If an existing cert exists, use it to decrypt the PKCS#7 envelope
From the PKCS7_decrypt man page:
Although the recipients certificate is not needed to decrypt the data
it is needed to locate the appropriate (of possible several) recipients
in the PKCS#7 structure.
Based heavily on patch contributed by Romain Bezut
https://pagure.io/certmonger/issue/202
Signed-off-by: Rob Crittenden <rcritten@redhat.com>