add -badsig option to corrupt CRL signatures for testing too

author Dr. Stephen Henson <steve@openssl.org>

Sun, 2 Dec 2012 16:48:25 +0000 (16:48 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 14 Sep 2013 12:53:44 +0000 (13:53 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Sun, 2 Dec 2012 16:48:25 +0000 (16:48 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 14 Sep 2013 12:53:44 +0000 (13:53 +0100)
diff --git a/apps/crl.c b/apps/crl.c

index 3520c4cbb8b248ec66b588bdbf7eabf07a79127c..745469d1b8084544b1e4d26f68545dd7da0cfde7 100644 (file)
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -102,7 +102,7 @@ int MAIN(int argc, char **argv)
         unsigned long nmflag = 0;
         X509_CRL *x=NULL;
         char *CAfile = NULL, *CApath = NULL;
-       int ret=1,i,num,badops=0;
+       int ret=1,i,num,badops=0,badsig=0;
         BIO *out=NULL;
         int informat,outformat, keyformat;
         char *infile=NULL,*outfile=NULL, *crldiff = NULL, *keyfile = NULL;
@@ -224,6 +224,8 @@ int MAIN(int argc, char **argv)
                         fingerprint= ++num;
                 else if (strcmp(*argv,"-crlnumber") == 0)
                         crlnumber= ++num;
+               else if (strcmp(*argv,"-badsig") == 0)
+                       badsig = 1;
                 else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
                         {
                         /* ok */
@@ -426,6 +428,9 @@ bad:
                 goto end;
                 }
  
+       if (badsig)
+               x->signature->data[x->signature->length - 1] ^= 0x1;
+
         if      (outformat == FORMAT_ASN1)
                 i=(int)i2d_X509_CRL_bio(out,x);
         else if (outformat == FORMAT_PEM)
author	Dr. Stephen Henson <steve@openssl.org>
	Sun, 2 Dec 2012 16:48:25 +0000 (16:48 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 14 Sep 2013 12:53:44 +0000 (13:53 +0100)