From 96cfba0fb46a392697295eb6c1350e3110411a75 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 25 Nov 2012 22:29:52 +0000 Subject: [PATCH] option to output corrupted signature in certificates for testing purposes --- apps/x509.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/apps/x509.c b/apps/x509.c index 694d2544eb..51c86b4139 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -179,7 +179,7 @@ int MAIN(int argc, char **argv) STACK_OF(OPENSSL_STRING) *sigopts = NULL; EVP_PKEY *Upkey=NULL,*CApkey=NULL, *fkey = NULL; ASN1_INTEGER *sno = NULL; - int i,num,badops=0; + int i,num,badops=0, badsig=0; BIO *out=NULL; BIO *STDout=NULL; STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL; @@ -499,6 +499,8 @@ int MAIN(int argc, char **argv) #endif else if (strcmp(*argv,"-ocspid") == 0) ocspid= ++num; + else if (strcmp(*argv,"-badsig") == 0) + badsig = 1; else if ((md_alg=EVP_get_digestbyname(*argv + 1))) { /* ok */ @@ -1089,6 +1091,9 @@ bad: goto end; } + if (badsig) + x->signature->data[x->signature->length - 1] ^= 0x1; + if (outformat == FORMAT_ASN1) i=i2d_X509_bio(out,x); else if (outformat == FORMAT_PEM) -- 2.40.0