};\r
\r
/**\r
- Verifies the validility of a PE/COFF Authenticode Signature as described in "Windows\r
+ Verifies the validity of a PE/COFF Authenticode Signature as described in "Windows\r
Authenticode Portable Executable Signature Format".\r
\r
If AuthData is NULL, then return FALSE.\r
@param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which\r
is used for certificate chain verification.\r
@param[in] CertSize Size of the trusted certificate in bytes.\r
- @param[in] ImageHash Pointer to the original image file hash value. The procudure\r
+ @param[in] ImageHash Pointer to the original image file hash value. The procedure\r
for calculating the image hash value is described in Authenticode\r
specification.\r
@param[in] HashSize Size of Image hash value in bytes.\r
UINT8 *SpcIndirectDataContent;\r
UINT8 Asn1Byte;\r
UINTN ContentSize;\r
- UINT8 *SpcIndirectDataOid;\r
+ CONST UINT8 *SpcIndirectDataOid;\r
\r
//\r
// Check input parameters.\r
// some authenticode-specific structure. Use opaque ASN.1 string to retrieve\r
// PKCS#7 ContentInfo here.\r
//\r
- SpcIndirectDataOid = (UINT8 *)(Pkcs7->d.sign->contents->type->data);\r
- if (CompareMem (\r
+ SpcIndirectDataOid = OBJ_get0_data(Pkcs7->d.sign->contents->type);\r
+ if (OBJ_length(Pkcs7->d.sign->contents->type) != sizeof(mSpcIndirectOidValue) ||\r
+ CompareMem (\r
SpcIndirectDataOid,\r
mSpcIndirectOidValue,\r
sizeof (mSpcIndirectOidValue)\r