diff --git a/interfaces/innerkits/appverify_lite/src/app_verify.c b/interfaces/innerkits/appverify_lite/src/app_verify.c
index 98a18a1fd9b0c87e8dd425e7c35b93cbf4e2e0a4..65b8a071357664298bc94cd1ea170aed58430ef6 100755
--- a/interfaces/innerkits/appverify_lite/src/app_verify.c
+++ b/interfaces/innerkits/appverify_lite/src/app_verify.c
@@ -591,8 +591,14 @@ static unsigned char *GetEcPk(const mbedtls_pk_context *pk, int *len)
         LOG_ERROR("malloc error");
         return NULL;
     }
-    int ret = mbedtls_ecp_point_write_binary(&ecCtx->grp, &ecCtx->Q,
-                                             MBEDTLS_ECP_PF_UNCOMPRESSED, (size_t *)len, buf, MBEDTLS_ECP_MAX_PT_LEN);
+    int ret = memset_s(buf, MBEDTLS_ECP_MAX_PT_LEN, 0, MBEDTLS_ECP_MAX_PT_LEN);
+    if (ret != EOK) {
+        LOG_ERROR("memset error");
+        APPV_FREE(buf);
+        return NULL;
+    }
+    ret = mbedtls_ecp_point_write_binary(&ecCtx->MBEDTLS_PRIVATE(grp), &ecCtx->MBEDTLS_PRIVATE(Q),
+        MBEDTLS_ECP_PF_UNCOMPRESSED, (size_t *)len, buf, MBEDTLS_ECP_MAX_PT_LEN);
     if (ret != V_OK) {
         LOG_ERROR("get ecc pk key error");
         APPV_FREE(buf);
diff --git a/interfaces/innerkits/appverify_lite/src/mbedtls_pkcs7.c b/interfaces/innerkits/appverify_lite/src/mbedtls_pkcs7.c
index 07d8486ba5e434f0f056cd02fe0752153223451b..8e7644683c88b91c4bc1e8c37263fcd145ceabb8 100755
--- a/interfaces/innerkits/appverify_lite/src/mbedtls_pkcs7.c
+++ b/interfaces/innerkits/appverify_lite/src/mbedtls_pkcs7.c
@@ -345,7 +345,7 @@ static int CompareX509NameList(const mbedtls_x509_name *first, const mbedtls_x50
         if (first->oid.tag != second->oid.tag ||
             first->oid.len != second->oid.len ||
             memcmp(first->oid.p, second->oid.p, second->oid.len) != 0 ||
-            first->next_merged != second->next_merged ||
+            first->MBEDTLS_PRIVATE(next_merged) != second->MBEDTLS_PRIVATE(next_merged) ||
             first->val.len != second->val.len) {
             return -1;
         }
@@ -897,7 +897,7 @@ int PKCS7_VerifySignerSignature(const Pkcs7 *pkcs7, PKCS7_CalcDigest calcDigest)
         }
         /* if is rsassa-pss, need to set padding version to V21, RFC3447 */
         if (!MBEDTLS_OID_CMP(MBEDTLS_OID_RSASSA_PSS, &signer->digestEncAlgId)) {
-            mbedtls_rsa_set_padding(pk->pk_ctx, MBEDTLS_RSA_PKCS_V21, 0);
+            mbedtls_rsa_set_padding(pk->MBEDTLS_PRIVATE(pk_ctx), MBEDTLS_RSA_PKCS_V21, 0);
         }
         rc = mbedtls_pk_verify(pk, digAlg, hash, hashLen, sig, sigLen);
         (void)memset_s(hash, MAX_HASH_SIZE, 0, MAX_HASH_SIZE);
@@ -1345,8 +1345,8 @@ int PKCS7_ParseSignedData(const unsigned char *buf, size_t bufLen, Pkcs7 *pkcs7)
         goto EXIT;
     }
     if (format == PEM_FORMAT_SINGED_DATA) {
-        start = pkcs7->pem.buf;
-        bufLen = pkcs7->pem.buflen;
+        start = pkcs7->pem.MBEDTLS_PRIVATE(buf);
+        bufLen = pkcs7->pem.MBEDTLS_PRIVATE(buflen);
     }
 #endif
     end = start + bufLen;