"-CAfile file trusted certificates file\n");
BIO_printf(bio_err,
"-trusted_first use locally trusted CA's first when building trust chain\n");
+ BIO_printf(bio_err,
+ "-no_alt_chains only ever use the first certificate chain found\n");
BIO_printf(bio_err,
"-VAfile file validator certificates file\n");
BIO_printf(bio_err,
OCSP_basic_sign(bs, rcert, rkey, rmd, rother, flags);
- if (badsig)
- bs->signature->data[bs->signature->length - 1] ^= 0x1;
+ if (badsig) {
+ ASN1_OCTET_STRING *sig = OCSP_resp_get0_signature(bs);
+ unsigned char *sigptr;
+ sigptr = ASN1_STRING_data(sig);
+ sigptr[ASN1_STRING_length(sig) - 1] ^= 0x1;
+ }
*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);