Lines Matching refs:ret
71 int ret = hx509_lock_command_string(lock, pass->strings[i]); in lock_strings() local
72 if (ret) in lock_strings()
74 pass->strings[i], ret); in lock_strings()
86 int i, ret; in certs_strings() local
89 ret = hx509_certs_append(contextp, certs, lock, s->strings[i]); in certs_strings()
90 if (ret) in certs_strings()
91 hx509_err(contextp, 1, ret, in certs_strings()
103 int ret; in parse_oid() local
105 ret = der_parse_heim_oid (str, " .", oid); in parse_oid()
107 ret = der_copy_oid(def, oid); in parse_oid()
108 if (ret) in parse_oid()
122 int ret, i; in peer_strings() local
124 ret = hx509_peer_info_alloc(contextp, peer); in peer_strings()
125 if (ret) in peer_strings()
126 hx509_err(contextp, 1, ret, "hx509_peer_info_alloc"); in peer_strings()
135 ret = hx509_peer_info_set_cms_algs(contextp, *peer, val, s->num_strings); in peer_strings()
136 if (ret) in peer_strings()
137 hx509_err(contextp, 1, ret, "hx509_peer_info_set_cms_algs"); in peer_strings()
188 int ret, flags = 0; in cms_verify_sd() local
199 ret = hx509_verify_init_ctx(context, &ctx); in cms_verify_sd()
200 if (ret) in cms_verify_sd()
201 hx509_err(context, 1, ret, "hx509_verify_init_ctx"); in cms_verify_sd()
203 ret = hx509_certs_init(context, "MEMORY:cms-anchors", 0, NULL, &anchors); in cms_verify_sd()
204 if (ret) in cms_verify_sd()
205 hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in cms_verify_sd()
206 ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &store); in cms_verify_sd()
207 if (ret) in cms_verify_sd()
208 hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in cms_verify_sd()
224 ret = hx509_pem_read(context, f, pem_reader, &pd); in cms_verify_sd()
226 if (ret) in cms_verify_sd()
227 errx(1, "PEM reader failed: %d", ret); in cms_verify_sd()
236 ret = _hx509_map_file_os(s, &signeddata); in cms_verify_sd()
237 if (ret) in cms_verify_sd()
238 errx(1, "map_file: %s: %d", s, ret); in cms_verify_sd()
245 ret = rk_undumpdata(argv[0], &p, &sz); in cms_verify_sd()
246 if (ret) in cms_verify_sd()
247 err(1, "map_file: %s: %d", argv[0], ret); in cms_verify_sd()
254 ret = _hx509_map_file_os(opt->signed_content_string, &signeddata); in cms_verify_sd()
255 if (ret) in cms_verify_sd()
256 errx(1, "map_file: %s: %d", opt->signed_content_string, ret); in cms_verify_sd()
264 ret = hx509_cms_unwrap_ContentInfo(&co, &oid, &uwco, NULL); in cms_verify_sd()
265 if (ret) in cms_verify_sd()
266 errx(1, "hx509_cms_unwrap_ContentInfo: %d", ret); in cms_verify_sd()
288 ret = hx509_cms_verify_signed(context, ctx, flags, co.data, co.length, sd, in cms_verify_sd()
294 if (ret) in cms_verify_sd()
295 hx509_err(context, 1, ret, "hx509_cms_verify_signed"); in cms_verify_sd()
320 ret = _hx509_write_file(argv[1], c.data, c.length); in cms_verify_sd()
321 if (ret) in cms_verify_sd()
322 errx(1, "hx509_write_file: %d", ret); in cms_verify_sd()
339 int ret; in print_signer() local
341 ret = hx509_cert_get_subject(cert, &name); in print_signer()
342 if (ret) in print_signer()
345 ret = hx509_name_to_string(name, &signer_name); in print_signer()
347 if (ret) in print_signer()
367 int ret, flags = 0; in cms_create_sd() local
385 ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &store); in cms_create_sd()
386 if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in cms_create_sd()
387 ret = hx509_certs_init(context, "MEMORY:cert-pool", 0, NULL, &pool); in cms_create_sd()
388 if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in cms_create_sd()
394 ret = hx509_certs_init(context, "MEMORY:cert-anchors", in cms_create_sd()
396 if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in cms_create_sd()
411 ret = hx509_query_alloc(context, &q); in cms_create_sd()
412 if (ret) in cms_create_sd()
413 errx(1, "hx509_query_alloc: %d", ret); in cms_create_sd()
421 ret = hx509_certs_filter(context, store, q, &signer); in cms_create_sd()
423 if (ret) in cms_create_sd()
424 hx509_err(context, 1, ret, "hx509_certs_find"); in cms_create_sd()
431 ret = rk_undumpdata(infile, &p, &sz); in cms_create_sd()
432 if (ret) in cms_create_sd()
433 err(1, "map_file: %s: %d", infile, ret); in cms_create_sd()
440 ret = hx509_cms_create_signed(context, in cms_create_sd()
451 if (ret) in cms_create_sd()
452 hx509_err(context, 1, ret, "hx509_cms_create_signed: %d", ret); in cms_create_sd()
465 ret = hx509_cms_wrap_ContentInfo(&asn1_oid_id_pkcs7_signedData, &o, &wo); in cms_create_sd()
466 if (ret) in cms_create_sd()
467 errx(1, "hx509_cms_wrap_ContentInfo: %d", ret); in cms_create_sd()
481 ret = hx509_certs_iter_f(context, signer, print_signer, header); in cms_create_sd()
482 if (ret) in cms_create_sd()
483 hx509_err(context, 1, ret, "print signer"); in cms_create_sd()
490 ret = hx509_pem_write(context, "CMS SIGNEDDATA", header, f, in cms_create_sd()
494 if (ret) in cms_create_sd()
495 errx(1, "hx509_pem_write: %d", ret); in cms_create_sd()
498 ret = _hx509_write_file(outfile, o.data, o.length); in cms_create_sd()
499 if (ret) in cms_create_sd()
500 errx(1, "hx509_write_file: %d", ret); in cms_create_sd()
517 int ret; in cms_unenvelope() local
524 ret = rk_undumpdata(argv[0], &p, &sz); in cms_unenvelope()
525 if (ret) in cms_unenvelope()
526 err(1, "map_file: %s: %d", argv[0], ret); in cms_unenvelope()
535 ret = hx509_cms_unwrap_ContentInfo(&co, &oid, &uwco, NULL); in cms_unenvelope()
536 if (ret) in cms_unenvelope()
537 errx(1, "hx509_cms_unwrap_ContentInfo: %d", ret); in cms_unenvelope()
546 ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &certs); in cms_unenvelope()
547 if (ret) in cms_unenvelope()
548 errx(1, "hx509_certs_init: MEMORY: %d", ret); in cms_unenvelope()
555 ret = hx509_cms_unenvelope(context, certs, flags, co.data, co.length, in cms_unenvelope()
559 if (ret) in cms_unenvelope()
560 hx509_err(context, 1, ret, "hx509_cms_unenvelope"); in cms_unenvelope()
567 ret = _hx509_write_file(argv[1], o.data, o.length); in cms_unenvelope()
568 if (ret) in cms_unenvelope()
569 errx(1, "hx509_write_file: %d", ret); in cms_unenvelope()
585 int ret; in cms_create_enveloped() local
596 ret = rk_undumpdata(argv[0], &p, &sz); in cms_create_enveloped()
597 if (ret) in cms_create_enveloped()
598 err(1, "map_file: %s: %d", argv[0], ret); in cms_create_enveloped()
600 ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &certs); in cms_create_enveloped()
601 if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in cms_create_enveloped()
615 ret = hx509_query_alloc(context, &q); in cms_create_enveloped()
616 if (ret) in cms_create_enveloped()
617 errx(1, "hx509_query_alloc: %d", ret); in cms_create_enveloped()
621 ret = hx509_certs_find(context, certs, q, &cert); in cms_create_enveloped()
623 if (ret) in cms_create_enveloped()
624 errx(1, "hx509_certs_find: %d", ret); in cms_create_enveloped()
628 ret = hx509_cms_envelope_1(context, flags, cert, p, sz, enctype, in cms_create_enveloped()
630 if (ret) in cms_create_enveloped()
631 errx(1, "hx509_cms_envelope_1: %d", ret); in cms_create_enveloped()
641 ret = hx509_cms_wrap_ContentInfo(&asn1_oid_id_pkcs7_envelopedData, &o, &wo); in cms_create_enveloped()
642 if (ret) in cms_create_enveloped()
643 errx(1, "hx509_cms_wrap_ContentInfo: %d", ret); in cms_create_enveloped()
651 ret = _hx509_write_file(argv[1], o.data, o.length); in cms_create_enveloped()
652 if (ret) in cms_create_enveloped()
653 errx(1, "hx509_write_file: %d", ret); in cms_create_enveloped()
664 int ret; in print_certificate() local
672 ret = hx509_print_cert(hxcontext, cert, NULL); in print_certificate()
673 if (ret) in print_certificate()
721 int ret; in pcert_print() local
722 ret = hx509_certs_init(context, argv[0], 0, lock, &certs); in pcert_print()
723 if (ret) { in pcert_print()
725 printf("ignoreing failure: %d\n", ret); in pcert_print()
728 hx509_err(context, 1, ret, "hx509_certs_init"); in pcert_print()
765 int ret; in pcert_validate() local
766 ret = hx509_certs_init(context, argv[0], 0, lock, &certs); in pcert_validate()
767 if (ret) in pcert_validate()
768 errx(1, "hx509_certs_init: %d", ret); in pcert_validate()
785 int ret; in certificate_copy() local
792 ret = hx509_lock_command_string(outlock, opt->out_pass_string); in certificate_copy()
793 if (ret) in certificate_copy()
795 opt->out_pass_string, ret); in certificate_copy()
798 ret = hx509_certs_init(context, argv[argc - 1], in certificate_copy()
800 if (ret) in certificate_copy()
801 hx509_err(context, 1, ret, "hx509_certs_init"); in certificate_copy()
811 ret = hx509_certs_store(context, certs, 0, outlock); in certificate_copy()
812 if (ret) in certificate_copy()
813 hx509_err(context, 1, ret, "hx509_certs_store"); in certificate_copy()
834 int ret; in verify_f() local
836 ret = hx509_verify_path(hxcontext, v->ctx, c, v->chain); in verify_f()
837 if (ret) { in verify_f()
838 char *s = hx509_get_error_string(hxcontext, ret); in verify_f()
839 printf("verify_path: %s: %d\n", s, ret); in verify_f()
848 ret = hx509_verify_hostname(hxcontext, c, 0, HX509_HN_HOSTNAME, in verify_f()
850 if (ret) { in verify_f()
851 printf("verify_hostname: %d\n", ret); in verify_f()
866 int ret; in pcert_verify() local
873 ret = hx509_verify_init_ctx(context, &ctx); in pcert_verify()
874 if (ret) in pcert_verify()
875 hx509_err(context, 1, ret, "hx509_verify_init_ctx"); in pcert_verify()
876 ret = hx509_certs_init(context, "MEMORY:anchors", 0, NULL, &anchors); in pcert_verify()
877 if (ret) in pcert_verify()
878 hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in pcert_verify()
879 ret = hx509_certs_init(context, "MEMORY:chain", 0, NULL, &chain); in pcert_verify()
880 if (ret) in pcert_verify()
881 hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in pcert_verify()
882 ret = hx509_certs_init(context, "MEMORY:certs", 0, NULL, &certs); in pcert_verify()
883 if (ret) in pcert_verify()
884 hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in pcert_verify()
911 ret = hx509_revoke_init(context, &revoke_ctx); in pcert_verify()
912 if (ret) in pcert_verify()
913 errx(1, "hx509_revoke_init: %d", ret); in pcert_verify()
921 ret = hx509_certs_append(context, chain, NULL, s); in pcert_verify()
922 if (ret) in pcert_verify()
923 hx509_err(context, 1, ret, "hx509_certs_append: chain: %s: %d", s, ret); in pcert_verify()
928 ret = hx509_certs_append(context, anchors, NULL, s); in pcert_verify()
929 if (ret) in pcert_verify()
930 hx509_err(context, 1, ret, "hx509_certs_append: anchor: %s: %d", s, ret); in pcert_verify()
935 ret = hx509_certs_append(context, certs, NULL, s); in pcert_verify()
936 if (ret) in pcert_verify()
937 hx509_err(context, 1, ret, "hx509_certs_append: certs: %s: %d", in pcert_verify()
938 s, ret); in pcert_verify()
943 ret = hx509_revoke_add_crl(context, revoke_ctx, s); in pcert_verify()
944 if (ret) in pcert_verify()
945 errx(1, "hx509_revoke_add_crl: %s: %d", s, ret); in pcert_verify()
950 ret = hx509_revoke_add_ocsp(context, revoke_ctx, s); in pcert_verify()
951 if (ret) in pcert_verify()
952 errx(1, "hx509_revoke_add_ocsp: %s: %d", s, ret); in pcert_verify()
996 int ret; in query() local
998 ret = hx509_query_alloc(context, &q); in query()
999 if (ret) in query()
1000 errx(1, "hx509_query_alloc: %d", ret); in query()
1005 ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &certs); in query()
1006 if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in query()
1010 ret = hx509_certs_append(context, certs, lock, argv[0]); in query()
1011 if (ret) in query()
1012 errx(1, "hx509_certs_append: %s: %d", argv[0], ret); in query()
1026 ret = hx509_query_match_eku(q, &oid); in query()
1027 if (ret) in query()
1028 errx(1, "hx509_query_match_eku: %d", ret); in query()
1044 ret = hx509_certs_find(context, certs, q, &c); in query()
1046 if (ret) in query()
1047 printf("no match found (%d)\n", ret); in query()
1059 return ret; in query()
1068 int i, ret; in ocsp_fetch() local
1084 ret = hx509_certs_init(context, "MEMORY:ocsp-pool", 0, NULL, &pool); in ocsp_fetch()
1085 if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in ocsp_fetch()
1091 ret = hx509_certs_init(context, "MEMORY:ocsp-req", 0, NULL, &reqcerts); in ocsp_fetch()
1092 if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in ocsp_fetch()
1095 ret = hx509_certs_append(context, reqcerts, lock, argv[i]); in ocsp_fetch()
1096 if (ret) in ocsp_fetch()
1097 errx(1, "hx509_certs_append: req: %s: %d", argv[i], ret); in ocsp_fetch()
1100 ret = hx509_ocsp_request(context, reqcerts, pool, NULL, NULL, &req, nonce); in ocsp_fetch()
1101 if (ret) in ocsp_fetch()
1102 errx(1, "hx509_ocsp_request: req: %d", ret); in ocsp_fetch()
1147 int ret; in verify_o() local
1149 ret = hx509_ocsp_verify(context, 0, c, 0, in verify_o()
1151 if (ret) { in verify_o()
1152 char *s = hx509_get_error_string(hxcontext, ret); in verify_o()
1153 printf("ocsp_verify: %s: %d\n", s, ret); in verify_o()
1158 return ret; in verify_o()
1167 int ret, i; in ocsp_verify() local
1175 ret = _hx509_map_file_os(opt->ocsp_file_string, &os); in ocsp_verify()
1176 if (ret) in ocsp_verify()
1177 err(1, "map_file: %s: %d", argv[0], ret); in ocsp_verify()
1179 ret = hx509_certs_init(context, "MEMORY:test-certs", 0, NULL, &certs); in ocsp_verify()
1180 if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in ocsp_verify()
1183 ret = hx509_certs_append(context, certs, lock, argv[i]); in ocsp_verify()
1184 if (ret) in ocsp_verify()
1185 hx509_err(context, 1, ret, "hx509_certs_append: %s", argv[i]); in ocsp_verify()
1188 ret = hx509_certs_iter_f(context, certs, verify_o, &os); in ocsp_verify()
1194 return ret; in ocsp_verify()
1202 int ret; in read_private_key() local
1206 ret = hx509_certs_init(context, fn, 0, NULL, &certs); in read_private_key()
1207 if (ret) in read_private_key()
1208 hx509_err(context, 1, ret, "hx509_certs_init: %s", fn); in read_private_key()
1210 ret = _hx509_certs_keys_get(context, certs, &keys); in read_private_key()
1212 if (ret) in read_private_key()
1213 hx509_err(context, 1, ret, "hx509_certs_keys_get"); in read_private_key()
1227 int ret; in get_key() local
1252 ret = RSA_generate_key_ex(rsa, bits, e, NULL); in get_key()
1253 if(ret != 1) in get_key()
1275 ret = read_private_key(fn, signer); in get_key()
1276 if (ret) in get_key()
1285 int ret, i; in request_create() local
1303 ret = hx509_parse_name(context, opt->subject_string, &name); in request_create()
1304 if (ret) in request_create()
1305 errx(1, "hx509_parse_name: %d\n", ret); in request_create()
1317 ret = _hx509_request_add_email(context, req, in request_create()
1319 if (ret) in request_create()
1320 hx509_err(context, 1, ret, "hx509_request_add_email"); in request_create()
1324 ret = _hx509_request_add_dns_name(context, req, in request_create()
1326 if (ret) in request_create()
1327 hx509_err(context, 1, ret, "hx509_request_add_dns_name"); in request_create()
1331 ret = hx509_private_key2SPKI(context, signer, &key); in request_create()
1332 if (ret) in request_create()
1333 errx(1, "hx509_private_key2SPKI: %d\n", ret); in request_create()
1335 ret = hx509_request_set_SubjectPublicKeyInfo(context, in request_create()
1339 if (ret) in request_create()
1340 hx509_err(context, 1, ret, "hx509_request_set_SubjectPublicKeyInfo"); in request_create()
1342 ret = _hx509_request_to_pkcs10(context, in request_create()
1346 if (ret) in request_create()
1347 hx509_err(context, 1, ret, "_hx509_request_to_pkcs10"); in request_create()
1352 if (ret == 0) in request_create()
1362 int ret, i; in request_print() local
1369 ret = _hx509_request_parse(context, argv[i], &req); in request_print()
1370 if (ret) in request_print()
1371 hx509_err(context, 1, ret, "parse_request: %s", argv[i]); in request_print()
1373 ret = _hx509_request_print(context, req, stdout); in request_print()
1375 if (ret) in request_print()
1376 hx509_err(context, 1, ret, "Failed to print file %s", argv[i]); in request_print()
1408 int ret = RAND_status(); in info() local
1409 printf("rand: %s\n", ret == 1 ? "ok" : "not available"); in info()
1419 int len, ret; in random_data() local
1433 ret = RAND_bytes(ptr, len); in random_data()
1434 if (ret != 1) { in random_data()
1453 int ret, type = HX509_SELECT_ALL; in crypto_available() local
1468 ret = hx509_crypto_available(context, type, NULL, &val, &len); in crypto_available()
1469 if (ret) in crypto_available()
1489 int ret, type = HX509_SELECT_DIGEST; in crypto_select() local
1506 ret = hx509_crypto_select(context, type, NULL, peer, &selected); in crypto_select()
1507 if (ret) in crypto_select()
1587 int ret; in pkinit_client() local
1591 ret = hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkekuoid); in pkinit_client()
1592 if (ret) in pkinit_client()
1593 return ret; in pkinit_client()
1595 ret = hx509_ca_tbs_add_eku(context, tbs, &asn1_oid_id_ms_client_authentication); in pkinit_client()
1596 if (ret) in pkinit_client()
1597 return ret; in pkinit_client()
1672 int ret; in eval_types() local
1681 ret = (*certtypes[j].eval)(contextp, tbs, &ctopt); in eval_types()
1682 if (ret) in eval_types()
1683 hx509_err(contextp, 1, ret, in eval_types()
1700 ret = hx509_ca_tbs_add_san_pkinit(contextp, tbs, in eval_types()
1702 if (ret) in eval_types()
1703 hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_pkinit"); in eval_types()
1710 ret = hx509_ca_tbs_add_san_ms_upn(contextp, tbs, opt->ms_upn_string); in eval_types()
1711 if (ret) in eval_types()
1712 hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_ms_upn"); in eval_types()
1719 ret = hx509_ca_tbs_add_san_hostname(contextp, tbs, hostname); in eval_types()
1720 if (ret) in eval_types()
1721 hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_hostname"); in eval_types()
1727 ret = hx509_ca_tbs_add_san_rfc822name(contextp, tbs, email); in eval_types()
1728 if (ret) in eval_types()
1729 hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_hostname"); in eval_types()
1731 ret = hx509_ca_tbs_add_eku(contextp, tbs, in eval_types()
1733 if (ret) in eval_types()
1734 hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_eku"); in eval_types()
1738 ret = hx509_ca_tbs_add_san_jid(contextp, tbs, opt->jid_string); in eval_types()
1739 if (ret) in eval_types()
1740 hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_jid"); in eval_types()
1749 int ret; in hxtool_ca() local
1782 ret = hx509_certs_init(context, opt->ca_certificate_string, 0, in hxtool_ca()
1784 if (ret) in hxtool_ca()
1785 hx509_err(context, 1, ret, in hxtool_ca()
1788 ret = hx509_query_alloc(context, &q); in hxtool_ca()
1789 if (ret) in hxtool_ca()
1790 errx(1, "hx509_query_alloc: %d", ret); in hxtool_ca()
1796 ret = hx509_certs_find(context, cacerts, q, &signer); in hxtool_ca()
1799 if (ret) in hxtool_ca()
1800 hx509_err(context, 1, ret, "no CA certificate found"); in hxtool_ca()
1813 ret = read_private_key(opt->ca_private_key_string, &private_key); in hxtool_ca()
1814 if (ret) in hxtool_ca()
1817 ret = hx509_private_key2SPKI(context, private_key, &spki); in hxtool_ca()
1818 if (ret) in hxtool_ca()
1819 errx(1, "hx509_private_key2SPKI: %d\n", ret); in hxtool_ca()
1828 ret = _hx509_request_parse(context, opt->req_string, &req); in hxtool_ca()
1829 if (ret) in hxtool_ca()
1830 hx509_err(context, 1, ret, "parse_request: %s", opt->req_string); in hxtool_ca()
1831 ret = hx509_request_get_name(context, req, &subject); in hxtool_ca()
1832 if (ret) in hxtool_ca()
1833 hx509_err(context, 1, ret, "get name"); in hxtool_ca()
1834 ret = hx509_request_get_SubjectPublicKeyInfo(context, req, &spki); in hxtool_ca()
1835 if (ret) in hxtool_ca()
1836 hx509_err(context, 1, ret, "get spki"); in hxtool_ca()
1843 ret = _hx509_generate_private_key_init(context, in hxtool_ca()
1846 if (ret) in hxtool_ca()
1847 hx509_err(context, 1, ret, "generate private key"); in hxtool_ca()
1856 ret = _hx509_generate_private_key(context, keyctx, in hxtool_ca()
1859 if (ret) in hxtool_ca()
1860 hx509_err(context, 1, ret, "generate private key"); in hxtool_ca()
1862 ret = hx509_private_key2SPKI(context, cert_key, &spki); in hxtool_ca()
1863 if (ret) in hxtool_ca()
1864 errx(1, "hx509_private_key2SPKI: %d\n", ret); in hxtool_ca()
1871 ret = read_private_key(opt->certificate_private_key_string, &cert_key); in hxtool_ca()
1872 if (ret) in hxtool_ca()
1879 ret = hx509_parse_name(context, opt->subject_string, &subject); in hxtool_ca()
1880 if (ret) in hxtool_ca()
1881 hx509_err(context, 1, ret, "hx509_parse_name"); in hxtool_ca()
1888 ret = hx509_ca_tbs_init(context, &tbs); in hxtool_ca()
1889 if (ret) in hxtool_ca()
1890 hx509_err(context, 1, ret, "hx509_ca_tbs_init"); in hxtool_ca()
1897 ret = hx509_certs_init(context, opt->template_certificate_string, 0, in hxtool_ca()
1899 if (ret) in hxtool_ca()
1900 hx509_err(context, 1, ret, in hxtool_ca()
1903 ret = hx509_get_one_cert(context, tcerts, &template); in hxtool_ca()
1906 if (ret) in hxtool_ca()
1907 hx509_err(context, 1, ret, "no template certificate found"); in hxtool_ca()
1912 ret = hx509_ca_tbs_set_template(context, tbs, flags, template); in hxtool_ca()
1913 if (ret) in hxtool_ca()
1914 hx509_err(context, 1, ret, "hx509_ca_tbs_set_template"); in hxtool_ca()
1922 ret = der_parse_hex_heim_integer(opt->serial_number_string, in hxtool_ca()
1924 if (ret) in hxtool_ca()
1926 ret = hx509_ca_tbs_set_serialnumber(context, tbs, &serialNumber); in hxtool_ca()
1927 if (ret) in hxtool_ca()
1928 hx509_err(context, 1, ret, "hx509_ca_tbs_init"); in hxtool_ca()
1933 ret = hx509_ca_tbs_set_spki(context, tbs, &spki); in hxtool_ca()
1934 if (ret) in hxtool_ca()
1935 hx509_err(context, 1, ret, "hx509_ca_tbs_set_spki"); in hxtool_ca()
1939 ret = hx509_ca_tbs_set_subject(context, tbs, subject); in hxtool_ca()
1940 if (ret) in hxtool_ca()
1941 hx509_err(context, 1, ret, "hx509_ca_tbs_set_subject"); in hxtool_ca()
1945 ret = hx509_ca_tbs_add_crl_dp_uri(context, tbs, in hxtool_ca()
1947 if (ret) in hxtool_ca()
1948 hx509_err(context, 1, ret, "hx509_ca_tbs_add_crl_dp_uri"); in hxtool_ca()
1954 ret = hx509_ca_tbs_set_ca(context, tbs, opt->path_length_integer); in hxtool_ca()
1955 if (ret) in hxtool_ca()
1956 hx509_err(context, 1, ret, "hx509_ca_tbs_set_ca"); in hxtool_ca()
1959 ret = hx509_ca_tbs_set_proxy(context, tbs, opt->path_length_integer); in hxtool_ca()
1960 if (ret) in hxtool_ca()
1961 hx509_err(context, 1, ret, "hx509_ca_tbs_set_proxy"); in hxtool_ca()
1965 if (ret) in hxtool_ca()
1966 hx509_err(context, 1, ret, "hx509_ca_tbs_set_domaincontroller"); in hxtool_ca()
1970 ret = hx509_ca_tbs_set_notAfter_lifetime(context, tbs, delta); in hxtool_ca()
1971 if (ret) in hxtool_ca()
1972 hx509_err(context, 1, ret, "hx509_ca_tbs_set_notAfter_lifetime"); in hxtool_ca()
1976 ret = hx509_ca_sign_self(context, tbs, private_key, &cert); in hxtool_ca()
1977 if (ret) in hxtool_ca()
1978 hx509_err(context, 1, ret, "hx509_ca_sign_self"); in hxtool_ca()
1980 ret = hx509_ca_sign(context, tbs, signer, &cert); in hxtool_ca()
1981 if (ret) in hxtool_ca()
1982 hx509_err(context, 1, ret, "hx509_ca_sign"); in hxtool_ca()
1986 ret = _hx509_cert_assign_key(cert, cert_key); in hxtool_ca()
1987 if (ret) in hxtool_ca()
1988 hx509_err(context, 1, ret, "_hx509_cert_assign_key"); in hxtool_ca()
1994 ret = hx509_certs_init(context, opt->certificate_string, in hxtool_ca()
1996 if (ret) in hxtool_ca()
1997 hx509_err(context, 1, ret, "hx509_certs_init"); in hxtool_ca()
1999 ret = hx509_certs_add(context, certs, cert); in hxtool_ca()
2000 if (ret) in hxtool_ca()
2001 hx509_err(context, 1, ret, "hx509_certs_add"); in hxtool_ca()
2003 ret = hx509_certs_store(context, certs, 0, NULL); in hxtool_ca()
2004 if (ret) in hxtool_ca()
2005 hx509_err(context, 1, ret, "hx509_certs_store"); in hxtool_ca()
2033 int ret; in test_one_cert() local
2038 ret = hx509_cms_create_signed_1(context, 0, NULL, NULL, 0, in test_one_cert()
2040 if (ret) in test_one_cert()
2043 ret = hx509_cms_verify_signed(context, vctx, 0, sd.data, sd.length, in test_one_cert()
2046 if (ret) in test_one_cert()
2047 hx509_err(context, 1, ret, "hx509_cms_verify_signed"); in test_one_cert()
2062 int i, ret; in test_crypto() local
2067 ret = hx509_certs_init(context, "MEMORY:test-crypto", 0, NULL, &certs); in test_crypto()
2068 if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); in test_crypto()
2071 ret = hx509_certs_append(context, certs, lock, argv[i]); in test_crypto()
2072 if (ret) in test_crypto()
2073 hx509_err(context, 1, ret, "hx509_certs_append"); in test_crypto()
2076 ret = hx509_verify_init_ctx(context, &vctx); in test_crypto()
2077 if (ret) in test_crypto()
2078 hx509_err(context, 1, ret, "hx509_verify_init_ctx"); in test_crypto()
2082 ret = hx509_certs_iter_f(context, certs, test_one_cert, vctx); in test_crypto()
2083 if (ret) in test_crypto()
2084 hx509_err(context, 1, ret, "hx509_cert_iter"); in test_crypto()
2117 int ret; in crl_sign() local
2122 ret = hx509_crl_alloc(context, &crl); in crl_sign()
2123 if (ret) in crl_sign()
2133 ret = hx509_certs_init(context, opt->signer_string, 0, in crl_sign()
2135 if (ret) in crl_sign()
2136 hx509_err(context, 1, ret, in crl_sign()
2139 ret = hx509_query_alloc(context, &q); in crl_sign()
2140 if (ret) in crl_sign()
2141 hx509_err(context, 1, ret, "hx509_query_alloc: %d", ret); in crl_sign()
2145 ret = hx509_certs_find(context, certs, q, &signer); in crl_sign()
2148 if (ret) in crl_sign()
2149 hx509_err(context, 1, ret, "no signer certificate found"); in crl_sign()
2166 ret = hx509_certs_init(context, "MEMORY:revoked-certs", 0, in crl_sign()
2168 if (ret) in crl_sign()
2169 hx509_err(context, 1, ret, in crl_sign()
2173 ret = hx509_certs_append(context, revoked, lock, argv[i]); in crl_sign()
2174 if (ret) in crl_sign()
2175 hx509_err(context, 1, ret, "hx509_certs_append: %s", argv[i]); in crl_sign()
2210 int ret, optidx = 0; in main() local
2228 ret = hx509_context_init(&context); in main()
2229 if (ret) in main()
2230 errx(1, "hx509_context_init failed with %d", ret); in main()
2235 ret = sl_command(commands, argc, argv); in main()
2236 if(ret == -1) in main()
2241 return ret; in main()