void NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey) { if (cinfo == NULL) { return; } if (bulkkey == NULL) { cinfo->bulkkey = NULL; cinfo->keysize = 0; } else { cinfo->bulkkey = PK11_ReferenceSymKey(bulkkey); cinfo->keysize = PK11_GetKeyStrength(cinfo->bulkkey, &(cinfo->contentEncAlg)); } }
/* * Based on the given algorithm (including its parameters, in some cases!) * and the given key (may or may not be inspected, depending on the * algorithm), find the appropriate policy algorithm specification * and return it. If no match can be made, -1 is returned. */ static SECStatus nss_smime_get_cipher_for_alg_and_key(SECAlgorithmID *algid, PK11SymKey *key, unsigned long *cipher) { SECOidTag algtag; unsigned int keylen_bits; unsigned long c; algtag = SECOID_GetAlgorithmTag(algid); switch (algtag) { case SEC_OID_RC2_CBC: keylen_bits = PK11_GetKeyStrength(key, algid); switch (keylen_bits) { case 40: c = SMIME_RC2_CBC_40; break; case 64: c = SMIME_RC2_CBC_64; break; case 128: c = SMIME_RC2_CBC_128; break; default: return SECFailure; } break; case SEC_OID_DES_CBC: c = SMIME_DES_CBC_56; break; case SEC_OID_DES_EDE3_CBC: c = SMIME_DES_EDE3_168; break; case SEC_OID_AES_128_CBC: c = SMIME_AES_CBC_128; break; case SEC_OID_AES_256_CBC: c = SMIME_AES_CBC_256; break; default: PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); return SECFailure; } *cipher = c; return SECSuccess; }
/* * Based on the given algorithm (including its parameters, in some cases!) * and the given key (may or may not be inspected, depending on the * algorithm), find the appropriate policy algorithm specification * and return it. If no match can be made, -1 is returned. */ static long smime_policy_algorithm (SECAlgorithmID *algid, PK11SymKey *key) { SECOidTag algtag; algtag = SECOID_GetAlgorithmTag (algid); switch (algtag) { case SEC_OID_RC2_CBC: { unsigned int keylen_bits; keylen_bits = PK11_GetKeyStrength (key, algid); switch (keylen_bits) { case 40: return SMIME_RC2_CBC_40; case 64: return SMIME_RC2_CBC_64; case 128: return SMIME_RC2_CBC_128; default: break; } } break; case SEC_OID_DES_CBC: return SMIME_DES_CBC_56; case SEC_OID_DES_EDE3_CBC: return SMIME_DES_EDE3_168; case SEC_OID_FORTEZZA_SKIPJACK: return SMIME_FORTEZZA; #ifdef SMIME_DOES_RC5 case SEC_OID_RC5_CBC_PAD: PORT_Assert (0); /* XXX need to pull out parameters and match */ break; #endif default: break; } return -1; }
void PrintKey(PK11SymKey *symKey) { char *name = PK11_GetSymKeyNickname(symKey); int len = PK11_GetKeyLength(symKey); int strength = PK11_GetKeyStrength(symKey, NULL); SECItem *value = NULL; CK_KEY_TYPE type = PK11_GetSymKeyType(symKey); (void) PK11_ExtractKeyValue(symKey); value = PK11_GetKeyData(symKey); printf("%-20s %3d %4d %10s ", name ? name: " ", len, strength, GetStringFromKeyType(type)); if (value && value->data) { printBuf(value->data, value->len); } else { printf("<restricted>"); } printf("\n"); }