entd: Upon finding multiple matching certs, pick one

Instead of erroring out like there are no certs when multiple exist,
pick one assuming all are the same.  This may help some users who
get in cycles of needing to reinstall certs on every logout/login.
I think flimflam multiprofile will also fix them since Google-A
doesn't need to be re-setup every time you log in by entd.

BUG=chromium-os:17219
TEST=test:
1) it shows correct status when only one cert is installed
2) it shows "Installed." when multiple certs are installed

To install multiple certs:
Install certificate as usual
openssl pkcs12 -in /home/chronos/user/Downloads/clientCert.p12  -out file.pem
// split file.pem into a .crt and .key file by hand (pem format)
openssl rsa -in /tmp/foo.key -out /tmp/foo.keyder -outform der
openssl x509 -in /tmp/foo.crt -out /tmp/foo.der -outform der
pkcs11-tool --module=/usr/lib/opencryptoki/PKCS11_API.so -O -p 111111 -y privkey -w /tmp/foo.keyder -a 'whatever' -d 03
pkcs11-tool --module=/usr/lib/opencryptoki/PKCS11_API.so -O -p 111111 -y cert -w /tmp/foo.der -a 'whatever' -d 03

Unfortunately this installs a cert that won't work with Google-A.  In my testing, I believe WPA supplicant is picking
that cert and reject occurs.

Change-Id: Ia95e8a3bd3824457bc0bb4703850b308a889104e
Reviewed-on: http://gerrit.chromium.org/gerrit/4628
Reviewed-by: Robert Ginda <rginda@chromium.org>
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
diff --git a/base_policy/policy-utils.js b/base_policy/policy-utils.js
index 9426de3..74b2325 100644
--- a/base_policy/policy-utils.js
+++ b/base_policy/policy-utils.js
@@ -937,8 +937,8 @@
         return null;
       default:
         // Too many objects.
-        this.error('Too many matching objects: ' + typeString);
-        return null;
+        this.warn('Picking first of multiple objects: ' + typeString);
+        return objList[0];
     }
   } else {
     this.error('error', 'Problem with PKCS#11 token.');
@@ -1036,9 +1036,9 @@
     session.logoutAndClose();
 
     return (cert != null && key != null);
-  } catch(ex) {
+  } catch(e) {
     session.logoutAndClose();
-    this.error('Error checking certificate is installed: ', ex);
+    this.error('Error checking certificate is installed: ' + e);
   }
 
   return false;