weblatebot / certmonger

Forked from certmonger 3 years ago
Clone

229e82a Handle more unusual PKCS#7 verification for SCEP

Authored and Committed by nalin 8 years ago
1 file changed. 66 lines added. 25 lines removed.
    Handle more unusual PKCS#7 verification for SCEP
    
    * When parsing the list of roots that are passed to
      cm_pkcs7_verify_signed(), handle cases where a given root certificate
      in string form is composed of more than one PEM-formatted certificate.
    * When parsing the list of chain certificates that are passed to
      cm_pkcs7_verify_signed(), handle cases where a given certificate in
      string form is composed of more than one PEM-formatted certificate.
    * Before verifying the PKCS#7 signed data item, add copies of all of the
      non-root certificates to the structure, to ensure that the signer's
      certificate will be found if the signer has omitted it because it
      "knows" that we already have a copy of it.
    
        
file modified
+66 -25