Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix PKINIT CMS error checking for older OpenSSL
Commit 70f61d4 updated the CMS_verify() error code checks, using two error codes new to OpenSSL 3.0 (RSA_R_DIGEST_NOT_ALLOWED and CMS_R_UNKNOWN_DIGEST_ALGORITHM). This change broke the build for OpenSSL 1.0 and 1.1. Instead of looking for codes indicating an algorithm issue and assuming that everything else is an invalid signature, check for the code indicating an invalid signature and assume that everything else is an algorithm issue. (cherry picked from commit e48e2e5) ticket: 9069 version_fixed: 1.20.2
- Loading branch information