]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_keychain/lib/SecBase.cpp
Security-59754.80.3.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / lib / SecBase.cpp
1 /*
2 * Copyright (c) 2003-2013 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #include <Security/SecBase.h>
25 #include <Security/SecBasePriv.h>
26 #include <Security/SecKeychainPriv.h>
27 #include <security_utilities/threading.h>
28 #include <utilities/SecCFRelease.h>
29 #include "SecBridge.h"
30 #include <Security/SecFramework.h>
31
32 static CFStringRef copyErrorMessageFromBundle(OSStatus status,CFStringRef tableName);
33
34 // caller MUST release the string, since it is gotten with "CFCopyLocalizedStringFromTableInBundle"
35 // intended use of reserved param is to pass in CFStringRef with name of the Table for lookup
36 // Will look by default in "SecErrorMessages.strings" in the resources of Security.framework.
37
38
39 CFStringRef
40 SecCopyErrorMessageString(OSStatus status, void *reserved)
41 {
42 try
43 {
44 CFStringRef result = copyErrorMessageFromBundle(status,CFSTR("SecErrorMessages"));
45 if (result == NULL)
46 result = copyErrorMessageFromBundle(status,CFSTR("SecDebugErrorMessages"));
47
48 if (result == NULL)
49 {
50 if (status >= errSecErrnoBase && status <= errSecErrnoLimit)
51 {
52 result = CFStringCreateWithFormat (NULL, NULL, CFSTR("UNIX[%s]"), strerror(status-errSecErrnoBase));
53 }
54 else
55 {
56 // no error message found, so format a faked-up error message from the status
57 result = CFStringCreateWithFormat(NULL, NULL, CFSTR("OSStatus %d"), (int)status);
58 }
59 }
60
61 return result;
62 }
63 catch (...)
64 {
65 return NULL;
66 }
67 }
68
69
70 void
71 cssmPerror(const char *how, CSSM_RETURN error)
72 {
73 try
74 {
75 const char* errMsg = cssmErrorString(error);
76 fprintf(stderr, "%s: %s\n", how ? how : "error", errMsg);
77 }
78 catch (...)
79 {
80 fprintf(stderr, "failed to print error: %lu\n", (unsigned long)error);
81 }
82 }
83
84
85 const char *
86 cssmErrorString(CSSM_RETURN error)
87 {
88 static ThreadNexus<string> lastError;
89
90 try {
91 string err;
92
93 if (error >= errSecErrnoBase && error <= errSecErrnoLimit)
94 {
95 err = string ("UNIX[") + strerror(error - errSecErrnoBase) + "]";
96 }
97 else
98 {
99 CFStringRef result = copyErrorMessageFromBundle(error,CFSTR("SecErrorMessages"));
100 if (result == NULL)
101 result = copyErrorMessageFromBundle(error,CFSTR("SecDebugErrorMessages"));
102 err = cfString(result, errSecErrorStringNotAvailable);
103 CFReleaseSafe(result);
104 }
105
106 if (err.empty())
107 {
108 char buf[200];
109 snprintf(buf, sizeof(buf), "unknown error %ld=%lx", (long) error, (long) error);
110 err = buf;
111 }
112
113 lastError() = err;
114 return lastError().c_str();
115 }
116 catch (...)
117 {
118 char buf[256];
119 snprintf (buf, sizeof (buf), "unknown error %ld=%lx", (long) error, (long) error);
120 lastError() = buf;
121 return lastError().c_str();
122 }
123 }
124
125
126 static ModuleNexus<Mutex> gBundleLock;
127
128 CFStringRef
129 copyErrorMessageFromBundle(OSStatus status,CFStringRef tableName)
130 {
131 StLock<Mutex> _lock(gBundleLock());
132
133 CFStringRef errorString = nil;
134 CFStringRef keyString = nil;
135 CFBundleRef secBundle = NULL;
136
137 // Make a bundle instance using the URLRef.
138 secBundle = CFBundleGetBundleWithIdentifier(CFSTR("com.apple.security"));
139 if (!secBundle)
140 goto xit;
141
142 // Convert status to Int32 string representation, e.g. "-25924"
143 keyString = CFStringCreateWithFormat (kCFAllocatorDefault,NULL,CFSTR("%d"),(int)status);
144 if (!keyString) {
145 goto xit;
146 }
147
148 errorString = CFCopyLocalizedStringFromTableInBundle(keyString,tableName,secBundle,NULL);
149 if (CFStringCompare(errorString, keyString, 0)==kCFCompareEqualTo) // no real error message
150 {
151 if (errorString)
152 CFRelease(errorString);
153 errorString = nil;
154 }
155 xit:
156 if (keyString)
157 CFRelease(keyString);
158
159 return errorString;
160 }
161
162 /* Convert a possible CSSM type osStatus error to a more Keychain friendly OSStatus. */
163 OSStatus SecKeychainErrFromOSStatus(OSStatus osStatus)
164 {
165 if (CSSM_ERR_IS_CONVERTIBLE(osStatus))
166 {
167 switch (CSSM_ERRCODE(osStatus))
168 {
169 // CONVERTIBLE ERROR CODES.
170 case CSSM_ERRCODE_SERVICE_NOT_AVAILABLE:
171 return errSecNotAvailable;
172 case CSSM_ERRCODE_USER_CANCELED:
173 return errSecUserCanceled;
174 case CSSM_ERRCODE_OPERATION_AUTH_DENIED:
175 return errSecAuthFailed;
176 case CSSM_ERRCODE_NO_USER_INTERACTION:
177 return errSecInteractionNotAllowed;
178 case CSSM_ERRCODE_IN_DARK_WAKE:
179 return errSecInDarkWake;
180 case CSSM_ERRCODE_OS_ACCESS_DENIED:
181 return errSecWrPerm;
182 case CSSM_ERRCODE_INSUFFICIENT_CLIENT_IDENTIFICATION:
183 return errSecInsufficientClientID;
184 case CSSM_ERRCODE_DEVICE_RESET:
185 return errSecDeviceReset;
186 case CSSM_ERRCODE_DEVICE_FAILED:
187 return errSecDeviceFailed;
188 case CSSM_ERRCODE_INTERNAL_ERROR:
189 return errSecInternalError;
190 case CSSM_ERRCODE_MEMORY_ERROR:
191 return errSecMemoryError;
192 case CSSM_ERRCODE_MDS_ERROR:
193 return errSecMDSError;
194 case CSSM_ERRCODE_INVALID_POINTER:
195 case CSSM_ERRCODE_INVALID_INPUT_POINTER:
196 case CSSM_ERRCODE_INVALID_OUTPUT_POINTER:
197 case CSSM_ERRCODE_INVALID_CERTGROUP_POINTER:
198 case CSSM_ERRCODE_INVALID_CERT_POINTER:
199 case CSSM_ERRCODE_INVALID_CRL_POINTER:
200 case CSSM_ERRCODE_INVALID_FIELD_POINTER:
201 case CSSM_ERRCODE_INVALID_DB_LIST_POINTER:
202 return errSecInvalidPointer;
203 case CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED:
204 return errSecUnimplemented;
205 case CSSM_ERRCODE_SELF_CHECK_FAILED:
206 case CSSMERR_CL_SELF_CHECK_FAILED:
207 case CSSMERR_DL_SELF_CHECK_FAILED:
208 return errSecSelfCheckFailed;
209 case CSSM_ERRCODE_FUNCTION_FAILED:
210 return errSecFunctionFailed;
211 case CSSM_ERRCODE_MODULE_MANIFEST_VERIFY_FAILED:
212 return errSecModuleManifestVerifyFailed;
213 case CSSM_ERRCODE_INVALID_GUID:
214 return errSecInvalidGUID;
215 case CSSM_ERRCODE_OBJECT_USE_AUTH_DENIED:
216 case CSSM_ERRCODE_OBJECT_MANIP_AUTH_DENIED:
217 return errAuthorizationDenied;
218 case CSSM_ERRCODE_OBJECT_ACL_NOT_SUPPORTED:
219 case CSSM_ERRCODE_OBJECT_ACL_REQUIRED:
220 case CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE:
221 case CSSM_ERRCODE_ACL_SUBJECT_TYPE_NOT_SUPPORTED:
222 case CSSM_ERRCODE_INVALID_ACL_EDIT_MODE:
223 case CSSM_ERRCODE_INVALID_NEW_ACL_ENTRY:
224 case CSSM_ERRCODE_INVALID_NEW_ACL_OWNER:
225 return errSecInvalidACL;
226 case CSSM_ERRCODE_INVALID_ACCESS_CREDENTIALS:
227 return errSecInvalidAccessCredentials;
228 case CSSM_ERRCODE_INVALID_ACL_BASE_CERTS:
229 case CSSM_ERRCODE_ACL_BASE_CERTS_NOT_SUPPORTED:
230 return errSecInvalidCertificateGroup;
231 case CSSM_ERRCODE_INVALID_SAMPLE_VALUE:
232 return errSecInvalidSampleValue;
233 case CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED:
234 return errSecInvalidSampleValue;
235 case CSSM_ERRCODE_INVALID_ACL_CHALLENGE_CALLBACK:
236 return errSecInvalidCallback;
237 case CSSM_ERRCODE_ACL_CHALLENGE_CALLBACK_FAILED:
238 return errSecCallbackFailed;
239 case CSSM_ERRCODE_INVALID_ACL_ENTRY_TAG:
240 case CSSM_ERRCODE_UNKNOWN_TAG:
241 return errSecUnknownTag;
242 case CSSM_ERRCODE_ACL_ENTRY_TAG_NOT_FOUND:
243 return errSecTagNotFound;
244 case CSSM_ERRCODE_ACL_CHANGE_FAILED:
245 return errSecACLChangeFailed;
246 case CSSM_ERRCODE_ACL_DELETE_FAILED:
247 return errSecACLDeleteFailed;
248 case CSSM_ERRCODE_ACL_REPLACE_FAILED:
249 return errSecACLReplaceFailed;
250 case CSSM_ERRCODE_ACL_ADD_FAILED:
251 return errSecACLAddFailed;
252 case CSSM_ERRCODE_INVALID_CONTEXT_HANDLE:
253 case CSSM_ERRCODE_INVALID_DB_HANDLE:
254 case CSSM_ERRCODE_INVALID_CSP_HANDLE:
255 case CSSM_ERRCODE_INVALID_DL_HANDLE:
256 case CSSM_ERRCODE_INVALID_CL_HANDLE:
257 case CSSM_ERRCODE_INVALID_TP_HANDLE:
258 case CSSM_ERRCODE_INVALID_KR_HANDLE:
259 case CSSM_ERRCODE_INVALID_AC_HANDLE:
260 return errSecInvalidHandle;
261 case CSSM_ERRCODE_INCOMPATIBLE_VERSION:
262 return errSecIncompatibleVersion;
263 case CSSM_ERRCODE_INVALID_DATA:
264 return errSecInvalidData;
265 case CSSM_ERRCODE_CRL_ALREADY_SIGNED:
266 return errSecCRLAlreadySigned;
267 case CSSM_ERRCODE_INVALID_NUMBER_OF_FIELDS:
268 return errSecInvalidNumberOfFields;
269 case CSSM_ERRCODE_VERIFICATION_FAILURE:
270 return errSecVerificationFailure;
271 case CSSM_ERRCODE_PRIVILEGE_NOT_GRANTED:
272 return errSecPrivilegeNotGranted;
273 case CSSM_ERRCODE_INVALID_DB_LIST:
274 return errSecInvalidDBList;
275 case CSSM_ERRCODE_UNKNOWN_FORMAT:
276 return errSecUnknownFormat;
277 case CSSM_ERRCODE_INVALID_PASSTHROUGH_ID:
278 return errSecInvalidPassthroughID;
279 case CSSM_ERRCODE_INVALID_NETWORK_ADDR:
280 return errSecInvalidNetworkAddress;
281 case CSSM_ERRCODE_INVALID_CRYPTO_DATA:
282 return errSecInvalidData;
283 }
284 }
285 switch (osStatus)
286 {
287 // Some CSSM errors mapped to OSStatus-type (SnowLeopard and earlier).
288 //
289 case CSSMERR_DL_RECORD_NOT_FOUND:
290 case CSSMERR_APPLETP_CERT_NOT_FOUND_FROM_ISSUER:
291 case CSSMERR_CSP_PRIVATE_KEY_NOT_FOUND:
292 return errSecItemNotFound;
293 case CSSMERR_DL_INVALID_UNIQUE_INDEX_DATA:
294 case CSSMERR_CSP_PRIVATE_KEY_ALREADY_EXISTS:
295 case CSSMERR_CSP_KEY_LABEL_ALREADY_EXISTS:
296 return errSecDuplicateItem;
297 case CSSMERR_DL_DATABASE_CORRUPT:
298 return errSecInvalidKeychain;
299 case CSSMERR_DL_DATASTORE_DOESNOT_EXIST:
300 return errSecNoSuchKeychain;
301 case CSSMERR_DL_DATASTORE_ALREADY_EXISTS:
302 return errSecDuplicateKeychain;
303 case CSSMERR_APPLEDL_DISK_FULL:
304 return errSecDiskFull;
305 case CSSMERR_DL_INVALID_OPEN_PARAMETERS:
306 case CSSMERR_APPLEDL_INVALID_OPEN_PARAMETERS:
307 case CSSMERR_APPLE_DOTMAC_REQ_SERVER_PARAM:
308 return errSecParam;
309 case CSSMERR_DL_INVALID_FIELD_NAME:
310 case CSSMERR_CSSM_INVALID_ATTRIBUTE:
311 return errSecNoSuchAttr;
312 case CSSMERR_DL_OS_ACCESS_DENIED:
313 case CSSMERR_CSP_OS_ACCESS_DENIED:
314 case CSSMERR_TP_OS_ACCESS_DENIED:
315 case CSSMERR_AC_OS_ACCESS_DENIED:
316 case CSSMERR_CL_OS_ACCESS_DENIED:
317 return errSecWrPerm;
318 case CSSMERR_CSSM_BUFFER_TOO_SMALL:
319 return errSecBufferTooSmall;
320 case CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED:
321 case CSSMERR_CSP_FUNCTION_NOT_IMPLEMENTED:
322 case CSSMERR_TP_FUNCTION_NOT_IMPLEMENTED:
323 case CSSMERR_AC_FUNCTION_NOT_IMPLEMENTED:
324 case CSSMERR_CL_FUNCTION_NOT_IMPLEMENTED:
325 case CSSMERR_DL_FUNCTION_NOT_IMPLEMENTED:
326 case CSSMERR_APPLE_DOTMAC_REQ_SERVER_UNIMPL:
327 return errSecUnimplemented;
328 case CSSMERR_CSSM_INTERNAL_ERROR:
329 case CSSMERR_CSP_INTERNAL_ERROR:
330 case CSSMERR_TP_INTERNAL_ERROR:
331 case CSSMERR_AC_INTERNAL_ERROR:
332 case CSSMERR_CL_INTERNAL_ERROR:
333 case CSSMERR_DL_INTERNAL_ERROR:
334 return errSecInternalError;
335 case CSSMERR_CSSM_MEMORY_ERROR:
336 case CSSMERR_CSP_MEMORY_ERROR:
337 case CSSMERR_TP_MEMORY_ERROR:
338 case CSSMERR_AC_MEMORY_ERROR:
339 case CSSMERR_CSP_DEVICE_MEMORY_ERROR:
340 case CSSMERR_CL_MEMORY_ERROR:
341 case CSSMERR_DL_MEMORY_ERROR:
342 return errSecMemoryError;
343 case CSSMERR_CSSM_MDS_ERROR:
344 case CSSMERR_CSP_MDS_ERROR:
345 case CSSMERR_TP_MDS_ERROR:
346 case CSSMERR_AC_MDS_ERROR:
347 case CSSMERR_CL_MDS_ERROR:
348 case CSSMERR_DL_MDS_ERROR:
349 return errSecMDSError;
350 case CSSMERR_CSSM_INVALID_POINTER:
351 case CSSMERR_CSP_INVALID_POINTER:
352 case CSSMERR_TP_INVALID_POINTER:
353 case CSSMERR_AC_INVALID_POINTER:
354 case CSSMERR_CL_INVALID_POINTER:
355 case CSSMERR_DL_INVALID_POINTER:
356 case CSSMERR_CSSM_INVALID_INPUT_POINTER:
357 case CSSMERR_CSP_INVALID_INPUT_POINTER:
358 case CSSMERR_TP_INVALID_INPUT_POINTER:
359 case CSSMERR_AC_INVALID_INPUT_POINTER:
360 case CSSMERR_CL_INVALID_INPUT_POINTER:
361 case CSSMERR_DL_INVALID_INPUT_POINTER:
362 case CSSMERR_TP_INVALID_DB_LIST_POINTER:
363 case CSSMERR_AC_INVALID_DB_LIST_POINTER:
364 case CSSMERR_DL_INVALID_DB_LIST_POINTER:
365 case CSSMERR_TP_INVALID_CERTGROUP_POINTER:
366 case CSSMERR_TP_INVALID_CERT_POINTER:
367 case CSSMERR_TP_INVALID_CRL_POINTER:
368 case CSSMERR_TP_INVALID_FIELD_POINTER:
369 case CSSMERR_CSP_INVALID_KEY_POINTER:
370 case CSSMERR_TP_INVALID_CALLERAUTH_CONTEXT_POINTER:
371 case CSSMERR_TP_INVALID_IDENTIFIER_POINTER:
372 case CSSMERR_TP_INVALID_CRLGROUP_POINTER:
373 case CSSMERR_TP_INVALID_TUPLEGROUP_POINTER:
374 case CSSMERR_CL_INVALID_CERTGROUP_POINTER:
375 case CSSMERR_CL_INVALID_CERT_POINTER:
376 case CSSMERR_CL_INVALID_CRL_POINTER:
377 case CSSMERR_CL_INVALID_FIELD_POINTER:
378 case CSSMERR_CL_INVALID_BUNDLE_POINTER:
379 case CSSMERR_CSSM_INVALID_OUTPUT_POINTER:
380 case CSSMERR_CSP_INVALID_OUTPUT_POINTER:
381 case CSSMERR_TP_INVALID_OUTPUT_POINTER:
382 case CSSMERR_AC_INVALID_OUTPUT_POINTER:
383 case CSSMERR_CL_INVALID_OUTPUT_POINTER:
384 case CSSMERR_DL_INVALID_OUTPUT_POINTER:
385 return errSecInvalidPointer;
386 case CSSMERR_CSSM_FUNCTION_FAILED:
387 case CSSMERR_CSP_FUNCTION_FAILED:
388 case CSSMERR_TP_FUNCTION_FAILED:
389 case CSSMERR_AC_FUNCTION_FAILED:
390 case CSSMERR_CL_FUNCTION_FAILED:
391 case CSSMERR_DL_FUNCTION_FAILED:
392 return errSecFunctionFailed;
393 case CSSMERR_CSP_INVALID_DATA:
394 case CSSMERR_TP_INVALID_DATA:
395 case CSSMERR_AC_INVALID_DATA:
396 case CSSMERR_CL_INVALID_DATA:
397 case CSSMERR_CSP_INVALID_CRYPTO_DATA:
398 case CSSMERR_CSP_INVALID_DATA_COUNT:
399 case CSSMERR_TP_INVALID_ACTION_DATA:
400 return errSecInvalidData;
401 case CSSMERR_TP_INVALID_DB_LIST:
402 case CSSMERR_AC_INVALID_DB_LIST:
403 return errSecInvalidDBList;
404 case CSSMERR_CSP_INVALID_PASSTHROUGH_ID:
405 case CSSMERR_TP_INVALID_PASSTHROUGH_ID:
406 case CSSMERR_AC_INVALID_PASSTHROUGH_ID:
407 case CSSMERR_CL_INVALID_PASSTHROUGH_ID:
408 case CSSMERR_DL_INVALID_PASSTHROUGH_ID:
409 return errSecInvalidPassthroughID;
410 case CSSMERR_TP_INVALID_CSP_HANDLE:
411 case CSSMERR_TP_INVALID_CL_HANDLE:
412 case CSSMERR_TP_INVALID_DL_HANDLE:
413 case CSSMERR_AC_INVALID_TP_HANDLE:
414 case CSSMERR_AC_INVALID_DL_HANDLE:
415 case CSSMERR_DL_INVALID_DL_HANDLE:
416 case CSSMERR_AC_INVALID_CL_HANDLE:
417 case CSSMERR_DL_INVALID_CL_HANDLE:
418 case CSSMERR_DL_INVALID_CSP_HANDLE:
419 case CSSMERR_TP_INVALID_DB_HANDLE:
420 case CSSMERR_CSSM_INVALID_ADDIN_HANDLE:
421 case CSSMERR_CSSM_INVALID_CONTEXT_HANDLE:
422 case CSSMERR_CL_INVALID_CACHE_HANDLE:
423 case CSSMERR_CL_INVALID_RESULTS_HANDLE:
424 case CSSMERR_DL_INVALID_RESULTS_HANDLE:
425 case CSSMERR_TP_INVALID_KEYCACHE_HANDLE:
426 case CSSMERR_CSP_INVALID_CONTEXT_HANDLE:
427 case CSSMERR_TP_INVALID_CONTEXT_HANDLE:
428 case CSSMERR_AC_INVALID_CONTEXT_HANDLE:
429 case CSSMERR_CL_INVALID_CONTEXT_HANDLE:
430 return errSecInvalidHandle;
431 case CSSMERR_TP_CRL_ALREADY_SIGNED:
432 case CSSMERR_CL_CRL_ALREADY_SIGNED:
433 return errSecCRLAlreadySigned;
434 case CSSMERR_TP_INVALID_NUMBER_OF_FIELDS:
435 case CSSMERR_CL_INVALID_NUMBER_OF_FIELDS:
436 return errSecInvalidNumberOfFields;
437 case CSSMERR_TP_VERIFICATION_FAILURE:
438 case CSSMERR_CL_VERIFICATION_FAILURE:
439 return errSecVerificationFailure;
440 case CSSMERR_TP_INVALID_NETWORK_ADDR:
441 case CSSMERR_DL_INVALID_NETWORK_ADDR:
442 return errSecInvalidNetworkAddress;
443 case CSSMERR_TP_UNKNOWN_TAG:
444 case CSSMERR_CL_UNKNOWN_TAG:
445 case CSSMERR_CSP_INVALID_ACL_ENTRY_TAG:
446 case CSSMERR_DL_INVALID_ACL_ENTRY_TAG:
447 case CSSMERR_DL_INVALID_SELECTION_TAG:
448 return errSecUnknownTag;
449 case CSSMERR_CSP_INVALID_SIGNATURE:
450 case CSSMERR_TP_INVALID_SIGNATURE:
451 return errSecInvalidSignature;
452 case CSSMERR_CSSM_USER_CANCELED:
453 case CSSMERR_CSP_USER_CANCELED:
454 case CSSMERR_TP_USER_CANCELED:
455 case CSSMERR_AC_USER_CANCELED:
456 case CSSMERR_CL_USER_CANCELED:
457 case CSSMERR_DL_USER_CANCELED:
458 return errSecUserCanceled;
459 case CSSMERR_CSSM_NO_USER_INTERACTION:
460 case CSSMERR_CSP_NO_USER_INTERACTION:
461 case CSSMERR_TP_NO_USER_INTERACTION:
462 case CSSMERR_AC_NO_USER_INTERACTION:
463 case CSSMERR_CL_NO_USER_INTERACTION:
464 case CSSMERR_DL_NO_USER_INTERACTION:
465 return errSecInteractionNotAllowed;
466 case CSSMERR_CSSM_IN_DARK_WAKE:
467 case CSSMERR_CSP_IN_DARK_WAKE:
468 case CSSMERR_TP_IN_DARK_WAKE:
469 case CSSMERR_AC_IN_DARK_WAKE:
470 case CSSMERR_CL_IN_DARK_WAKE:
471 case CSSMERR_DL_IN_DARK_WAKE:
472 return errSecInDarkWake;
473 case CSSMERR_CSSM_SERVICE_NOT_AVAILABLE:
474 case CSSMERR_CSP_SERVICE_NOT_AVAILABLE:
475 case CSSMERR_TP_SERVICE_NOT_AVAILABLE:
476 case CSSMERR_AC_SERVICE_NOT_AVAILABLE:
477 case CSSMERR_CL_SERVICE_NOT_AVAILABLE:
478 case CSSMERR_DL_SERVICE_NOT_AVAILABLE:
479 return errSecServiceNotAvailable;
480 case CSSMERR_CSSM_INSUFFICIENT_CLIENT_IDENTIFICATION:
481 case CSSMERR_CSP_INSUFFICIENT_CLIENT_IDENTIFICATION:
482 case CSSMERR_TP_INSUFFICIENT_CLIENT_IDENTIFICATION:
483 case CSSMERR_AC_INSUFFICIENT_CLIENT_IDENTIFICATION:
484 case CSSMERR_CL_INSUFFICIENT_CLIENT_IDENTIFICATION:
485 case CSSMERR_DL_INSUFFICIENT_CLIENT_IDENTIFICATION:
486 return errSecInsufficientClientID;
487 case CSSMERR_CSSM_DEVICE_RESET:
488 case CSSMERR_CSP_DEVICE_RESET:
489 case CSSMERR_TP_DEVICE_RESET:
490 case CSSMERR_AC_DEVICE_RESET:
491 case CSSMERR_CL_DEVICE_RESET:
492 case CSSMERR_DL_DEVICE_RESET:
493 return errSecDeviceReset;
494 case CSSMERR_CSSM_DEVICE_FAILED:
495 case CSSMERR_CSP_DEVICE_FAILED:
496 case CSSMERR_TP_DEVICE_FAILED:
497 case CSSMERR_AC_DEVICE_FAILED:
498 case CSSMERR_CL_DEVICE_FAILED:
499 case CSSMERR_DL_DEVICE_FAILED:
500 return errSecDeviceFailed;
501 case CSSMERR_APPLE_DOTMAC_REQ_SERVER_AUTH:
502 case CSSMERR_CSSM_EMM_AUTHENTICATE_FAILED:
503 case CSSMERR_CSSM_ADDIN_AUTHENTICATE_FAILED:
504 case CSSMERR_CSP_OPERATION_AUTH_DENIED:
505 case CSSMERR_CSP_OBJECT_USE_AUTH_DENIED:
506 case CSSMERR_CSP_OBJECT_MANIP_AUTH_DENIED:
507 case CSSMERR_TP_AUTHENTICATION_FAILED:
508 case CSSMERR_DL_OPERATION_AUTH_DENIED:
509 case CSSMERR_DL_OBJECT_USE_AUTH_DENIED:
510 case CSSMERR_DL_OBJECT_MANIP_AUTH_DENIED:
511 return errAuthorizationDenied;
512 case CSSMERR_CSSM_SCOPE_NOT_SUPPORTED:
513 case CSSMERR_CL_SCOPE_NOT_SUPPORTED:
514 case CSSMERR_CL_INVALID_SCOPE:
515 return errSecInvalidScope;
516 case CSSMERR_TP_INVALID_NAME:
517 case CSSMERR_DL_INVALID_DB_NAME:
518 return errSecInvalidName;
519 case CSSMERR_APPLETP_BAD_CERT_FROM_ISSUER:
520 case CSSMERR_TP_INVALID_CERTIFICATE:
521 case CSSMERR_TP_INVALID_ANCHOR_CERT:
522 case CSSMERR_APPLETP_CRL_INVALID_ANCHOR_CERT:
523 case CSSMERR_APPLETP_OCSP_INVALID_ANCHOR_CERT:
524 return errSecInvalidCertificateRef;
525 case CSSMERR_CSP_ACL_ENTRY_TAG_NOT_FOUND:
526 case CSSMERR_DL_ACL_ENTRY_TAG_NOT_FOUND:
527 return errSecTagNotFound;
528 case CSSMERR_DL_UNSUPPORTED_QUERY:
529 case CSSMERR_DL_INVALID_QUERY:
530 return errSecInvalidQuery;
531 case CSSMERR_CSP_INVALID_ACL_CHALLENGE_CALLBACK:
532 case CSSMERR_TP_INVALID_CALLBACK:
533 case CSSMERR_DL_INVALID_ACL_CHALLENGE_CALLBACK:
534 return errSecInvalidCallback;
535 case CSSMERR_CSP_ACL_CHALLENGE_CALLBACK_FAILED:
536 case CSSMERR_CSP_CRYPTO_DATA_CALLBACK_FAILED:
537 case CSSMERR_DL_ACL_CHALLENGE_CALLBACK_FAILED:
538 return errSecCallbackFailed;
539 case CSSMERR_TP_INVALID_CERTGROUP:
540 case CSSMERR_TP_CERTGROUP_INCOMPLETE:
541 case CSSMERR_DL_INVALID_ACL_BASE_CERTS:
542 case CSSMERR_DL_ACL_BASE_CERTS_NOT_SUPPORTED:
543 case CSSMERR_CSP_INVALID_ACL_BASE_CERTS:
544 return errSecInvalidCertificateGroup;
545 case CSSMERR_CSP_ACL_DELETE_FAILED:
546 case CSSMERR_DL_ACL_DELETE_FAILED:
547 return errSecACLDeleteFailed;
548 case CSSMERR_CSP_ACL_REPLACE_FAILED:
549 case CSSMERR_DL_ACL_REPLACE_FAILED:
550 return errSecACLReplaceFailed;
551 case CSSMERR_CSP_ACL_ADD_FAILED:
552 case CSSMERR_DL_ACL_ADD_FAILED:
553 return errSecACLAddFailed;
554 case CSSMERR_DL_ACL_CHANGE_FAILED:
555 case CSSMERR_CSP_ACL_CHANGE_FAILED:
556 return errSecACLChangeFailed;
557 case CSSMERR_CSSM_PRIVILEGE_NOT_GRANTED:
558 case CSSMERR_CSP_PRIVILEGE_NOT_GRANTED:
559 return errSecPrivilegeNotGranted;
560 case CSSMERR_CSP_INVALID_ACCESS_CREDENTIALS:
561 case CSSMERR_DL_INVALID_ACCESS_CREDENTIALS:
562 return errSecInvalidAccessCredentials;
563 case CSSMERR_DL_INVALID_RECORD_INDEX:
564 case CSSMERR_DL_INVALID_RECORDTYPE:
565 case CSSMERR_DL_UNSUPPORTED_RECORDTYPE:
566 case CSSMERR_DL_INVALID_RECORD_UID:
567 case CSSMERR_DL_STALE_UNIQUE_RECORD:
568 return errSecInvalidRecord;
569 case CSSMERR_CSP_INVALID_KEY:
570 case CSSMERR_CSP_INVALID_KEY_REFERENCE:
571 case CSSMERR_CSP_INVALID_KEY_CLASS:
572 return errSecInvalidKeyRef;
573 case CSSMERR_CSP_OBJECT_ACL_NOT_SUPPORTED:
574 case CSSMERR_CSP_OBJECT_ACL_REQUIRED:
575 case CSSMERR_CSP_ACL_BASE_CERTS_NOT_SUPPORTED:
576 case CSSMERR_CSP_INVALID_ACL_SUBJECT_VALUE:
577 case CSSMERR_CSP_ACL_SUBJECT_TYPE_NOT_SUPPORTED:
578 case CSSMERR_DL_OBJECT_ACL_NOT_SUPPORTED:
579 case CSSMERR_DL_OBJECT_ACL_REQUIRED:
580 case CSSMERR_DL_INVALID_ACL_SUBJECT_VALUE:
581 case CSSMERR_DL_ACL_SUBJECT_TYPE_NOT_SUPPORTED:
582 case CSSMERR_DL_INVALID_NEW_ACL_ENTRY:
583 case CSSMERR_DL_INVALID_NEW_ACL_OWNER:
584 case CSSMERR_DL_INVALID_ACL_EDIT_MODE:
585 case CSSMERR_CSP_INVALID_ACL_EDIT_MODE:
586 case CSSMERR_CSP_INVALID_NEW_ACL_ENTRY:
587 case CSSMERR_CSP_INVALID_NEW_ACL_OWNER:
588 return errSecInvalidACL;
589 case CSSMERR_CSP_INVALID_SAMPLE_VALUE:
590 case CSSMERR_DL_INVALID_SAMPLE_VALUE:
591 case CSSMERR_CSP_SAMPLE_VALUE_NOT_SUPPORTED:
592 case CSSMERR_DL_SAMPLE_VALUE_NOT_SUPPORTED:
593 return errSecInvalidSampleValue;
594 case CSSMERR_TP_UNKNOWN_FORMAT:
595 case CSSMERR_CL_UNKNOWN_FORMAT:
596 return errSecUnknownFormat;
597 case CSSMERR_CSP_APPLE_ADD_APPLICATION_ACL_SUBJECT:
598 return errSecAppleAddAppACLSubject;
599 case CSSMERR_CSP_APPLE_PUBLIC_KEY_INCOMPLETE:
600 return errSecApplePublicKeyIncomplete;
601 case CSSMERR_CSP_APPLE_SIGNATURE_MISMATCH:
602 return errSecAppleSignatureMismatch;
603 case CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE:
604 return errSecAppleInvalidKeyStartDate;
605 case CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE:
606 return errSecAppleInvalidKeyEndDate;
607 case CSSMERR_CSPDL_APPLE_DL_CONVERSION_ERROR:
608 return errSecConversionError;
609 case CSSMERR_CSP_APPLE_SSLv2_ROLLBACK:
610 return errSecAppleSSLv2Rollback;
611 case CSSMERR_APPLEDL_QUOTA_EXCEEDED:
612 return errSecQuotaExceeded;
613 case CSSMERR_APPLEDL_FILE_TOO_BIG:
614 return errSecFileTooBig;
615 case CSSMERR_APPLEDL_INVALID_DATABASE_BLOB:
616 return errSecInvalidDatabaseBlob;
617 case CSSMERR_APPLEDL_INVALID_KEY_BLOB:
618 return errSecInvalidKeyBlob;
619 case CSSMERR_APPLEDL_INCOMPATIBLE_DATABASE_BLOB:
620 return errSecIncompatibleDatabaseBlob;
621 case CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB:
622 return errSecIncompatibleKeyBlob;
623 case CSSMERR_APPLETP_HOSTNAME_MISMATCH:
624 return errSecHostNameMismatch;
625 case CSSMERR_APPLETP_UNKNOWN_CRITICAL_EXTEN:
626 return errSecUnknownCriticalExtensionFlag;
627 case CSSMERR_APPLETP_NO_BASIC_CONSTRAINTS:
628 return errSecNoBasicConstraints;
629 case CSSMERR_APPLETP_INVALID_AUTHORITY_ID:
630 return errSecInvalidAuthorityKeyID;
631 case CSSMERR_APPLETP_INVALID_SUBJECT_ID:
632 return errSecInvalidSubjectKeyID;
633 case CSSMERR_APPLETP_INVALID_KEY_USAGE:
634 return errSecInvalidKeyUsageForPolicy;
635 case CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE:
636 return errSecInvalidExtendedKeyUsage;
637 case CSSMERR_APPLETP_INVALID_ID_LINKAGE:
638 return errSecInvalidIDLinkage;
639 case CSSMERR_APPLETP_PATH_LEN_CONSTRAINT:
640 return errSecPathLengthConstraintExceeded;
641 case CSSMERR_APPLETP_INVALID_ROOT:
642 return errSecInvalidRoot;
643 case CSSMERR_APPLETP_CRL_EXPIRED:
644 return errSecCRLExpired;
645 case CSSMERR_APPLETP_CRL_NOT_VALID_YET:
646 return errSecCRLNotValidYet;
647 case CSSMERR_APPLETP_CRL_NOT_FOUND:
648 return errSecCRLNotFound;
649 case CSSMERR_APPLETP_CRL_SERVER_DOWN:
650 return errSecCRLServerDown;
651 case CSSMERR_APPLETP_CRL_BAD_URI:
652 return errSecCRLBadURI;
653 case CSSMERR_APPLETP_UNKNOWN_CERT_EXTEN:
654 return errSecUnknownCertExtension;
655 case CSSMERR_APPLETP_UNKNOWN_CRL_EXTEN:
656 return errSecUnknownCRLExtension;
657 case CSSMERR_APPLETP_CRL_NOT_TRUSTED:
658 return errSecCRLNotTrusted;
659 case CSSMERR_APPLETP_CRL_POLICY_FAIL:
660 return errSecCRLPolicyFailed;
661 case CSSMERR_APPLETP_IDP_FAIL:
662 return errSecIDPFailure;
663 case CSSMERR_APPLETP_SMIME_EMAIL_ADDRS_NOT_FOUND:
664 return errSecSMIMEEmailAddressesNotFound;
665 case CSSMERR_APPLETP_SMIME_BAD_EXT_KEY_USE:
666 return errSecSMIMEBadExtendedKeyUsage;
667 case CSSMERR_APPLETP_SMIME_BAD_KEY_USE:
668 return errSecSMIMEBadKeyUsage;
669 case CSSMERR_APPLETP_SMIME_KEYUSAGE_NOT_CRITICAL:
670 return errSecSMIMEKeyUsageNotCritical;
671 case CSSMERR_APPLETP_SMIME_NO_EMAIL_ADDRS:
672 return errSecSMIMENoEmailAddress;
673 case CSSMERR_APPLETP_SMIME_SUBJ_ALT_NAME_NOT_CRIT:
674 return errSecSMIMESubjAltNameNotCritical;
675 case CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE:
676 return errSecSSLBadExtendedKeyUsage;
677 case CSSMERR_APPLETP_OCSP_BAD_RESPONSE:
678 return errSecOCSPBadResponse;
679 case CSSMERR_APPLETP_OCSP_BAD_REQUEST:
680 return errSecOCSPBadRequest;
681 case CSSMERR_APPLETP_OCSP_UNAVAILABLE:
682 return errSecOCSPUnavailable;
683 case CSSMERR_APPLETP_OCSP_STATUS_UNRECOGNIZED:
684 return errSecOCSPStatusUnrecognized;
685 case CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK:
686 return errSecIncompleteCertRevocationCheck;
687 case CSSMERR_APPLETP_NETWORK_FAILURE:
688 return errSecNetworkFailure;
689 case CSSMERR_APPLETP_OCSP_NOT_TRUSTED:
690 return errSecOCSPNotTrustedToAnchor;
691 case CSSMERR_APPLETP_OCSP_SIG_ERROR:
692 return errSecOCSPSignatureError;
693 case CSSMERR_APPLETP_OCSP_NO_SIGNER:
694 return errSecOCSPNoSigner;
695 case CSSMERR_APPLETP_OCSP_RESP_MALFORMED_REQ:
696 return errSecOCSPResponderMalformedReq;
697 case CSSMERR_APPLETP_OCSP_RESP_INTERNAL_ERR:
698 return errSecOCSPResponderInternalError;
699 case CSSMERR_APPLETP_OCSP_RESP_TRY_LATER:
700 return errSecOCSPResponderTryLater;
701 case CSSMERR_APPLETP_OCSP_RESP_SIG_REQUIRED:
702 return errSecOCSPResponderSignatureRequired;
703 case CSSMERR_APPLETP_OCSP_RESP_UNAUTHORIZED:
704 return errSecOCSPResponderUnauthorized;
705 case CSSMERR_APPLETP_OCSP_NONCE_MISMATCH:
706 return errSecOCSPResponseNonceMismatch;
707 case CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH:
708 return errSecCodeSigningBadCertChainLength;
709 case CSSMERR_APPLETP_CS_NO_BASIC_CONSTRAINTS:
710 return errSecCodeSigningNoBasicConstraints;
711 case CSSMERR_APPLETP_CS_BAD_PATH_LENGTH:
712 return errSecCodeSigningBadPathLengthConstraint;
713 case CSSMERR_APPLETP_CS_NO_EXTENDED_KEY_USAGE:
714 return errSecCodeSigningNoExtendedKeyUsage;
715 case CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT:
716 return errSecCodeSigningDevelopment;
717 case CSSMERR_APPLETP_RS_BAD_CERT_CHAIN_LENGTH:
718 return errSecResourceSignBadCertChainLength;
719 case CSSMERR_APPLETP_RS_BAD_EXTENDED_KEY_USAGE:
720 return errSecResourceSignBadExtKeyUsage;
721 case CSSMERR_APPLETP_TRUST_SETTING_DENY:
722 return errSecTrustSettingDeny;
723 case CSSMERR_APPLETP_INVALID_EMPTY_SUBJECT:
724 return errSecInvalidSubjectName;
725 case CSSMERR_APPLETP_UNKNOWN_QUAL_CERT_STATEMENT:
726 return errSecUnknownQualifiedCertStatement;
727 case CSSMERR_APPLETP_MISSING_REQUIRED_EXTENSION:
728 return errSecMissingRequiredExtension;
729 case CSSMERR_APPLETP_EXT_KEYUSAGE_NOT_CRITICAL:
730 return errSecExtendedKeyUsageNotCritical;
731 case CSSMERR_APPLE_DOTMAC_REQ_QUEUED:
732 return errSecMobileMeRequestQueued;
733 case CSSMERR_APPLE_DOTMAC_REQ_REDIRECT:
734 return errSecMobileMeRequestRedirected;
735 case CSSMERR_APPLE_DOTMAC_REQ_SERVER_ERR:
736 return errSecMobileMeServerError;
737 case CSSMERR_APPLE_DOTMAC_REQ_SERVER_NOT_AVAIL:
738 return errSecMobileMeServerNotAvailable;
739 case CSSMERR_APPLE_DOTMAC_REQ_SERVER_ALREADY_EXIST:
740 return errSecMobileMeServerAlreadyExists;
741 case CSSMERR_APPLE_DOTMAC_REQ_SERVER_SERVICE_ERROR:
742 return errSecMobileMeServerServiceErr;
743 case CSSMERR_APPLE_DOTMAC_REQ_IS_PENDING:
744 return errSecMobileMeRequestAlreadyPending;
745 case CSSMERR_APPLE_DOTMAC_NO_REQ_PENDING:
746 return errSecMobileMeNoRequestPending;
747 case CSSMERR_APPLE_DOTMAC_CSR_VERIFY_FAIL:
748 return errSecMobileMeCSRVerifyFailure;
749 case CSSMERR_APPLE_DOTMAC_FAILED_CONSISTENCY_CHECK:
750 return errSecMobileMeFailedConsistencyCheck;
751 case CSSMERR_CSSM_NOT_INITIALIZED:
752 return errSecNotInitialized;
753 case CSSMERR_CSSM_INVALID_HANDLE_USAGE:
754 return errSecInvalidHandleUsage;
755 case CSSMERR_CSSM_PVC_REFERENT_NOT_FOUND:
756 return errSecPVCReferentNotFound;
757 case CSSMERR_CSSM_FUNCTION_INTEGRITY_FAIL:
758 return errSecFunctionIntegrityFail;
759 case CSSMERR_CSSM_SELF_CHECK_FAILED:
760 case CSSMERR_CSP_SELF_CHECK_FAILED:
761 return errSecSelfCheckFailed;
762 case CSSMERR_CSSM_MODULE_MANIFEST_VERIFY_FAILED:
763 return errSecModuleManifestVerifyFailed;
764 case CSSMERR_CSSM_INVALID_GUID:
765 return errSecInvalidGUID;
766 case CSSMERR_CSSM_INCOMPATIBLE_VERSION:
767 return errSecIncompatibleVersion;
768 case CSSMERR_CSSM_PVC_ALREADY_CONFIGURED:
769 return errSecPVCAlreadyConfigured;
770 case CSSMERR_CSSM_INVALID_PVC:
771 return errSecInvalidPVC;
772 case CSSMERR_CSSM_EMM_LOAD_FAILED:
773 return errSecEMMLoadFailed;
774 case CSSMERR_CSSM_EMM_UNLOAD_FAILED:
775 return errSecEMMUnloadFailed;
776 case CSSMERR_CSSM_ADDIN_LOAD_FAILED:
777 return errSecAddinLoadFailed;
778 case CSSMERR_CSSM_INVALID_KEY_HIERARCHY:
779 return errSecInvalidKeyHierarchy;
780 case CSSMERR_CSSM_ADDIN_UNLOAD_FAILED:
781 return errSecAddinUnloadFailed;
782 case CSSMERR_CSSM_LIB_REF_NOT_FOUND:
783 return errSecLibraryReferenceNotFound;
784 case CSSMERR_CSSM_INVALID_ADDIN_FUNCTION_TABLE:
785 return errSecInvalidAddinFunctionTable;
786 case CSSMERR_CSSM_INVALID_SERVICE_MASK:
787 return errSecInvalidServiceMask;
788 case CSSMERR_CSSM_MODULE_NOT_LOADED:
789 return errSecModuleNotLoaded;
790 case CSSMERR_CSSM_INVALID_SUBSERVICEID:
791 return errSecInvalidSubServiceID;
792 case CSSMERR_CSSM_ATTRIBUTE_NOT_IN_CONTEXT:
793 return errSecAttributeNotInContext;
794 case CSSMERR_CSSM_MODULE_MANAGER_INITIALIZE_FAIL:
795 return errSecModuleManagerInitializeFailed;
796 case CSSMERR_CSSM_MODULE_MANAGER_NOT_FOUND:
797 return errSecModuleManagerNotFound;
798 case CSSMERR_CSSM_EVENT_NOTIFICATION_CALLBACK_NOT_FOUND:
799 return errSecEventNotificationCallbackNotFound;
800 case CSSMERR_CSP_INPUT_LENGTH_ERROR:
801 return errSecInputLengthError;
802 case CSSMERR_CSP_OUTPUT_LENGTH_ERROR:
803 return errSecOutputLengthError;
804 case CSSMERR_CSP_PRIVILEGE_NOT_SUPPORTED:
805 return errSecPrivilegeNotSupported;
806 case CSSMERR_CSP_DEVICE_ERROR:
807 return errSecDeviceError;
808 case CSSMERR_CSP_ATTACH_HANDLE_BUSY:
809 return errSecAttachHandleBusy;
810 case CSSMERR_CSP_NOT_LOGGED_IN:
811 return errSecNotLoggedIn;
812 case CSSMERR_CSP_ALGID_MISMATCH:
813 return errSecAlgorithmMismatch;
814 case CSSMERR_CSP_KEY_USAGE_INCORRECT:
815 return errSecKeyUsageIncorrect;
816 case CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT:
817 return errSecKeyBlobTypeIncorrect;
818 case CSSMERR_CSP_KEY_HEADER_INCONSISTENT:
819 return errSecKeyHeaderInconsistent;
820 case CSSMERR_CSP_UNSUPPORTED_KEY_FORMAT:
821 return errSecUnsupportedKeyFormat;
822 case CSSMERR_CSP_UNSUPPORTED_KEY_SIZE:
823 return errSecUnsupportedKeySize;
824 case CSSMERR_CSP_INVALID_KEYUSAGE_MASK:
825 return errSecInvalidKeyUsageMask;
826 case CSSMERR_CSP_UNSUPPORTED_KEYUSAGE_MASK:
827 return errSecUnsupportedKeyUsageMask;
828 case CSSMERR_CSP_INVALID_KEYATTR_MASK:
829 return errSecInvalidKeyAttributeMask;
830 case CSSMERR_CSP_UNSUPPORTED_KEYATTR_MASK:
831 return errSecUnsupportedKeyAttributeMask;
832 case CSSMERR_CSP_INVALID_KEY_LABEL:
833 return errSecInvalidKeyLabel;
834 case CSSMERR_CSP_UNSUPPORTED_KEY_LABEL:
835 return errSecUnsupportedKeyLabel;
836 case CSSMERR_CSP_INVALID_KEY_FORMAT:
837 return errSecInvalidKeyFormat;
838 case CSSMERR_CSP_VECTOR_OF_BUFS_UNSUPPORTED:
839 return errSecUnsupportedVectorOfBuffers;
840 case CSSMERR_CSP_INVALID_INPUT_VECTOR:
841 return errSecInvalidInputVector;
842 case CSSMERR_CSP_INVALID_OUTPUT_VECTOR:
843 return errSecInvalidOutputVector;
844 case CSSMERR_CSP_INVALID_CONTEXT:
845 return errSecInvalidContext;
846 case CSSMERR_CSP_INVALID_ALGORITHM:
847 return errSecInvalidAlgorithm;
848 case CSSMERR_CSP_INVALID_ATTR_KEY:
849 return errSecInvalidAttributeKey;
850 case CSSMERR_CSP_MISSING_ATTR_KEY:
851 return errSecMissingAttributeKey;
852 case CSSMERR_CSP_INVALID_ATTR_INIT_VECTOR:
853 return errSecInvalidAttributeInitVector;
854 case CSSMERR_CSP_MISSING_ATTR_INIT_VECTOR:
855 return errSecMissingAttributeInitVector;
856 case CSSMERR_CSP_INVALID_ATTR_SALT:
857 return errSecInvalidAttributeSalt;
858 case CSSMERR_CSP_MISSING_ATTR_SALT:
859 return errSecMissingAttributeSalt;
860 case CSSMERR_CSP_INVALID_ATTR_PADDING:
861 return errSecInvalidAttributePadding;
862 case CSSMERR_CSP_MISSING_ATTR_PADDING:
863 return errSecMissingAttributePadding;
864 case CSSMERR_CSP_INVALID_ATTR_RANDOM:
865 return errSecInvalidAttributeRandom;
866 case CSSMERR_CSP_MISSING_ATTR_RANDOM:
867 return errSecMissingAttributeRandom;
868 case CSSMERR_CSP_INVALID_ATTR_SEED:
869 return errSecInvalidAttributeSeed;
870 case CSSMERR_CSP_MISSING_ATTR_SEED:
871 return errSecMissingAttributeSeed;
872 case CSSMERR_CSP_INVALID_ATTR_PASSPHRASE:
873 return errSecInvalidAttributePassphrase;
874 case CSSMERR_CSP_MISSING_ATTR_PASSPHRASE:
875 return errSecMissingAttributePassphrase;
876 case CSSMERR_CSP_INVALID_ATTR_KEY_LENGTH:
877 return errSecInvalidAttributeKeyLength;
878 case CSSMERR_CSP_MISSING_ATTR_KEY_LENGTH:
879 return errSecMissingAttributeKeyLength;
880 case CSSMERR_CSP_INVALID_ATTR_BLOCK_SIZE:
881 return errSecInvalidAttributeBlockSize;
882 case CSSMERR_CSP_MISSING_ATTR_BLOCK_SIZE:
883 return errSecMissingAttributeBlockSize;
884 case CSSMERR_CSP_INVALID_ATTR_OUTPUT_SIZE:
885 return errSecInvalidAttributeOutputSize;
886 case CSSMERR_CSP_MISSING_ATTR_OUTPUT_SIZE:
887 return errSecMissingAttributeOutputSize;
888 case CSSMERR_CSP_INVALID_ATTR_ROUNDS:
889 return errSecInvalidAttributeRounds;
890 case CSSMERR_CSP_MISSING_ATTR_ROUNDS:
891 return errSecMissingAttributeRounds;
892 case CSSMERR_CSP_INVALID_ATTR_ALG_PARAMS:
893 return errSecInvalidAlgorithmParms;
894 case CSSMERR_CSP_MISSING_ATTR_ALG_PARAMS:
895 return errSecMissingAlgorithmParms;
896 case CSSMERR_CSP_INVALID_ATTR_LABEL:
897 return errSecInvalidAttributeLabel;
898 case CSSMERR_CSP_MISSING_ATTR_LABEL:
899 return errSecMissingAttributeLabel;
900 case CSSMERR_CSP_INVALID_ATTR_KEY_TYPE:
901 return errSecInvalidAttributeKeyType;
902 case CSSMERR_CSP_MISSING_ATTR_KEY_TYPE:
903 return errSecMissingAttributeKeyType;
904 case CSSMERR_CSP_INVALID_ATTR_MODE:
905 return errSecInvalidAttributeMode;
906 case CSSMERR_CSP_MISSING_ATTR_MODE:
907 return errSecMissingAttributeMode;
908 case CSSMERR_CSP_INVALID_ATTR_EFFECTIVE_BITS:
909 return errSecInvalidAttributeEffectiveBits;
910 case CSSMERR_CSP_MISSING_ATTR_EFFECTIVE_BITS:
911 return errSecMissingAttributeEffectiveBits;
912 case CSSMERR_CSP_INVALID_ATTR_START_DATE:
913 return errSecInvalidAttributeStartDate;
914 case CSSMERR_CSP_MISSING_ATTR_START_DATE:
915 return errSecMissingAttributeStartDate;
916 case CSSMERR_CSP_INVALID_ATTR_END_DATE:
917 return errSecInvalidAttributeEndDate;
918 case CSSMERR_CSP_MISSING_ATTR_END_DATE:
919 return errSecMissingAttributeEndDate;
920 case CSSMERR_CSP_INVALID_ATTR_VERSION:
921 return errSecInvalidAttributeVersion;
922 case CSSMERR_CSP_MISSING_ATTR_VERSION:
923 return errSecMissingAttributeVersion;
924 case CSSMERR_CSP_INVALID_ATTR_PRIME:
925 return errSecInvalidAttributePrime;
926 case CSSMERR_CSP_MISSING_ATTR_PRIME:
927 return errSecMissingAttributePrime;
928 case CSSMERR_CSP_INVALID_ATTR_BASE:
929 return errSecInvalidAttributeBase;
930 case CSSMERR_CSP_MISSING_ATTR_BASE:
931 return errSecMissingAttributeBase;
932 case CSSMERR_CSP_INVALID_ATTR_SUBPRIME:
933 return errSecInvalidAttributeSubprime;
934 case CSSMERR_CSP_MISSING_ATTR_SUBPRIME:
935 return errSecMissingAttributeSubprime;
936 case CSSMERR_CSP_INVALID_ATTR_ITERATION_COUNT:
937 return errSecInvalidAttributeIterationCount;
938 case CSSMERR_CSP_MISSING_ATTR_ITERATION_COUNT:
939 return errSecMissingAttributeIterationCount;
940 case CSSMERR_CSP_INVALID_ATTR_DL_DB_HANDLE:
941 return errSecInvalidAttributeDLDBHandle;
942 case CSSMERR_CSP_MISSING_ATTR_DL_DB_HANDLE:
943 return errSecMissingAttributeDLDBHandle;
944 case CSSMERR_CSP_INVALID_ATTR_ACCESS_CREDENTIALS:
945 return errSecInvalidAttributeAccessCredentials;
946 case CSSMERR_CSP_MISSING_ATTR_ACCESS_CREDENTIALS:
947 return errSecMissingAttributeAccessCredentials;
948 case CSSMERR_CSP_INVALID_ATTR_PUBLIC_KEY_FORMAT:
949 return errSecInvalidAttributePublicKeyFormat;
950 case CSSMERR_CSP_MISSING_ATTR_PUBLIC_KEY_FORMAT:
951 return errSecMissingAttributePublicKeyFormat;
952 case CSSMERR_CSP_INVALID_ATTR_PRIVATE_KEY_FORMAT:
953 return errSecInvalidAttributePrivateKeyFormat;
954 case CSSMERR_CSP_MISSING_ATTR_PRIVATE_KEY_FORMAT:
955 return errSecMissingAttributePrivateKeyFormat;
956 case CSSMERR_CSP_INVALID_ATTR_SYMMETRIC_KEY_FORMAT:
957 return errSecInvalidAttributeSymmetricKeyFormat;
958 case CSSMERR_CSP_MISSING_ATTR_SYMMETRIC_KEY_FORMAT:
959 return errSecMissingAttributeSymmetricKeyFormat;
960 case CSSMERR_CSP_INVALID_ATTR_WRAPPED_KEY_FORMAT:
961 return errSecInvalidAttributeWrappedKeyFormat;
962 case CSSMERR_CSP_MISSING_ATTR_WRAPPED_KEY_FORMAT:
963 return errSecMissingAttributeWrappedKeyFormat;
964 case CSSMERR_CSP_STAGED_OPERATION_IN_PROGRESS:
965 return errSecStagedOperationInProgress;
966 case CSSMERR_CSP_STAGED_OPERATION_NOT_STARTED:
967 return errSecStagedOperationNotStarted;
968 case CSSMERR_CSP_VERIFY_FAILED:
969 return errSecVerifyFailed;
970 case CSSMERR_CSP_QUERY_SIZE_UNKNOWN:
971 return errSecQuerySizeUnknown;
972 case CSSMERR_CSP_BLOCK_SIZE_MISMATCH:
973 return errSecBlockSizeMismatch;
974 case CSSMERR_CSP_PUBLIC_KEY_INCONSISTENT:
975 return errSecPublicKeyInconsistent;
976 case CSSMERR_CSP_DEVICE_VERIFY_FAILED:
977 return errSecDeviceVerifyFailed;
978 case CSSMERR_CSP_INVALID_LOGIN_NAME:
979 return errSecInvalidLoginName;
980 case CSSMERR_CSP_ALREADY_LOGGED_IN:
981 return errSecAlreadyLoggedIn;
982 case CSSMERR_CSP_INVALID_DIGEST_ALGORITHM:
983 return errSecInvalidDigestAlgorithm;
984 case CSSMERR_TP_INVALID_CRLGROUP:
985 return errSecInvalidCRLGroup;
986 case CSSMERR_TP_CERTIFICATE_CANT_OPERATE:
987 return errSecCertificateCannotOperate;
988 case CSSMERR_TP_CERT_EXPIRED:
989 return errSecCertificateExpired;
990 case CSSMERR_TP_CERT_NOT_VALID_YET:
991 return errSecCertificateNotValidYet;
992 case CSSMERR_TP_CERT_REVOKED:
993 return errSecCertificateRevoked;
994 case CSSMERR_TP_CERT_SUSPENDED:
995 return errSecCertificateSuspended;
996 case CSSMERR_TP_INSUFFICIENT_CREDENTIALS:
997 return errSecInsufficientCredentials;
998 case CSSMERR_TP_INVALID_ACTION:
999 return errSecInvalidAction;
1000 case CSSMERR_TP_INVALID_AUTHORITY:
1001 return errSecInvalidAuthority;
1002 case CSSMERR_TP_VERIFY_ACTION_FAILED:
1003 return errSecVerifyActionFailed;
1004 case CSSMERR_TP_INVALID_CERT_AUTHORITY:
1005 case CSSMERR_APPLETP_INVALID_CA:
1006 return errSecInvalidCertAuthority;
1007 case CSSMERR_TP_INVALID_CRL_AUTHORITY:
1008 return errSecInvaldCRLAuthority;
1009 case CSSMERR_TP_INVALID_CRL_ENCODING:
1010 return errSecInvalidCRLEncoding;
1011 case CSSMERR_TP_INVALID_CRL_TYPE:
1012 return errSecInvalidCRLType;
1013 case CSSMERR_TP_INVALID_CRL:
1014 return errSecInvalidCRL;
1015 case CSSMERR_TP_INVALID_FORM_TYPE:
1016 return errSecInvalidFormType;
1017 case CSSMERR_TP_INVALID_ID:
1018 return errSecInvalidID;
1019 case CSSMERR_TP_INVALID_IDENTIFIER:
1020 return errSecInvalidIdentifier;
1021 case CSSMERR_TP_INVALID_INDEX:
1022 return errSecInvalidIndex;
1023 case CSSMERR_TP_INVALID_POLICY_IDENTIFIERS:
1024 return errSecInvalidPolicyIdentifiers;
1025 case CSSMERR_TP_INVALID_TIMESTRING:
1026 return errSecInvalidTimeString;
1027 case CSSMERR_TP_INVALID_REASON:
1028 return errSecInvalidReason;
1029 case CSSMERR_TP_INVALID_REQUEST_INPUTS:
1030 return errSecInvalidRequestInputs;
1031 case CSSMERR_TP_INVALID_RESPONSE_VECTOR:
1032 return errSecInvalidResponseVector;
1033 case CSSMERR_TP_INVALID_STOP_ON_POLICY:
1034 return errSecInvalidStopOnPolicy;
1035 case CSSMERR_TP_INVALID_TUPLE:
1036 return errSecInvalidTuple;
1037 case CSSMERR_TP_NOT_SIGNER:
1038 return errSecNotSigner;
1039 case CSSMERR_TP_NOT_TRUSTED:
1040 return errSecNotTrusted;
1041 case CSSMERR_TP_NO_DEFAULT_AUTHORITY:
1042 return errSecNoDefaultAuthority;
1043 case CSSMERR_TP_REJECTED_FORM:
1044 return errSecRejectedForm;
1045 case CSSMERR_TP_REQUEST_LOST:
1046 return errSecRequestLost;
1047 case CSSMERR_TP_REQUEST_REJECTED:
1048 return errSecRequestRejected;
1049 case CSSMERR_TP_UNSUPPORTED_ADDR_TYPE:
1050 return errSecUnsupportedAddressType;
1051 case CSSMERR_TP_UNSUPPORTED_SERVICE:
1052 return errSecUnsupportedService;
1053 case CSSMERR_TP_INVALID_TUPLEGROUP:
1054 return errSecInvalidTupleGroup;
1055 case CSSMERR_AC_INVALID_BASE_ACLS:
1056 return errSecInvalidBaseACLs;
1057 case CSSMERR_AC_INVALID_TUPLE_CREDENTIALS:
1058 return errSecInvalidTupleCredendtials;
1059 case CSSMERR_AC_INVALID_ENCODING:
1060 return errSecInvalidEncoding;
1061 case CSSMERR_AC_INVALID_VALIDITY_PERIOD:
1062 return errSecInvalidValidityPeriod;
1063 case CSSMERR_AC_INVALID_REQUESTOR:
1064 return errSecInvalidRequestor;
1065 case CSSMERR_AC_INVALID_REQUEST_DESCRIPTOR:
1066 return errSecRequestDescriptor;
1067 case CSSMERR_CL_INVALID_BUNDLE_INFO:
1068 return errSecInvalidBundleInfo;
1069 case CSSMERR_CL_INVALID_CRL_INDEX:
1070 return errSecInvalidCRLIndex;
1071 case CSSMERR_CL_NO_FIELD_VALUES:
1072 return errSecNoFieldValues;
1073 case CSSMERR_DL_UNSUPPORTED_FIELD_FORMAT:
1074 return errSecUnsupportedFieldFormat;
1075 case CSSMERR_DL_UNSUPPORTED_INDEX_INFO:
1076 return errSecUnsupportedIndexInfo;
1077 case CSSMERR_DL_UNSUPPORTED_LOCALITY:
1078 return errSecUnsupportedLocality;
1079 case CSSMERR_DL_UNSUPPORTED_NUM_ATTRIBUTES:
1080 return errSecUnsupportedNumAttributes;
1081 case CSSMERR_DL_UNSUPPORTED_NUM_INDEXES:
1082 return errSecUnsupportedNumIndexes;
1083 case CSSMERR_DL_UNSUPPORTED_NUM_RECORDTYPES:
1084 return errSecUnsupportedNumRecordTypes;
1085 case CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE:
1086 return errSecFieldSpecifiedMultiple;
1087 case CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT:
1088 return errSecIncompatibleFieldFormat;
1089 case CSSMERR_DL_INVALID_PARSING_MODULE:
1090 return errSecInvalidParsingModule;
1091 case CSSMERR_DL_DB_LOCKED:
1092 return errSecDatabaseLocked;
1093 case CSSMERR_DL_DATASTORE_IS_OPEN:
1094 return errSecDatastoreIsOpen;
1095 case CSSMERR_DL_MISSING_VALUE:
1096 return errSecMissingValue;
1097 case CSSMERR_DL_UNSUPPORTED_QUERY_LIMITS:
1098 return errSecUnsupportedQueryLimits;
1099 case CSSMERR_DL_UNSUPPORTED_NUM_SELECTION_PREDS:
1100 return errSecUnsupportedNumSelectionPreds;
1101 case CSSMERR_DL_UNSUPPORTED_OPERATOR:
1102 return errSecUnsupportedOperator;
1103 case CSSMERR_DL_INVALID_DB_LOCATION:
1104 return errSecInvalidDBLocation;
1105 case CSSMERR_DL_INVALID_ACCESS_REQUEST:
1106 return errSecInvalidAccessRequest;
1107 case CSSMERR_DL_INVALID_INDEX_INFO:
1108 return errSecInvalidIndexInfo;
1109 case CSSMERR_DL_INVALID_NEW_OWNER:
1110 return errSecInvalidNewOwner;
1111 case CSSMERR_DL_INVALID_MODIFY_MODE:
1112 return errSecInvalidModifyMode;
1113 case CSSMERR_DL_RECORD_MODIFIED:
1114 return errSecRecordModified;
1115 case CSSMERR_DL_ENDOFDATA:
1116 return errSecEndOfData;
1117 case CSSMERR_DL_INVALID_VALUE:
1118 return errSecInvalidValue;
1119 case CSSMERR_DL_MULTIPLE_VALUES_UNSUPPORTED:
1120 return errSecMultipleValuesUnsupported;
1121 default:
1122 return osStatus;
1123 }
1124 }