PageRenderTime 61ms CodeModel.GetById 6ms RepoModel.GetById 1ms app.codeStats 0ms

/security/nss/lib/pkcs12/p12plcy.c

https://bitbucket.org/soko/mozilla-central
C | 157 lines | 97 code | 23 blank | 37 comment | 22 complexity | 67f0a4d27bf1896ac65f25fba3da1416 MD5 | raw file
Possible License(s): GPL-2.0, JSON, 0BSD, LGPL-3.0, AGPL-1.0, MIT, MPL-2.0-no-copyleft-exception, BSD-3-Clause, LGPL-2.1, Apache-2.0 
    

  1. /* ***** BEGIN LICENSE BLOCK *****
    2. 

  2.  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
    3. 

  3.  *
    4. 

  4.  * The contents of this file are subject to the Mozilla Public License Version
    5. 

  5.  * 1.1 (the "License"); you may not use this file except in compliance with
    6. 

  6.  * the License. You may obtain a copy of the License at
    7. 

  7.  * http://www.mozilla.org/MPL/
    8. 

  8.  *
    9. 

  9.  * Software distributed under the License is distributed on an "AS IS" basis,
    10. 

  10.  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    11. 

  11.  * for the specific language governing rights and limitations under the
    12. 

  12.  * License.
    13. 

  13.  *
    14. 

  14.  * The Original Code is the Netscape security libraries.
    15. 

  15.  *
    16. 

  16.  * The Initial Developer of the Original Code is
    17. 

  17.  * Netscape Communications Corporation.
    18. 

  18.  * Portions created by the Initial Developer are Copyright (C) 1994-2000
    19. 

  19.  * the Initial Developer. All Rights Reserved.
    20. 

  20.  *
    21. 

  21.  * Contributor(s):
    22. 

  22.  *
    23. 

  23.  * Alternatively, the contents of this file may be used under the terms of
    24. 

  24.  * either the GNU General Public License Version 2 or later (the "GPL"), or
    25. 

  25.  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
    26. 

  26.  * in which case the provisions of the GPL or the LGPL are applicable instead
    27. 

  27.  * of those above. If you wish to allow use of your version of this file only
    28. 

  28.  * under the terms of either the GPL or the LGPL, and not to allow others to
    29. 

  29.  * use your version of this file under the terms of the MPL, indicate your
    30. 

  30.  * decision by deleting the provisions above and replace them with the notice
    31. 

  31.  * and other provisions required by the GPL or the LGPL. If you do not delete
    32. 

  32.  * the provisions above, a recipient may use your version of this file under
    33. 

  33.  * the terms of any one of the MPL, the GPL or the LGPL.
    34. 

  34.  *
    35. 

  35.  * ***** END LICENSE BLOCK ***** */
    36. 

  36. 

  37. 

  38. #include "p12plcy.h"
    39. 

  39. #include "secoid.h"
    40. 

  40. #include "secport.h"
    41. 

  41. #include "secpkcs5.h" 
    42. 

  42. 

  43. #define PKCS12_NULL  0x0000
    44. 

  44. 

  45. typedef struct pkcs12SuiteMapStr {
    46. 

  46.     SECOidTag		algTag;
    47. 

  47.     unsigned int	keyLengthBits;	/* in bits */
    48. 

  48.     unsigned long	suite;
    49. 

  49.     PRBool 		allowed;
    50. 

  50.     PRBool		preferred;
    51. 

  51. } pkcs12SuiteMap;
    52. 

  52. 

  53. static pkcs12SuiteMap pkcs12SuiteMaps[] = {
    54. 

  54.     { SEC_OID_RC4,		40,	PKCS12_RC4_40,		PR_FALSE,	PR_FALSE},
    55. 

  55.     { SEC_OID_RC4,	       128,	PKCS12_RC4_128,		PR_FALSE,	PR_FALSE},
    56. 

  56.     { SEC_OID_RC2_CBC,		40,	PKCS12_RC2_CBC_40,	PR_FALSE,	PR_TRUE},
    57. 

  57.     { SEC_OID_RC2_CBC,	       128,	PKCS12_RC2_CBC_128,	PR_FALSE,	PR_FALSE},
    58. 

  58.     { SEC_OID_DES_CBC,		64,	PKCS12_DES_56,		PR_FALSE,	PR_FALSE},
    59. 

  59.     { SEC_OID_DES_EDE3_CBC,    192,	PKCS12_DES_EDE3_168,	PR_FALSE,	PR_FALSE},
    60. 

  60.     { SEC_OID_UNKNOWN,		 0,	PKCS12_NULL,		PR_FALSE,	PR_FALSE},
    61. 

  61.     { SEC_OID_UNKNOWN,		 0,	0L,			PR_FALSE,	PR_FALSE}
    62. 

  62. };
    63. 

  63. 

  64. /* determine if algid is an algorithm which is allowed */
    65. 

  65. PRBool 
    66. 

  66. SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid)
    67. 

  67. {
    68. 

  68.     unsigned int keyLengthBits;
    69. 

  69.     SECOidTag algId;
    70. 

  70.     int i;
    71. 

  71.    
    72. 

  72.     algId = SEC_PKCS5GetCryptoAlgorithm(algid);
    73. 

  73.     if(algId == SEC_OID_UNKNOWN) {
    74. 

  74. 	return PR_FALSE;
    75. 

  75.     }
    76. 

  76.     
    77. 

  77.     keyLengthBits = (unsigned int)(SEC_PKCS5GetKeyLength(algid) * 8);
    78. 

  78. 

  79.     i = 0;
    80. 

  80.     while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
    81. 

  81. 	if((pkcs12SuiteMaps[i].algTag == algId) && 
    82. 

  82. 	   (pkcs12SuiteMaps[i].keyLengthBits == keyLengthBits)) {
    83. 

  83. 

  84. 	    return pkcs12SuiteMaps[i].allowed;
    85. 

  85. 	}
    86. 

  86. 	i++;
    87. 

  87.     }
    88. 

  88. 

  89.     return PR_FALSE;
    90. 

  90. }
    91. 

  91. 

  92. /* is any encryption allowed? */
    93. 

  93. PRBool
    94. 

  94. SEC_PKCS12IsEncryptionAllowed(void)
    95. 

  95. {
    96. 

  96.     int i;
    97. 

  97. 

  98.     i = 0;
    99. 

  99.     while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
    100. 

  100. 	if(pkcs12SuiteMaps[i].allowed == PR_TRUE) {
    101. 

  101. 	    return PR_TRUE;
    102. 

  102. 	} 
    103. 

  103. 	i++;
    104. 

  104.     }
    105. 

  105. 

  106.     return PR_FALSE;
    107. 

  107. }
    108. 

  108. 

  109. 

  110. SECStatus
    111. 

  111. SEC_PKCS12EnableCipher(long which, int on) 
    112. 

  112. {
    113. 

  113.     int i;
    114. 

  114. 

  115.     i = 0;
    116. 

  116.     while(pkcs12SuiteMaps[i].suite != 0L) {
    117. 

  117. 	if(pkcs12SuiteMaps[i].suite == (unsigned long)which) {
    118. 

  118. 	    if(on) {
    119. 

  119. 		pkcs12SuiteMaps[i].allowed = PR_TRUE;
    120. 

  120. 	    } else {
    121. 

  121. 		pkcs12SuiteMaps[i].allowed = PR_FALSE;
    122. 

  122. 	    }
    123. 

  123. 	    return SECSuccess;
    124. 

  124. 	}
    125. 

  125. 	i++;
    126. 

  126.     }
    127. 

  127. 

  128.     return SECFailure;
    129. 

  129. }
    130. 

  130. 

  131. SECStatus
    132. 

  132. SEC_PKCS12SetPreferredCipher(long which, int on)
    133. 

  133. {
    134. 

  134.     int i;
    135. 

  135.     PRBool turnedOff = PR_FALSE;
    136. 

  136.     PRBool turnedOn = PR_FALSE;
    137. 

  137. 

  138.     i = 0;
    139. 

  139.     while(pkcs12SuiteMaps[i].suite != 0L) {
    140. 

  140. 	if(pkcs12SuiteMaps[i].preferred == PR_TRUE) {
    141. 

  141. 	    pkcs12SuiteMaps[i].preferred = PR_FALSE;
    142. 

  142. 	    turnedOff = PR_TRUE;
    143. 

  143. 	}
    144. 

  144. 	if(pkcs12SuiteMaps[i].suite == (unsigned long)which) {
    145. 

  145. 	    pkcs12SuiteMaps[i].preferred = PR_TRUE;
    146. 

  146. 	    turnedOn = PR_TRUE;
    147. 

  147. 	}
    148. 

  148. 	i++;
    149. 

  149.     }
    150. 

  150. 

  151.     if((turnedOn) && (turnedOff)) {
    152. 

  152. 	return SECSuccess;
    153. 

  153.     }
    154. 

  154. 

  155.     return SECFailure;
    156. 

  156. }
    157. 

  157. 

  158.