OLD | NEW |
1 /* | 1 /* |
2 * Key Derivation that doesn't use PKCS11 | 2 * Key Derivation that doesn't use PKCS11 |
3 * | 3 * |
4 * ***** BEGIN LICENSE BLOCK ***** | 4 * ***** BEGIN LICENSE BLOCK ***** |
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
6 * | 6 * |
7 * The contents of this file are subject to the Mozilla Public License Version | 7 * The contents of this file are subject to the Mozilla Public License Version |
8 * 1.1 (the "License"); you may not use this file except in compliance with | 8 * 1.1 (the "License"); you may not use this file except in compliance with |
9 * the License. You may obtain a copy of the License at | 9 * the License. You may obtain a copy of the License at |
10 * http://www.mozilla.org/MPL/ | 10 * http://www.mozilla.org/MPL/ |
(...skipping 565 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
576 * specified cert make sure the extract operation is attempted from the slot | 576 * specified cert make sure the extract operation is attempted from the slot |
577 * where the private key resides. | 577 * where the private key resides. |
578 * If MS can be extracted for all ciphers, (*pcanbypass) is set to TRUE and | 578 * If MS can be extracted for all ciphers, (*pcanbypass) is set to TRUE and |
579 * SECSuccess is returned. In all other cases but one (*pcanbypass) is | 579 * SECSuccess is returned. In all other cases but one (*pcanbypass) is |
580 * set to FALSE and SECFailure is returned. | 580 * set to FALSE and SECFailure is returned. |
581 * In that last case Derive() has been called successfully but the MS is null, | 581 * In that last case Derive() has been called successfully but the MS is null, |
582 * CanBypass sets (*pcanbypass) to FALSE and returns SECSuccess indicating the | 582 * CanBypass sets (*pcanbypass) to FALSE and returns SECSuccess indicating the |
583 * arguments were all valid but the slot cannot be bypassed. | 583 * arguments were all valid but the slot cannot be bypassed. |
584 */ | 584 */ |
585 | 585 |
| 586 /* TODO: Add SSL_CBP_TLS1_1 and test it in protocolmask when setting isTLS. */ |
| 587 |
586 SECStatus | 588 SECStatus |
587 SSL_CanBypass(CERTCertificate *cert, SECKEYPrivateKey *srvPrivkey, | 589 SSL_CanBypass(CERTCertificate *cert, SECKEYPrivateKey *srvPrivkey, |
588 PRUint32 protocolmask, PRUint16 *ciphersuites, int nsuites, | 590 PRUint32 protocolmask, PRUint16 *ciphersuites, int nsuites, |
589 PRBool *pcanbypass, void *pwArg) | 591 PRBool *pcanbypass, void *pwArg) |
590 { SECStatus rv; | 592 { SECStatus rv; |
591 int i; | 593 int i; |
592 PRUint16 suite; | 594 PRUint16 suite; |
593 PK11SymKey * pms = NULL; | 595 PK11SymKey * pms = NULL; |
594 SECKEYPublicKey * srvPubkey = NULL; | 596 SECKEYPublicKey * srvPubkey = NULL; |
595 KeyType privKeytype; | 597 KeyType privKeytype; |
(...skipping 276 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
872 | 874 |
873 if (srvPubkey) { | 875 if (srvPubkey) { |
874 SECKEY_DestroyPublicKey(srvPubkey); | 876 SECKEY_DestroyPublicKey(srvPubkey); |
875 srvPubkey = NULL; | 877 srvPubkey = NULL; |
876 } | 878 } |
877 | 879 |
878 | 880 |
879 return rv; | 881 return rv; |
880 } | 882 } |
881 | 883 |
OLD | NEW |