Handle more unusual PKCS#7 verification for SCEP
* When parsing the list of roots that are passed to
cm_pkcs7_verify_signed(), handle cases where a given root certificate
in string form is composed of more than one PEM-formatted certificate.
* When parsing the list of chain certificates that are passed to
cm_pkcs7_verify_signed(), handle cases where a given certificate in
string form is composed of more than one PEM-formatted certificate.
* Before verifying the PKCS#7 signed data item, add copies of all of the
non-root certificates to the structure, to ensure that the signer's
certificate will be found if the signer has omitted it because it
"knows" that we already have a copy of it.