Corrupt signature earlier.

If -badsig is selected corrupt the signature before printing out any details so the output reflects the modified signature. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2016-08-16 15:19:55 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2016-08-16 16:05:36 +0100
commit: 0f022f5a2201a591da7d373ebeeb7d29bdcaf95a (patch)
tree: b7c52530cafda1d0f8c558e70962cff1817c2d91 /apps/x509.c
parent: 34d4d74575236245c7e133d121eb2302c18b21f1 (diff)
1 files changed, 7 insertions, 7 deletions
diff --git a/apps/x509.c b/apps/x509.c
index 93b0eae852..23265b229e 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -603,6 +603,13 @@ int x509_main(int argc, char **argv)
         objtmp = NULL;
     }
 
+    if (badsig) {
+        ASN1_BIT_STRING *signature;
+        X509_get0_signature(&signature, NULL, x);
+        if (!corrupt_signature(signature))
+            goto end;
+    }
+
     if (num) {
         for (i = 1; i <= num; i++) {
             if (issuer == i) {
@@ -847,13 +854,6 @@ int x509_main(int argc, char **argv)
         goto end;
     }
 
-    if (badsig) {
-        ASN1_BIT_STRING *signature;
-        X509_get0_signature(&signature, NULL, x);
-        if (!corrupt_signature(signature))
-            goto end;
-    }
-
     if (outformat == FORMAT_ASN1)
         i = i2d_X509_bio(out, x);
     else if (outformat == FORMAT_PEM) {
author	Dr. Stephen Henson <steve@openssl.org>	2016-08-16 15:19:55 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2016-08-16 16:05:36 +0100
commit	0f022f5a2201a591da7d373ebeeb7d29bdcaf95a (patch)
tree	b7c52530cafda1d0f8c558e70962cff1817c2d91 /apps/x509.c
parent	34d4d74575236245c7e133d121eb2302c18b21f1 (diff)