X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/Security/libsecurity_keychain/lib/SecBase.cpp?ds=inline diff --git a/Security/libsecurity_keychain/lib/SecBase.cpp b/Security/libsecurity_keychain/lib/SecBase.cpp new file mode 100644 index 00000000..cb7d0152 --- /dev/null +++ b/Security/libsecurity_keychain/lib/SecBase.cpp @@ -0,0 +1,1120 @@ +/* + * Copyright (c) 2003-2013 Apple Inc. All Rights Reserved. + * + * @APPLE_LICENSE_HEADER_START@ + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, + * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. + * + * @APPLE_LICENSE_HEADER_END@ + */ + +#include +#include +#include +#include +#include "SecBridge.h" + +static CFStringRef copyErrorMessageFromBundle(OSStatus status,CFStringRef tableName); + +// caller MUST release the string, since it is gotten with "CFCopyLocalizedStringFromTableInBundle" +// intended use of reserved param is to pass in CFStringRef with name of the Table for lookup +// Will look by default in "SecErrorMessages.strings" in the resources of Security.framework. + + +CFStringRef +SecCopyErrorMessageString(OSStatus status, void *reserved) +{ + try + { + CFStringRef result = copyErrorMessageFromBundle(status,CFSTR("SecErrorMessages")); + if (result == NULL) + result = copyErrorMessageFromBundle(status,CFSTR("SecDebugErrorMessages")); + + if (result == NULL) + { + if (status >= errSecErrnoBase && status <= errSecErrnoLimit) + { + result = CFStringCreateWithFormat (NULL, NULL, CFSTR("UNIX[%s]"), strerror(status-errSecErrnoBase)); + } + else + { + // no error message found, so format a faked-up error message from the status + result = CFStringCreateWithFormat(NULL, NULL, CFSTR("OSStatus %d"), (int)status); + } + } + + return result; + } + catch (...) + { + return NULL; + } +} + + +void +cssmPerror(const char *how, CSSM_RETURN error) +{ + try + { + const char* errMsg = cssmErrorString(error); + fprintf(stderr, "%s: %s\n", how ? how : "error", errMsg); + } + catch (...) + { + fprintf(stderr, "failed to print error: %lu\n", (unsigned long)error); + } +} + + +const char * +cssmErrorString(CSSM_RETURN error) +{ + static ThreadNexus lastError; + + try { + string err; + + if (error >= errSecErrnoBase && error <= errSecErrnoLimit) + { + err = string ("UNIX[") + strerror(error - errSecErrnoBase) + "]"; + } + else + { + CFStringRef result = copyErrorMessageFromBundle(error,CFSTR("SecErrorMessages")); + if (result == NULL) + result = copyErrorMessageFromBundle(error,CFSTR("SecDebugErrorMessages")); + err = cfString(result, true); + } + + if (err.empty()) + { + char buf[200]; + snprintf(buf, sizeof(buf), "unknown error %ld=%lx", (long) error, (long) error); + err = buf; + } + + lastError() = err; + return lastError().c_str(); + } + catch (...) + { + char buf[256]; + snprintf (buf, sizeof (buf), "unknown error %ld=%lx", (long) error, (long) error); + lastError() = buf; + return lastError().c_str(); + } +} + + +static ModuleNexus gBundleLock; + +CFStringRef +copyErrorMessageFromBundle(OSStatus status,CFStringRef tableName) +{ + StLock _lock(gBundleLock()); + + CFStringRef errorString = nil; + CFStringRef keyString = nil; + CFBundleRef secBundle = NULL; + + // Make a bundle instance using the URLRef. + secBundle = CFBundleGetBundleWithIdentifier(CFSTR("com.apple.security")); + if (!secBundle) + goto xit; + + // Convert status to Int32 string representation, e.g. "-25924" + keyString = CFStringCreateWithFormat (kCFAllocatorDefault,NULL,CFSTR("%d"),(int)status); + if (!keyString) + goto xit; + + errorString = CFCopyLocalizedStringFromTableInBundle(keyString,tableName,secBundle,NULL); + if (CFStringCompare(errorString, keyString, 0)==kCFCompareEqualTo) // no real error message + { + if (errorString) + CFRelease(errorString); + errorString = nil; + } +xit: + if (keyString) + CFRelease(keyString); + + return errorString; +} + +/* Convert a possible CSSM type osStatus error to a more Keychain friendly OSStatus. */ +OSStatus SecKeychainErrFromOSStatus(OSStatus osStatus) +{ + if (CSSM_ERR_IS_CONVERTIBLE(osStatus)) + { + switch (CSSM_ERRCODE(osStatus)) + { + // CONVERTIBLE ERROR CODES. + case CSSM_ERRCODE_SERVICE_NOT_AVAILABLE: + return errSecNotAvailable; + case CSSM_ERRCODE_USER_CANCELED: + return errSecUserCanceled; + case CSSM_ERRCODE_OPERATION_AUTH_DENIED: + return errSecAuthFailed; + case CSSM_ERRCODE_NO_USER_INTERACTION: + return errSecInteractionNotAllowed; + case CSSM_ERRCODE_IN_DARK_WAKE: + return errSecInDarkWake; + case CSSM_ERRCODE_OS_ACCESS_DENIED: + return errSecWrPerm; + case CSSM_ERRCODE_INSUFFICIENT_CLIENT_IDENTIFICATION: + return errSecInsufficientClientID; + case CSSM_ERRCODE_DEVICE_RESET: + return errSecDeviceReset; + case CSSM_ERRCODE_DEVICE_FAILED: + return errSecDeviceFailed; + case CSSM_ERRCODE_INTERNAL_ERROR: + return errSecInternalError; + case CSSM_ERRCODE_MEMORY_ERROR: + return errSecMemoryError; + case CSSM_ERRCODE_MDS_ERROR: + return errSecMDSError; + case CSSM_ERRCODE_INVALID_POINTER: + case CSSM_ERRCODE_INVALID_INPUT_POINTER: + case CSSM_ERRCODE_INVALID_OUTPUT_POINTER: + case CSSM_ERRCODE_INVALID_CERTGROUP_POINTER: + case CSSM_ERRCODE_INVALID_CERT_POINTER: + case CSSM_ERRCODE_INVALID_CRL_POINTER: + case CSSM_ERRCODE_INVALID_FIELD_POINTER: + case CSSM_ERRCODE_INVALID_DB_LIST_POINTER: + return errSecInvalidPointer; + case CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED: + return errSecUnimplemented; + case CSSM_ERRCODE_SELF_CHECK_FAILED: + case CSSMERR_CL_SELF_CHECK_FAILED: + case CSSMERR_DL_SELF_CHECK_FAILED: + return errSecSelfCheckFailed; + case CSSM_ERRCODE_FUNCTION_FAILED: + return errSecFunctionFailed; + case CSSM_ERRCODE_MODULE_MANIFEST_VERIFY_FAILED: + return errSecModuleManifestVerifyFailed; + case CSSM_ERRCODE_INVALID_GUID: + return errSecInvalidGUID; + case CSSM_ERRCODE_OBJECT_USE_AUTH_DENIED: + case CSSM_ERRCODE_OBJECT_MANIP_AUTH_DENIED: + return errAuthorizationDenied; + case CSSM_ERRCODE_OBJECT_ACL_NOT_SUPPORTED: + case CSSM_ERRCODE_OBJECT_ACL_REQUIRED: + case CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE: + case CSSM_ERRCODE_ACL_SUBJECT_TYPE_NOT_SUPPORTED: + case CSSM_ERRCODE_INVALID_ACL_EDIT_MODE: + case CSSM_ERRCODE_INVALID_NEW_ACL_ENTRY: + case CSSM_ERRCODE_INVALID_NEW_ACL_OWNER: + return errSecInvalidACL; + case CSSM_ERRCODE_INVALID_ACCESS_CREDENTIALS: + return errSecInvalidAccessCredentials; + case CSSM_ERRCODE_INVALID_ACL_BASE_CERTS: + case CSSM_ERRCODE_ACL_BASE_CERTS_NOT_SUPPORTED: + return errSecInvalidCertificateGroup; + case CSSM_ERRCODE_INVALID_SAMPLE_VALUE: + return errSecInvalidSampleValue; + case CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED: + return errSecInvalidSampleValue; + case CSSM_ERRCODE_INVALID_ACL_CHALLENGE_CALLBACK: + return errSecInvalidCallback; + case CSSM_ERRCODE_ACL_CHALLENGE_CALLBACK_FAILED: + return errSecCallbackFailed; + case CSSM_ERRCODE_INVALID_ACL_ENTRY_TAG: + case CSSM_ERRCODE_UNKNOWN_TAG: + return errSecUnknownTag; + case CSSM_ERRCODE_ACL_ENTRY_TAG_NOT_FOUND: + return errSecTagNotFound; + case CSSM_ERRCODE_ACL_CHANGE_FAILED: + return errSecACLChangeFailed; + case CSSM_ERRCODE_ACL_DELETE_FAILED: + return errSecACLDeleteFailed; + case CSSM_ERRCODE_ACL_REPLACE_FAILED: + return errSecACLReplaceFailed; + case CSSM_ERRCODE_ACL_ADD_FAILED: + return errSecACLAddFailed; + case CSSM_ERRCODE_INVALID_CONTEXT_HANDLE: + case CSSM_ERRCODE_INVALID_DB_HANDLE: + case CSSM_ERRCODE_INVALID_CSP_HANDLE: + case CSSM_ERRCODE_INVALID_DL_HANDLE: + case CSSM_ERRCODE_INVALID_CL_HANDLE: + case CSSM_ERRCODE_INVALID_TP_HANDLE: + case CSSM_ERRCODE_INVALID_KR_HANDLE: + case CSSM_ERRCODE_INVALID_AC_HANDLE: + return errSecInvalidHandle; + case CSSM_ERRCODE_INCOMPATIBLE_VERSION: + return errSecIncompatibleVersion; + case CSSM_ERRCODE_INVALID_DATA: + return errSecInvalidData; + case CSSM_ERRCODE_CRL_ALREADY_SIGNED: + return errSecCRLAlreadySigned; + case CSSM_ERRCODE_INVALID_NUMBER_OF_FIELDS: + return errSecInvalidNumberOfFields; + case CSSM_ERRCODE_VERIFICATION_FAILURE: + return errSecVerificationFailure; + case CSSM_ERRCODE_PRIVILEGE_NOT_GRANTED: + return errSecPrivilegeNotGranted; + case CSSM_ERRCODE_INVALID_DB_LIST: + return errSecInvalidDBList; + case CSSM_ERRCODE_UNKNOWN_FORMAT: + return errSecUnknownFormat; + case CSSM_ERRCODE_INVALID_PASSTHROUGH_ID: + return errSecInvalidPassthroughID; + case CSSM_ERRCODE_INVALID_NETWORK_ADDR: + return errSecInvalidNetworkAddress; + case CSSM_ERRCODE_INVALID_CRYPTO_DATA: + return errSecInvalidData; + } + } + switch (osStatus) + { + // Some CSSM errors mapped to OSStatus-type (SnowLeopard and earlier). + // + case CSSMERR_DL_RECORD_NOT_FOUND: + case CSSMERR_APPLETP_CERT_NOT_FOUND_FROM_ISSUER: + case CSSMERR_CSP_PRIVATE_KEY_NOT_FOUND: + return errSecItemNotFound; + case CSSMERR_DL_INVALID_UNIQUE_INDEX_DATA: + case CSSMERR_CSP_PRIVATE_KEY_ALREADY_EXISTS: + case CSSMERR_CSP_KEY_LABEL_ALREADY_EXISTS: + return errSecDuplicateItem; + case CSSMERR_DL_DATABASE_CORRUPT: + return errSecInvalidKeychain; + case CSSMERR_DL_DATASTORE_DOESNOT_EXIST: + return errSecNoSuchKeychain; + case CSSMERR_DL_DATASTORE_ALREADY_EXISTS: + return errSecDuplicateKeychain; + case CSSMERR_APPLEDL_DISK_FULL: + return errSecDskFull; + case CSSMERR_DL_INVALID_OPEN_PARAMETERS: + case CSSMERR_APPLEDL_INVALID_OPEN_PARAMETERS: + case CSSMERR_APPLE_DOTMAC_REQ_SERVER_PARAM: + return errSecParam; + case CSSMERR_DL_INVALID_FIELD_NAME: + case CSSMERR_CSSM_INVALID_ATTRIBUTE: + return errSecNoSuchAttr; + case CSSMERR_DL_OS_ACCESS_DENIED: + case CSSMERR_CSP_OS_ACCESS_DENIED: + case CSSMERR_TP_OS_ACCESS_DENIED: + case CSSMERR_AC_OS_ACCESS_DENIED: + case CSSMERR_CL_OS_ACCESS_DENIED: + return errSecWrPerm; + case CSSMERR_CSSM_BUFFER_TOO_SMALL: + return errSecBufferTooSmall; + case CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED: + case CSSMERR_CSP_FUNCTION_NOT_IMPLEMENTED: + case CSSMERR_TP_FUNCTION_NOT_IMPLEMENTED: + case CSSMERR_AC_FUNCTION_NOT_IMPLEMENTED: + case CSSMERR_CL_FUNCTION_NOT_IMPLEMENTED: + case CSSMERR_DL_FUNCTION_NOT_IMPLEMENTED: + case CSSMERR_APPLE_DOTMAC_REQ_SERVER_UNIMPL: + return errSecUnimplemented; + case CSSMERR_CSSM_INTERNAL_ERROR: + case CSSMERR_CSP_INTERNAL_ERROR: + case CSSMERR_TP_INTERNAL_ERROR: + case CSSMERR_AC_INTERNAL_ERROR: + case CSSMERR_CL_INTERNAL_ERROR: + case CSSMERR_DL_INTERNAL_ERROR: + return errSecInternalError; + case CSSMERR_CSSM_MEMORY_ERROR: + case CSSMERR_CSP_MEMORY_ERROR: + case CSSMERR_TP_MEMORY_ERROR: + case CSSMERR_AC_MEMORY_ERROR: + case CSSMERR_CSP_DEVICE_MEMORY_ERROR: + case CSSMERR_CL_MEMORY_ERROR: + case CSSMERR_DL_MEMORY_ERROR: + return errSecMemoryError; + case CSSMERR_CSSM_MDS_ERROR: + case CSSMERR_CSP_MDS_ERROR: + case CSSMERR_TP_MDS_ERROR: + case CSSMERR_AC_MDS_ERROR: + case CSSMERR_CL_MDS_ERROR: + case CSSMERR_DL_MDS_ERROR: + return errSecMDSError; + case CSSMERR_CSSM_INVALID_POINTER: + case CSSMERR_CSP_INVALID_POINTER: + case CSSMERR_TP_INVALID_POINTER: + case CSSMERR_AC_INVALID_POINTER: + case CSSMERR_CL_INVALID_POINTER: + case CSSMERR_DL_INVALID_POINTER: + case CSSMERR_CSSM_INVALID_INPUT_POINTER: + case CSSMERR_CSP_INVALID_INPUT_POINTER: + case CSSMERR_TP_INVALID_INPUT_POINTER: + case CSSMERR_AC_INVALID_INPUT_POINTER: + case CSSMERR_CL_INVALID_INPUT_POINTER: + case CSSMERR_DL_INVALID_INPUT_POINTER: + case CSSMERR_TP_INVALID_DB_LIST_POINTER: + case CSSMERR_AC_INVALID_DB_LIST_POINTER: + case CSSMERR_DL_INVALID_DB_LIST_POINTER: + case CSSMERR_TP_INVALID_CERTGROUP_POINTER: + case CSSMERR_TP_INVALID_CERT_POINTER: + case CSSMERR_TP_INVALID_CRL_POINTER: + case CSSMERR_TP_INVALID_FIELD_POINTER: + case CSSMERR_CSP_INVALID_KEY_POINTER: + case CSSMERR_TP_INVALID_CALLERAUTH_CONTEXT_POINTER: + case CSSMERR_TP_INVALID_IDENTIFIER_POINTER: + case CSSMERR_TP_INVALID_CRLGROUP_POINTER: + case CSSMERR_TP_INVALID_TUPLEGROUP_POINTER: + case CSSMERR_CL_INVALID_CERTGROUP_POINTER: + case CSSMERR_CL_INVALID_CERT_POINTER: + case CSSMERR_CL_INVALID_CRL_POINTER: + case CSSMERR_CL_INVALID_FIELD_POINTER: + case CSSMERR_CL_INVALID_BUNDLE_POINTER: + case CSSMERR_CSSM_INVALID_OUTPUT_POINTER: + case CSSMERR_CSP_INVALID_OUTPUT_POINTER: + case CSSMERR_TP_INVALID_OUTPUT_POINTER: + case CSSMERR_AC_INVALID_OUTPUT_POINTER: + case CSSMERR_CL_INVALID_OUTPUT_POINTER: + case CSSMERR_DL_INVALID_OUTPUT_POINTER: + return errSecInvalidPointer; + case CSSMERR_CSSM_FUNCTION_FAILED: + case CSSMERR_CSP_FUNCTION_FAILED: + case CSSMERR_TP_FUNCTION_FAILED: + case CSSMERR_AC_FUNCTION_FAILED: + case CSSMERR_CL_FUNCTION_FAILED: + case CSSMERR_DL_FUNCTION_FAILED: + return errSecFunctionFailed; + case CSSMERR_CSP_INVALID_DATA: + case CSSMERR_TP_INVALID_DATA: + case CSSMERR_AC_INVALID_DATA: + case CSSMERR_CL_INVALID_DATA: + case CSSMERR_CSP_INVALID_CRYPTO_DATA: + case CSSMERR_CSP_INVALID_DATA_COUNT: + case CSSMERR_TP_INVALID_ACTION_DATA: + return errSecInvalidData; + case CSSMERR_TP_INVALID_DB_LIST: + case CSSMERR_AC_INVALID_DB_LIST: + return errSecInvalidDBList; + case CSSMERR_CSP_INVALID_PASSTHROUGH_ID: + case CSSMERR_TP_INVALID_PASSTHROUGH_ID: + case CSSMERR_AC_INVALID_PASSTHROUGH_ID: + case CSSMERR_CL_INVALID_PASSTHROUGH_ID: + case CSSMERR_DL_INVALID_PASSTHROUGH_ID: + return errSecInvalidPassthroughID; + case CSSMERR_TP_INVALID_CSP_HANDLE: + case CSSMERR_TP_INVALID_CL_HANDLE: + case CSSMERR_TP_INVALID_DL_HANDLE: + case CSSMERR_AC_INVALID_TP_HANDLE: + case CSSMERR_AC_INVALID_DL_HANDLE: + case CSSMERR_DL_INVALID_DL_HANDLE: + case CSSMERR_AC_INVALID_CL_HANDLE: + case CSSMERR_DL_INVALID_CL_HANDLE: + case CSSMERR_DL_INVALID_CSP_HANDLE: + case CSSMERR_TP_INVALID_DB_HANDLE: + case CSSMERR_CSSM_INVALID_ADDIN_HANDLE: + case CSSMERR_CSSM_INVALID_CONTEXT_HANDLE: + case CSSMERR_CL_INVALID_CACHE_HANDLE: + case CSSMERR_CL_INVALID_RESULTS_HANDLE: + case CSSMERR_DL_INVALID_RESULTS_HANDLE: + case CSSMERR_TP_INVALID_KEYCACHE_HANDLE: + case CSSMERR_CSP_INVALID_CONTEXT_HANDLE: + case CSSMERR_TP_INVALID_CONTEXT_HANDLE: + case CSSMERR_AC_INVALID_CONTEXT_HANDLE: + case CSSMERR_CL_INVALID_CONTEXT_HANDLE: + return errSecInvalidHandle; + case CSSMERR_TP_CRL_ALREADY_SIGNED: + case CSSMERR_CL_CRL_ALREADY_SIGNED: + return errSecCRLAlreadySigned; + case CSSMERR_TP_INVALID_NUMBER_OF_FIELDS: + case CSSMERR_CL_INVALID_NUMBER_OF_FIELDS: + return errSecInvalidNumberOfFields; + case CSSMERR_TP_VERIFICATION_FAILURE: + case CSSMERR_CL_VERIFICATION_FAILURE: + return errSecVerificationFailure; + case CSSMERR_TP_INVALID_NETWORK_ADDR: + case CSSMERR_DL_INVALID_NETWORK_ADDR: + return errSecInvalidNetworkAddress; + case CSSMERR_TP_UNKNOWN_TAG: + case CSSMERR_CL_UNKNOWN_TAG: + case CSSMERR_CSP_INVALID_ACL_ENTRY_TAG: + case CSSMERR_DL_INVALID_ACL_ENTRY_TAG: + case CSSMERR_DL_INVALID_SELECTION_TAG: + return errSecUnknownTag; + case CSSMERR_CSP_INVALID_SIGNATURE: + case CSSMERR_TP_INVALID_SIGNATURE: + return errSecInvalidSignature; + case CSSMERR_CSSM_USER_CANCELED: + case CSSMERR_CSP_USER_CANCELED: + case CSSMERR_TP_USER_CANCELED: + case CSSMERR_AC_USER_CANCELED: + case CSSMERR_CL_USER_CANCELED: + case CSSMERR_DL_USER_CANCELED: + return errSecUserCanceled; + case CSSMERR_CSSM_NO_USER_INTERACTION: + case CSSMERR_CSP_NO_USER_INTERACTION: + case CSSMERR_TP_NO_USER_INTERACTION: + case CSSMERR_AC_NO_USER_INTERACTION: + case CSSMERR_CL_NO_USER_INTERACTION: + case CSSMERR_DL_NO_USER_INTERACTION: + return errSecInteractionNotAllowed; + case CSSMERR_CSSM_IN_DARK_WAKE: + case CSSMERR_CSP_IN_DARK_WAKE: + case CSSMERR_TP_IN_DARK_WAKE: + case CSSMERR_AC_IN_DARK_WAKE: + case CSSMERR_CL_IN_DARK_WAKE: + case CSSMERR_DL_IN_DARK_WAKE: + return errSecInDarkWake; + case CSSMERR_CSSM_SERVICE_NOT_AVAILABLE: + case CSSMERR_CSP_SERVICE_NOT_AVAILABLE: + case CSSMERR_TP_SERVICE_NOT_AVAILABLE: + case CSSMERR_AC_SERVICE_NOT_AVAILABLE: + case CSSMERR_CL_SERVICE_NOT_AVAILABLE: + case CSSMERR_DL_SERVICE_NOT_AVAILABLE: + return errSecServiceNotAvailable; + case CSSMERR_CSSM_INSUFFICIENT_CLIENT_IDENTIFICATION: + case CSSMERR_CSP_INSUFFICIENT_CLIENT_IDENTIFICATION: + case CSSMERR_TP_INSUFFICIENT_CLIENT_IDENTIFICATION: + case CSSMERR_AC_INSUFFICIENT_CLIENT_IDENTIFICATION: + case CSSMERR_CL_INSUFFICIENT_CLIENT_IDENTIFICATION: + case CSSMERR_DL_INSUFFICIENT_CLIENT_IDENTIFICATION: + return errSecInsufficientClientID; + case CSSMERR_CSSM_DEVICE_RESET: + case CSSMERR_CSP_DEVICE_RESET: + case CSSMERR_TP_DEVICE_RESET: + case CSSMERR_AC_DEVICE_RESET: + case CSSMERR_CL_DEVICE_RESET: + case CSSMERR_DL_DEVICE_RESET: + return errSecDeviceReset; + case CSSMERR_CSSM_DEVICE_FAILED: + case CSSMERR_CSP_DEVICE_FAILED: + case CSSMERR_TP_DEVICE_FAILED: + case CSSMERR_AC_DEVICE_FAILED: + case CSSMERR_CL_DEVICE_FAILED: + case CSSMERR_DL_DEVICE_FAILED: + return errSecDeviceFailed; + case CSSMERR_APPLE_DOTMAC_REQ_SERVER_AUTH: + case CSSMERR_CSSM_EMM_AUTHENTICATE_FAILED: + case CSSMERR_CSSM_ADDIN_AUTHENTICATE_FAILED: + case CSSMERR_CSP_OPERATION_AUTH_DENIED: + case CSSMERR_CSP_OBJECT_USE_AUTH_DENIED: + case CSSMERR_CSP_OBJECT_MANIP_AUTH_DENIED: + case CSSMERR_TP_AUTHENTICATION_FAILED: + case CSSMERR_DL_OPERATION_AUTH_DENIED: + case CSSMERR_DL_OBJECT_USE_AUTH_DENIED: + case CSSMERR_DL_OBJECT_MANIP_AUTH_DENIED: + return errAuthorizationDenied; + case CSSMERR_CSSM_SCOPE_NOT_SUPPORTED: + case CSSMERR_CL_SCOPE_NOT_SUPPORTED: + case CSSMERR_CL_INVALID_SCOPE: + return errSecInvalidScope; + case CSSMERR_TP_INVALID_NAME: + case CSSMERR_DL_INVALID_DB_NAME: + return errSecInvalidName; + case CSSMERR_APPLETP_BAD_CERT_FROM_ISSUER: + case CSSMERR_TP_INVALID_CERTIFICATE: + case CSSMERR_TP_INVALID_ANCHOR_CERT: + case CSSMERR_APPLETP_CRL_INVALID_ANCHOR_CERT: + case CSSMERR_APPLETP_OCSP_INVALID_ANCHOR_CERT: + return errSecInvalidCertificateRef; + case CSSMERR_CSP_ACL_ENTRY_TAG_NOT_FOUND: + case CSSMERR_DL_ACL_ENTRY_TAG_NOT_FOUND: + return errSecTagNotFound; + case CSSMERR_DL_UNSUPPORTED_QUERY: + case CSSMERR_DL_INVALID_QUERY: + return errSecInvalidQuery; + case CSSMERR_CSP_INVALID_ACL_CHALLENGE_CALLBACK: + case CSSMERR_TP_INVALID_CALLBACK: + case CSSMERR_DL_INVALID_ACL_CHALLENGE_CALLBACK: + return errSecInvalidCallback; + case CSSMERR_CSP_ACL_CHALLENGE_CALLBACK_FAILED: + case CSSMERR_CSP_CRYPTO_DATA_CALLBACK_FAILED: + case CSSMERR_DL_ACL_CHALLENGE_CALLBACK_FAILED: + return errSecCallbackFailed; + case CSSMERR_TP_INVALID_CERTGROUP: + case CSSMERR_TP_CERTGROUP_INCOMPLETE: + case CSSMERR_DL_INVALID_ACL_BASE_CERTS: + case CSSMERR_DL_ACL_BASE_CERTS_NOT_SUPPORTED: + case CSSMERR_CSP_INVALID_ACL_BASE_CERTS: + return errSecInvalidCertificateGroup; + case CSSMERR_CSP_ACL_DELETE_FAILED: + case CSSMERR_DL_ACL_DELETE_FAILED: + return errSecACLDeleteFailed; + case CSSMERR_CSP_ACL_REPLACE_FAILED: + case CSSMERR_DL_ACL_REPLACE_FAILED: + return errSecACLReplaceFailed; + case CSSMERR_CSP_ACL_ADD_FAILED: + case CSSMERR_DL_ACL_ADD_FAILED: + return errSecACLAddFailed; + case CSSMERR_DL_ACL_CHANGE_FAILED: + case CSSMERR_CSP_ACL_CHANGE_FAILED: + return errSecACLChangeFailed; + case CSSMERR_CSSM_PRIVILEGE_NOT_GRANTED: + case CSSMERR_CSP_PRIVILEGE_NOT_GRANTED: + return errSecPrivilegeNotGranted; + case CSSMERR_CSP_INVALID_ACCESS_CREDENTIALS: + case CSSMERR_DL_INVALID_ACCESS_CREDENTIALS: + return errSecInvalidAccessCredentials; + case CSSMERR_DL_INVALID_RECORD_INDEX: + case CSSMERR_DL_INVALID_RECORDTYPE: + case CSSMERR_DL_UNSUPPORTED_RECORDTYPE: + case CSSMERR_DL_INVALID_RECORD_UID: + case CSSMERR_DL_STALE_UNIQUE_RECORD: + return errSecInvalidRecord; + case CSSMERR_CSP_INVALID_KEY: + case CSSMERR_CSP_INVALID_KEY_REFERENCE: + case CSSMERR_CSP_INVALID_KEY_CLASS: + return errSecInvalidKeyRef; + case CSSMERR_CSP_OBJECT_ACL_NOT_SUPPORTED: + case CSSMERR_CSP_OBJECT_ACL_REQUIRED: + case CSSMERR_CSP_ACL_BASE_CERTS_NOT_SUPPORTED: + case CSSMERR_CSP_INVALID_ACL_SUBJECT_VALUE: + case CSSMERR_CSP_ACL_SUBJECT_TYPE_NOT_SUPPORTED: + case CSSMERR_DL_OBJECT_ACL_NOT_SUPPORTED: + case CSSMERR_DL_OBJECT_ACL_REQUIRED: + case CSSMERR_DL_INVALID_ACL_SUBJECT_VALUE: + case CSSMERR_DL_ACL_SUBJECT_TYPE_NOT_SUPPORTED: + case CSSMERR_DL_INVALID_NEW_ACL_ENTRY: + case CSSMERR_DL_INVALID_NEW_ACL_OWNER: + case CSSMERR_DL_INVALID_ACL_EDIT_MODE: + case CSSMERR_CSP_INVALID_ACL_EDIT_MODE: + case CSSMERR_CSP_INVALID_NEW_ACL_ENTRY: + case CSSMERR_CSP_INVALID_NEW_ACL_OWNER: + return errSecInvalidACL; + case CSSMERR_CSP_INVALID_SAMPLE_VALUE: + case CSSMERR_DL_INVALID_SAMPLE_VALUE: + case CSSMERR_CSP_SAMPLE_VALUE_NOT_SUPPORTED: + case CSSMERR_DL_SAMPLE_VALUE_NOT_SUPPORTED: + return errSecInvalidSampleValue; + case CSSMERR_TP_UNKNOWN_FORMAT: + case CSSMERR_CL_UNKNOWN_FORMAT: + return errSecUnknownFormat; + case CSSMERR_CSP_APPLE_ADD_APPLICATION_ACL_SUBJECT: + return errSecAppleAddAppACLSubject; + case CSSMERR_CSP_APPLE_PUBLIC_KEY_INCOMPLETE: + return errSecApplePublicKeyIncomplete; + case CSSMERR_CSP_APPLE_SIGNATURE_MISMATCH: + return errSecAppleSignatureMismatch; + case CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE: + return errSecAppleInvalidKeyStartDate; + case CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE: + return errSecAppleInvalidKeyEndDate; + case CSSMERR_CSPDL_APPLE_DL_CONVERSION_ERROR: + return errSecConversionError; + case CSSMERR_CSP_APPLE_SSLv2_ROLLBACK: + return errSecAppleSSLv2Rollback; + case CSSMERR_APPLEDL_QUOTA_EXCEEDED: + return errSecQuotaExceeded; + case CSSMERR_APPLEDL_FILE_TOO_BIG: + return errSecFileTooBig; + case CSSMERR_APPLEDL_INVALID_DATABASE_BLOB: + return errSecInvalidDatabaseBlob; + case CSSMERR_APPLEDL_INVALID_KEY_BLOB: + return errSecInvalidKeyBlob; + case CSSMERR_APPLEDL_INCOMPATIBLE_DATABASE_BLOB: + return errSecIncompatibleDatabaseBlob; + case CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB: + return errSecIncompatibleKeyBlob; + case CSSMERR_APPLETP_HOSTNAME_MISMATCH: + return errSecHostNameMismatch; + case CSSMERR_APPLETP_UNKNOWN_CRITICAL_EXTEN: + return errSecUnknownCriticalExtensionFlag; + case CSSMERR_APPLETP_NO_BASIC_CONSTRAINTS: + return errSecNoBasicConstraints; + case CSSMERR_APPLETP_INVALID_AUTHORITY_ID: + return errSecInvalidAuthorityKeyID; + case CSSMERR_APPLETP_INVALID_SUBJECT_ID: + return errSecInvalidSubjectKeyID; + case CSSMERR_APPLETP_INVALID_KEY_USAGE: + return errSecInvalidKeyUsageForPolicy; + case CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE: + return errSecInvalidExtendedKeyUsage; + case CSSMERR_APPLETP_INVALID_ID_LINKAGE: + return errSecInvalidIDLinkage; + case CSSMERR_APPLETP_PATH_LEN_CONSTRAINT: + return errSecPathLengthConstraintExceeded; + case CSSMERR_APPLETP_INVALID_ROOT: + return errSecInvalidRoot; + case CSSMERR_APPLETP_CRL_EXPIRED: + return errSecCRLExpired; + case CSSMERR_APPLETP_CRL_NOT_VALID_YET: + return errSecCRLNotValidYet; + case CSSMERR_APPLETP_CRL_NOT_FOUND: + return errSecCRLNotFound; + case CSSMERR_APPLETP_CRL_SERVER_DOWN: + return errSecCRLServerDown; + case CSSMERR_APPLETP_CRL_BAD_URI: + return errSecCRLBadURI; + case CSSMERR_APPLETP_UNKNOWN_CERT_EXTEN: + return errSecUnknownCertExtension; + case CSSMERR_APPLETP_UNKNOWN_CRL_EXTEN: + return errSecUnknownCRLExtension; + case CSSMERR_APPLETP_CRL_NOT_TRUSTED: + return errSecCRLNotTrusted; + case CSSMERR_APPLETP_CRL_POLICY_FAIL: + return errSecCRLPolicyFailed; + case CSSMERR_APPLETP_IDP_FAIL: + return errSecIDPFailure; + case CSSMERR_APPLETP_SMIME_EMAIL_ADDRS_NOT_FOUND: + return errSecSMIMEEmailAddressesNotFound; + case CSSMERR_APPLETP_SMIME_BAD_EXT_KEY_USE: + return errSecSMIMEBadExtendedKeyUsage; + case CSSMERR_APPLETP_SMIME_BAD_KEY_USE: + return errSecSMIMEBadKeyUsage; + case CSSMERR_APPLETP_SMIME_KEYUSAGE_NOT_CRITICAL: + return errSecSMIMEKeyUsageNotCritical; + case CSSMERR_APPLETP_SMIME_NO_EMAIL_ADDRS: + return errSecSMIMENoEmailAddress; + case CSSMERR_APPLETP_SMIME_SUBJ_ALT_NAME_NOT_CRIT: + return errSecSMIMESubjAltNameNotCritical; + case CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE: + return errSecSSLBadExtendedKeyUsage; + case CSSMERR_APPLETP_OCSP_BAD_RESPONSE: + return errSecOCSPBadResponse; + case CSSMERR_APPLETP_OCSP_BAD_REQUEST: + return errSecOCSPBadRequest; + case CSSMERR_APPLETP_OCSP_UNAVAILABLE: + return errSecOCSPUnavailable; + case CSSMERR_APPLETP_OCSP_STATUS_UNRECOGNIZED: + return errSecOCSPStatusUnrecognized; + case CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK: + return errSecIncompleteCertRevocationCheck; + case CSSMERR_APPLETP_NETWORK_FAILURE: + return errSecNetworkFailure; + case CSSMERR_APPLETP_OCSP_NOT_TRUSTED: + return errSecOCSPNotTrustedToAnchor; + case CSSMERR_APPLETP_OCSP_SIG_ERROR: + return errSecOCSPSignatureError; + case CSSMERR_APPLETP_OCSP_NO_SIGNER: + return errSecOCSPNoSigner; + case CSSMERR_APPLETP_OCSP_RESP_MALFORMED_REQ: + return errSecOCSPResponderMalformedReq; + case CSSMERR_APPLETP_OCSP_RESP_INTERNAL_ERR: + return errSecOCSPResponderInternalError; + case CSSMERR_APPLETP_OCSP_RESP_TRY_LATER: + return errSecOCSPResponderTryLater; + case CSSMERR_APPLETP_OCSP_RESP_SIG_REQUIRED: + return errSecOCSPResponderSignatureRequired; + case CSSMERR_APPLETP_OCSP_RESP_UNAUTHORIZED: + return errSecOCSPResponderUnauthorized; + case CSSMERR_APPLETP_OCSP_NONCE_MISMATCH: + return errSecOCSPResponseNonceMismatch; + case CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH: + return errSecCodeSigningBadCertChainLength; + case CSSMERR_APPLETP_CS_NO_BASIC_CONSTRAINTS: + return errSecCodeSigningNoBasicConstraints; + case CSSMERR_APPLETP_CS_BAD_PATH_LENGTH: + return errSecCodeSigningBadPathLengthConstraint; + case CSSMERR_APPLETP_CS_NO_EXTENDED_KEY_USAGE: + return errSecCodeSigningNoExtendedKeyUsage; + case CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT: + return errSecCodeSigningDevelopment; + case CSSMERR_APPLETP_RS_BAD_CERT_CHAIN_LENGTH: + return errSecResourceSignBadCertChainLength; + case CSSMERR_APPLETP_RS_BAD_EXTENDED_KEY_USAGE: + return errSecResourceSignBadExtKeyUsage; + case CSSMERR_APPLETP_TRUST_SETTING_DENY: + return errSecTrustSettingDeny; + case CSSMERR_APPLETP_INVALID_EMPTY_SUBJECT: + return errSecInvalidSubjectName; + case CSSMERR_APPLETP_UNKNOWN_QUAL_CERT_STATEMENT: + return errSecUnknownQualifiedCertStatement; + case CSSMERR_APPLETP_MISSING_REQUIRED_EXTENSION: + return errSecMissingRequiredExtension; + case CSSMERR_APPLETP_EXT_KEYUSAGE_NOT_CRITICAL: + return errSecExtendedKeyUsageNotCritical; + case CSSMERR_APPLE_DOTMAC_REQ_QUEUED: + return errSecMobileMeRequestQueued; + case CSSMERR_APPLE_DOTMAC_REQ_REDIRECT: + return errSecMobileMeRequestRedirected; + case CSSMERR_APPLE_DOTMAC_REQ_SERVER_ERR: + return errSecMobileMeServerError; + case CSSMERR_APPLE_DOTMAC_REQ_SERVER_NOT_AVAIL: + return errSecMobileMeServerNotAvailable; + case CSSMERR_APPLE_DOTMAC_REQ_SERVER_ALREADY_EXIST: + return errSecMobileMeServerAlreadyExists; + case CSSMERR_APPLE_DOTMAC_REQ_SERVER_SERVICE_ERROR: + return errSecMobileMeServerServiceErr; + case CSSMERR_APPLE_DOTMAC_REQ_IS_PENDING: + return errSecMobileMeRequestAlreadyPending; + case CSSMERR_APPLE_DOTMAC_NO_REQ_PENDING: + return errSecMobileMeNoRequestPending; + case CSSMERR_APPLE_DOTMAC_CSR_VERIFY_FAIL: + return errSecMobileMeCSRVerifyFailure; + case CSSMERR_APPLE_DOTMAC_FAILED_CONSISTENCY_CHECK: + return errSecMobileMeFailedConsistencyCheck; + case CSSMERR_CSSM_NOT_INITIALIZED: + return errSecNotInitialized; + case CSSMERR_CSSM_INVALID_HANDLE_USAGE: + return errSecInvalidHandleUsage; + case CSSMERR_CSSM_PVC_REFERENT_NOT_FOUND: + return errSecPVCReferentNotFound; + case CSSMERR_CSSM_FUNCTION_INTEGRITY_FAIL: + return errSecFunctionIntegrityFail; + case CSSMERR_CSSM_SELF_CHECK_FAILED: + case CSSMERR_CSP_SELF_CHECK_FAILED: + return errSecSelfCheckFailed; + case CSSMERR_CSSM_MODULE_MANIFEST_VERIFY_FAILED: + return errSecModuleManifestVerifyFailed; + case CSSMERR_CSSM_INVALID_GUID: + return errSecInvalidGUID; + case CSSMERR_CSSM_INCOMPATIBLE_VERSION: + return errSecIncompatibleVersion; + case CSSMERR_CSSM_PVC_ALREADY_CONFIGURED: + return errSecPVCAlreadyConfigured; + case CSSMERR_CSSM_INVALID_PVC: + return errSecInvalidPVC; + case CSSMERR_CSSM_EMM_LOAD_FAILED: + return errSecEMMLoadFailed; + case CSSMERR_CSSM_EMM_UNLOAD_FAILED: + return errSecEMMUnloadFailed; + case CSSMERR_CSSM_ADDIN_LOAD_FAILED: + return errSecAddinLoadFailed; + case CSSMERR_CSSM_INVALID_KEY_HIERARCHY: + return errSecInvalidKeyHierarchy; + case CSSMERR_CSSM_ADDIN_UNLOAD_FAILED: + return errSecAddinUnloadFailed; + case CSSMERR_CSSM_LIB_REF_NOT_FOUND: + return errSecLibraryReferenceNotFound; + case CSSMERR_CSSM_INVALID_ADDIN_FUNCTION_TABLE: + return errSecInvalidAddinFunctionTable; + case CSSMERR_CSSM_INVALID_SERVICE_MASK: + return errSecInvalidServiceMask; + case CSSMERR_CSSM_MODULE_NOT_LOADED: + return errSecModuleNotLoaded; + case CSSMERR_CSSM_INVALID_SUBSERVICEID: + return errSecInvalidSubServiceID; + case CSSMERR_CSSM_ATTRIBUTE_NOT_IN_CONTEXT: + return errSecAttributeNotInContext; + case CSSMERR_CSSM_MODULE_MANAGER_INITIALIZE_FAIL: + return errSecModuleManagerInitializeFailed; + case CSSMERR_CSSM_MODULE_MANAGER_NOT_FOUND: + return errSecModuleManagerNotFound; + case CSSMERR_CSSM_EVENT_NOTIFICATION_CALLBACK_NOT_FOUND: + return errSecEventNotificationCallbackNotFound; + case CSSMERR_CSP_INPUT_LENGTH_ERROR: + return errSecInputLengthError; + case CSSMERR_CSP_OUTPUT_LENGTH_ERROR: + return errSecOutputLengthError; + case CSSMERR_CSP_PRIVILEGE_NOT_SUPPORTED: + return errSecPrivilegeNotSupported; + case CSSMERR_CSP_DEVICE_ERROR: + return errSecDeviceError; + case CSSMERR_CSP_ATTACH_HANDLE_BUSY: + return errSecAttachHandleBusy; + case CSSMERR_CSP_NOT_LOGGED_IN: + return errSecNotLoggedIn; + case CSSMERR_CSP_ALGID_MISMATCH: + return errSecAlgorithmMismatch; + case CSSMERR_CSP_KEY_USAGE_INCORRECT: + return errSecKeyUsageIncorrect; + case CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT: + return errSecKeyBlobTypeIncorrect; + case CSSMERR_CSP_KEY_HEADER_INCONSISTENT: + return errSecKeyHeaderInconsistent; + case CSSMERR_CSP_UNSUPPORTED_KEY_FORMAT: + return errSecUnsupportedKeyFormat; + case CSSMERR_CSP_UNSUPPORTED_KEY_SIZE: + return errSecUnsupportedKeySize; + case CSSMERR_CSP_INVALID_KEYUSAGE_MASK: + return errSecInvalidKeyUsageMask; + case CSSMERR_CSP_UNSUPPORTED_KEYUSAGE_MASK: + return errSecUnsupportedKeyUsageMask; + case CSSMERR_CSP_INVALID_KEYATTR_MASK: + return errSecInvalidKeyAttributeMask; + case CSSMERR_CSP_UNSUPPORTED_KEYATTR_MASK: + return errSecUnsupportedKeyAttributeMask; + case CSSMERR_CSP_INVALID_KEY_LABEL: + return errSecInvalidKeyLabel; + case CSSMERR_CSP_UNSUPPORTED_KEY_LABEL: + return errSecUnsupportedKeyLabel; + case CSSMERR_CSP_INVALID_KEY_FORMAT: + return errSecInvalidKeyFormat; + case CSSMERR_CSP_VECTOR_OF_BUFS_UNSUPPORTED: + return errSecUnsupportedVectorOfBuffers; + case CSSMERR_CSP_INVALID_INPUT_VECTOR: + return errSecInvalidInputVector; + case CSSMERR_CSP_INVALID_OUTPUT_VECTOR: + return errSecInvalidOutputVector; + case CSSMERR_CSP_INVALID_CONTEXT: + return errSecInvalidContext; + case CSSMERR_CSP_INVALID_ALGORITHM: + return errSecInvalidAlgorithm; + case CSSMERR_CSP_INVALID_ATTR_KEY: + return errSecInvalidAttributeKey; + case CSSMERR_CSP_MISSING_ATTR_KEY: + return errSecMissingAttributeKey; + case CSSMERR_CSP_INVALID_ATTR_INIT_VECTOR: + return errSecInvalidAttributeInitVector; + case CSSMERR_CSP_MISSING_ATTR_INIT_VECTOR: + return errSecMissingAttributeInitVector; + case CSSMERR_CSP_INVALID_ATTR_SALT: + return errSecInvalidAttributeSalt; + case CSSMERR_CSP_MISSING_ATTR_SALT: + return errSecMissingAttributeSalt; + case CSSMERR_CSP_INVALID_ATTR_PADDING: + return errSecInvalidAttributePadding; + case CSSMERR_CSP_MISSING_ATTR_PADDING: + return errSecMissingAttributePadding; + case CSSMERR_CSP_INVALID_ATTR_RANDOM: + return errSecInvalidAttributeRandom; + case CSSMERR_CSP_MISSING_ATTR_RANDOM: + return errSecMissingAttributeRandom; + case CSSMERR_CSP_INVALID_ATTR_SEED: + return errSecInvalidAttributeSeed; + case CSSMERR_CSP_MISSING_ATTR_SEED: + return errSecMissingAttributeSeed; + case CSSMERR_CSP_INVALID_ATTR_PASSPHRASE: + return errSecInvalidAttributePassphrase; + case CSSMERR_CSP_MISSING_ATTR_PASSPHRASE: + return errSecMissingAttributePassphrase; + case CSSMERR_CSP_INVALID_ATTR_KEY_LENGTH: + return errSecInvalidAttributeKeyLength; + case CSSMERR_CSP_MISSING_ATTR_KEY_LENGTH: + return errSecMissingAttributeKeyLength; + case CSSMERR_CSP_INVALID_ATTR_BLOCK_SIZE: + return errSecInvalidAttributeBlockSize; + case CSSMERR_CSP_MISSING_ATTR_BLOCK_SIZE: + return errSecMissingAttributeBlockSize; + case CSSMERR_CSP_INVALID_ATTR_OUTPUT_SIZE: + return errSecInvalidAttributeOutputSize; + case CSSMERR_CSP_MISSING_ATTR_OUTPUT_SIZE: + return errSecMissingAttributeOutputSize; + case CSSMERR_CSP_INVALID_ATTR_ROUNDS: + return errSecInvalidAttributeRounds; + case CSSMERR_CSP_MISSING_ATTR_ROUNDS: + return errSecMissingAttributeRounds; + case CSSMERR_CSP_INVALID_ATTR_ALG_PARAMS: + return errSecInvalidAlgorithmParms; + case CSSMERR_CSP_MISSING_ATTR_ALG_PARAMS: + return errSecMissingAlgorithmParms; + case CSSMERR_CSP_INVALID_ATTR_LABEL: + return errSecInvalidAttributeLabel; + case CSSMERR_CSP_MISSING_ATTR_LABEL: + return errSecMissingAttributeLabel; + case CSSMERR_CSP_INVALID_ATTR_KEY_TYPE: + return errSecInvalidAttributeKeyType; + case CSSMERR_CSP_MISSING_ATTR_KEY_TYPE: + return errSecMissingAttributeKeyType; + case CSSMERR_CSP_INVALID_ATTR_MODE: + return errSecInvalidAttributeMode; + case CSSMERR_CSP_MISSING_ATTR_MODE: + return errSecMissingAttributeMode; + case CSSMERR_CSP_INVALID_ATTR_EFFECTIVE_BITS: + return errSecInvalidAttributeEffectiveBits; + case CSSMERR_CSP_MISSING_ATTR_EFFECTIVE_BITS: + return errSecMissingAttributeEffectiveBits; + case CSSMERR_CSP_INVALID_ATTR_START_DATE: + return errSecInvalidAttributeStartDate; + case CSSMERR_CSP_MISSING_ATTR_START_DATE: + return errSecMissingAttributeStartDate; + case CSSMERR_CSP_INVALID_ATTR_END_DATE: + return errSecInvalidAttributeEndDate; + case CSSMERR_CSP_MISSING_ATTR_END_DATE: + return errSecMissingAttributeEndDate; + case CSSMERR_CSP_INVALID_ATTR_VERSION: + return errSecInvalidAttributeVersion; + case CSSMERR_CSP_MISSING_ATTR_VERSION: + return errSecMissingAttributeVersion; + case CSSMERR_CSP_INVALID_ATTR_PRIME: + return errSecInvalidAttributePrime; + case CSSMERR_CSP_MISSING_ATTR_PRIME: + return errSecMissingAttributePrime; + case CSSMERR_CSP_INVALID_ATTR_BASE: + return errSecInvalidAttributeBase; + case CSSMERR_CSP_MISSING_ATTR_BASE: + return errSecMissingAttributeBase; + case CSSMERR_CSP_INVALID_ATTR_SUBPRIME: + return errSecInvalidAttributeSubprime; + case CSSMERR_CSP_MISSING_ATTR_SUBPRIME: + return errSecMissingAttributeSubprime; + case CSSMERR_CSP_INVALID_ATTR_ITERATION_COUNT: + return errSecInvalidAttributeIterationCount; + case CSSMERR_CSP_MISSING_ATTR_ITERATION_COUNT: + return errSecMissingAttributeIterationCount; + case CSSMERR_CSP_INVALID_ATTR_DL_DB_HANDLE: + return errSecInvalidAttributeDLDBHandle; + case CSSMERR_CSP_MISSING_ATTR_DL_DB_HANDLE: + return errSecMissingAttributeDLDBHandle; + case CSSMERR_CSP_INVALID_ATTR_ACCESS_CREDENTIALS: + return errSecInvalidAttributeAccessCredentials; + case CSSMERR_CSP_MISSING_ATTR_ACCESS_CREDENTIALS: + return errSecMissingAttributeAccessCredentials; + case CSSMERR_CSP_INVALID_ATTR_PUBLIC_KEY_FORMAT: + return errSecInvalidAttributePublicKeyFormat; + case CSSMERR_CSP_MISSING_ATTR_PUBLIC_KEY_FORMAT: + return errSecMissingAttributePublicKeyFormat; + case CSSMERR_CSP_INVALID_ATTR_PRIVATE_KEY_FORMAT: + return errSecInvalidAttributePrivateKeyFormat; + case CSSMERR_CSP_MISSING_ATTR_PRIVATE_KEY_FORMAT: + return errSecMissingAttributePrivateKeyFormat; + case CSSMERR_CSP_INVALID_ATTR_SYMMETRIC_KEY_FORMAT: + return errSecInvalidAttributeSymmetricKeyFormat; + case CSSMERR_CSP_MISSING_ATTR_SYMMETRIC_KEY_FORMAT: + return errSecMissingAttributeSymmetricKeyFormat; + case CSSMERR_CSP_INVALID_ATTR_WRAPPED_KEY_FORMAT: + return errSecInvalidAttributeWrappedKeyFormat; + case CSSMERR_CSP_MISSING_ATTR_WRAPPED_KEY_FORMAT: + return errSecMissingAttributeWrappedKeyFormat; + case CSSMERR_CSP_STAGED_OPERATION_IN_PROGRESS: + return errSecStagedOperationInProgress; + case CSSMERR_CSP_STAGED_OPERATION_NOT_STARTED: + return errSecStagedOperationNotStarted; + case CSSMERR_CSP_VERIFY_FAILED: + return errSecVerifyFailed; + case CSSMERR_CSP_QUERY_SIZE_UNKNOWN: + return errSecQuerySizeUnknown; + case CSSMERR_CSP_BLOCK_SIZE_MISMATCH: + return errSecBlockSizeMismatch; + case CSSMERR_CSP_PUBLIC_KEY_INCONSISTENT: + return errSecPublicKeyInconsistent; + case CSSMERR_CSP_DEVICE_VERIFY_FAILED: + return errSecDeviceVerifyFailed; + case CSSMERR_CSP_INVALID_LOGIN_NAME: + return errSecInvalidLoginName; + case CSSMERR_CSP_ALREADY_LOGGED_IN: + return errSecAlreadyLoggedIn; + case CSSMERR_CSP_INVALID_DIGEST_ALGORITHM: + return errSecInvalidDigestAlgorithm; + case CSSMERR_TP_INVALID_CRLGROUP: + return errSecInvalidCRLGroup; + case CSSMERR_TP_CERTIFICATE_CANT_OPERATE: + return errSecCertificateCannotOperate; + case CSSMERR_TP_CERT_EXPIRED: + return errSecCertificateExpired; + case CSSMERR_TP_CERT_NOT_VALID_YET: + return errSecCertificateNotValidYet; + case CSSMERR_TP_CERT_REVOKED: + return errSecCertificateRevoked; + case CSSMERR_TP_CERT_SUSPENDED: + return errSecCertificateSuspended; + case CSSMERR_TP_INSUFFICIENT_CREDENTIALS: + return errSecInsufficientCredentials; + case CSSMERR_TP_INVALID_ACTION: + return errSecInvalidAction; + case CSSMERR_TP_INVALID_AUTHORITY: + return errSecInvalidAuthority; + case CSSMERR_TP_VERIFY_ACTION_FAILED: + return errSecVerifyActionFailed; + case CSSMERR_TP_INVALID_CERT_AUTHORITY: + case CSSMERR_APPLETP_INVALID_CA: + return errSecInvalidCertAuthority; + case CSSMERR_TP_INVALID_CRL_AUTHORITY: + return errSecInvaldCRLAuthority; + case CSSMERR_TP_INVALID_CRL_ENCODING: + return errSecInvalidCRLEncoding; + case CSSMERR_TP_INVALID_CRL_TYPE: + return errSecInvalidCRLType; + case CSSMERR_TP_INVALID_CRL: + return errSecInvalidCRL; + case CSSMERR_TP_INVALID_FORM_TYPE: + return errSecInvalidFormType; + case CSSMERR_TP_INVALID_ID: + return errSecInvalidID; + case CSSMERR_TP_INVALID_IDENTIFIER: + return errSecInvalidIdentifier; + case CSSMERR_TP_INVALID_INDEX: + return errSecInvalidIndex; + case CSSMERR_TP_INVALID_POLICY_IDENTIFIERS: + return errSecInvalidPolicyIdentifiers; + case CSSMERR_TP_INVALID_TIMESTRING: + return errSecInvalidTimeString; + case CSSMERR_TP_INVALID_REASON: + return errSecInvalidReason; + case CSSMERR_TP_INVALID_REQUEST_INPUTS: + return errSecInvalidRequestInputs; + case CSSMERR_TP_INVALID_RESPONSE_VECTOR: + return errSecInvalidResponseVector; + case CSSMERR_TP_INVALID_STOP_ON_POLICY: + return errSecInvalidStopOnPolicy; + case CSSMERR_TP_INVALID_TUPLE: + return errSecInvalidTuple; + case CSSMERR_TP_NOT_SIGNER: + return errSecNotSigner; + case CSSMERR_TP_NOT_TRUSTED: + return errSecNotTrusted; + case CSSMERR_TP_NO_DEFAULT_AUTHORITY: + return errSecNoDefaultAuthority; + case CSSMERR_TP_REJECTED_FORM: + return errSecRejectedForm; + case CSSMERR_TP_REQUEST_LOST: + return errSecRequestLost; + case CSSMERR_TP_REQUEST_REJECTED: + return errSecRequestRejected; + case CSSMERR_TP_UNSUPPORTED_ADDR_TYPE: + return errSecUnsupportedAddressType; + case CSSMERR_TP_UNSUPPORTED_SERVICE: + return errSecUnsupportedService; + case CSSMERR_TP_INVALID_TUPLEGROUP: + return errSecInvalidTupleGroup; + case CSSMERR_AC_INVALID_BASE_ACLS: + return errSecInvalidBaseACLs; + case CSSMERR_AC_INVALID_TUPLE_CREDENTIALS: + return errSecInvalidTupleCredendtials; + case CSSMERR_AC_INVALID_ENCODING: + return errSecInvalidEncoding; + case CSSMERR_AC_INVALID_VALIDITY_PERIOD: + return errSecInvalidValidityPeriod; + case CSSMERR_AC_INVALID_REQUESTOR: + return errSecInvalidRequestor; + case CSSMERR_AC_INVALID_REQUEST_DESCRIPTOR: + return errSecRequestDescriptor; + case CSSMERR_CL_INVALID_BUNDLE_INFO: + return errSecInvalidBundleInfo; + case CSSMERR_CL_INVALID_CRL_INDEX: + return errSecInvalidCRLIndex; + case CSSMERR_CL_NO_FIELD_VALUES: + return errSecNoFieldValues; + case CSSMERR_DL_UNSUPPORTED_FIELD_FORMAT: + return errSecUnsupportedFieldFormat; + case CSSMERR_DL_UNSUPPORTED_INDEX_INFO: + return errSecUnsupportedIndexInfo; + case CSSMERR_DL_UNSUPPORTED_LOCALITY: + return errSecUnsupportedLocality; + case CSSMERR_DL_UNSUPPORTED_NUM_ATTRIBUTES: + return errSecUnsupportedNumAttributes; + case CSSMERR_DL_UNSUPPORTED_NUM_INDEXES: + return errSecUnsupportedNumIndexes; + case CSSMERR_DL_UNSUPPORTED_NUM_RECORDTYPES: + return errSecUnsupportedNumRecordTypes; + case CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE: + return errSecFieldSpecifiedMultiple; + case CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT: + return errSecIncompatibleFieldFormat; + case CSSMERR_DL_INVALID_PARSING_MODULE: + return errSecInvalidParsingModule; + case CSSMERR_DL_DB_LOCKED: + return errSecDatabaseLocked; + case CSSMERR_DL_DATASTORE_IS_OPEN: + return errSecDatastoreIsOpen; + case CSSMERR_DL_MISSING_VALUE: + return errSecMissingValue; + case CSSMERR_DL_UNSUPPORTED_QUERY_LIMITS: + return errSecUnsupportedQueryLimits; + case CSSMERR_DL_UNSUPPORTED_NUM_SELECTION_PREDS: + return errSecUnsupportedNumSelectionPreds; + case CSSMERR_DL_UNSUPPORTED_OPERATOR: + return errSecUnsupportedOperator; + case CSSMERR_DL_INVALID_DB_LOCATION: + return errSecInvalidDBLocation; + case CSSMERR_DL_INVALID_ACCESS_REQUEST: + return errSecInvalidAccessRequest; + case CSSMERR_DL_INVALID_INDEX_INFO: + return errSecInvalidIndexInfo; + case CSSMERR_DL_INVALID_NEW_OWNER: + return errSecInvalidNewOwner; + case CSSMERR_DL_INVALID_MODIFY_MODE: + return errSecInvalidModifyMode; + case CSSMERR_DL_RECORD_MODIFIED: + return errSecRecordModified; + case CSSMERR_DL_ENDOFDATA: + return errSecEndOfData; + case CSSMERR_DL_INVALID_VALUE: + return errSecInvalidValue; + case CSSMERR_DL_MULTIPLE_VALUES_UNSUPPORTED: + return errSecMultipleValuesUnsupported; + default: + return osStatus; + } +}