add -badsig option to corrupt CRL signatures for testing too
(cherry picked from commit 139cd16cc5)
This commit is contained in:
Dr. Stephen Henson
@@ -102,7 +102,7 @@ int MAIN(int argc, char **argv)
|
|||||||
unsigned long nmflag = 0;
|
unsigned long nmflag = 0;
|
||||||
X509_CRL *x=NULL;
|
X509_CRL *x=NULL;
|
||||||
char *CAfile = NULL, *CApath = NULL;
|
char *CAfile = NULL, *CApath = NULL;
|
||||||
int ret=1,i,num,badops=0;
|
int ret=1,i,num,badops=0,badsig=0;
|
||||||
BIO *out=NULL;
|
BIO *out=NULL;
|
||||||
int informat,outformat, keyformat;
|
int informat,outformat, keyformat;
|
||||||
char *infile=NULL,*outfile=NULL, *crldiff = NULL, *keyfile = NULL;
|
char *infile=NULL,*outfile=NULL, *crldiff = NULL, *keyfile = NULL;
|
||||||
@@ -224,6 +224,8 @@ int MAIN(int argc, char **argv)
|
|||||||
fingerprint= ++num;
|
fingerprint= ++num;
|
||||||
else if (strcmp(*argv,"-crlnumber") == 0)
|
else if (strcmp(*argv,"-crlnumber") == 0)
|
||||||
crlnumber= ++num;
|
crlnumber= ++num;
|
||||||
|
else if (strcmp(*argv,"-badsig") == 0)
|
||||||
|
badsig = 1;
|
||||||
else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
|
else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
|
||||||
{
|
{
|
||||||
/* ok */
|
/* ok */
|
||||||
@@ -426,6 +428,9 @@ bad:
|
|||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (badsig)
|
||||||
|
x->signature->data[x->signature->length - 1] ^= 0x1;
|
||||||
|
|
||||||
if (outformat == FORMAT_ASN1)
|
if (outformat == FORMAT_ASN1)
|
||||||
i=(int)i2d_X509_CRL_bio(out,x);
|
i=(int)i2d_X509_CRL_bio(out,x);
|
||||||
else if (outformat == FORMAT_PEM)
|
else if (outformat == FORMAT_PEM)
|
||||||
|
|||||||
Reference in New Issue
Block a user