提交 a0754084 编写于 作者: D Dr. Stephen Henson

Corrupt signature in place.

Reviewed-by: NRichard Levitte <levitte@openssl.org>
上级 79613ea8
......@@ -2583,15 +2583,8 @@ int has_stdin_waiting(void)
#endif
/* Corrupt a signature by modifying final byte */
int corrupt_signature(ASN1_STRING *signature)
void corrupt_signature(const ASN1_STRING *signature)
{
unsigned char *s;
size_t slen = ASN1_STRING_length(signature);
s = OPENSSL_memdup(ASN1_STRING_get0_data(signature), slen);
if (s == NULL)
return 0;
s[slen - 1] ^= 0x1;
ASN1_STRING_set0(signature, s, slen);
return 1;
unsigned char *s = signature->data;
s[signature->length - 1] ^= 0x1;
}
......@@ -71,7 +71,7 @@ void wait_for_async(SSL *s);
int has_stdin_waiting(void);
# endif
int corrupt_signature(ASN1_STRING *signature);
void corrupt_signature(const ASN1_STRING *signature);
/*
* Common verification options.
......
......@@ -253,8 +253,7 @@ int crl_main(int argc, char **argv)
ASN1_BIT_STRING *sig;
X509_CRL_get0_signature(&sig, NULL, x);
if (!corrupt_signature(sig))
goto end;
corrupt_signature(sig);
}
if (num) {
......
......@@ -950,9 +950,8 @@ static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
OCSP_basic_sign(bs, rcert, rkey, rmd, rother, flags);
if (badsig) {
ASN1_OCTET_STRING *sig = OCSP_resp_get0_signature(bs);
if (!corrupt_signature(sig))
goto end;
const ASN1_OCTET_STRING *sig = OCSP_resp_get0_signature(bs);
corrupt_signature(sig);
}
*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);
......
......@@ -606,8 +606,7 @@ int x509_main(int argc, char **argv)
if (badsig) {
ASN1_BIT_STRING *signature;
X509_get0_signature(&signature, NULL, x);
if (!corrupt_signature(signature))
goto end;
corrupt_signature(signature);
}
if (num) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册