able/windows-nt
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
windows-nt/Source/XPSP1/NT/ds/win32/ntcrypto/contman/policy.c

276 lines
5.7 KiB
C
Raw Normal View History

Add source files
2020-09-26 03:20:57 -05:00
/*++
Copyright (C) Microsoft Corporation, 2000
Module Name:
policy
Abstract:
This module provides common CSP Algorithm Limit policy control.
Author:
Doug Barlow (dbarlow) 8/11/2000
Notes:
?Notes?
--*/
#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
#endif
#include <windows.h>
#include <wincrypt.h>
#include "policy.h"
/*++
LocateAlgorithm:
This routine searches a PROV_ENUMALGS_EX array for the specified
Algorithm.
Arguments:
rgEnumAlgs supplies the array of PROV_ENUMALGS_EX structures to be
searched. The last entry in the array must be filled with zeroes.
algId supplies the algorithm Id for which to search.
Return Value:
The corresponding PROV_ENUMALGS_EX structure in the array, or NULL if no
such algorithm entry exists.
Remarks:
Author:
Doug Barlow (dbarlow) 8/16/2000
--*/
#undef __SUBROUTINE__
#define __SUBROUTINE__ TEXT("LocateAlgorithm")
CONST PROV_ENUMALGS_EX *
LocateAlgorithm(
IN CONST PROV_ENUMALGS_EX *rgEnumAlgs,
IN ALG_ID algId)
{
CONST PROV_ENUMALGS_EX *pEnumAlg = rgEnumAlgs;
//
// Run through the list and try to find the given algorithm.
//
while (0 != pEnumAlg->aiAlgid)
{
if (pEnumAlg->aiAlgid == algId)
return pEnumAlg;
pEnumAlg += 1;
}
return NULL;
}
/*++
IsLegalAlgorithm:
Given an array of allowed algorithms, is the given algorithm Id in the
list?
Arguments:
rgEnumAlgs supplies the array of PROV_ENUMALGS_EX structures identifying
the policy to enforce. The last entry in the array must be filled
with zeroes.
algId supplies the algorithm Id to be validated.
ppEnumAlg, if supplied, receives the PROV_ENUMALGS_EX structure containing
the policies associated with this algorithm Id. This can be used in
following routines to speed up access to policy information.
Return Value:
TRUE -- That algorithm is supported.
FALSE -- That algorithm is not supported.
Remarks:
Author:
Doug Barlow (dbarlow) 8/16/2000
--*/
#undef __SUBROUTINE__
#define __SUBROUTINE__ TEXT("IsLegalAlgorithm")
BOOL
IsLegalAlgorithm(
IN CONST PROV_ENUMALGS_EX *rgEnumAlgs,
IN ALG_ID algId,
OUT CONST PROV_ENUMALGS_EX **ppEnumAlg)
{
CONST PROV_ENUMALGS_EX *pEnumAlg = LocateAlgorithm(rgEnumAlgs, algId);
if (NULL != ppEnumAlg)
*ppEnumAlg = pEnumAlg;
return (NULL != pEnumAlg);
}
/*++
IsLegalLength:
This routine determines if the requested key length is valid for the given
algorithm, according to policy.
Arguments:
rgEnumAlgs supplies the array of PROV_ENUMALGS_EX structures identifying
the policy to enforce. The last entry in the array must be filled
with zeroes.
algId supplies the algorithm Id to be validated.
cBitLength supplies the length of the proposed key, in bits.
pEnumAlg, if not NULL, supplies the PROV_ENUMALGS_EX structure containing
the policies associated with this algorithm Id. This can be obtained
from the IsLegalAlgorithm call, above. If this parameter is NULL,
then the PROV_ENUMALGS_EX structure is located from the algId
parameter.
Return Value:
TRUE -- This key length is legal for this algorithm.
FALSE -- This key length is not allowed for this algorithm.
Remarks:
This routine only determines policy rules. It does not address whether or
not the exact keylength is supported by the algorithm.
Author:
Doug Barlow (dbarlow) 8/16/2000
--*/
#undef __SUBROUTINE__
#define __SUBROUTINE__ TEXT("IsLegalLength")
BOOL
IsLegalLength(
IN CONST PROV_ENUMALGS_EX *rgEnumAlgs,
IN ALG_ID algId,
IN DWORD cBitLength,
IN CONST PROV_ENUMALGS_EX *pEnumAlg)
{
//
// Make sure we've got a PROV_ENUMALGS_EX structure to work with.
//
if (NULL == pEnumAlg)
{
pEnumAlg = LocateAlgorithm(rgEnumAlgs, algId);
if (NULL == pEnumAlg)
return FALSE;
}
//
// Now check the length.
//
return ((pEnumAlg->dwMinLen <= cBitLength)
&& (pEnumAlg->dwMaxLen >= cBitLength));
}
/*++
GetDefaultLength:
This routine determines the default length for a given algorithm, based on
policy described in an array of PROV_ENUMALGS_EX structures.
Arguments:
rgEnumAlgs supplies the array of PROV_ENUMALGS_EX structures identifying
the policy to enforce. The last entry in the array must be filled
with zeroes.
algId supplies the algorithm Id to be validated.
pEnumAlg, if not NULL, supplies the PROV_ENUMALGS_EX structure containing
the policies associated with this algorithm Id. This can be obtained
from the IsLegalAlgorithm call, above. If this parameter is NULL,
then the PROV_ENUMALGS_EX structure is located from the algId
parameter.
pcBitLength receives the default length of the proposed key, in bits.
Return Value:
TRUE -- The algorithm is supported, and the value returned in pcBitLength
is valid.
FALSE -- The requested algorithm isn't supported.
Remarks:
Author:
Doug Barlow (dbarlow) 8/16/2000
--*/
#undef __SUBROUTINE__
#define __SUBROUTINE__ TEXT("GetDefaultLength")
BOOL
GetDefaultLength(
IN CONST PROV_ENUMALGS_EX *rgEnumAlgs,
IN ALG_ID algId,
IN CONST PROV_ENUMALGS_EX *pEnumAlg,
OUT LPDWORD pcBitLength)
{
//
// Clear the returned bit length, just in case.
//
*pcBitLength = 0;
//
// Make sure we've got a PROV_ENUMALGS_EX structure to work with.
//
if (NULL == pEnumAlg)
{
pEnumAlg = LocateAlgorithm(rgEnumAlgs, algId);
if (NULL == pEnumAlg)
return FALSE;
}
//
// Now return the default length.
//
*pcBitLength = pEnumAlg->dwDefaultLen;
return TRUE;
}
Reference in a new issue Copy permalink