vcard_emul_nss: Drop the key caching to simplify error handling

It could happen with PKCS#11 modules that (correctly) invalidate object
handles after logout (which was introduced in 0d3a683a), that the handles
are not valid when we try to use the objects again.

This is trying to address this use case, which I noticed was breaking
CI with SoftHSM PKCS#11 modules.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>

1 files changed, 1 insertions, 14 deletions

diff --git a/src/vcard_emul_nss.c b/src/vcard_emul_nss.c
index e8f5c56..f788964 100644
--- a/src/vcard_emul_nss.c
+++ b/src/vcard_emul_nss.c
@@ -52,7 +52,6 @@ typedef enum {
 struct VCardKeyStruct {
     CERTCertificate *cert;
     PK11SlotInfo *slot;
-    SECKEYPrivateKey *key;
     VCardEmulTriState failedX509;
 };
 
@@ -155,10 +154,6 @@ vcard_emul_make_key(PK11SlotInfo *slot, CERTCertificate *cert)
     key = g_new(VCardKey, 1);
     key->slot = PK11_ReferenceSlot(slot);
     key->cert = CERT_DupCertificate(cert);
-    /* NOTE: if we aren't logged into the token, this could return NULL */
-    /* NOTE: the cert is a temp cert, not necessarily the cert in the token,
-     * use the DER version of this function */
-    key->key = PK11_FindKeyByDERCert(slot, cert, NULL);
     key->failedX509 = VCardEmulUnknown;
     return key;
 }
@@ -170,10 +165,6 @@ vcard_emul_delete_key(VCardKey *key)
     if (!nss_emul_init || (key == NULL)) {
         return;
     }
-    if (key->key) {
-        SECKEY_DestroyPrivateKey(key->key);
-        key->key = NULL;
-    }
     if (key->cert) {
         CERT_DestroyCertificate(key->cert);
     }
@@ -189,12 +180,8 @@ vcard_emul_delete_key(VCardKey *key)
 static SECKEYPrivateKey *
 vcard_emul_get_nss_key(VCardKey *key)
 {
-    if (key->key) {
-        return key->key;
-    }
     /* NOTE: if we aren't logged into the token, this could return NULL */
-    key->key = PK11_FindPrivateKeyFromCert(key->slot, key->cert, NULL);
-    return key->key;
+    return PK11_FindPrivateKeyFromCert(key->slot, key->cert, NULL);
 }
 
 /*