diff options
| author | miod <> | 2014-07-10 21:42:43 +0000 |
|---|---|---|
| committer | miod <> | 2014-07-10 21:42:43 +0000 |
| commit | 822fd17ec473f87a76c94e42d17f4d9e116ab340 (patch) | |
| tree | c90fd33600eac6a5009ef2d7900c832652f1f54a /src | |
| parent | c99ec4c1c37261359267882a1c4fc78b3022a6b6 (diff) | |
| download | openbsd-822fd17ec473f87a76c94e42d17f4d9e116ab340.tar.gz openbsd-822fd17ec473f87a76c94e42d17f4d9e116ab340.tar.bz2 openbsd-822fd17ec473f87a76c94e42d17f4d9e116ab340.zip | |
KNF
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/pkcs7/pk7_smime.c | 60 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/pkcs7/pk7_smime.c | 60 |
2 files changed, 68 insertions, 52 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c index 01734bdd1b..6b7b1ccd46 100644 --- a/src/lib/libcrypto/pkcs7/pk7_smime.c +++ b/src/lib/libcrypto/pkcs7/pk7_smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pk7_smime.c,v 1.16 2014/07/10 21:40:59 miod Exp $ */ | 1 | /* $OpenBSD: pk7_smime.c,v 1.17 2014/07/10 21:42:43 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -199,7 +199,7 @@ PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, | |||
| 199 | !add_cipher_smcap(smcap, NID_rc2_cbc, 64) || | 199 | !add_cipher_smcap(smcap, NID_rc2_cbc, 64) || |
| 200 | !add_cipher_smcap(smcap, NID_des_cbc, -1) || | 200 | !add_cipher_smcap(smcap, NID_des_cbc, -1) || |
| 201 | !add_cipher_smcap(smcap, NID_rc2_cbc, 40) || | 201 | !add_cipher_smcap(smcap, NID_rc2_cbc, 40) || |
| 202 | !PKCS7_add_attrib_smimecap (si, smcap)) | 202 | !PKCS7_add_attrib_smimecap(si, smcap)) |
| 203 | goto err; | 203 | goto err; |
| 204 | sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); | 204 | sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); |
| 205 | smcap = NULL; | 205 | smcap = NULL; |
| @@ -314,15 +314,18 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 314 | if (!(flags & PKCS7_NOVERIFY)) | 314 | if (!(flags & PKCS7_NOVERIFY)) |
| 315 | for (k = 0; k < sk_X509_num(signers); k++) { | 315 | for (k = 0; k < sk_X509_num(signers); k++) { |
| 316 | signer = sk_X509_value (signers, k); | 316 | signer = sk_X509_value (signers, k); |
| 317 | if (!(flags & PKCS7_NOCHAIN)) { | 317 | if (!(flags & PKCS7_NOCHAIN)) { |
| 318 | if (!X509_STORE_CTX_init(&cert_ctx, store, signer, | 318 | if (!X509_STORE_CTX_init(&cert_ctx, store, |
| 319 | p7->d.sign->cert)) { | 319 | signer, p7->d.sign->cert)) { |
| 320 | PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB); | 320 | PKCS7err(PKCS7_F_PKCS7_VERIFY, |
| 321 | ERR_R_X509_LIB); | ||
| 321 | sk_X509_free(signers); | 322 | sk_X509_free(signers); |
| 322 | return 0; | 323 | return 0; |
| 323 | } | 324 | } |
| 324 | X509_STORE_CTX_set_default(&cert_ctx, "smime_sign"); | 325 | X509_STORE_CTX_set_default(&cert_ctx, |
| 325 | } else if (!X509_STORE_CTX_init (&cert_ctx, store, signer, NULL)) { | 326 | "smime_sign"); |
| 327 | } else if (!X509_STORE_CTX_init(&cert_ctx, store, | ||
| 328 | signer, NULL)) { | ||
| 326 | PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB); | 329 | PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB); |
| 327 | sk_X509_free(signers); | 330 | sk_X509_free(signers); |
| 328 | return 0; | 331 | return 0; |
| @@ -334,7 +337,8 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 334 | j = X509_STORE_CTX_get_error(&cert_ctx); | 337 | j = X509_STORE_CTX_get_error(&cert_ctx); |
| 335 | X509_STORE_CTX_cleanup(&cert_ctx); | 338 | X509_STORE_CTX_cleanup(&cert_ctx); |
| 336 | if (i <= 0) { | 339 | if (i <= 0) { |
| 337 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CERTIFICATE_VERIFY_ERROR); | 340 | PKCS7err(PKCS7_F_PKCS7_VERIFY, |
| 341 | PKCS7_R_CERTIFICATE_VERIFY_ERROR); | ||
| 338 | ERR_asprintf_error_data("Verify error:%s", | 342 | ERR_asprintf_error_data("Verify error:%s", |
| 339 | X509_verify_cert_error_string(j)); | 343 | X509_verify_cert_error_string(j)); |
| 340 | sk_X509_free(signers); | 344 | sk_X509_free(signers); |
| @@ -343,7 +347,8 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 343 | /* Check for revocation status here */ | 347 | /* Check for revocation status here */ |
| 344 | } | 348 | } |
| 345 | 349 | ||
| 346 | /* Performance optimization: if the content is a memory BIO then | 350 | /* |
| 351 | * Performance optimization: if the content is a memory BIO then | ||
| 347 | * store its contents in a temporary read only memory BIO. This | 352 | * store its contents in a temporary read only memory BIO. This |
| 348 | * avoids potentially large numbers of slow copies of data which will | 353 | * avoids potentially large numbers of slow copies of data which will |
| 349 | * occur when reading from a read write memory BIO when signatures | 354 | * occur when reading from a read write memory BIO when signatures |
| @@ -352,6 +357,7 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 352 | if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) { | 357 | if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) { |
| 353 | char *ptr; | 358 | char *ptr; |
| 354 | long len; | 359 | long len; |
| 360 | |||
| 355 | len = BIO_get_mem_data(indata, &ptr); | 361 | len = BIO_get_mem_data(indata, &ptr); |
| 356 | tmpin = BIO_new_mem_buf(ptr, len); | 362 | tmpin = BIO_new_mem_buf(ptr, len); |
| 357 | if (tmpin == NULL) { | 363 | if (tmpin == NULL) { |
| @@ -371,7 +377,8 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 371 | goto err; | 377 | goto err; |
| 372 | } | 378 | } |
| 373 | BIO_set_mem_eof_return(tmpout, 0); | 379 | BIO_set_mem_eof_return(tmpout, 0); |
| 374 | } else tmpout = out; | 380 | } else |
| 381 | tmpout = out; | ||
| 375 | 382 | ||
| 376 | /* We now have to 'read' from p7bio to calculate digests etc. */ | 383 | /* We now have to 'read' from p7bio to calculate digests etc. */ |
| 377 | for (;;) { | 384 | for (;;) { |
| @@ -395,15 +402,15 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 395 | /* Now Verify All Signatures */ | 402 | /* Now Verify All Signatures */ |
| 396 | if (!(flags & PKCS7_NOSIGS)) | 403 | if (!(flags & PKCS7_NOSIGS)) |
| 397 | for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) { | 404 | for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) { |
| 398 | si = sk_PKCS7_SIGNER_INFO_value(sinfos, i); | 405 | si = sk_PKCS7_SIGNER_INFO_value(sinfos, i); |
| 399 | signer = sk_X509_value (signers, i); | 406 | signer = sk_X509_value (signers, i); |
| 400 | j = PKCS7_signatureVerify(p7bio, p7, si, signer); | 407 | j = PKCS7_signatureVerify(p7bio, p7, si, signer); |
| 401 | if (j <= 0) { | 408 | if (j <= 0) { |
| 402 | PKCS7err(PKCS7_F_PKCS7_VERIFY, | 409 | PKCS7err(PKCS7_F_PKCS7_VERIFY, |
| 403 | PKCS7_R_SIGNATURE_FAILURE); | 410 | PKCS7_R_SIGNATURE_FAILURE); |
| 404 | goto err; | 411 | goto err; |
| 412 | } | ||
| 405 | } | 413 | } |
| 406 | } | ||
| 407 | 414 | ||
| 408 | ret = 1; | 415 | ret = 1; |
| 409 | 416 | ||
| @@ -413,13 +420,13 @@ err: | |||
| 413 | BIO_pop(p7bio); | 420 | BIO_pop(p7bio); |
| 414 | } | 421 | } |
| 415 | BIO_free_all(p7bio); | 422 | BIO_free_all(p7bio); |
| 416 | |||
| 417 | sk_X509_free(signers); | 423 | sk_X509_free(signers); |
| 418 | 424 | ||
| 419 | return ret; | 425 | return ret; |
| 420 | } | 426 | } |
| 421 | 427 | ||
| 422 | STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | 428 | STACK_OF(X509) * |
| 429 | PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | ||
| 423 | { | 430 | { |
| 424 | STACK_OF(X509) *signers; | 431 | STACK_OF(X509) *signers; |
| 425 | STACK_OF(PKCS7_SIGNER_INFO) *sinfos; | 432 | STACK_OF(PKCS7_SIGNER_INFO) *sinfos; |
| @@ -457,12 +464,13 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | |||
| 457 | ias = si->issuer_and_serial; | 464 | ias = si->issuer_and_serial; |
| 458 | signer = NULL; | 465 | signer = NULL; |
| 459 | /* If any certificates passed they take priority */ | 466 | /* If any certificates passed they take priority */ |
| 460 | if (certs) signer = X509_find_by_issuer_and_serial (certs, | 467 | if (certs) |
| 461 | ias->issuer, ias->serial); | 468 | signer = X509_find_by_issuer_and_serial (certs, |
| 462 | if (!signer && !(flags & PKCS7_NOINTERN) && | ||
| 463 | p7->d.sign->cert) signer = | ||
| 464 | X509_find_by_issuer_and_serial (p7->d.sign->cert, | ||
| 465 | ias->issuer, ias->serial); | 469 | ias->issuer, ias->serial); |
| 470 | if (!signer && !(flags & PKCS7_NOINTERN) && p7->d.sign->cert) | ||
| 471 | signer = | ||
| 472 | X509_find_by_issuer_and_serial(p7->d.sign->cert, | ||
| 473 | ias->issuer, ias->serial); | ||
| 466 | if (!signer) { | 474 | if (!signer) { |
| 467 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, | 475 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, |
| 468 | PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); | 476 | PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); |
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c index 01734bdd1b..6b7b1ccd46 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pk7_smime.c,v 1.16 2014/07/10 21:40:59 miod Exp $ */ | 1 | /* $OpenBSD: pk7_smime.c,v 1.17 2014/07/10 21:42:43 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -199,7 +199,7 @@ PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, | |||
| 199 | !add_cipher_smcap(smcap, NID_rc2_cbc, 64) || | 199 | !add_cipher_smcap(smcap, NID_rc2_cbc, 64) || |
| 200 | !add_cipher_smcap(smcap, NID_des_cbc, -1) || | 200 | !add_cipher_smcap(smcap, NID_des_cbc, -1) || |
| 201 | !add_cipher_smcap(smcap, NID_rc2_cbc, 40) || | 201 | !add_cipher_smcap(smcap, NID_rc2_cbc, 40) || |
| 202 | !PKCS7_add_attrib_smimecap (si, smcap)) | 202 | !PKCS7_add_attrib_smimecap(si, smcap)) |
| 203 | goto err; | 203 | goto err; |
| 204 | sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); | 204 | sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); |
| 205 | smcap = NULL; | 205 | smcap = NULL; |
| @@ -314,15 +314,18 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 314 | if (!(flags & PKCS7_NOVERIFY)) | 314 | if (!(flags & PKCS7_NOVERIFY)) |
| 315 | for (k = 0; k < sk_X509_num(signers); k++) { | 315 | for (k = 0; k < sk_X509_num(signers); k++) { |
| 316 | signer = sk_X509_value (signers, k); | 316 | signer = sk_X509_value (signers, k); |
| 317 | if (!(flags & PKCS7_NOCHAIN)) { | 317 | if (!(flags & PKCS7_NOCHAIN)) { |
| 318 | if (!X509_STORE_CTX_init(&cert_ctx, store, signer, | 318 | if (!X509_STORE_CTX_init(&cert_ctx, store, |
| 319 | p7->d.sign->cert)) { | 319 | signer, p7->d.sign->cert)) { |
| 320 | PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB); | 320 | PKCS7err(PKCS7_F_PKCS7_VERIFY, |
| 321 | ERR_R_X509_LIB); | ||
| 321 | sk_X509_free(signers); | 322 | sk_X509_free(signers); |
| 322 | return 0; | 323 | return 0; |
| 323 | } | 324 | } |
| 324 | X509_STORE_CTX_set_default(&cert_ctx, "smime_sign"); | 325 | X509_STORE_CTX_set_default(&cert_ctx, |
| 325 | } else if (!X509_STORE_CTX_init (&cert_ctx, store, signer, NULL)) { | 326 | "smime_sign"); |
| 327 | } else if (!X509_STORE_CTX_init(&cert_ctx, store, | ||
| 328 | signer, NULL)) { | ||
| 326 | PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB); | 329 | PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB); |
| 327 | sk_X509_free(signers); | 330 | sk_X509_free(signers); |
| 328 | return 0; | 331 | return 0; |
| @@ -334,7 +337,8 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 334 | j = X509_STORE_CTX_get_error(&cert_ctx); | 337 | j = X509_STORE_CTX_get_error(&cert_ctx); |
| 335 | X509_STORE_CTX_cleanup(&cert_ctx); | 338 | X509_STORE_CTX_cleanup(&cert_ctx); |
| 336 | if (i <= 0) { | 339 | if (i <= 0) { |
| 337 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CERTIFICATE_VERIFY_ERROR); | 340 | PKCS7err(PKCS7_F_PKCS7_VERIFY, |
| 341 | PKCS7_R_CERTIFICATE_VERIFY_ERROR); | ||
| 338 | ERR_asprintf_error_data("Verify error:%s", | 342 | ERR_asprintf_error_data("Verify error:%s", |
| 339 | X509_verify_cert_error_string(j)); | 343 | X509_verify_cert_error_string(j)); |
| 340 | sk_X509_free(signers); | 344 | sk_X509_free(signers); |
| @@ -343,7 +347,8 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 343 | /* Check for revocation status here */ | 347 | /* Check for revocation status here */ |
| 344 | } | 348 | } |
| 345 | 349 | ||
| 346 | /* Performance optimization: if the content is a memory BIO then | 350 | /* |
| 351 | * Performance optimization: if the content is a memory BIO then | ||
| 347 | * store its contents in a temporary read only memory BIO. This | 352 | * store its contents in a temporary read only memory BIO. This |
| 348 | * avoids potentially large numbers of slow copies of data which will | 353 | * avoids potentially large numbers of slow copies of data which will |
| 349 | * occur when reading from a read write memory BIO when signatures | 354 | * occur when reading from a read write memory BIO when signatures |
| @@ -352,6 +357,7 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 352 | if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) { | 357 | if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) { |
| 353 | char *ptr; | 358 | char *ptr; |
| 354 | long len; | 359 | long len; |
| 360 | |||
| 355 | len = BIO_get_mem_data(indata, &ptr); | 361 | len = BIO_get_mem_data(indata, &ptr); |
| 356 | tmpin = BIO_new_mem_buf(ptr, len); | 362 | tmpin = BIO_new_mem_buf(ptr, len); |
| 357 | if (tmpin == NULL) { | 363 | if (tmpin == NULL) { |
| @@ -371,7 +377,8 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 371 | goto err; | 377 | goto err; |
| 372 | } | 378 | } |
| 373 | BIO_set_mem_eof_return(tmpout, 0); | 379 | BIO_set_mem_eof_return(tmpout, 0); |
| 374 | } else tmpout = out; | 380 | } else |
| 381 | tmpout = out; | ||
| 375 | 382 | ||
| 376 | /* We now have to 'read' from p7bio to calculate digests etc. */ | 383 | /* We now have to 'read' from p7bio to calculate digests etc. */ |
| 377 | for (;;) { | 384 | for (;;) { |
| @@ -395,15 +402,15 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 395 | /* Now Verify All Signatures */ | 402 | /* Now Verify All Signatures */ |
| 396 | if (!(flags & PKCS7_NOSIGS)) | 403 | if (!(flags & PKCS7_NOSIGS)) |
| 397 | for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) { | 404 | for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) { |
| 398 | si = sk_PKCS7_SIGNER_INFO_value(sinfos, i); | 405 | si = sk_PKCS7_SIGNER_INFO_value(sinfos, i); |
| 399 | signer = sk_X509_value (signers, i); | 406 | signer = sk_X509_value (signers, i); |
| 400 | j = PKCS7_signatureVerify(p7bio, p7, si, signer); | 407 | j = PKCS7_signatureVerify(p7bio, p7, si, signer); |
| 401 | if (j <= 0) { | 408 | if (j <= 0) { |
| 402 | PKCS7err(PKCS7_F_PKCS7_VERIFY, | 409 | PKCS7err(PKCS7_F_PKCS7_VERIFY, |
| 403 | PKCS7_R_SIGNATURE_FAILURE); | 410 | PKCS7_R_SIGNATURE_FAILURE); |
| 404 | goto err; | 411 | goto err; |
| 412 | } | ||
| 405 | } | 413 | } |
| 406 | } | ||
| 407 | 414 | ||
| 408 | ret = 1; | 415 | ret = 1; |
| 409 | 416 | ||
| @@ -413,13 +420,13 @@ err: | |||
| 413 | BIO_pop(p7bio); | 420 | BIO_pop(p7bio); |
| 414 | } | 421 | } |
| 415 | BIO_free_all(p7bio); | 422 | BIO_free_all(p7bio); |
| 416 | |||
| 417 | sk_X509_free(signers); | 423 | sk_X509_free(signers); |
| 418 | 424 | ||
| 419 | return ret; | 425 | return ret; |
| 420 | } | 426 | } |
| 421 | 427 | ||
| 422 | STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | 428 | STACK_OF(X509) * |
| 429 | PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | ||
| 423 | { | 430 | { |
| 424 | STACK_OF(X509) *signers; | 431 | STACK_OF(X509) *signers; |
| 425 | STACK_OF(PKCS7_SIGNER_INFO) *sinfos; | 432 | STACK_OF(PKCS7_SIGNER_INFO) *sinfos; |
| @@ -457,12 +464,13 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) | |||
| 457 | ias = si->issuer_and_serial; | 464 | ias = si->issuer_and_serial; |
| 458 | signer = NULL; | 465 | signer = NULL; |
| 459 | /* If any certificates passed they take priority */ | 466 | /* If any certificates passed they take priority */ |
| 460 | if (certs) signer = X509_find_by_issuer_and_serial (certs, | 467 | if (certs) |
| 461 | ias->issuer, ias->serial); | 468 | signer = X509_find_by_issuer_and_serial (certs, |
| 462 | if (!signer && !(flags & PKCS7_NOINTERN) && | ||
| 463 | p7->d.sign->cert) signer = | ||
| 464 | X509_find_by_issuer_and_serial (p7->d.sign->cert, | ||
| 465 | ias->issuer, ias->serial); | 469 | ias->issuer, ias->serial); |
| 470 | if (!signer && !(flags & PKCS7_NOINTERN) && p7->d.sign->cert) | ||
| 471 | signer = | ||
| 472 | X509_find_by_issuer_and_serial(p7->d.sign->cert, | ||
| 473 | ias->issuer, ias->serial); | ||
| 466 | if (!signer) { | 474 | if (!signer) { |
| 467 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, | 475 | PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, |
| 468 | PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); | 476 | PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); |