From bfd66d38ef84578acf080806d37252e23a426ee5 Mon Sep 17 00:00:00 2001 From: David Howells Date: Thu, 31 Jul 2014 14:46:44 +0100 Subject: PKCS#7: X.509 certificate issuer and subject are mandatory fields in the ASN.1 X.509 certificate issuer and subject fields are mandatory fields in the ASN.1 and so their existence needn't be tested for. They are guaranteed to end up with an empty string if the name material has nothing we can use (see x509_fabricate_name()). Reported-by: Dan Carpenter Signed-off-by: David Howells Acked-by: Vivek Goyal --- crypto/asymmetric_keys/pkcs7_verify.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'crypto/asymmetric_keys/pkcs7_verify.c') diff --git a/crypto/asymmetric_keys/pkcs7_verify.c b/crypto/asymmetric_keys/pkcs7_verify.c index 51ff36f3..c62cf800 100644 --- a/crypto/asymmetric_keys/pkcs7_verify.c +++ b/crypto/asymmetric_keys/pkcs7_verify.c @@ -190,14 +190,12 @@ static int pkcs7_verify_sig_chain(struct pkcs7_message *pkcs7, if (ret < 0) return ret; - if (x509->issuer) - pr_debug("- issuer %s\n", x509->issuer); + pr_debug("- issuer %s\n", x509->issuer); if (x509->authority) pr_debug("- authkeyid %s\n", x509->authority); if (!x509->authority || - (x509->subject && - strcmp(x509->subject, x509->issuer) == 0)) { + strcmp(x509->subject, x509->issuer) == 0) { /* If there's no authority certificate specified, then * the certificate must be self-signed and is the root * of the chain. Likewise if the cert is its own -- cgit v1.2.3