Use error check to ensure we have SignedData in CMS
CMS_get0_SignerInfos() only returns a non-NULL pointer if the CMS object
contains SignedData. The subsequent assert can trigger if we parse an
object that is not of this type. Nothing ensures this up to this point,
so we have no way of knowing that the assertion is actually true. If we
get a CMS object without SignedData, we should ignore it, not abort the
rpki-client run. With this check in place it is also clear that we
actually check point 1a of the list of things to check in RFC 6488,
section 3.
ok claudio job
projects / openbsd / commit