/libcrypto/ts/ts_verify_ctx.c b/src/lib/libcrypto/ts/ts_verify_ctx.c index 23e2557308..b2b160c511 100644 --- a/src/lib/libcrypto/ts/ts_verify_ctx.c +++ b/src/lib/libcrypto/ts/ts_verify_ctx.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ts_verify_ctx.c,v 1.15 2025/05/10 05:54:39 tb Exp $ */	1	/* $OpenBSD: ts_verify_ctx.c,v 1.16 2025/12/05 14:19:27 tb Exp $ */
2	/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL	2	/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3	* project 2003.	3	* project 2003.
4	*/	4	*/
@@ -215,7 +215,7 @@ TS_REQ_to_TS_VERIFY_CTX(TS_REQ req, TS_VERIFY_CTX ctx)
215	ret->imprint_len = ASN1_STRING_length(msg);	215	ret->imprint_len = ASN1_STRING_length(msg);
216	if (!(ret->imprint = malloc(ret->imprint_len)))	216	if (!(ret->imprint = malloc(ret->imprint_len)))
217	goto err;	217	goto err;
218	memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);	218	memcpy(ret->imprint, ASN1_STRING_get0_data(msg), ret->imprint_len);
219		219
220	/* Setting nonce. */	220	/* Setting nonce. */
221	if ((nonce = TS_REQ_get_nonce(req)) != NULL) {	221	if ((nonce = TS_REQ_get_nonce(req)) != NULL) {