Make certs argument work in CMS_sign() add test case.

PR:1664

diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index 42b3efb4e267d5f600540ca8e45c5d9fdf4285dc..8e3221b7269ed77427edee600bd8f9364abfaf34 100644 (file)
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -457,23 +457,23 @@ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
        {
        CMS_ContentInfo *cms;
        int i;
+
        cms = CMS_ContentInfo_new();
-       if (!cms)
+       if (!cms || !CMS_SignedData_init(cms))
                goto merr;
+
        if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags))
                {
                CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR);
                goto err;
                }
+
        for (i = 0; i < sk_X509_num(certs); i++)
                {
                X509 *x = sk_X509_value(certs, i);
                if (!CMS_add1_cert(cms, x))
                        goto merr;
                }
-       /* If no signer or certs initialize signedData */
-       if (!pkey && !i && !CMS_SignedData_init(cms))
-               goto merr;
 
        if(!(flags & CMS_DETACHED))
                CMS_set_detached(cms, 0);

diff --git a/test/cms-test.pl b/test/cms-test.pl
index f81f82c9c102855171d04ee5d316d4cddf93bc52..ee191b37f1741f7100ab1a76099cf9c0c8e9b249 100644 (file)
--- a/test/cms-test.pl
+++ b/test/cms-test.pl
@@ -81,6 +81,7 @@ my @smime_pkcs7_tests = (
     [
         "signed content DER format, RSA key",
         "-sign -in smcont.txt -outform DER -nodetach"
+          . " -certfile $smdir/smroot.pem"
           . " -signer $smdir/smrsa1.pem -out test.cms",
         "-verify -in test.cms -inform DER "
           . " -CAfile $smdir/smroot.pem -out smtst.txt"