Corrupt signature in place.
authorDr. Stephen Henson <steve@openssl.org>
Wed, 17 Aug 2016 11:34:22 +0000 (12:34 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 17 Aug 2016 11:34:22 +0000 (12:34 +0100)
Reviewed-by: Richard Levitte <levitte@openssl.org>
apps/apps.c
apps/apps.h
apps/crl.c
apps/ocsp.c
apps/x509.c

index 17a9fdc..10ab626 100644 (file)
@@ -2583,15 +2583,8 @@ int has_stdin_waiting(void)
 #endif
 
 /* Corrupt a signature by modifying final byte */
-int corrupt_signature(ASN1_STRING *signature)
+void corrupt_signature(const ASN1_STRING *signature)
 {
-        unsigned char *s;
-        size_t slen = ASN1_STRING_length(signature);
-
-        s = OPENSSL_memdup(ASN1_STRING_get0_data(signature), slen);
-        if (s == NULL)
-            return 0;
-        s[slen - 1] ^= 0x1;
-        ASN1_STRING_set0(signature, s, slen);
-        return 1;
+        unsigned char *s = signature->data;
+        s[signature->length - 1] ^= 0x1;
 }
index 8fb6f44..9658d5c 100644 (file)
@@ -71,7 +71,7 @@ void wait_for_async(SSL *s);
 int has_stdin_waiting(void);
 # endif
 
-int corrupt_signature(ASN1_STRING *signature);
+void corrupt_signature(const ASN1_STRING *signature);
 
 /*
  * Common verification options.
index 0140ff7..abcbc45 100644 (file)
@@ -253,8 +253,7 @@ int crl_main(int argc, char **argv)
         ASN1_BIT_STRING *sig;
 
         X509_CRL_get0_signature(&sig, NULL, x);
-        if (!corrupt_signature(sig))
-            goto end;
+        corrupt_signature(sig);
     }
 
     if (num) {
index 1766878..5bd1aca 100644 (file)
@@ -950,9 +950,8 @@ static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
     OCSP_basic_sign(bs, rcert, rkey, rmd, rother, flags);
 
     if (badsig) {
-        ASN1_OCTET_STRING *sig = OCSP_resp_get0_signature(bs);
-        if (!corrupt_signature(sig))
-            goto end;
+        const ASN1_OCTET_STRING *sig = OCSP_resp_get0_signature(bs);
+        corrupt_signature(sig);
     }
 
     *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);
index 23265b2..27a928c 100644 (file)
@@ -606,8 +606,7 @@ int x509_main(int argc, char **argv)
     if (badsig) {
         ASN1_BIT_STRING *signature;
         X509_get0_signature(&signature, NULL, x);
-        if (!corrupt_signature(signature))
-            goto end;
+        corrupt_signature(signature);
     }
 
     if (num) {