diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2016-08-16 16:19:55 +0200 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2016-08-16 17:05:36 +0200 |
| commit | 0f022f5a2201a591da7d373ebeeb7d29bdcaf95a (patch) | |
| tree | b7c52530cafda1d0f8c558e70962cff1817c2d91 /apps/x509.c | |
| parent | make update (diff) | |
| download | openssl-0f022f5a2201a591da7d373ebeeb7d29bdcaf95a.tar.xz openssl-0f022f5a2201a591da7d373ebeeb7d29bdcaf95a.zip | |
Corrupt signature earlier.
If -badsig is selected corrupt the signature before printing out
any details so the output reflects the modified signature.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'apps/x509.c')
| -rw-r--r-- | apps/x509.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/apps/x509.c b/apps/x509.c index 93b0eae852..23265b229e 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -603,6 +603,13 @@ int x509_main(int argc, char **argv) objtmp = NULL; } + if (badsig) { + ASN1_BIT_STRING *signature; + X509_get0_signature(&signature, NULL, x); + if (!corrupt_signature(signature)) + goto end; + } + if (num) { for (i = 1; i <= num; i++) { if (issuer == i) { @@ -847,13 +854,6 @@ int x509_main(int argc, char **argv) goto end; } - if (badsig) { - ASN1_BIT_STRING *signature; - X509_get0_signature(&signature, NULL, x); - if (!corrupt_signature(signature)) - goto end; - } - if (outformat == FORMAT_ASN1) i = i2d_X509_bio(out, x); else if (outformat == FORMAT_PEM) { |