Line data Source code
1 : /* 2 : * Copyright (C) 2019 Red Hat, Inc. 3 : * 4 : * Author: Nikos Mavrogiannopoulos 5 : * 6 : * This file is part of GnuTLS. 7 : * 8 : * The GnuTLS is free software; you can redistribute it and/or 9 : * modify it under the terms of the GNU Lesser General Public License 10 : * as published by the Free Software Foundation; either version 2.1 of 11 : * the License, or (at your option) any later version. 12 : * 13 : * This library is distributed in the hope that it will be useful, but 14 : * WITHOUT ANY WARRANTY; without even the implied warranty of 15 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 : * Lesser General Public License for more details. 17 : * 18 : * You should have received a copy of the GNU Lesser General Public License 19 : * along with this program. If not, see <https://www.gnu.org/licenses/> 20 : * 21 : */ 22 : 23 : #include "gnutls_int.h" 24 : #include <algorithms.h> 25 : #include "errors.h" 26 : #include <x509/common.h> 27 : #include "c-strcase.h" 28 : #include "profiles.h" 29 : 30 : typedef struct { 31 : const char *name; 32 : gnutls_certificate_verification_profiles_t profile; 33 : gnutls_sec_param_t sec_param; 34 : } gnutls_profile_entry; 35 : 36 : static const gnutls_profile_entry profiles[] = { 37 : {"Very weak", GNUTLS_PROFILE_VERY_WEAK, GNUTLS_SEC_PARAM_VERY_WEAK}, 38 : {"Low", GNUTLS_PROFILE_LOW, GNUTLS_SEC_PARAM_LOW}, 39 : {"Legacy", GNUTLS_PROFILE_LEGACY, GNUTLS_SEC_PARAM_LEGACY}, 40 : {"Medium", GNUTLS_PROFILE_MEDIUM, GNUTLS_SEC_PARAM_MEDIUM}, 41 : {"High", GNUTLS_PROFILE_HIGH, GNUTLS_SEC_PARAM_HIGH}, 42 : {"Ultra", GNUTLS_PROFILE_ULTRA, GNUTLS_SEC_PARAM_ULTRA}, 43 : {"Future", GNUTLS_PROFILE_FUTURE, GNUTLS_SEC_PARAM_FUTURE}, 44 : {"SuiteB128", GNUTLS_PROFILE_SUITEB128, GNUTLS_SEC_PARAM_HIGH}, 45 : {"SuiteB192", GNUTLS_PROFILE_SUITEB192, GNUTLS_SEC_PARAM_ULTRA}, 46 : {NULL, 0, 0} 47 : }; 48 : 49 30 : gnutls_sec_param_t _gnutls_profile_to_sec_level(gnutls_certificate_verification_profiles_t profile) 50 : { 51 30 : const gnutls_profile_entry *p; 52 : 53 126 : for(p = profiles; p->name != NULL; p++) { 54 126 : if (profile == p->profile) 55 30 : return p->sec_param; 56 : } 57 : 58 : return GNUTLS_SEC_PARAM_UNKNOWN; 59 : } 60 : 61 : /** 62 : * gnutls_certificate_verification_profile_get_id: 63 : * @name: is a profile name 64 : * 65 : * Convert a string to a #gnutls_certificate_verification_profiles_t value. The names are 66 : * compared in a case insensitive way. 67 : * 68 : * Returns: a #gnutls_certificate_verification_profiles_t id of the specified profile, 69 : * or %GNUTLS_PROFILE_UNKNOWN on failure. 70 : **/ 71 11 : gnutls_certificate_verification_profiles_t gnutls_certificate_verification_profile_get_id(const char *name) 72 : { 73 11 : const gnutls_profile_entry *p; 74 : 75 11 : if (name == NULL) 76 : return GNUTLS_PROFILE_UNKNOWN; 77 : 78 53 : for (p = profiles; p->name != NULL; p++) { 79 52 : if (c_strcasecmp(p->name, name) == 0) 80 10 : return p->profile; 81 : } 82 : 83 : return GNUTLS_PROFILE_UNKNOWN; 84 : } 85 : 86 : /** 87 : * gnutls_certificate_verification_profile_get_name: 88 : * @id: is a profile ID 89 : * 90 : * Convert a #gnutls_certificate_verification_profiles_t value to a string. 91 : * 92 : * Returns: a string that contains the name of the specified profile or %NULL. 93 : **/ 94 : const char * 95 6 : gnutls_certificate_verification_profile_get_name(gnutls_certificate_verification_profiles_t id) 96 : { 97 6 : const gnutls_profile_entry *p; 98 : 99 21 : for (p = profiles; p->name != NULL; p++) { 100 21 : if (p->profile == id) 101 : return p->name; 102 : } 103 : 104 : return NULL; 105 : }