Coverage Report

Created: 2018-09-25 14:53

/src/mozilla-central/security/nss/lib/pkcs12/p12plcy.c
Line
Count
Source (jump to first uncovered line)
1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
 * License, v. 2.0. If a copy of the MPL was not distributed with this
3
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5
#include "p12plcy.h"
6
#include "secoid.h"
7
#include "secport.h"
8
#include "secpkcs5.h"
9
10
#define PKCS12_NULL 0x0000
11
12
typedef struct pkcs12SuiteMapStr {
13
    SECOidTag algTag;
14
    unsigned int keyLengthBits; /* in bits */
15
    unsigned long suite;
16
    PRBool allowed;
17
    PRBool preferred;
18
} pkcs12SuiteMap;
19
20
static pkcs12SuiteMap pkcs12SuiteMaps[] = {
21
    { SEC_OID_RC4, 40, PKCS12_RC4_40, PR_FALSE, PR_FALSE },
22
    { SEC_OID_RC4, 128, PKCS12_RC4_128, PR_FALSE, PR_FALSE },
23
    { SEC_OID_RC2_CBC, 40, PKCS12_RC2_CBC_40, PR_FALSE, PR_TRUE },
24
    { SEC_OID_RC2_CBC, 128, PKCS12_RC2_CBC_128, PR_FALSE, PR_FALSE },
25
    { SEC_OID_DES_CBC, 64, PKCS12_DES_56, PR_FALSE, PR_FALSE },
26
    { SEC_OID_DES_EDE3_CBC, 192, PKCS12_DES_EDE3_168, PR_FALSE, PR_FALSE },
27
    { SEC_OID_AES_128_CBC, 128, PKCS12_AES_CBC_128, PR_FALSE, PR_FALSE },
28
    { SEC_OID_AES_192_CBC, 192, PKCS12_AES_CBC_192, PR_FALSE, PR_FALSE },
29
    { SEC_OID_AES_256_CBC, 256, PKCS12_AES_CBC_256, PR_FALSE, PR_FALSE },
30
    { SEC_OID_UNKNOWN, 0, PKCS12_NULL, PR_FALSE, PR_FALSE },
31
    { SEC_OID_UNKNOWN, 0, 0L, PR_FALSE, PR_FALSE }
32
};
33
34
/* determine if algid is an algorithm which is allowed */
35
PRBool
36
SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid)
37
0
{
38
0
    unsigned int keyLengthBits;
39
0
    SECOidTag algId;
40
0
    int i;
41
0
42
0
    algId = SEC_PKCS5GetCryptoAlgorithm(algid);
43
0
    if (algId == SEC_OID_UNKNOWN) {
44
0
        return PR_FALSE;
45
0
    }
46
0
47
0
    keyLengthBits = (unsigned int)(SEC_PKCS5GetKeyLength(algid) * 8);
48
0
49
0
    i = 0;
50
0
    while (pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
51
0
        if ((pkcs12SuiteMaps[i].algTag == algId) &&
52
0
            (pkcs12SuiteMaps[i].keyLengthBits == keyLengthBits)) {
53
0
54
0
            return pkcs12SuiteMaps[i].allowed;
55
0
        }
56
0
        i++;
57
0
    }
58
0
59
0
    return PR_FALSE;
60
0
}
61
62
/* is any encryption allowed? */
63
PRBool
64
SEC_PKCS12IsEncryptionAllowed(void)
65
0
{
66
0
    int i;
67
0
68
0
    i = 0;
69
0
    while (pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
70
0
        if (pkcs12SuiteMaps[i].allowed == PR_TRUE) {
71
0
            return PR_TRUE;
72
0
        }
73
0
        i++;
74
0
    }
75
0
76
0
    return PR_FALSE;
77
0
}
78
79
SECStatus
80
SEC_PKCS12EnableCipher(long which, int on)
81
0
{
82
0
    int i;
83
0
84
0
    i = 0;
85
0
    while (pkcs12SuiteMaps[i].suite != 0L) {
86
0
        if (pkcs12SuiteMaps[i].suite == (unsigned long)which) {
87
0
            if (on) {
88
0
                pkcs12SuiteMaps[i].allowed = PR_TRUE;
89
0
            } else {
90
0
                pkcs12SuiteMaps[i].allowed = PR_FALSE;
91
0
            }
92
0
            return SECSuccess;
93
0
        }
94
0
        i++;
95
0
    }
96
0
97
0
    return SECFailure;
98
0
}
99
100
SECStatus
101
SEC_PKCS12SetPreferredCipher(long which, int on)
102
0
{
103
0
    int i;
104
0
    PRBool turnedOff = PR_FALSE;
105
0
    PRBool turnedOn = PR_FALSE;
106
0
107
0
    i = 0;
108
0
    while (pkcs12SuiteMaps[i].suite != 0L) {
109
0
        if (pkcs12SuiteMaps[i].preferred == PR_TRUE) {
110
0
            pkcs12SuiteMaps[i].preferred = PR_FALSE;
111
0
            turnedOff = PR_TRUE;
112
0
        }
113
0
        if (pkcs12SuiteMaps[i].suite == (unsigned long)which) {
114
0
            pkcs12SuiteMaps[i].preferred = PR_TRUE;
115
0
            turnedOn = PR_TRUE;
116
0
        }
117
0
        i++;
118
0
    }
119
0
120
0
    if ((turnedOn) && (turnedOff)) {
121
0
        return SECSuccess;
122
0
    }
123
0
124
0
    return SECFailure;
125
0
}