[openssl-dev] [openssl.org #3665] Bug report and a patch forOpenSSL 1.0.1l (and 1.0.1k)
Rob Stradling via RT
rt at openssl.org
Mon Jan 19 15:19:50 UTC 2015
On 19/01/15 14:47, Stephen Henson via RT wrote:
> On Mon Jan 19 14:40:32 2015, steve wrote:
>>
>> The problem is that the two fields containing the signature algorithm
>> do not match.
>
> The current 'x509' utility can't show this difference (I have an option I'm
> testing which will).
Steve, while you're there...
I've been caught out a few times in the past because the 'x509' utility
displays the "outer" signature algorithm in the place where it should
display the "inner" signature algorithm. This is fine when they match,
but it's rather unhelpful when they don't match!
Please consider this trivial patch. Thanks.
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
index 89115c7..97abd51 100644
--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -168,7 +168,7 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long
nmflags, unsigned long cflag)
if(!(cflag & X509_FLAG_NO_SIGNAME))
{
- if(X509_signature_print(bp, x->sig_alg, NULL) <= 0)
+ if(X509_signature_print(bp, ci->signature, NULL) <= 0)
goto err;
#if 0
if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0)
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the openssl-dev
mailing list