From: Dr. Stephen Henson Date: Tue, 16 Aug 2016 14:19:55 +0000 (+0100) Subject: Corrupt signature earlier. X-Git-Tag: OpenSSL_1_1_0~175 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=0f022f5a2201a591da7d373ebeeb7d29bdcaf95a;p=oweals%2Fopenssl.git Corrupt signature earlier. If -badsig is selected corrupt the signature before printing out any details so the output reflects the modified signature. Reviewed-by: Rich Salz --- diff --git a/apps/crl.c b/apps/crl.c index 6ea0b4c32b..0140ff749c 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -249,6 +249,14 @@ int crl_main(int argc, char **argv) } } + if (badsig) { + ASN1_BIT_STRING *sig; + + X509_CRL_get0_signature(&sig, NULL, x); + if (!corrupt_signature(sig)) + goto end; + } + if (num) { for (i = 1; i <= num; i++) { if (issuer == i) { @@ -319,13 +327,6 @@ int crl_main(int argc, char **argv) goto end; } - if (badsig) { - ASN1_BIT_STRING *sig; - X509_CRL_get0_signature(&sig, NULL, x); - if (!corrupt_signature(sig)) - goto end; - } - if (outformat == FORMAT_ASN1) i = (int)i2d_X509_CRL_bio(out, x); else diff --git a/apps/x509.c b/apps/x509.c index 93b0eae852..23265b229e 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -603,6 +603,13 @@ int x509_main(int argc, char **argv) objtmp = NULL; } + if (badsig) { + ASN1_BIT_STRING *signature; + X509_get0_signature(&signature, NULL, x); + if (!corrupt_signature(signature)) + goto end; + } + if (num) { for (i = 1; i <= num; i++) { if (issuer == i) { @@ -847,13 +854,6 @@ int x509_main(int argc, char **argv) goto end; } - if (badsig) { - ASN1_BIT_STRING *signature; - X509_get0_signature(&signature, NULL, x); - if (!corrupt_signature(signature)) - goto end; - } - if (outformat == FORMAT_ASN1) i = i2d_X509_bio(out, x); else if (outformat == FORMAT_PEM) {