void
NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey)
{
if (cinfo == NULL) {
return;
}
if (bulkkey == NULL) {
cinfo->bulkkey = NULL;
cinfo->keysize = 0;
} else {
cinfo->bulkkey = PK11_ReferenceSymKey(bulkkey);
cinfo->keysize = PK11_GetKeyStrength(cinfo->bulkkey, &(cinfo->contentEncAlg));
}
}
/*
* Based on the given algorithm (including its parameters, in some cases!)
* and the given key (may or may not be inspected, depending on the
* algorithm), find the appropriate policy algorithm specification
* and return it. If no match can be made, -1 is returned.
*/
static SECStatus
nss_smime_get_cipher_for_alg_and_key(SECAlgorithmID *algid, PK11SymKey *key, unsigned long *cipher)
{
SECOidTag algtag;
unsigned int keylen_bits;
unsigned long c;
algtag = SECOID_GetAlgorithmTag(algid);
switch (algtag) {
case SEC_OID_RC2_CBC:
keylen_bits = PK11_GetKeyStrength(key, algid);
switch (keylen_bits) {
case 40:
c = SMIME_RC2_CBC_40;
break;
case 64:
c = SMIME_RC2_CBC_64;
break;
case 128:
c = SMIME_RC2_CBC_128;
break;
default:
return SECFailure;
}
break;
case SEC_OID_DES_CBC:
c = SMIME_DES_CBC_56;
break;
case SEC_OID_DES_EDE3_CBC:
c = SMIME_DES_EDE3_168;
break;
case SEC_OID_AES_128_CBC:
c = SMIME_AES_CBC_128;
break;
case SEC_OID_AES_256_CBC:
c = SMIME_AES_CBC_256;
break;
default:
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
return SECFailure;
}
*cipher = c;
return SECSuccess;
}
/*
* Based on the given algorithm (including its parameters, in some cases!)
* and the given key (may or may not be inspected, depending on the
* algorithm), find the appropriate policy algorithm specification
* and return it. If no match can be made, -1 is returned.
*/
static long
smime_policy_algorithm (SECAlgorithmID *algid, PK11SymKey *key)
{
SECOidTag algtag;
algtag = SECOID_GetAlgorithmTag (algid);
switch (algtag) {
case SEC_OID_RC2_CBC:
{
unsigned int keylen_bits;
keylen_bits = PK11_GetKeyStrength (key, algid);
switch (keylen_bits) {
case 40:
return SMIME_RC2_CBC_40;
case 64:
return SMIME_RC2_CBC_64;
case 128:
return SMIME_RC2_CBC_128;
default:
break;
}
}
break;
case SEC_OID_DES_CBC:
return SMIME_DES_CBC_56;
case SEC_OID_DES_EDE3_CBC:
return SMIME_DES_EDE3_168;
case SEC_OID_FORTEZZA_SKIPJACK:
return SMIME_FORTEZZA;
#ifdef SMIME_DOES_RC5
case SEC_OID_RC5_CBC_PAD:
PORT_Assert (0); /* XXX need to pull out parameters and match */
break;
#endif
default:
break;
}
return -1;
}
void
PrintKey(PK11SymKey *symKey)
{
char *name = PK11_GetSymKeyNickname(symKey);
int len = PK11_GetKeyLength(symKey);
int strength = PK11_GetKeyStrength(symKey, NULL);
SECItem *value = NULL;
CK_KEY_TYPE type = PK11_GetSymKeyType(symKey);
(void) PK11_ExtractKeyValue(symKey);
value = PK11_GetKeyData(symKey);
printf("%-20s %3d %4d %10s ", name ? name: " ", len, strength,
GetStringFromKeyType(type));
if (value && value->data) {
printBuf(value->data, value->len);
} else {
printf("<restricted>");
}
printf("\n");
}
