pam_pkcs11 0.6.12
SSLerrs.h
Go to the documentation of this file.
1/* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 *
23 * Alternatively, the contents of this file may be used under the terms of
24 * either the GNU General Public License Version 2 or later (the "GPL"), or
25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
26 * in which case the provisions of the GPL or the LGPL are applicable instead
27 * of those above. If you wish to allow use of your version of this file only
28 * under the terms of either the GPL or the LGPL, and not to allow others to
29 * use your version of this file under the terms of the MPL, indicate your
30 * decision by deleting the provisions above and replace them with the notice
31 * and other provisions required by the GPL or the LGPL. If you do not delete
32 * the provisions above, a recipient may use your version of this file under
33 * the terms of any one of the MPL, the GPL or the LGPL.
34 *
35 * ***** END LICENSE BLOCK ***** */
36
37/* SSL-specific security error codes */
38/* caller must include "sslerr.h" */
39
40ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
41"Unable to communicate securely. Peer does not support high-grade encryption.")
42
43ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
44"Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
45
46ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
47"Cannot communicate securely with peer: no common encryption algorithm(s).")
48
49ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
50"Unable to find the certificate or key necessary for authentication.")
51
52ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
53"Unable to communicate securely with peer: peers's certificate was rejected.")
54
55/* unused (SSL_ERROR_BASE + 5),*/
56
57ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
58"The server has encountered bad data from the client.")
59
60ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
61"The client has encountered bad data from the server.")
62
63ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
64"Unsupported certificate type.")
65
66ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
67"Peer using unsupported version of security protocol.")
68
69/* unused (SSL_ERROR_BASE + 10),*/
70
71ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
72"Client authentication failed: private key in key database does not match public key in certificate database.")
73
74ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
75"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
76
77/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13),
78 defined in sslerr.h
79*/
80
81ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
82"Peer only supports SSL version 2, which is locally disabled.")
83
84
85ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
86"SSL received a record with an incorrect Message Authentication Code.")
87
88ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
89"SSL peer reports incorrect Message Authentication Code.")
90
91ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
92"SSL peer cannot verify your certificate.")
93
94ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
95"SSL peer rejected your certificate as revoked.")
96
97ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
98"SSL peer rejected your certificate as expired.")
99
100ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
101"Cannot connect: SSL is disabled.")
102
103ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
104"Cannot connect: SSL peer is in another FORTEZZA domain.")
105
106
107ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22),
108"An unknown SSL cipher suite has been requested.")
109
110ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23),
111"No cipher suites are present and enabled in this program.")
112
113ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24),
114"SSL received a record with bad block padding.")
115
116ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25),
117"SSL received a record that exceeded the maximum permissible length.")
118
119ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26),
120"SSL attempted to send a record that exceeded the maximum permissible length.")
121
122/*
123 * Received a malformed (too long or short or invalid content) SSL handshake.
124 */
125ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27),
126"SSL received a malformed Hello Request handshake message.")
127
128ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28),
129"SSL received a malformed Client Hello handshake message.")
130
131ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29),
132"SSL received a malformed Server Hello handshake message.")
133
134ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30),
135"SSL received a malformed Certificate handshake message.")
136
137ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31),
138"SSL received a malformed Server Key Exchange handshake message.")
139
140ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32),
141"SSL received a malformed Certificate Request handshake message.")
142
143ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33),
144"SSL received a malformed Server Hello Done handshake message.")
145
146ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34),
147"SSL received a malformed Certificate Verify handshake message.")
148
149ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35),
150"SSL received a malformed Client Key Exchange handshake message.")
151
152ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36),
153"SSL received a malformed Finished handshake message.")
154
155/*
156 * Received a malformed (too long or short) SSL record.
157 */
158ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37),
159"SSL received a malformed Change Cipher Spec record.")
160
161ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38),
162"SSL received a malformed Alert record.")
163
164ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39),
165"SSL received a malformed Handshake record.")
166
167ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
168"SSL received a malformed Application Data record.")
169
170/*
171 * Received an SSL handshake that was inappropriate for the state we're in.
172 * E.g. Server received message from server, or wrong state in state machine.
173 */
174ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41),
175"SSL received an unexpected Hello Request handshake message.")
176
177ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42),
178"SSL received an unexpected Client Hello handshake message.")
179
180ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43),
181"SSL received an unexpected Server Hello handshake message.")
182
183ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44),
184"SSL received an unexpected Certificate handshake message.")
185
186ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
187"SSL received an unexpected Server Key Exchange handshake message.")
188
189ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46),
190"SSL received an unexpected Certificate Request handshake message.")
191
192ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47),
193"SSL received an unexpected Server Hello Done handshake message.")
194
195ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48),
196"SSL received an unexpected Certificate Verify handshake message.")
197
198ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
199"SSL received an unexpected Cllient Key Exchange handshake message.")
200
201ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50),
202"SSL received an unexpected Finished handshake message.")
203
204/*
205 * Received an SSL record that was inappropriate for the state we're in.
206 */
207ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51),
208"SSL received an unexpected Change Cipher Spec record.")
209
210ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52),
211"SSL received an unexpected Alert record.")
212
213ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53),
214"SSL received an unexpected Handshake record.")
215
216ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
217"SSL received an unexpected Application Data record.")
218
219/*
220 * Received record/message with unknown discriminant.
221 */
222ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55),
223"SSL received a record with an unknown content type.")
224
225ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56),
226"SSL received a handshake message with an unknown message type.")
227
228ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57),
229"SSL received an alert record with an unknown alert description.")
230
231/*
232 * Received an alert reporting what we did wrong. (more alerts above)
233 */
234ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58),
235"SSL peer has closed this connection.")
236
237ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59),
238"SSL peer was not expecting a handshake message it received.")
239
240ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60),
241"SSL peer was unable to succesfully decompress an SSL record it received.")
242
243ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61),
244"SSL peer was unable to negotiate an acceptable set of security parameters.")
245
246ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62),
247"SSL peer rejected a handshake message for unacceptable content.")
248
249ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63),
250"SSL peer does not support certificates of the type it received.")
251
252ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64),
253"SSL peer had some unspecified issue with the certificate it received.")
254
255
256ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65),
257"SSL experienced a failure of its random number generator.")
258
259ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66),
260"Unable to digitally sign data required to verify your certificate.")
261
262ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67),
263"SSL was unable to extract the public key from the peer's certificate.")
264
265ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68),
266"Unspecified failure while processing SSL Server Key Exchange handshake.")
267
268ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69),
269"Unspecified failure while processing SSL Client Key Exchange handshake.")
270
271ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70),
272"Bulk data encryption algorithm failed in selected cipher suite.")
273
274ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71),
275"Bulk data decryption algorithm failed in selected cipher suite.")
276
277ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72),
278"Attempt to write encrypted data to underlying socket failed.")
279
280ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73),
281"MD5 digest function failed.")
282
283ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74),
284"SHA-1 digest function failed.")
285
286ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75),
287"MAC computation failed.")
288
289ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76),
290"Failure to create Symmetric Key context.")
291
292ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77),
293"Failure to unwrap the Symmetric key in Client Key Exchange message.")
294
295ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78),
296"SSL Server attempted to use domestic-grade public key with export cipher suite.")
297
298ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79),
299"PKCS11 code failed to translate an IV into a param.")
300
301ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80),
302"Failed to initialize the selected cipher suite.")
303
304ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81),
305"Client failed to generate session keys for SSL session.")
306
307ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82),
308"Server has no key for the attempted key exchange algorithm.")
309
310ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83),
311"PKCS#11 token was inserted or removed while operation was in progress.")
312
313ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84),
314"No PKCS#11 token could be found to do a required operation.")
315
316ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85),
317"Cannot communicate securely with peer: no common compression algorithm(s).")
318
319ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86),
320"Cannot initiate another SSL handshake until current handshake is complete.")
321
322ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87),
323"Received incorrect handshakes hash values from peer.")
324
325ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88),
326"The certificate provided cannot be used with the selected key exchange algorithm.")
327
328ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89),
329"No certificate authority is trusted for SSL client authentication.")
330
331ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90),
332"Client's SSL session ID not found in server's session cache.")
333
334ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91),
335"Peer was unable to decrypt an SSL record it received.")
336
337ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92),
338"Peer received an SSL record that was longer than is permitted.")
339
340ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93),
341"Peer does not recognize and trust the CA that issued your certificate.")
342
343ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94),
344"Peer received a valid certificate, but access was denied.")
345
346ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95),
347"Peer could not decode an SSL handshake message.")
348
349ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96),
350"Peer reports failure of signature verification or key exchange.")
351
352ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97),
353"Peer reports negotiation not in compliance with export regulations.")
354
355ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98),
356"Peer reports incompatible or unsupported protocol version.")
357
358ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
359"Server requires ciphers more secure than those supported by client.")
360
361ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100),
362"Peer reports it experienced an internal error.")
363
364ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101),
365"Peer user canceled handshake.")
366
367ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102),
368"Peer does not permit renegotiation of SSL security parameters.")
369
370ER3(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED , (SSL_ERROR_BASE + 103),
371"SSL server cache not configured and not disabled for this socket.")
ER3(SEC_ERROR_IO, SEC_ERROR_BASE+0, "An I/O error occurred during security authorization.") ER3(SEC_ERROR_LIBRARY_FAILURE
ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE+0, "Unable to communicate securely. Peer does not support high-grade encryption.") ER3(SSL_ERROR_US_ONLY_SERVER
SSL_ERROR_BASE
Definition SSLerrs.h:43