Don't go searching for the matching certs if they weren't on the token the

private key lived on.
author: relyea%netscape.com <devnull@localhost> 2002-03-01 02:15:00 +0000
committer: relyea%netscape.com <devnull@localhost> 2002-03-01 02:15:00 +0000
commit: c1b93af9c8899d0b420155b976a8b0e354fc596c (patch)
tree: 036b5b0d1baa3cff84b2565bc618a681612f5005
parent: a5222f8d87268fdfe01f1739dcd7264f0167ea21 (diff)
download: nss-hg-c1b93af9c8899d0b420155b976a8b0e354fc596c.tar.gz
1 files changed, 2 insertions, 13 deletions
diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c
index 0194b3083..f2b128491 100644
--- a/security/nss/lib/pk11wrap/pk11cert.c
+++ b/security/nss/lib/pk11wrap/pk11cert.c
@@ -706,19 +706,8 @@ PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey)
     CERTCertificate *cert;
 
     if (certID == CK_INVALID_HANDLE) {
-	/* couldn't find it on the card, look in our data base */
-	SECItem derSubject;
-
-	rv = PK11_ReadAttribute(slot, handle, CKA_SUBJECT, NULL,
-					&derSubject);
-	if (rv != SECSuccess) {
-	    PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
-	    return NULL;
-	}
-
-	cert = CERT_FindCertByName(CERT_GetDefaultCertDB(),&derSubject);
-	PORT_Free(derSubject.data);
-	return cert;
+	PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
+	return NULL;
     }
     cert = PK11_MakeCertFromHandle(slot,certID,NULL);
     return (cert);
author	relyea%netscape.com <devnull@localhost>	2002-03-01 02:15:00 +0000
committer	relyea%netscape.com <devnull@localhost>	2002-03-01 02:15:00 +0000
commit	c1b93af9c8899d0b420155b976a8b0e354fc596c (patch)
tree	036b5b0d1baa3cff84b2565bc618a681612f5005
parent	a5222f8d87268fdfe01f1739dcd7264f0167ea21 (diff)
download	nss-hg-c1b93af9c8899d0b420155b976a8b0e354fc596c.tar.gz