hx509: Don't check if non-self-signed certs have a self-signing capable signature alg

We don't need the _hx509_self_signed_valid() check if the certificate is not self-signed.
2022-12-19 16:23:03 -06:00
parent 168124cd09
commit 49c00512a7
1 changed files with 1 additions and 1 deletions
--- a/lib/hx509/cert.c
+++ b/lib/hx509/cert.c
@@ -1207,7 +1207,7 @@ certificate_is_self_signed(hx509_context context,
    if (ret) {
 	hx509_set_error_string(context, 0, ret,
 			       "Failed to check if self signed");
-    } else
+    } else if (diff == 0)
 	ret = _hx509_self_signed_valid(context, &cert->signatureAlgorithm);

    return ret;