b=107817 Make sure sent encrypted messages will be decryptable by sender.

r=ddrinan
sr=alecf
a=roc+moz

mailnews/extensions/smime/src/nsMsgComposeSecure.cpp

@@ -855,6 +855,9 @@ nsresult nsMsgComposeSecure::MimeCryptoHackCerts(const char *aRecipients,
   /* If the message is to be encrypted, then get the recipient certs */
   if (aEncrypt) {
 	  mailbox = mailbox_list;
+
+    PRBool already_added_self_cert = PR_FALSE;
+
 	  for (; count > 0; count--) {
       nsCOMPtr<nsIX509Cert> cert;
 		  certdb->GetCertByEmailAddress(nsnull, mailbox, getter_AddRefs(cert));
@@ -884,9 +887,20 @@ nsresult nsMsgComposeSecure::MimeCryptoHackCerts(const char *aRecipients,
 		 of the recipients if we're sending a signed-but-not-encrypted
 		 message.)
 	   */
+
+      PRBool isSame;
+      if (NS_SUCCEEDED(cert->IsSameCert(mSelfEncryptionCert, &isSame))
+          && isSame) {
+        already_added_self_cert = PR_TRUE;
+      }
+
       mCerts->AppendElement(cert);
 		  mailbox += nsCRT::strlen(mailbox) + 1;
 	  }
+    
+    if (!already_added_self_cert) {
+      mCerts->AppendElement(mSelfEncryptionCert);
+    }
 	}
 FAIL:
   PR_FREEIF(mailbox_list);

security/manager/ssl/public/nsIX509Cert.idl

@@ -203,6 +203,7 @@ interface nsIX509Cert : nsISupports {
 
   [noscript] unsigned long getRawDER(out charPtr result);
 
+  PRBool isSameCert(in nsIX509Cert other);
 };
 
 %{C++

security/manager/ssl/src/nsNSSCertificate.cpp

@@ -2667,6 +2667,20 @@ nsNSSCertificate::GetASN1Structure(nsIASN1Object * *aASN1Structure)
   return rv;
 }
 
+NS_IMETHODIMP
+nsNSSCertificate::IsSameCert(nsIX509Cert *other, PRBool *result)
+{
+  NS_ENSURE_ARG(other);
+  NS_ENSURE_ARG(result);
+
+  nsNSSCertificate *other2 = NS_STATIC_CAST(nsNSSCertificate*, other);
+  if (!other2)
+    return NS_ERROR_FAILURE;
+  
+  *result = (mCert == other2->mCert);
+  return NS_OK;
+}
+
 
 /* nsNSSCertificateDB */