michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0:  * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0:  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0: 
michael@0: #include "secplcy.h"
michael@0: #include "prmem.h"
michael@0: 
michael@0: SECCipherFind *sec_CipherFindInit(PRBool onlyAllowed,
michael@0: 				  secCPStruct *policy,
michael@0: 				  long *ciphers)
michael@0: {
michael@0:   SECCipherFind *find = PR_NEWZAP(SECCipherFind);
michael@0:   if (find)
michael@0:     {
michael@0:       find->policy = policy;
michael@0:       find->ciphers = ciphers;
michael@0:       find->onlyAllowed = onlyAllowed;
michael@0:       find->index = -1;
michael@0:     }
michael@0:   return find;
michael@0: }
michael@0: 
michael@0: long sec_CipherFindNext(SECCipherFind *find)
michael@0: {
michael@0:   char *policy;
michael@0:   long rv = -1;
michael@0:   secCPStruct *policies = (secCPStruct *) find->policy;
michael@0:   long *ciphers = (long *) find->ciphers;
michael@0:   long numCiphers = policies->num_ciphers;
michael@0: 
michael@0:   find->index++;
michael@0:   while((find->index < numCiphers) && (rv == -1))
michael@0:     {
michael@0:       /* Translate index to cipher. */
michael@0:       rv = ciphers[find->index];
michael@0: 
michael@0:       /* If we're only looking for allowed ciphers, and if this
michael@0: 	 cipher isn't allowed, loop around.*/
michael@0:       if (find->onlyAllowed)
michael@0: 	{
michael@0: 	  /* Find the appropriate policy flag. */
michael@0: 	  policy = (&(policies->begin_ciphers)) + find->index + 1;
michael@0: 
michael@0: 	  /* If this cipher isn't allowed by policy, continue. */
michael@0: 	  if (! (*policy))
michael@0: 	    {
michael@0: 	      rv = -1;
michael@0: 	      find->index++;
michael@0: 	    }
michael@0: 	}
michael@0:     }
michael@0: 
michael@0:   return rv;
michael@0: }
michael@0: 
michael@0: char sec_IsCipherAllowed(long cipher, secCPStruct *policies,
michael@0: 			 long *ciphers)
michael@0: {
michael@0:   char result = SEC_CIPHER_NOT_ALLOWED; /* our default answer */
michael@0:   long numCiphers = policies->num_ciphers;
michael@0:   char *policy;
michael@0:   int i;
michael@0:   
michael@0:   /* Convert the cipher number into a policy flag location. */
michael@0:   for (i=0, policy=(&(policies->begin_ciphers) + 1);
michael@0:        i<numCiphers;
michael@0:        i++, policy++)
michael@0:     {
michael@0:       if (cipher == ciphers[i])
michael@0: 	break;
michael@0:     }
michael@0: 
michael@0:   if (i < numCiphers)
michael@0:     {
michael@0:       /* Found the cipher, get the policy value. */
michael@0:       result = *policy;
michael@0:     }
michael@0: 
michael@0:   return result;
michael@0: }
michael@0: 
michael@0: void sec_CipherFindEnd(SECCipherFind *find)
michael@0: {
michael@0:   PR_FREEIF(find);
michael@0: }