diff -rupN jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/crmf/CertReqMsg.java jss-4.2.6.cfu/mozilla/security/jss/org/mozilla/jss/pkix/crmf/CertReqMsg.java
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/crmf/CertReqMsg.java	2004-04-25 08:02:26.000000000 -0700
+++ jss-4.2.6.cfu/mozilla/security/jss/org/mozilla/jss/pkix/crmf/CertReqMsg.java	2009-07-27 13:38:38.197422000 -0700
@@ -130,6 +130,16 @@ public class CertReqMsg implements ASN1V
     ///////////////////////////////////////////////////////////////////////
 
 	public void verify() throws SignatureException,
+        InvalidKeyFormatException, NoSuchAlgorithmException,
+        org.mozilla.jss.CryptoManager.NotInitializedException,
+        TokenException, java.security.InvalidKeyException, IOException{
+
+        CryptoToken token = CryptoManager.getInstance()
+                                .getInternalCryptoToken();
+        verify(token);
+    }
+
+    public void verify(CryptoToken token) throws SignatureException,
 		InvalidKeyFormatException, NoSuchAlgorithmException,
 		org.mozilla.jss.CryptoManager.NotInitializedException,
 		TokenException, java.security.InvalidKeyException, IOException{
@@ -149,8 +159,6 @@ public class CertReqMsg implements ASN1V
 				pubkey = (PublicKey) spi.toPublicKey();
 			}
 
-			CryptoToken token = CryptoManager.getInstance()
-                                .getInternalCryptoToken();
 			SignatureAlgorithm sigAlg =
 				SignatureAlgorithm.fromOID(alg.getOID());
 			Signature sig = token.getSignatureContext(sigAlg);