fix pkcs12 bug where nicknames were disappearing

git-svn-id: svn://10.0.0.236/trunk@111499 18797224-902f-48f8-a5cc-f745e15eee43
2002-01-07 19:53:47 +00:00 · 2002-01-07 19:53:47 +00:00 · a12d7d8878
commit a12d7d8878
parent 6e45ee8056
1 changed files with 12 additions and 3 deletions
--- a/mozilla/security/nss/lib/pkcs12/p12e.c
+++ b/mozilla/security/nss/lib/pkcs12/p12e.c
@ -1029,9 +1029,18 @@ SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe,
 	    	CERTCertificate *tempCert;

 		/* decode the certificate */
-	    	 tempCert = 
-			CERT_DecodeDERCertificate( &certList->certs[count], 
-					PR_FALSE, NULL);
+		/* XXX
+		 * This was rather silly.  The chain is constructed above
+		 * by finding all of the CERTCertificate's in the database.
+		 * Then the chain is put into a CERTCertificateList, which only
+		 * contains the DER.  Finally, the DER was decoded, and the
+		 * decoded cert was sent recursively back to this function.
+		 * Beyond being inefficent, this causes data loss (specifically,
+		 * the nickname).  Instead, for 3.4, we'll do a lookup by the
+		 * DER, which should return the cached entry.
+		 */
+		tempCert = CERT_FindCertByDERCert(CERT_GetDefaultCertDB(),
+		                                  &certList->certs[count]);
 	    	if(!tempCert) {
 		    CERT_DestroyCertificateList(certList);
 		    goto loser;