p12plcy.h (1411B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 #ifndef _P12PLCY_H_ 5 #define _P12PLCY_H_ 6 7 #include "secoid.h" 8 #include "ciferfam.h" 9 10 SEC_BEGIN_PROTOS 11 12 /* is this encryption algorithm allowed in PKCS #12 by policy? */ 13 /* pbeAlg is either a full PBE for pkcsv5v1 and pkcs12pbe; or 14 * a cipher alg for pkcs5v2, 15 * hmacAlg is an HMAC algorith. Must be included for pkcs5v2 16 * and is ignored if pbeAlg is pkcs5v2 or pkcs12pbe */ 17 extern PRBool SEC_PKCS12CipherAllowed(SECOidTag pbeAlg, SECOidTag hmacAlg); 18 19 /* for the algid specified, can we decrypt it ? 20 * both encryption and hash used in the hmac must be enabled. 21 * legacy/decrypt is sufficient */ 22 extern PRBool SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid); 23 24 /* for integrity, we mark if we are signing or verifying in the call. Oid 25 * is the hash oid */ 26 extern PRBool SEC_PKCS12IntegrityHashAllowed(SECOidTag hashAlg, PRBool verify); 27 28 /* is encryption allowed? */ 29 extern PRBool SEC_PKCS12IsEncryptionAllowed(void); 30 31 /* enable a cipher for encryption/decryption */ 32 extern SECStatus SEC_PKCS12EnableCipher(long which, int on); 33 34 /* return the preferred cipher for encryption */ 35 extern SECStatus SEC_PKCS12SetPreferredCipher(long which, int on); 36 37 SEC_END_PROTOS 38 #endif