Lines Matching refs:ret
108 KMF_RETURN ret = KMF_OK; in kmf_find_prikey_by_cert() local
127 CLEAR_ERROR(handle, ret); in kmf_find_prikey_by_cert()
129 ret = test_attributes(num_req_attrs, required_attrs, in kmf_find_prikey_by_cert()
131 if (ret != KMF_OK) in kmf_find_prikey_by_cert()
132 return (ret); in kmf_find_prikey_by_cert()
142 ret = get_keyalg_from_cert(cert, &keyalg); in kmf_find_prikey_by_cert()
143 if (ret != KMF_OK) in kmf_find_prikey_by_cert()
144 return (ret); in kmf_find_prikey_by_cert()
152 ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, numattr, in kmf_find_prikey_by_cert()
154 if (ret != KMF_OK) in kmf_find_prikey_by_cert()
155 return (ret); in kmf_find_prikey_by_cert()
173 KMF_RETURN ret = KMF_OK; in check_key_usage() local
181 ret = kmf_get_cert_ku(cert, &keyusage); in check_key_usage()
182 if (ret != KMF_OK) in check_key_usage()
187 return (ret); in check_key_usage()
204 ret = kmf_get_cert_basic_constraint(cert, in check_key_usage()
207 if (ret != KMF_OK) in check_key_usage()
208 return (ret); in check_key_usage()
248 KMF_RETURN ret = KMF_OK; in kmf_find_cert() local
260 CLEAR_ERROR(handle, ret); in kmf_find_cert()
262 ret = test_attributes(num_req_attrs, required_attrs, in kmf_find_cert()
264 if (ret != KMF_OK) in kmf_find_cert()
265 return (ret); in kmf_find_cert()
267 ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, numattr, in kmf_find_cert()
269 if (ret != KMF_OK) in kmf_find_cert()
270 return (ret); in kmf_find_cert()
284 KMF_RETURN ret; in kmf_encode_cert_record() local
308 ret = DerEncodeSignedCertificate(CertData, encodedCert); in kmf_encode_cert_record()
310 return (ret); in kmf_encode_cert_record()
510 KMF_RETURN ret; in kmf_sign_cert() local
533 CLEAR_ERROR(handle, ret); in kmf_sign_cert()
535 ret = test_attributes(num_req_attrs, required_attrs, in kmf_sign_cert()
537 if (ret != KMF_OK) in kmf_sign_cert()
538 return (ret); in kmf_sign_cert()
560 ret = kmf_get_attr(KMF_ALGORITHM_INDEX_ATTR, attrlist, numattr, in kmf_sign_cert()
562 if (ret == KMF_OK) in kmf_sign_cert()
568 ret = check_key_usage(handle, signer_cert, KMF_KU_SIGN_CERT); in kmf_sign_cert()
569 if (ret == KMF_ERR_EXTENSION_NOT_FOUND && policy->ku_bits == 0) in kmf_sign_cert()
570 ret = KMF_OK; in kmf_sign_cert()
571 if (ret != KMF_OK) in kmf_sign_cert()
572 return (ret); in kmf_sign_cert()
578 ret = setup_findprikey_attrlist(attrlist, numattr, in kmf_sign_cert()
580 if (ret != KMF_OK) in kmf_sign_cert()
583 ret = kmf_find_prikey_by_cert(handle, new_numattr, in kmf_sign_cert()
585 if (ret != KMF_OK) { in kmf_sign_cert()
598 ret = KMF_ERR_BAD_PARAMETER; in kmf_sign_cert()
602 ret = kmf_encode_cert_record(x509cert, &unsignedCert); in kmf_sign_cert()
603 if (ret != KMF_OK) in kmf_sign_cert()
613 ret = check_for_basic_constraint(tbs_cert); in kmf_sign_cert()
614 if (ret) in kmf_sign_cert()
628 ret = KMF_ERR_BAD_PARAMETER; in kmf_sign_cert()
632 ret = sign_cert(handle, tbs_cert, sign_key_ptr, oid, signed_cert); in kmf_sign_cert()
646 return (ret); in kmf_sign_cert()
661 KMF_RETURN ret = KMF_OK; in kmf_sign_data() local
684 CLEAR_ERROR(handle, ret); in kmf_sign_data()
686 ret = test_attributes(num_req_attrs, required_attrs, in kmf_sign_data()
688 if (ret != KMF_OK) in kmf_sign_data()
689 return (ret); in kmf_sign_data()
705 ret = check_key_usage(handle, signer_cert, KMF_KU_SIGN_DATA); in kmf_sign_data()
712 if (ret == KMF_ERR_EXTENSION_NOT_FOUND && policy->ku_bits == 0) in kmf_sign_data()
713 ret = KMF_OK; in kmf_sign_data()
714 if (ret != KMF_OK) in kmf_sign_data()
715 return (ret); in kmf_sign_data()
720 ret = setup_findprikey_attrlist(attrlist, numattr, in kmf_sign_data()
722 if (ret != KMF_OK) { in kmf_sign_data()
726 ret = kmf_find_prikey_by_cert(handle, new_numattr, in kmf_sign_data()
728 if (ret != KMF_OK) { in kmf_sign_data()
737 ret = KMF_ERR_BAD_PARAMETER; in kmf_sign_data()
743 ret = KMF_ERR_BAD_PARAMETER; in kmf_sign_data()
753 ret = kmf_get_attr(KMF_ALGORITHM_INDEX_ATTR, attrlist, in kmf_sign_data()
756 if (ret != KMF_OK) in kmf_sign_data()
762 ret = KMF_ERR_BAD_PARAMETER; in kmf_sign_data()
769 ret = KMF_ERR_PLUGIN_NOTFOUND; in kmf_sign_data()
773 ret = plugin->funclist->SignData(handle, sign_key_ptr, oid, tbs_data, in kmf_sign_data()
775 if (ret != KMF_OK) in kmf_sign_data()
785 ret = DerDecodeDSASignature(output, &signature); in kmf_sign_data()
786 if (ret != KMF_OK) in kmf_sign_data()
803 return (ret); in kmf_sign_data()
830 KMF_RETURN ret = KMF_OK; in kmf_verify_data() local
857 CLEAR_ERROR(handle, ret); in kmf_verify_data()
859 ret = test_attributes(num_req_attrs, required_attrs, in kmf_verify_data()
862 if (ret != KMF_OK) in kmf_verify_data()
863 return (ret); in kmf_verify_data()
866 ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, num_args, in kmf_verify_data()
868 if (ret != KMF_OK) in kmf_verify_data()
869 return (ret); in kmf_verify_data()
879 ret = kmf_get_attr(KMF_ALGORITHM_INDEX_ATTR, attrlist, num_args, in kmf_verify_data()
883 if (ret != KMF_OK && signer_cert == NULL) in kmf_verify_data()
884 return (ret); in kmf_verify_data()
899 ret = check_key_usage(handle, signer_cert, KMF_KU_SIGN_DATA); in kmf_verify_data()
900 if (ret == KMF_ERR_EXTENSION_NOT_FOUND && policy->ku_bits == 0) in kmf_verify_data()
901 ret = KMF_OK; in kmf_verify_data()
902 if (ret != KMF_OK) in kmf_verify_data()
903 return (ret); in kmf_verify_data()
906 ret = DerDecodeSignedCertificate(signer_cert, &SignerCert); in kmf_verify_data()
907 if (ret != KMF_OK) in kmf_verify_data()
908 return (ret); in kmf_verify_data()
928 ret = PKCS_VerifyData(handle, sigAlg, in kmf_verify_data()
939 ret = plugin->funclist->EncodePubkeyData(handle, in kmf_verify_data()
945 ret = DerDecodeSPKI(&derkey, &spki); in kmf_verify_data()
946 if (ret == KMF_OK) in kmf_verify_data()
947 ret = PKCS_VerifyData(handle, sigAlg, &spki, in kmf_verify_data()
957 return (ret); in kmf_verify_data()
985 KMF_RETURN ret; in kmf_verify_cert() local
998 CLEAR_ERROR(handle, ret); in kmf_verify_cert()
999 if (ret != KMF_OK) in kmf_verify_cert()
1000 return (ret); in kmf_verify_cert()
1002 ret = test_attributes(num_req_attrs, required_attrs, in kmf_verify_cert()
1004 if (ret != KMF_OK) in kmf_verify_cert()
1005 return (ret); in kmf_verify_cert()
1024 ret = verify_cert_with_cert(handle, CertToBeVerified, in kmf_verify_cert()
1036 ret = plugin->funclist->EncodePubkeyData(handle, in kmf_verify_cert()
1042 if (ret == KMF_OK && derkey.Length > 0) { in kmf_verify_cert()
1043 ret = verify_cert_with_key(handle, &derkey, in kmf_verify_cert()
1051 return (ret); in kmf_verify_cert()
1079 KMF_RETURN ret; in kmf_encrypt() local
1100 CLEAR_ERROR(handle, ret); in kmf_encrypt()
1101 if (ret != KMF_OK) in kmf_encrypt()
1102 return (ret); in kmf_encrypt()
1104 ret = test_attributes(num_req_attrs, required_attrs, in kmf_encrypt()
1106 if (ret != KMF_OK) in kmf_encrypt()
1107 return (ret); in kmf_encrypt()
1121 ret = check_key_usage(handle, cert, KMF_KU_ENCRYPT_DATA); in kmf_encrypt()
1122 if (ret == KMF_ERR_EXTENSION_NOT_FOUND && policy->ku_bits == 0) in kmf_encrypt()
1123 ret = KMF_OK; in kmf_encrypt()
1124 if (ret != KMF_OK) in kmf_encrypt()
1125 return (ret); in kmf_encrypt()
1128 if ((ret = DerDecodeSignedCertificate(cert, &x509cert)) != KMF_OK) in kmf_encrypt()
1129 return (ret); in kmf_encrypt()
1156 ret = PKCS_EncryptData(handle, algid, pubkey, plaintext, ciphertext); in kmf_encrypt()
1161 return (ret); in kmf_encrypt()
1174 KMF_RETURN ret; in kmf_decrypt() local
1199 CLEAR_ERROR(handle, ret); in kmf_decrypt()
1201 ret = test_attributes(num_req_attrs, required_attrs, in kmf_decrypt()
1203 if (ret != KMF_OK) in kmf_decrypt()
1204 return (ret); in kmf_decrypt()
1215 ret = check_key_usage(handle, cert, KMF_KU_ENCRYPT_DATA); in kmf_decrypt()
1216 if (ret == KMF_ERR_EXTENSION_NOT_FOUND && policy->ku_bits == 0) in kmf_decrypt()
1217 ret = KMF_OK; in kmf_decrypt()
1218 if (ret != KMF_OK) in kmf_decrypt()
1219 return (ret); in kmf_decrypt()
1236 ret = setup_findprikey_attrlist(attrlist, numattr, &new_attrlist, in kmf_decrypt()
1238 if (ret != KMF_OK) in kmf_decrypt()
1241 ret = kmf_find_prikey_by_cert(handle, new_numattr, new_attrlist); in kmf_decrypt()
1242 if (ret != KMF_OK) in kmf_decrypt()
1246 ret = DerDecodeSignedCertificate(cert, &x509cert); in kmf_decrypt()
1247 if (ret != KMF_OK) in kmf_decrypt()
1257 ret = KMF_ERR_BAD_ALGORITHM; in kmf_decrypt()
1264 ret = plugin->funclist->DecryptData(handle, in kmf_decrypt()
1268 ret = KMF_ERR_PLUGIN_NOTFOUND; in kmf_decrypt()
1279 return (ret); in kmf_decrypt()
1286 KMF_RETURN ret = KMF_OK; in kmf_store_cert() local
1300 CLEAR_ERROR(handle, ret); in kmf_store_cert()
1302 ret = test_attributes(num_req_attrs, required_attrs, in kmf_store_cert()
1304 if (ret != KMF_OK) in kmf_store_cert()
1305 return (ret); in kmf_store_cert()
1307 ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, numattr, in kmf_store_cert()
1309 if (ret != KMF_OK) in kmf_store_cert()
1310 return (ret); in kmf_store_cert()
1323 KMF_RETURN ret = KMF_OK; in kmf_import_cert() local
1337 CLEAR_ERROR(handle, ret); in kmf_import_cert()
1339 ret = test_attributes(num_req_attrs, required_attrs, 0, NULL, in kmf_import_cert()
1341 if (ret != KMF_OK) in kmf_import_cert()
1342 return (ret); in kmf_import_cert()
1344 ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, numattr, in kmf_import_cert()
1346 if (ret != KMF_OK) in kmf_import_cert()
1347 return (ret); in kmf_import_cert()
1361 KMF_RETURN ret = KMF_OK; in kmf_delete_cert_from_keystore() local
1372 CLEAR_ERROR(handle, ret); in kmf_delete_cert_from_keystore()
1374 ret = test_attributes(num_req_attrs, required_attrs, in kmf_delete_cert_from_keystore()
1376 if (ret != KMF_OK) in kmf_delete_cert_from_keystore()
1377 return (ret); in kmf_delete_cert_from_keystore()
1379 ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, numattr, in kmf_delete_cert_from_keystore()
1381 if (ret != KMF_OK) in kmf_delete_cert_from_keystore()
1382 return (ret); in kmf_delete_cert_from_keystore()
1402 KMF_RETURN ret = KMF_OK; in cert_get_crl() local
1434 ret = kmf_get_cert_crl_dist_pts((const KMF_DATA *)cert, in cert_get_crl()
1436 if (ret != KMF_OK) in cert_get_crl()
1450 ret = kmf_download_crl(handle, uri, proxyname, in cert_get_crl()
1452 if (ret == KMF_OK) { in cert_get_crl()
1456 ret = KMF_ERR_MEMORY; in cert_get_crl()
1468 return (ret); in cert_get_crl()
1475 KMF_RETURN ret = KMF_OK; in check_crl_validity() local
1496 ret = kmf_verify_crl_file(handle, crlfilename, in check_crl_validity()
1498 if (ret != KMF_OK) in check_crl_validity()
1499 return (ret); in check_crl_validity()
1505 ret = kmf_check_crl_date(handle, crlfilename); in check_crl_validity()
1506 if (ret != KMF_OK) in check_crl_validity()
1507 return (ret); in check_crl_validity()
1510 return (ret); in check_crl_validity()
1518 KMF_RETURN ret = KMF_OK; in cert_crl_check() local
1565 ret = KMF_ERR_BAD_CRLFILE; in cert_crl_check()
1575 if ((ret = check_crl_validity(handle, *kstype, in cert_crl_check()
1587 ret = KMF_ERR_INTERNAL; in cert_crl_check()
1596 ret = cert_get_crl(handle, user_cert, proxy, crlfile_tmp, in cert_crl_check()
1598 if (ret != KMF_OK) { in cert_crl_check()
1605 if ((ret = check_crl_validity(handle, *kstype, crlfile_tmp, in cert_crl_check()
1607 return (ret); in cert_crl_check()
1630 ret = kmf_import_crl(handle, numattr, attrlist); in cert_crl_check()
1632 if (ret != KMF_OK) in cert_crl_check()
1637 ret = KMF_ERR_WRITE_FILE; in cert_crl_check()
1648 ret = KMF_ERR_BAD_PARAMETER; in cert_crl_check()
1655 ret = KMF_ERR_BAD_CRLFILE; in cert_crl_check()
1661 if ((ret = check_crl_validity(handle, *kstype, in cert_crl_check()
1663 return (ret); in cert_crl_check()
1691 ret = KMF_ERR_INTERNAL; in cert_crl_check()
1695 ret = kmf_create_cert_file(user_cert, KMF_FORMAT_ASN1, in cert_crl_check()
1697 if (ret != KMF_OK) { in cert_crl_check()
1712 ret = KMF_ERR_PLUGIN_NOTFOUND; in cert_crl_check()
1716 ret = kmf_find_cert_in_crl(handle, numattr, attrlist); in cert_crl_check()
1717 if (ret == KMF_ERR_NOT_REVOKED) { in cert_crl_check()
1718 ret = KMF_OK; in cert_crl_check()
1730 return (ret); in cert_crl_check()
1738 KMF_RETURN ret = KMF_OK; in cert_ocsp_check() local
1791 ret = KMF_ERR_MEMORY; in cert_ocsp_check()
1797 ret = kmf_hexstr_to_bytes( in cert_ocsp_check()
1800 if (ret != KMF_OK || bytes == NULL) { in cert_ocsp_check()
1801 ret = KMF_ERR_OCSP_POLICY; in cert_ocsp_check()
1845 ret = kmf_find_cert(handle, fc_numattr, fc_attrlist); in cert_ocsp_check()
1846 if (ret != KMF_OK || num != 1) { in cert_ocsp_check()
1848 ret = KMF_ERR_CERT_NOT_FOUND; in cert_ocsp_check()
1850 ret = KMF_ERR_CERT_MULTIPLE_FOUND; in cert_ocsp_check()
1860 ret = kmf_find_cert(handle, fc_numattr, fc_attrlist); in cert_ocsp_check()
1861 if (ret == KMF_OK) { in cert_ocsp_check()
1878 ret = KMF_ERR_MEMORY; in cert_ocsp_check()
1884 ret = kmf_get_ocsp_for_cert(handle, user_cert, issuer_cert, in cert_ocsp_check()
1886 if (ret != KMF_OK) in cert_ocsp_check()
1933 ret = kmf_get_ocsp_status_for_cert(handle, numattr, attrlist); in cert_ocsp_check()
1934 if (ret == KMF_OK) { in cert_ocsp_check()
1939 ret = KMF_ERR_OCSP_UNKNOWN_CERT; in cert_ocsp_check()
1942 ret = KMF_ERR_OCSP_REVOKED; in cert_ocsp_check()
1961 return (ret); in cert_ocsp_check()
1969 KMF_RETURN ret = KMF_OK; in cert_ku_check() local
1978 ret = kmf_get_cert_ku(cert, &keyusage); in cert_ku_check()
1980 if (ret == KMF_ERR_EXTENSION_NOT_FOUND) { in cert_ku_check()
1990 if (ret != KMF_OK) { in cert_ku_check()
1992 return (ret); in cert_ku_check()
2001 ret = kmf_get_cert_basic_constraint(cert, in cert_ku_check()
2004 if (ret != KMF_OK) { in cert_ku_check()
2006 return (ret); in cert_ku_check()
2028 KMF_RETURN ret = KMF_OK; in cert_eku_check() local
2044 ret = kmf_get_cert_eku(cert, &eku); in cert_eku_check()
2045 if ((ret != KMF_ERR_EXTENSION_NOT_FOUND) && (ret != KMF_OK)) { in cert_eku_check()
2047 return (ret); in cert_eku_check()
2050 if (ret == KMF_ERR_EXTENSION_NOT_FOUND) { in cert_eku_check()
2125 KMF_RETURN ret = KMF_OK; in find_issuer_cert() local
2174 ret = kmf_find_cert(handle, fc_numattr, fc_attrlist); in find_issuer_cert()
2176 if (ret == KMF_OK && num > 0) { in find_issuer_cert()
2181 ret = KMF_ERR_MEMORY; in find_issuer_cert()
2190 ret = kmf_find_cert(handle, fc_numattr, fc_attrlist); in find_issuer_cert()
2191 if (ret != KMF_OK) { in find_issuer_cert()
2211 ret = kmf_get_cert_validity(&certlist[i].certificate, in find_issuer_cert()
2213 if (ret != KMF_OK) { in find_issuer_cert()
2214 ret = KMF_ERR_VALIDITY_PERIOD; in find_issuer_cert()
2232 ret = KMF_ERR_MEMORY; in find_issuer_cert()
2245 return (ret); in find_issuer_cert()
2255 KMF_RETURN ret = KMF_OK; in find_ta_cert() local
2282 ret = kmf_hexstr_to_bytes((uchar_t *)policy->ta_serial, in find_ta_cert()
2284 if (ret != KMF_OK || bytes == NULL) { in find_ta_cert()
2285 ret = KMF_ERR_TA_POLICY; in find_ta_cert()
2322 ret = kmf_find_cert(handle, fc_numattr, fc_attrlist); in find_ta_cert()
2323 if (ret != KMF_OK || num != 1) { in find_ta_cert()
2325 ret = KMF_ERR_CERT_NOT_FOUND; in find_ta_cert()
2327 ret = KMF_ERR_CERT_MULTIPLE_FOUND; in find_ta_cert()
2335 ret = kmf_find_cert(handle, fc_numattr, fc_attrlist); in find_ta_cert()
2336 if (ret == KMF_OK) { in find_ta_cert()
2340 ret = KMF_ERR_MEMORY; in find_ta_cert()
2355 ret = kmf_get_cert_subject_str(handle, ta_cert, &ta_subject); in find_ta_cert()
2356 if (ret != KMF_OK) in find_ta_cert()
2359 ret = kmf_dn_parser(ta_subject, &ta_subjectDN); in find_ta_cert()
2360 if (ret != KMF_OK) in find_ta_cert()
2364 ret = KMF_ERR_CERT_NOT_FOUND; in find_ta_cert()
2369 if (ret == KMF_OK) { in find_ta_cert()
2370 ret = check_key_usage(handle, ta_cert, KMF_KU_SIGN_CERT); in find_ta_cert()
2371 if (ret == KMF_ERR_EXTENSION_NOT_FOUND && policy->ku_bits == 0) in find_ta_cert()
2372 ret = KMF_OK; in find_ta_cert()
2378 if ((ret != KMF_OK)) in find_ta_cert()
2387 return (ret); in find_ta_cert()
2393 KMF_RETURN ret = KMF_OK; in kmf_validate_cert() local
2418 CLEAR_ERROR(handle, ret); in kmf_validate_cert()
2420 ret = test_attributes(num_req_attrs, required_attrs, in kmf_validate_cert()
2422 if (ret != KMF_OK) in kmf_validate_cert()
2423 return (ret); in kmf_validate_cert()
2445 if ((ret = kmf_get_cert_issuer_str(handle, pcert, in kmf_validate_cert()
2448 } else if ((ret = kmf_dn_parser(user_issuer, &user_issuerDN)) != in kmf_validate_cert()
2456 if ((ret = kmf_get_cert_subject_str(handle, pcert, in kmf_validate_cert()
2459 } else if ((ret = kmf_dn_parser(user_subject, &user_subjectDN)) != in kmf_validate_cert()
2477 ret = cert_ku_check(handle, pcert); in kmf_validate_cert()
2478 if (ret != KMF_OK) { in kmf_validate_cert()
2485 ret = cert_eku_check(handle, pcert); in kmf_validate_cert()
2486 if (ret != KMF_OK) { in kmf_validate_cert()
2500 ret = kmf_check_cert_date(handle, pcert); in kmf_validate_cert()
2501 if (ret != KMF_OK) in kmf_validate_cert()
2528 ret = verify_cert_with_cert(handle, pcert, pcert); in kmf_validate_cert()
2529 if (ret != KMF_OK) in kmf_validate_cert()
2534 ret = find_issuer_cert(handle, kstype, user_issuer, in kmf_validate_cert()
2536 if (ret != KMF_OK) { in kmf_validate_cert()
2546 ret = find_ta_cert(handle, kstype, &ta_cert, in kmf_validate_cert()
2549 if (ret != KMF_OK) { in kmf_validate_cert()
2555 ret = verify_cert_with_cert(handle, pcert, in kmf_validate_cert()
2557 if (ret != KMF_OK) in kmf_validate_cert()
2595 ret = find_issuer_cert(handle, kstype, user_issuer, in kmf_validate_cert()
2597 if (ret != KMF_OK) { in kmf_validate_cert()
2604 ret = cert_crl_check(handle, kstype, pcert, &issuer_cert); in kmf_validate_cert()
2605 if (ret != KMF_OK) { in kmf_validate_cert()
2612 ret = cert_ocsp_check(handle, kstype, pcert, &issuer_cert, in kmf_validate_cert()
2614 if (ret != KMF_OK) { in kmf_validate_cert()
2642 ret = KMF_ERR_CERT_VALIDATION; in kmf_validate_cert()
2644 return (ret); in kmf_validate_cert()
2753 KMF_RETURN ret; in kmf_is_cert_file() local
2756 CLEAR_ERROR(handle, ret); in kmf_is_cert_file()
2757 if (ret != KMF_OK) in kmf_is_cert_file()
2758 return (ret); in kmf_is_cert_file()
2763 ret = kmf_read_input_file(handle, filename, &filedata); in kmf_is_cert_file()
2764 if (ret != KMF_OK) in kmf_is_cert_file()
2765 return (ret); in kmf_is_cert_file()
2767 ret = kmf_is_cert_data(&filedata, pformat); in kmf_is_cert_file()
2768 if (ret == KMF_ERR_BAD_CERT_FORMAT) in kmf_is_cert_file()
2769 ret = KMF_ERR_BAD_CERTFILE; in kmf_is_cert_file()
2772 return (ret); in kmf_is_cert_file()
2835 KMF_RETURN ret = KMF_OK; in kmf_export_pk12() local
2849 CLEAR_ERROR(handle, ret); in kmf_export_pk12()
2851 ret = test_attributes(num_req_attrs, required_attrs, 0, NULL, in kmf_export_pk12()
2853 if (ret != KMF_OK) in kmf_export_pk12()
2854 return (ret); in kmf_export_pk12()
2856 ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, numattr, in kmf_export_pk12()
2858 if (ret != KMF_OK) in kmf_export_pk12()
2859 return (ret); in kmf_export_pk12()
2974 KMF_RETURN ret = KMF_OK; in copy_algoid() local
2997 return (ret); in copy_algoid()
3010 KMF_RETURN ret = KMF_OK; in sign_cert() local
3032 ret = ExtractX509CertParts((KMF_DATA *)SubjectCert, in sign_cert()
3034 if (ret != KMF_OK) { in sign_cert()
3042 ret = KMF_ERR_MEMORY; in sign_cert()
3050 ret = DerDecodeSignedCertificate(SubjectCert, &subj_cert); in sign_cert()
3051 if (ret != KMF_OK) { in sign_cert()
3059 ret = set_algoid(&subj_cert->signature.algorithmIdentifier, in sign_cert()
3061 if (ret != KMF_OK) in sign_cert()
3063 ret = set_algoid(&subj_cert->certificate.signature, in sign_cert()
3065 if (ret) in sign_cert()
3075 ret = DerEncodeTbsCertificate(&subj_cert->certificate, in sign_cert()
3077 if (ret != KMF_OK) in sign_cert()
3097 ret = kmf_sign_data(handle, i, attrlist); in sign_cert()
3099 if (ret != KMF_OK) in sign_cert()
3111 ret = DerEncodeECDSASignature(&signed_data, &signature); in sign_cert()
3114 if (ret != KMF_OK) in sign_cert()
3126 ret = DerEncodeDSASignature(&signed_data, &signature); in sign_cert()
3129 if (ret != KMF_OK) in sign_cert()
3134 ret = copy_data(&subj_cert->signature.encrypted, &signed_data); in sign_cert()
3137 if (ret != KMF_OK) in sign_cert()
3142 ret = DerEncodeSignedCertificate(subj_cert, SignedCert); in sign_cert()
3146 if (ret != KMF_OK) in sign_cert()
3156 return (ret); in sign_cert()
3164 KMF_RETURN ret = KMF_OK; in verify_cert_with_key() local
3179 ret = ExtractX509CertParts((KMF_DATA *)CertToBeVerified, in verify_cert_with_key()
3182 if (ret != KMF_OK) in verify_cert_with_key()
3185 ret = DerDecodeSPKI(derkey, &spki); in verify_cert_with_key()
3186 if (ret != KMF_OK) in verify_cert_with_key()
3190 ret = DerDecodeSignedCertificate(CertToBeVerified, &signed_cert); in verify_cert_with_key()
3191 if (ret != KMF_OK) in verify_cert_with_key()
3192 return (ret); in verify_cert_with_key()
3201 ret = DerDecodeDSASignature(&signed_data, &signature); in verify_cert_with_key()
3202 if (ret != KMF_OK) in verify_cert_with_key()
3208 ret = DerDecodeECDSASignature(&signed_data, &signature); in verify_cert_with_key()
3209 if (ret != KMF_OK) in verify_cert_with_key()
3216 ret = PKCS_VerifyData(handle, algid, &spki, in verify_cert_with_key()
3242 return (ret); in verify_cert_with_key()
3255 KMF_RETURN ret = KMF_OK; in verify_cert_with_cert() local
3278 ret = check_key_usage(handle, SignerCertData, KMF_KU_SIGN_CERT); in verify_cert_with_cert()
3279 if (ret == KMF_ERR_EXTENSION_NOT_FOUND && policy->ku_bits == 0) in verify_cert_with_cert()
3280 ret = KMF_OK; in verify_cert_with_cert()
3281 if (ret != KMF_OK) in verify_cert_with_cert()
3282 return (ret); in verify_cert_with_cert()
3285 ret = ExtractX509CertParts((KMF_DATA *)CertToBeVerifiedData, in verify_cert_with_cert()
3287 if (ret != KMF_OK) in verify_cert_with_cert()
3291 ret = DerDecodeSignedCertificate(CertToBeVerifiedData, in verify_cert_with_cert()
3293 if (ret != KMF_OK) in verify_cert_with_cert()
3300 ret = DerDecodeDSASignature(&signed_data, &signature); in verify_cert_with_cert()
3301 if (ret != KMF_OK) in verify_cert_with_cert()
3307 ret = DerDecodeECDSASignature(&signed_data, &signature); in verify_cert_with_cert()
3308 if (ret != KMF_OK) in verify_cert_with_cert()
3315 ret = DerDecodeSignedCertificate(SignerCertData, &SignerCert); in verify_cert_with_cert()
3316 if (ret != KMF_OK) in verify_cert_with_cert()
3323 ret = PKCS_VerifyData(handle, algid, in verify_cert_with_cert()
3350 return (ret); in verify_cert_with_cert()