diff options
author | Lorry <lorry@roadtrain.codethink.co.uk> | 2012-07-18 20:31:20 +0100 |
---|---|---|
committer | Lorry <lorry@roadtrain.codethink.co.uk> | 2012-07-18 20:31:20 +0100 |
commit | e43ad1f4ce7f1504e6f01fc8a90d5c0398013383 (patch) | |
tree | 03504d9d81336081b899c9f34cc0f66801caf67c /mozilla/security/nss/lib/pkcs12/p12plcy.c | |
download | nss-e43ad1f4ce7f1504e6f01fc8a90d5c0398013383.tar.gz |
Tarball conversion
Diffstat (limited to 'mozilla/security/nss/lib/pkcs12/p12plcy.c')
-rw-r--r-- | mozilla/security/nss/lib/pkcs12/p12plcy.c | 157 |
1 files changed, 157 insertions, 0 deletions
diff --git a/mozilla/security/nss/lib/pkcs12/p12plcy.c b/mozilla/security/nss/lib/pkcs12/p12plcy.c new file mode 100644 index 0000000..ac96300 --- /dev/null +++ b/mozilla/security/nss/lib/pkcs12/p12plcy.c @@ -0,0 +1,157 @@ +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is + * Netscape Communications Corporation. + * Portions created by the Initial Developer are Copyright (C) 1994-2000 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + + +#include "p12plcy.h" +#include "secoid.h" +#include "secport.h" +#include "secpkcs5.h" + +#define PKCS12_NULL 0x0000 + +typedef struct pkcs12SuiteMapStr { + SECOidTag algTag; + unsigned int keyLengthBits; /* in bits */ + unsigned long suite; + PRBool allowed; + PRBool preferred; +} pkcs12SuiteMap; + +static pkcs12SuiteMap pkcs12SuiteMaps[] = { + { SEC_OID_RC4, 40, PKCS12_RC4_40, PR_FALSE, PR_FALSE}, + { SEC_OID_RC4, 128, PKCS12_RC4_128, PR_FALSE, PR_FALSE}, + { SEC_OID_RC2_CBC, 40, PKCS12_RC2_CBC_40, PR_FALSE, PR_TRUE}, + { SEC_OID_RC2_CBC, 128, PKCS12_RC2_CBC_128, PR_FALSE, PR_FALSE}, + { SEC_OID_DES_CBC, 64, PKCS12_DES_56, PR_FALSE, PR_FALSE}, + { SEC_OID_DES_EDE3_CBC, 192, PKCS12_DES_EDE3_168, PR_FALSE, PR_FALSE}, + { SEC_OID_UNKNOWN, 0, PKCS12_NULL, PR_FALSE, PR_FALSE}, + { SEC_OID_UNKNOWN, 0, 0L, PR_FALSE, PR_FALSE} +}; + +/* determine if algid is an algorithm which is allowed */ +PRBool +SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid) +{ + unsigned int keyLengthBits; + SECOidTag algId; + int i; + + algId = SEC_PKCS5GetCryptoAlgorithm(algid); + if(algId == SEC_OID_UNKNOWN) { + return PR_FALSE; + } + + keyLengthBits = (unsigned int)(SEC_PKCS5GetKeyLength(algid) * 8); + + i = 0; + while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) { + if((pkcs12SuiteMaps[i].algTag == algId) && + (pkcs12SuiteMaps[i].keyLengthBits == keyLengthBits)) { + + return pkcs12SuiteMaps[i].allowed; + } + i++; + } + + return PR_FALSE; +} + +/* is any encryption allowed? */ +PRBool +SEC_PKCS12IsEncryptionAllowed(void) +{ + int i; + + i = 0; + while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) { + if(pkcs12SuiteMaps[i].allowed == PR_TRUE) { + return PR_TRUE; + } + i++; + } + + return PR_FALSE; +} + + +SECStatus +SEC_PKCS12EnableCipher(long which, int on) +{ + int i; + + i = 0; + while(pkcs12SuiteMaps[i].suite != 0L) { + if(pkcs12SuiteMaps[i].suite == (unsigned long)which) { + if(on) { + pkcs12SuiteMaps[i].allowed = PR_TRUE; + } else { + pkcs12SuiteMaps[i].allowed = PR_FALSE; + } + return SECSuccess; + } + i++; + } + + return SECFailure; +} + +SECStatus +SEC_PKCS12SetPreferredCipher(long which, int on) +{ + int i; + PRBool turnedOff = PR_FALSE; + PRBool turnedOn = PR_FALSE; + + i = 0; + while(pkcs12SuiteMaps[i].suite != 0L) { + if(pkcs12SuiteMaps[i].preferred == PR_TRUE) { + pkcs12SuiteMaps[i].preferred = PR_FALSE; + turnedOff = PR_TRUE; + } + if(pkcs12SuiteMaps[i].suite == (unsigned long)which) { + pkcs12SuiteMaps[i].preferred = PR_TRUE; + turnedOn = PR_TRUE; + } + i++; + } + + if((turnedOn) && (turnedOff)) { + return SECSuccess; + } + + return SECFailure; +} + |