From 139cd16cc58330840890f914c318f00de6bfd831 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 2 Dec 2012 16:48:25 +0000 Subject: [PATCH] add -badsig option to corrupt CRL signatures for testing too --- apps/crl.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/apps/crl.c b/apps/crl.c index fc12734052..8ee88af46c 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -102,7 +102,7 @@ int MAIN(int argc, char **argv) unsigned long nmflag = 0; X509_CRL *x=NULL; char *CAfile = NULL, *CApath = NULL; - int ret=1,i,num,badops=0; + int ret=1,i,num,badops=0,badsig=0; BIO *out=NULL; int informat,outformat; char *infile=NULL,*outfile=NULL; @@ -208,6 +208,8 @@ int MAIN(int argc, char **argv) fingerprint= ++num; else if (strcmp(*argv,"-crlnumber") == 0) crlnumber= ++num; + else if (strcmp(*argv,"-badsig") == 0) + badsig = 1; else if ((md_alg=EVP_get_digestbyname(*argv + 1))) { /* ok */ @@ -377,6 +379,9 @@ bad: goto end; } + if (badsig) + x->signature->data[x->signature->length - 1] ^= 0x1; + if (outformat == FORMAT_ASN1) i=(int)i2d_X509_CRL_bio(out,x); else if (outformat == FORMAT_PEM) -- 2.25.1