Backed out changeset 761e7d215e0a for causing gtest failuresNSS_3_89_BETA1

author: John M. Schanck <jschanck@mozilla.com> 2023-03-02 14:38:29 -0800
committer: John M. Schanck <jschanck@mozilla.com> 2023-03-02 14:38:29 -0800
commit: fd8d15350f7560f35085b4b945eb3e34a0dfa708 (patch)
tree: c66b55dc65ee34047a03113a0e98c24266e57727 /lib/cryptohi/secsign.c
parent: 65aef21637ba6551e24933a4903f6e3b5c2e77a6 (diff)
download: nss-hg-fd8d15350f7560f35085b4b945eb3e34a0dfa708.tar.gz
1 files changed, 0 insertions, 23 deletions
diff --git a/lib/cryptohi/secsign.c b/lib/cryptohi/secsign.c
index 8779904d3..13a6d6c5e 100644
--- a/lib/cryptohi/secsign.c
+++ b/lib/cryptohi/secsign.c
@@ -15,7 +15,6 @@
 #include "pk11func.h"
 #include "secerr.h"
 #include "keyi.h"
-#include "nss.h"
 
 struct SGNContextStr {
     SECOidTag signalg;
@@ -33,7 +32,6 @@ sgn_NewContext(SECOidTag alg, SECItem *params, SECKEYPrivateKey *key)
     SECOidTag hashalg, signalg;
     KeyType keyType;
     PRUint32 policyFlags;
-    PRInt32 optFlags;
     SECStatus rv;
 
     /* OK, map a PKCS #7 hash and encrypt algorithm into
@@ -58,16 +56,6 @@ sgn_NewContext(SECOidTag alg, SECItem *params, SECKEYPrivateKey *key)
         PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
         return NULL;
     }
-    if (NSS_OptionGet(NSS_KEY_SIZE_POLICY_FLAGS, &optFlags) != SECFailure) {
-        if (optFlags & NSS_KEY_SIZE_POLICY_SIGN_FLAG) {
-            rv = seckey_EnforceKeySize(key->keyType,
-                                       SECKEY_PrivateKeyStrengthInBits(key),
-                                       SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED);
-            if (rv != SECSuccess) {
-                return NULL;
-            }
-        }
-    }
     /* check the policy on the hash algorithm */
     if ((NSS_GetAlgorithmPolicy(hashalg, &policyFlags) == SECFailure) ||
         !(policyFlags & NSS_USE_ALG_IN_ANY_SIGNATURE)) {
@@ -477,20 +465,9 @@ SGN_Digest(SECKEYPrivateKey *privKey,
     SGNDigestInfo *di = 0;
     SECOidTag enctag;
     PRUint32 policyFlags;
-    PRInt32 optFlags;
 
     result->data = 0;
 
-    if (NSS_OptionGet(NSS_KEY_SIZE_POLICY_FLAGS, &optFlags) != SECFailure) {
-        if (optFlags & NSS_KEY_SIZE_POLICY_SIGN_FLAG) {
-            rv = seckey_EnforceKeySize(privKey->keyType,
-                                       SECKEY_PrivateKeyStrengthInBits(privKey),
-                                       SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED);
-            if (rv != SECSuccess) {
-                return SECFailure;
-            }
-        }
-    }
     /* check the policy on the hash algorithm */
     if ((NSS_GetAlgorithmPolicy(algtag, &policyFlags) == SECFailure) ||
         !(policyFlags & NSS_USE_ALG_IN_ANY_SIGNATURE)) {
author	John M. Schanck <jschanck@mozilla.com>	2023-03-02 14:38:29 -0800
committer	John M. Schanck <jschanck@mozilla.com>	2023-03-02 14:38:29 -0800
commit	fd8d15350f7560f35085b4b945eb3e34a0dfa708 (patch)
tree	c66b55dc65ee34047a03113a0e98c24266e57727 /lib/cryptohi/secsign.c
parent	65aef21637ba6551e24933a4903f6e3b5c2e77a6 (diff)
download	nss-hg-fd8d15350f7560f35085b4b945eb3e34a0dfa708.tar.gz