diff options
author | relyea%netscape.com <devnull@localhost> | 2002-03-01 02:15:00 +0000 |
---|---|---|
committer | relyea%netscape.com <devnull@localhost> | 2002-03-01 02:15:00 +0000 |
commit | c1b93af9c8899d0b420155b976a8b0e354fc596c (patch) | |
tree | 036b5b0d1baa3cff84b2565bc618a681612f5005 | |
parent | a5222f8d87268fdfe01f1739dcd7264f0167ea21 (diff) | |
download | nss-hg-c1b93af9c8899d0b420155b976a8b0e354fc596c.tar.gz |
Don't go searching for the matching certs if they weren't on the token the
private key lived on.
-rw-r--r-- | security/nss/lib/pk11wrap/pk11cert.c | 15 |
1 files changed, 2 insertions, 13 deletions
diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c index 0194b3083..f2b128491 100644 --- a/security/nss/lib/pk11wrap/pk11cert.c +++ b/security/nss/lib/pk11wrap/pk11cert.c @@ -706,19 +706,8 @@ PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey) CERTCertificate *cert; if (certID == CK_INVALID_HANDLE) { - /* couldn't find it on the card, look in our data base */ - SECItem derSubject; - - rv = PK11_ReadAttribute(slot, handle, CKA_SUBJECT, NULL, - &derSubject); - if (rv != SECSuccess) { - PORT_SetError(SSL_ERROR_NO_CERTIFICATE); - return NULL; - } - - cert = CERT_FindCertByName(CERT_GetDefaultCertDB(),&derSubject); - PORT_Free(derSubject.data); - return cert; + PORT_SetError(SSL_ERROR_NO_CERTIFICATE); + return NULL; } cert = PK11_MakeCertFromHandle(slot,certID,NULL); return (cert); |