PKCS7: Remove one of the duplicate checks

There are two consecutive identical checks "if (i <= 0)". We can remove one of them to make the code clear. CLA: trivial Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23741)
author: Jiasheng Jiang <jiasheng@purdue.edu> 2024-03-04 17:34:02 +0000
committer: Tomas Mraz <tomas@openssl.org> 2024-03-11 15:19:15 +0100
commit: 8211ca45e41efd4224705848f1de3c2d6aa7b07a (patch)
tree: 8266b9b7fe7b23209fb8ef9eaeecef58476a30f0
parent: 1f03d33ef5b1a6657257f983bfba02a7469d846f (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index 1f951d77fb..d3ba19ba29 100644
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -290,9 +290,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
             if (!(flags & PKCS7_NOCRL))
                 X509_STORE_CTX_set0_crls(cert_ctx, p7->d.sign->crl);
             i = X509_verify_cert(cert_ctx);
-            if (i <= 0)
-                j = X509_STORE_CTX_get_error(cert_ctx);
             if (i <= 0) {
+                j = X509_STORE_CTX_get_error(cert_ctx);
                 ERR_raise_data(ERR_LIB_PKCS7, PKCS7_R_CERTIFICATE_VERIFY_ERROR,
                                "Verify error: %s",
                                X509_verify_cert_error_string(j));
author	Jiasheng Jiang <jiasheng@purdue.edu>	2024-03-04 17:34:02 +0000
committer	Tomas Mraz <tomas@openssl.org>	2024-03-11 15:19:15 +0100
commit	8211ca45e41efd4224705848f1de3c2d6aa7b07a (patch)
tree	8266b9b7fe7b23209fb8ef9eaeecef58476a30f0
parent	1f03d33ef5b1a6657257f983bfba02a7469d846f (diff)