Back to index

lightning-sunbird  0.9+nobinonly
SSLerrs.h
Go to the documentation of this file.
00001 /* ***** BEGIN LICENSE BLOCK *****
00002  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00003  *
00004  * The contents of this file are subject to the Mozilla Public License Version
00005  * 1.1 (the "License"); you may not use this file except in compliance with
00006  * the License. You may obtain a copy of the License at
00007  * http://www.mozilla.org/MPL/
00008  *
00009  * Software distributed under the License is distributed on an "AS IS" basis,
00010  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00011  * for the specific language governing rights and limitations under the
00012  * License.
00013  *
00014  * The Original Code is the Netscape security libraries.
00015  *
00016  * The Initial Developer of the Original Code is
00017  * Netscape Communications Corporation.
00018  * Portions created by the Initial Developer are Copyright (C) 1994-2000
00019  * the Initial Developer. All Rights Reserved.
00020  *
00021  * Contributor(s):
00022  *
00023  * Alternatively, the contents of this file may be used under the terms of
00024  * either the GNU General Public License Version 2 or later (the "GPL"), or
00025  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00026  * in which case the provisions of the GPL or the LGPL are applicable instead
00027  * of those above. If you wish to allow use of your version of this file only
00028  * under the terms of either the GPL or the LGPL, and not to allow others to
00029  * use your version of this file under the terms of the MPL, indicate your
00030  * decision by deleting the provisions above and replace them with the notice
00031  * and other provisions required by the GPL or the LGPL. If you do not delete
00032  * the provisions above, a recipient may use your version of this file under
00033  * the terms of any one of the MPL, the GPL or the LGPL.
00034  *
00035  * ***** END LICENSE BLOCK ***** */
00036 
00037 /* SSL-specific security error codes  */
00038 /* caller must include "sslerr.h" */
00039 
00040 ER3(SSL_ERROR_EXPORT_ONLY_SERVER,                SSL_ERROR_BASE + 0,
00041 "Unable to communicate securely.  Peer does not support high-grade encryption.")
00042 
00043 ER3(SSL_ERROR_US_ONLY_SERVER,                           SSL_ERROR_BASE + 1,
00044 "Unable to communicate securely.  Peer requires high-grade encryption which is not supported.")
00045 
00046 ER3(SSL_ERROR_NO_CYPHER_OVERLAP,                 SSL_ERROR_BASE + 2,
00047 "Cannot communicate securely with peer: no common encryption algorithm(s).")
00048 
00049 ER3(SSL_ERROR_NO_CERTIFICATE,                           SSL_ERROR_BASE + 3,
00050 "Unable to find the certificate or key necessary for authentication.")
00051 
00052 ER3(SSL_ERROR_BAD_CERTIFICATE,                          SSL_ERROR_BASE + 4,
00053 "Unable to communicate securely with peer: peers's certificate was rejected.")
00054 
00055 /* unused                                        (SSL_ERROR_BASE + 5),*/
00056 
00057 ER3(SSL_ERROR_BAD_CLIENT,                        SSL_ERROR_BASE + 6,
00058 "The server has encountered bad data from the client.")
00059 
00060 ER3(SSL_ERROR_BAD_SERVER,                        SSL_ERROR_BASE + 7,
00061 "The client has encountered bad data from the server.")
00062 
00063 ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,             SSL_ERROR_BASE + 8,
00064 "Unsupported certificate type.")
00065 
00066 ER3(SSL_ERROR_UNSUPPORTED_VERSION,               SSL_ERROR_BASE + 9,
00067 "Peer using unsupported version of security protocol.")
00068 
00069 /* unused                                        (SSL_ERROR_BASE + 10),*/
00070 
00071 ER3(SSL_ERROR_WRONG_CERTIFICATE,                 SSL_ERROR_BASE + 11,
00072 "Client authentication failed: private key in key database does not match public key in certificate database.")
00073 
00074 ER3(SSL_ERROR_BAD_CERT_DOMAIN,                          SSL_ERROR_BASE + 12,
00075 "Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
00076 
00077 /* SSL_ERROR_POST_WARNING                        (SSL_ERROR_BASE + 13),
00078    defined in sslerr.h
00079 */
00080 
00081 ER3(SSL_ERROR_SSL2_DISABLED,                            (SSL_ERROR_BASE + 14),
00082 "Peer only supports SSL version 2, which is locally disabled.")
00083 
00084 
00085 ER3(SSL_ERROR_BAD_MAC_READ,                      (SSL_ERROR_BASE + 15),
00086 "SSL received a record with an incorrect Message Authentication Code.")
00087 
00088 ER3(SSL_ERROR_BAD_MAC_ALERT,                            (SSL_ERROR_BASE + 16),
00089 "SSL peer reports incorrect Message Authentication Code.")
00090 
00091 ER3(SSL_ERROR_BAD_CERT_ALERT,                           (SSL_ERROR_BASE + 17),
00092 "SSL peer cannot verify your certificate.")
00093 
00094 ER3(SSL_ERROR_REVOKED_CERT_ALERT,                (SSL_ERROR_BASE + 18),
00095 "SSL peer rejected your certificate as revoked.")
00096 
00097 ER3(SSL_ERROR_EXPIRED_CERT_ALERT,                (SSL_ERROR_BASE + 19),
00098 "SSL peer rejected your certificate as expired.")
00099 
00100 ER3(SSL_ERROR_SSL_DISABLED,                      (SSL_ERROR_BASE + 20),
00101 "Cannot connect: SSL is disabled.")
00102 
00103 ER3(SSL_ERROR_FORTEZZA_PQG,                      (SSL_ERROR_BASE + 21),
00104 "Cannot connect: SSL peer is in another FORTEZZA domain.")
00105 
00106 
00107 ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE          , (SSL_ERROR_BASE + 22),
00108 "An unknown SSL cipher suite has been requested.")
00109 
00110 ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED          , (SSL_ERROR_BASE + 23),
00111 "No cipher suites are present and enabled in this program.")
00112 
00113 ER3(SSL_ERROR_BAD_BLOCK_PADDING             , (SSL_ERROR_BASE + 24),
00114 "SSL received a record with bad block padding.")
00115 
00116 ER3(SSL_ERROR_RX_RECORD_TOO_LONG            , (SSL_ERROR_BASE + 25),
00117 "SSL received a record that exceeded the maximum permissible length.")
00118 
00119 ER3(SSL_ERROR_TX_RECORD_TOO_LONG            , (SSL_ERROR_BASE + 26),
00120 "SSL attempted to send a record that exceeded the maximum permissible length.")
00121 
00122 /*
00123  * Received a malformed (too long or short or invalid content) SSL handshake.
00124  */
00125 ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST    , (SSL_ERROR_BASE + 27),
00126 "SSL received a malformed Hello Request handshake message.")
00127 
00128 ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO     , (SSL_ERROR_BASE + 28),
00129 "SSL received a malformed Client Hello handshake message.")
00130 
00131 ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO     , (SSL_ERROR_BASE + 29),
00132 "SSL received a malformed Server Hello handshake message.")
00133 
00134 ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE      , (SSL_ERROR_BASE + 30),
00135 "SSL received a malformed Certificate handshake message.")
00136 
00137 ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH  , (SSL_ERROR_BASE + 31),
00138 "SSL received a malformed Server Key Exchange handshake message.")
00139 
00140 ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST     , (SSL_ERROR_BASE + 32),
00141 "SSL received a malformed Certificate Request handshake message.")
00142 
00143 ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE       , (SSL_ERROR_BASE + 33),
00144 "SSL received a malformed Server Hello Done handshake message.")
00145 
00146 ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY      , (SSL_ERROR_BASE + 34),
00147 "SSL received a malformed Certificate Verify handshake message.")
00148 
00149 ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH  , (SSL_ERROR_BASE + 35),
00150 "SSL received a malformed Client Key Exchange handshake message.")
00151 
00152 ER3(SSL_ERROR_RX_MALFORMED_FINISHED         , (SSL_ERROR_BASE + 36),
00153 "SSL received a malformed Finished handshake message.")
00154 
00155 /*
00156  * Received a malformed (too long or short) SSL record.
00157  */
00158 ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER    , (SSL_ERROR_BASE + 37),
00159 "SSL received a malformed Change Cipher Spec record.")
00160 
00161 ER3(SSL_ERROR_RX_MALFORMED_ALERT            , (SSL_ERROR_BASE + 38),
00162 "SSL received a malformed Alert record.")
00163 
00164 ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE        , (SSL_ERROR_BASE + 39),
00165 "SSL received a malformed Handshake record.")
00166 
00167 ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
00168 "SSL received a malformed Application Data record.")
00169 
00170 /*
00171  * Received an SSL handshake that was inappropriate for the state we're in.
00172  * E.g. Server received message from server, or wrong state in state machine.
00173  */
00174 ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST   , (SSL_ERROR_BASE + 41),
00175 "SSL received an unexpected Hello Request handshake message.")
00176 
00177 ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO    , (SSL_ERROR_BASE + 42),
00178 "SSL received an unexpected Client Hello handshake message.")
00179 
00180 ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO    , (SSL_ERROR_BASE + 43),
00181 "SSL received an unexpected Server Hello handshake message.")
00182 
00183 ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE     , (SSL_ERROR_BASE + 44),
00184 "SSL received an unexpected Certificate handshake message.")
00185 
00186 ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
00187 "SSL received an unexpected Server Key Exchange handshake message.")
00188 
00189 ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST    , (SSL_ERROR_BASE + 46),
00190 "SSL received an unexpected Certificate Request handshake message.")
00191 
00192 ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE      , (SSL_ERROR_BASE + 47),
00193 "SSL received an unexpected Server Hello Done handshake message.")
00194 
00195 ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY     , (SSL_ERROR_BASE + 48),
00196 "SSL received an unexpected Certificate Verify handshake message.")
00197 
00198 ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
00199 "SSL received an unexpected Cllient Key Exchange handshake message.")
00200 
00201 ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED        , (SSL_ERROR_BASE + 50),
00202 "SSL received an unexpected Finished handshake message.")
00203 
00204 /*
00205  * Received an SSL record that was inappropriate for the state we're in.
00206  */
00207 ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER   , (SSL_ERROR_BASE + 51),
00208 "SSL received an unexpected Change Cipher Spec record.")
00209 
00210 ER3(SSL_ERROR_RX_UNEXPECTED_ALERT           , (SSL_ERROR_BASE + 52),
00211 "SSL received an unexpected Alert record.")
00212 
00213 ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE       , (SSL_ERROR_BASE + 53),
00214 "SSL received an unexpected Handshake record.")
00215 
00216 ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
00217 "SSL received an unexpected Application Data record.")
00218 
00219 /*
00220  * Received record/message with unknown discriminant.
00221  */
00222 ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE        , (SSL_ERROR_BASE + 55),
00223 "SSL received a record with an unknown content type.")
00224 
00225 ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE          , (SSL_ERROR_BASE + 56),
00226 "SSL received a handshake message with an unknown message type.")
00227 
00228 ER3(SSL_ERROR_RX_UNKNOWN_ALERT              , (SSL_ERROR_BASE + 57),
00229 "SSL received an alert record with an unknown alert description.")
00230 
00231 /*
00232  * Received an alert reporting what we did wrong.  (more alerts above)
00233  */
00234 ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT            , (SSL_ERROR_BASE + 58),
00235 "SSL peer has closed this connection.")
00236 
00237 ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT    , (SSL_ERROR_BASE + 59),
00238 "SSL peer was not expecting a handshake message it received.")
00239 
00240 ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT   , (SSL_ERROR_BASE + 60),
00241 "SSL peer was unable to succesfully decompress an SSL record it received.")
00242 
00243 ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT       , (SSL_ERROR_BASE + 61),
00244 "SSL peer was unable to negotiate an acceptable set of security parameters.")
00245 
00246 ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT       , (SSL_ERROR_BASE + 62),
00247 "SSL peer rejected a handshake message for unacceptable content.")
00248 
00249 ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT        , (SSL_ERROR_BASE + 63),
00250 "SSL peer does not support certificates of the type it received.")
00251 
00252 ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT     , (SSL_ERROR_BASE + 64),
00253 "SSL peer had some unspecified issue with the certificate it received.")
00254 
00255 
00256 ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE       , (SSL_ERROR_BASE + 65),
00257 "SSL experienced a failure of its random number generator.")
00258 
00259 ER3(SSL_ERROR_SIGN_HASHES_FAILURE           , (SSL_ERROR_BASE + 66),
00260 "Unable to digitally sign data required to verify your certificate.")
00261 
00262 ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE    , (SSL_ERROR_BASE + 67),
00263 "SSL was unable to extract the public key from the peer's certificate.")
00264 
00265 ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE   , (SSL_ERROR_BASE + 68),
00266 "Unspecified failure while processing SSL Server Key Exchange handshake.")
00267 
00268 ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE   , (SSL_ERROR_BASE + 69),
00269 "Unspecified failure while processing SSL Client Key Exchange handshake.")
00270 
00271 ER3(SSL_ERROR_ENCRYPTION_FAILURE            , (SSL_ERROR_BASE + 70),
00272 "Bulk data encryption algorithm failed in selected cipher suite.")
00273 
00274 ER3(SSL_ERROR_DECRYPTION_FAILURE            , (SSL_ERROR_BASE + 71),
00275 "Bulk data decryption algorithm failed in selected cipher suite.")
00276 
00277 ER3(SSL_ERROR_SOCKET_WRITE_FAILURE          , (SSL_ERROR_BASE + 72),
00278 "Attempt to write encrypted data to underlying socket failed.")
00279 
00280 ER3(SSL_ERROR_MD5_DIGEST_FAILURE            , (SSL_ERROR_BASE + 73),
00281 "MD5 digest function failed.")
00282 
00283 ER3(SSL_ERROR_SHA_DIGEST_FAILURE            , (SSL_ERROR_BASE + 74),
00284 "SHA-1 digest function failed.")
00285 
00286 ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE       , (SSL_ERROR_BASE + 75),
00287 "MAC computation failed.")
00288 
00289 ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE       , (SSL_ERROR_BASE + 76),
00290 "Failure to create Symmetric Key context.")
00291 
00292 ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE        , (SSL_ERROR_BASE + 77),
00293 "Failure to unwrap the Symmetric key in Client Key Exchange message.")
00294 
00295 ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED   , (SSL_ERROR_BASE + 78),
00296 "SSL Server attempted to use domestic-grade public key with export cipher suite.")
00297 
00298 ER3(SSL_ERROR_IV_PARAM_FAILURE              , (SSL_ERROR_BASE + 79),
00299 "PKCS11 code failed to translate an IV into a param.")
00300 
00301 ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE     , (SSL_ERROR_BASE + 80),
00302 "Failed to initialize the selected cipher suite.")
00303 
00304 ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE       , (SSL_ERROR_BASE + 81),
00305 "Client failed to generate session keys for SSL session.")
00306 
00307 ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG         , (SSL_ERROR_BASE + 82),
00308 "Server has no key for the attempted key exchange algorithm.")
00309 
00310 ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL       , (SSL_ERROR_BASE + 83),
00311 "PKCS#11 token was inserted or removed while operation was in progress.")
00312 
00313 ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND          , (SSL_ERROR_BASE + 84),
00314 "No PKCS#11 token could be found to do a required operation.")
00315 
00316 ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP        , (SSL_ERROR_BASE + 85),
00317 "Cannot communicate securely with peer: no common compression algorithm(s).")
00318 
00319 ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED       , (SSL_ERROR_BASE + 86),
00320 "Cannot initiate another SSL handshake until current handshake is complete.")
00321 
00322 ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE      , (SSL_ERROR_BASE + 87),
00323 "Received incorrect handshakes hash values from peer.")
00324 
00325 ER3(SSL_ERROR_CERT_KEA_MISMATCH             , (SSL_ERROR_BASE + 88),
00326 "The certificate provided cannot be used with the selected key exchange algorithm.")
00327 
00328 ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA    , (SSL_ERROR_BASE + 89),
00329 "No certificate authority is trusted for SSL client authentication.")
00330 
00331 ER3(SSL_ERROR_SESSION_NOT_FOUND           , (SSL_ERROR_BASE + 90),
00332 "Client's SSL session ID not found in server's session cache.")
00333 
00334 ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT     , (SSL_ERROR_BASE + 91),
00335 "Peer was unable to decrypt an SSL record it received.")
00336 
00337 ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT       , (SSL_ERROR_BASE + 92),
00338 "Peer received an SSL record that was longer than is permitted.")
00339 
00340 ER3(SSL_ERROR_UNKNOWN_CA_ALERT            , (SSL_ERROR_BASE + 93),
00341 "Peer does not recognize and trust the CA that issued your certificate.")
00342 
00343 ER3(SSL_ERROR_ACCESS_DENIED_ALERT         , (SSL_ERROR_BASE + 94),
00344 "Peer received a valid certificate, but access was denied.")
00345 
00346 ER3(SSL_ERROR_DECODE_ERROR_ALERT          , (SSL_ERROR_BASE + 95),
00347 "Peer could not decode an SSL handshake message.")
00348 
00349 ER3(SSL_ERROR_DECRYPT_ERROR_ALERT         , (SSL_ERROR_BASE + 96),
00350 "Peer reports failure of signature verification or key exchange.")
00351 
00352 ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT    , (SSL_ERROR_BASE + 97),
00353 "Peer reports negotiation not in compliance with export regulations.")
00354 
00355 ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT      , (SSL_ERROR_BASE + 98),
00356 "Peer reports incompatible or unsupported protocol version.")
00357 
00358 ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
00359 "Server requires ciphers more secure than those supported by client.")
00360 
00361 ER3(SSL_ERROR_INTERNAL_ERROR_ALERT        , (SSL_ERROR_BASE + 100),
00362 "Peer reports it experienced an internal error.")
00363 
00364 ER3(SSL_ERROR_USER_CANCELED_ALERT         , (SSL_ERROR_BASE + 101),
00365 "Peer user canceled handshake.")
00366 
00367 ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT      , (SSL_ERROR_BASE + 102),
00368 "Peer does not permit renegotiation of SSL security parameters.")
00369 
00370 ER3(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED , (SSL_ERROR_BASE + 103),
00371 "SSL server cache not configured and not disabled for this socket.")
00372 
00373 ER3(SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT    , (SSL_ERROR_BASE + 104),
00374 "SSL peer does not support requested TLS hello extension.")
00375 
00376 ER3(SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT , (SSL_ERROR_BASE + 105),
00377 "SSL peer could not obtain your certificate from the supplied URL.")
00378 
00379 ER3(SSL_ERROR_UNRECOGNIZED_NAME_ALERT        , (SSL_ERROR_BASE + 106),
00380 "SSL peer has no certificate for the requested DNS name.")
00381 
00382 ER3(SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT , (SSL_ERROR_BASE + 107),
00383 "SSL peer was unable to get an OCSP response for its certificate.")
00384 
00385 ER3(SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT      , (SSL_ERROR_BASE + 108),
00386 "SSL peer reported bad certificate hash value.")