diff options
| author | Gordon Tetlow <gordon@FreeBSD.org> | 2024-09-04 03:56:17 +0000 |
|---|---|---|
| committer | Gordon Tetlow <gordon@FreeBSD.org> | 2024-09-04 03:56:17 +0000 |
| commit | 108164cf95d9594884c2dcccba2691335e6f221b (patch) | |
| tree | 4e7056d88b26a82672d06a7aca8052b58615ca2f /crypto/cmp/cmp_vfy.c | |
| parent | e60dbfd00b009d424dfc5446d132872c93dd0aed (diff) | |
Diffstat (limited to 'crypto/cmp/cmp_vfy.c')
| -rw-r--r-- | crypto/cmp/cmp_vfy.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c index 7ce91ec5d167..b9951045c2e8 100644 --- a/crypto/cmp/cmp_vfy.c +++ b/crypto/cmp/cmp_vfy.c @@ -1,5 +1,5 @@ /* - * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved. * Copyright Nokia 2007-2020 * Copyright Siemens AG 2015-2020 * @@ -619,7 +619,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg) default: scrt = ctx->srvCert; if (scrt == NULL) { - if (ctx->trusted == NULL) { + if (ctx->trusted == NULL && ctx->secretValue != NULL) { ossl_cmp_info(ctx, "no trust store nor pinned server cert available for verifying signature-based CMP message protection"); ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_TRUST_ANCHOR); return 0; |