-
pneubeck@chromium.org authored
The database was only used to import a PKCS#12 file. By changing to separate key (PKCS#8 format) and cert (X509 in PEM encoding), only dependencies on the lower level RSAPrivateKey, X509Certificate and PK11_* NSS functions are required. Note this removes at the same time a call to the deprecated NSSCertDatabase::GetInstance(). Also - fixes multi profile cases of the unit test and the CA matching (the latter is now identical to all other platforms). - fixes a bug in the matching of client certs from software slots, because of reused cert database names - gets rid of the error output that occurred during the PKCS12 import because the file contained also a CA cert: [ERROR:nsPKCS12Blob.cpp(219)] Could not grab a handle to the certificate in the slot from the corresponding PKCS#12 DER certificate. BUG=210525, 329735,315285 Review URL: https://codereview.chromium.org/394013005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@284056 0039d316-1c4b-4281-b951-d872f2087c98
83e1ae34
