option to output corrupted signature in certificates for testing purposes

author: Dr. Stephen Henson <steve@openssl.org> 2012-11-25 22:29:52 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-11-25 22:29:52 +0000
commit: 96cfba0fb46a392697295eb6c1350e3110411a75 (patch)
tree: 6bcbb01d2fb284d3b198f82f4a457372177aab9f /apps/x509.c
parent: cd68694646f73112fa0c6d4e1819b23cc932911d (diff)
download: openssl-96cfba0fb46a392697295eb6c1350e3110411a75.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/apps/x509.c b/apps/x509.c
index 694d2544eb..51c86b4139 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -179,7 +179,7 @@ int MAIN(int argc, char **argv)
 	STACK_OF(OPENSSL_STRING) *sigopts = NULL;
 	EVP_PKEY *Upkey=NULL,*CApkey=NULL, *fkey = NULL;
 	ASN1_INTEGER *sno = NULL;
-	int i,num,badops=0;
+	int i,num,badops=0, badsig=0;
 	BIO *out=NULL;
 	BIO *STDout=NULL;
 	STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL;
@@ -499,6 +499,8 @@ int MAIN(int argc, char **argv)
 #endif
 		else if (strcmp(*argv,"-ocspid") == 0)
 			ocspid= ++num;
+		else if (strcmp(*argv,"-badsig") == 0)
+			badsig = 1;
 		else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
 			{
 			/* ok */
@@ -1089,6 +1091,9 @@ bad:
 		goto end;
 		}
 
+	if (badsig)
+		x->signature->data[x->signature->length - 1] ^= 0x1;
+
 	if 	(outformat == FORMAT_ASN1)
 		i=i2d_X509_bio(out,x);
 	else if (outformat == FORMAT_PEM)
author	Dr. Stephen Henson <steve@openssl.org>	2012-11-25 22:29:52 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-11-25 22:29:52 +0000
commit	96cfba0fb46a392697295eb6c1350e3110411a75 (patch)
tree	6bcbb01d2fb284d3b198f82f4a457372177aab9f /apps/x509.c
parent	cd68694646f73112fa0c6d4e1819b23cc932911d (diff)
download	openssl-96cfba0fb46a392697295eb6c1350e3110411a75.tar.gz