From dcacbfd4ce07bd7ca3966384bca949da56dbffcf Mon Sep 17 00:00:00 2001
From: Brian Smith <brian@briansmith.org>
Date: Wed, 24 Dec 2014 00:51:52 -0800
Subject: [PATCH] Bug 1073867, Part 3: Reject DSS end-entity certificates,
 r=mmc

--HG--
extra : rebase_source : 76546b57aade1a15b394a2e53d8c12d62906dcac
---
 security/pkix/lib/pkixnss.cpp | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/security/pkix/lib/pkixnss.cpp b/security/pkix/lib/pkixnss.cpp
index a1d4681f9d11..c76f9c6f1dab 100644
--- a/security/pkix/lib/pkixnss.cpp
+++ b/security/pkix/lib/pkixnss.cpp
@@ -59,18 +59,18 @@ CheckPublicKeySize(Input subjectPublicKeyInfo, unsigned int minimumNonECCBits,
     case ecKey:
       // TODO(bug 1077790): We should check which curve.
       return Success;
-    case dsaKey: // fall through
     case rsaKey:
       if (SECKEY_PublicKeyStrengthInBits(publicKey.get()) < minimumNonECCBits) {
         return Result::ERROR_INADEQUATE_KEY_SIZE;
       }
       break;
-    case nullKey:
-    case fortezzaKey:
-    case dhKey:
-    case keaKey:
-    case rsaPssKey:
-    case rsaOaepKey:
+    case dsaKey: // fall through
+    case nullKey: // fall through
+    case fortezzaKey: // fall through
+    case dhKey: // fall through
+    case keaKey: // fall through
+    case rsaPssKey: // fall through
+    case rsaOaepKey: // fall through
     default:
       return Result::ERROR_UNSUPPORTED_KEYALG;
   }