034136c5db
1) use NewTempCert rather than DERDecode cert in all import cert cases. When DERDecode cert is used, we may wind up with a cert that gets cleared when we try to import it because it already in the cache. NewTempCert will return the version that is in the cache. 2) If we are returning the CAList, only return certs that are CA's (not usercerts). 3) Authenticate to all the tokens if necessary before we try to list certs. (Stan code should eventually get automatic authentication calls in the code itself). 4) When looking up user certs, don't return those certs with the same subject, but do not have any key material associated with them (that is don't crash if we have old certs in our database without nicknames, but match user certs on our smart cards). 5) Save the nickname associated with our subject list in the temp cache so we can correctly remove the entry even if the cert's nickname changes (because of smart card insertions and removals, or because of creation and deletions of our user cert). git-svn-id: svn://10.0.0.236/trunk@119557 18797224-902f-48f8-a5cc-f745e15eee43