FindCertObjectByRecipient is building itss own template instead of calling findCertByIssuer/SN. See comments 1, 3, 4, and 5 in bug 142776 for more info.
Marking 3.6 if not sooner.
Target Milestone: --- → 3.6
Created attachment 95292 [details] [diff] [review] Use our existing standard functions to implement the GetRecipientList functions. This patch not only cleans up getting the recipient certs in the recipient list, but also uses standard search functions as well to find the key. The new code and even handle the case where the cert and the key may be in different tokens (though this has not been tested). This code has been tested against both the database and a token. bob
Comment on attachment 95292 [details] [diff] [review] Use our existing standard functions to implement the GetRecipientList functions. Bob- I don't understand your changes to libdev, specifically the use of nssTokenSearchType_TokenForced. That is a special value used in constructing the token object cache. If you want the search to be restricted to token objects only, you can use nssTokenSearchType_TokenOnly.
I want to bypass the token cache.. In the old code we went right for the token. In the new code we were going through the cache, but I was having problems with my token because the PKCS #11 driver somehow munged the Serial number, but finds it OK from findobjects. I was originally going to try to pass a flag that said 'skip the cache', but I saw you already had such a flag. bob
Checked into NSS tip.
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.