1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/ssl/sslerr.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,205 @@
1.4 +/*
1.5 + * Enumeration of all SSL-specific error codes.
1.6 + *
1.7 + * This Source Code Form is subject to the terms of the Mozilla Public
1.8 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.9 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.10 +#ifndef __SSL_ERR_H_
1.11 +#define __SSL_ERR_H_
1.12 +
1.13 +
1.14 +#define SSL_ERROR_BASE (-0x3000)
1.15 +#define SSL_ERROR_LIMIT (SSL_ERROR_BASE + 1000)
1.16 +
1.17 +#define IS_SSL_ERROR(code) \
1.18 + (((code) >= SSL_ERROR_BASE) && ((code) < SSL_ERROR_LIMIT))
1.19 +
1.20 +#ifndef NO_SECURITY_ERROR_ENUM
1.21 +typedef enum {
1.22 +SSL_ERROR_EXPORT_ONLY_SERVER = (SSL_ERROR_BASE + 0),
1.23 +SSL_ERROR_US_ONLY_SERVER = (SSL_ERROR_BASE + 1),
1.24 +SSL_ERROR_NO_CYPHER_OVERLAP = (SSL_ERROR_BASE + 2),
1.25 +/*
1.26 + * Received an alert reporting what we did wrong. (more alerts below)
1.27 + */
1.28 +SSL_ERROR_NO_CERTIFICATE /*_ALERT */ = (SSL_ERROR_BASE + 3),
1.29 +SSL_ERROR_BAD_CERTIFICATE = (SSL_ERROR_BASE + 4),
1.30 +SSL_ERROR_UNUSED_5 = (SSL_ERROR_BASE + 5),
1.31 + /* error 5 is obsolete */
1.32 +SSL_ERROR_BAD_CLIENT = (SSL_ERROR_BASE + 6),
1.33 +SSL_ERROR_BAD_SERVER = (SSL_ERROR_BASE + 7),
1.34 +SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE = (SSL_ERROR_BASE + 8),
1.35 +SSL_ERROR_UNSUPPORTED_VERSION = (SSL_ERROR_BASE + 9),
1.36 +SSL_ERROR_UNUSED_10 = (SSL_ERROR_BASE + 10),
1.37 + /* error 10 is obsolete */
1.38 +SSL_ERROR_WRONG_CERTIFICATE = (SSL_ERROR_BASE + 11),
1.39 +SSL_ERROR_BAD_CERT_DOMAIN = (SSL_ERROR_BASE + 12),
1.40 +SSL_ERROR_POST_WARNING = (SSL_ERROR_BASE + 13),
1.41 +SSL_ERROR_SSL2_DISABLED = (SSL_ERROR_BASE + 14),
1.42 +SSL_ERROR_BAD_MAC_READ = (SSL_ERROR_BASE + 15),
1.43 +/*
1.44 + * Received an alert reporting what we did wrong.
1.45 + * (two more alerts above, and many more below)
1.46 + */
1.47 +SSL_ERROR_BAD_MAC_ALERT = (SSL_ERROR_BASE + 16),
1.48 +SSL_ERROR_BAD_CERT_ALERT = (SSL_ERROR_BASE + 17),
1.49 +SSL_ERROR_REVOKED_CERT_ALERT = (SSL_ERROR_BASE + 18),
1.50 +SSL_ERROR_EXPIRED_CERT_ALERT = (SSL_ERROR_BASE + 19),
1.51 +
1.52 +SSL_ERROR_SSL_DISABLED = (SSL_ERROR_BASE + 20),
1.53 +SSL_ERROR_FORTEZZA_PQG = (SSL_ERROR_BASE + 21),
1.54 +SSL_ERROR_UNKNOWN_CIPHER_SUITE = (SSL_ERROR_BASE + 22),
1.55 +SSL_ERROR_NO_CIPHERS_SUPPORTED = (SSL_ERROR_BASE + 23),
1.56 +SSL_ERROR_BAD_BLOCK_PADDING = (SSL_ERROR_BASE + 24),
1.57 +SSL_ERROR_RX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 25),
1.58 +SSL_ERROR_TX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 26),
1.59 +/*
1.60 + * Received a malformed (too long or short) SSL handshake.
1.61 + */
1.62 +SSL_ERROR_RX_MALFORMED_HELLO_REQUEST = (SSL_ERROR_BASE + 27),
1.63 +SSL_ERROR_RX_MALFORMED_CLIENT_HELLO = (SSL_ERROR_BASE + 28),
1.64 +SSL_ERROR_RX_MALFORMED_SERVER_HELLO = (SSL_ERROR_BASE + 29),
1.65 +SSL_ERROR_RX_MALFORMED_CERTIFICATE = (SSL_ERROR_BASE + 30),
1.66 +SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 31),
1.67 +SSL_ERROR_RX_MALFORMED_CERT_REQUEST = (SSL_ERROR_BASE + 32),
1.68 +SSL_ERROR_RX_MALFORMED_HELLO_DONE = (SSL_ERROR_BASE + 33),
1.69 +SSL_ERROR_RX_MALFORMED_CERT_VERIFY = (SSL_ERROR_BASE + 34),
1.70 +SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 35),
1.71 +SSL_ERROR_RX_MALFORMED_FINISHED = (SSL_ERROR_BASE + 36),
1.72 +/*
1.73 + * Received a malformed (too long or short) SSL record.
1.74 + */
1.75 +SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER = (SSL_ERROR_BASE + 37),
1.76 +SSL_ERROR_RX_MALFORMED_ALERT = (SSL_ERROR_BASE + 38),
1.77 +SSL_ERROR_RX_MALFORMED_HANDSHAKE = (SSL_ERROR_BASE + 39),
1.78 +SSL_ERROR_RX_MALFORMED_APPLICATION_DATA = (SSL_ERROR_BASE + 40),
1.79 +/*
1.80 + * Received an SSL handshake that was inappropriate for the state we're in.
1.81 + * E.g. Server received message from server, or wrong state in state machine.
1.82 + */
1.83 +SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST = (SSL_ERROR_BASE + 41),
1.84 +SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO = (SSL_ERROR_BASE + 42),
1.85 +SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO = (SSL_ERROR_BASE + 43),
1.86 +SSL_ERROR_RX_UNEXPECTED_CERTIFICATE = (SSL_ERROR_BASE + 44),
1.87 +SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 45),
1.88 +SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST = (SSL_ERROR_BASE + 46),
1.89 +SSL_ERROR_RX_UNEXPECTED_HELLO_DONE = (SSL_ERROR_BASE + 47),
1.90 +SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY = (SSL_ERROR_BASE + 48),
1.91 +SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 49),
1.92 +SSL_ERROR_RX_UNEXPECTED_FINISHED = (SSL_ERROR_BASE + 50),
1.93 +/*
1.94 + * Received an SSL record that was inappropriate for the state we're in.
1.95 + */
1.96 +SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER = (SSL_ERROR_BASE + 51),
1.97 +SSL_ERROR_RX_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 52),
1.98 +SSL_ERROR_RX_UNEXPECTED_HANDSHAKE = (SSL_ERROR_BASE + 53),
1.99 +SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA = (SSL_ERROR_BASE + 54),
1.100 +/*
1.101 + * Received record/message with unknown discriminant.
1.102 + */
1.103 +SSL_ERROR_RX_UNKNOWN_RECORD_TYPE = (SSL_ERROR_BASE + 55),
1.104 +SSL_ERROR_RX_UNKNOWN_HANDSHAKE = (SSL_ERROR_BASE + 56),
1.105 +SSL_ERROR_RX_UNKNOWN_ALERT = (SSL_ERROR_BASE + 57),
1.106 +/*
1.107 + * Received an alert reporting what we did wrong. (more alerts above)
1.108 + */
1.109 +SSL_ERROR_CLOSE_NOTIFY_ALERT = (SSL_ERROR_BASE + 58),
1.110 +SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 59),
1.111 +SSL_ERROR_DECOMPRESSION_FAILURE_ALERT = (SSL_ERROR_BASE + 60),
1.112 +SSL_ERROR_HANDSHAKE_FAILURE_ALERT = (SSL_ERROR_BASE + 61),
1.113 +SSL_ERROR_ILLEGAL_PARAMETER_ALERT = (SSL_ERROR_BASE + 62),
1.114 +SSL_ERROR_UNSUPPORTED_CERT_ALERT = (SSL_ERROR_BASE + 63),
1.115 +SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT = (SSL_ERROR_BASE + 64),
1.116 +
1.117 +SSL_ERROR_GENERATE_RANDOM_FAILURE = (SSL_ERROR_BASE + 65),
1.118 +SSL_ERROR_SIGN_HASHES_FAILURE = (SSL_ERROR_BASE + 66),
1.119 +SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE = (SSL_ERROR_BASE + 67),
1.120 +SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 68),
1.121 +SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 69),
1.122 +
1.123 +SSL_ERROR_ENCRYPTION_FAILURE = (SSL_ERROR_BASE + 70),
1.124 +SSL_ERROR_DECRYPTION_FAILURE = (SSL_ERROR_BASE + 71), /* don't use */
1.125 +SSL_ERROR_SOCKET_WRITE_FAILURE = (SSL_ERROR_BASE + 72),
1.126 +
1.127 +SSL_ERROR_MD5_DIGEST_FAILURE = (SSL_ERROR_BASE + 73),
1.128 +SSL_ERROR_SHA_DIGEST_FAILURE = (SSL_ERROR_BASE + 74),
1.129 +SSL_ERROR_MAC_COMPUTATION_FAILURE = (SSL_ERROR_BASE + 75),
1.130 +SSL_ERROR_SYM_KEY_CONTEXT_FAILURE = (SSL_ERROR_BASE + 76),
1.131 +SSL_ERROR_SYM_KEY_UNWRAP_FAILURE = (SSL_ERROR_BASE + 77),
1.132 +SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED = (SSL_ERROR_BASE + 78),
1.133 +SSL_ERROR_IV_PARAM_FAILURE = (SSL_ERROR_BASE + 79),
1.134 +SSL_ERROR_INIT_CIPHER_SUITE_FAILURE = (SSL_ERROR_BASE + 80),
1.135 +SSL_ERROR_SESSION_KEY_GEN_FAILURE = (SSL_ERROR_BASE + 81),
1.136 +SSL_ERROR_NO_SERVER_KEY_FOR_ALG = (SSL_ERROR_BASE + 82),
1.137 +SSL_ERROR_TOKEN_INSERTION_REMOVAL = (SSL_ERROR_BASE + 83),
1.138 +SSL_ERROR_TOKEN_SLOT_NOT_FOUND = (SSL_ERROR_BASE + 84),
1.139 +SSL_ERROR_NO_COMPRESSION_OVERLAP = (SSL_ERROR_BASE + 85),
1.140 +SSL_ERROR_HANDSHAKE_NOT_COMPLETED = (SSL_ERROR_BASE + 86),
1.141 +SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE = (SSL_ERROR_BASE + 87),
1.142 +SSL_ERROR_CERT_KEA_MISMATCH = (SSL_ERROR_BASE + 88),
1.143 +/* SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA became obsolete in NSS 3.14. */
1.144 +SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA = (SSL_ERROR_BASE + 89),
1.145 +SSL_ERROR_SESSION_NOT_FOUND = (SSL_ERROR_BASE + 90),
1.146 +
1.147 +SSL_ERROR_DECRYPTION_FAILED_ALERT = (SSL_ERROR_BASE + 91),
1.148 +SSL_ERROR_RECORD_OVERFLOW_ALERT = (SSL_ERROR_BASE + 92),
1.149 +SSL_ERROR_UNKNOWN_CA_ALERT = (SSL_ERROR_BASE + 93),
1.150 +SSL_ERROR_ACCESS_DENIED_ALERT = (SSL_ERROR_BASE + 94),
1.151 +SSL_ERROR_DECODE_ERROR_ALERT = (SSL_ERROR_BASE + 95),
1.152 +SSL_ERROR_DECRYPT_ERROR_ALERT = (SSL_ERROR_BASE + 96),
1.153 +SSL_ERROR_EXPORT_RESTRICTION_ALERT = (SSL_ERROR_BASE + 97),
1.154 +SSL_ERROR_PROTOCOL_VERSION_ALERT = (SSL_ERROR_BASE + 98),
1.155 +SSL_ERROR_INSUFFICIENT_SECURITY_ALERT = (SSL_ERROR_BASE + 99),
1.156 +SSL_ERROR_INTERNAL_ERROR_ALERT = (SSL_ERROR_BASE + 100),
1.157 +SSL_ERROR_USER_CANCELED_ALERT = (SSL_ERROR_BASE + 101),
1.158 +SSL_ERROR_NO_RENEGOTIATION_ALERT = (SSL_ERROR_BASE + 102),
1.159 +
1.160 +SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED = (SSL_ERROR_BASE + 103),
1.161 +
1.162 +SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT = (SSL_ERROR_BASE + 104),
1.163 +SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT = (SSL_ERROR_BASE + 105),
1.164 +SSL_ERROR_UNRECOGNIZED_NAME_ALERT = (SSL_ERROR_BASE + 106),
1.165 +SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT = (SSL_ERROR_BASE + 107),
1.166 +SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT = (SSL_ERROR_BASE + 108),
1.167 +
1.168 +SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET = (SSL_ERROR_BASE + 109),
1.169 +SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET = (SSL_ERROR_BASE + 110),
1.170 +
1.171 +SSL_ERROR_DECOMPRESSION_FAILURE = (SSL_ERROR_BASE + 111),
1.172 +SSL_ERROR_RENEGOTIATION_NOT_ALLOWED = (SSL_ERROR_BASE + 112),
1.173 +SSL_ERROR_UNSAFE_NEGOTIATION = (SSL_ERROR_BASE + 113),
1.174 +
1.175 +SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD = (SSL_ERROR_BASE + 114),
1.176 +
1.177 +SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY = (SSL_ERROR_BASE + 115),
1.178 +
1.179 +SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID = (SSL_ERROR_BASE + 116),
1.180 +
1.181 +SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2 = (SSL_ERROR_BASE + 117),
1.182 +SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS = (SSL_ERROR_BASE + 118),
1.183 +SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_CLIENTS = (SSL_ERROR_BASE + 119),
1.184 +
1.185 +SSL_ERROR_INVALID_VERSION_RANGE = (SSL_ERROR_BASE + 120),
1.186 +SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION = (SSL_ERROR_BASE + 121),
1.187 +
1.188 +SSL_ERROR_RX_MALFORMED_HELLO_VERIFY_REQUEST = (SSL_ERROR_BASE + 122),
1.189 +SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST = (SSL_ERROR_BASE + 123),
1.190 +
1.191 +SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION = (SSL_ERROR_BASE + 124),
1.192 +
1.193 +SSL_ERROR_RX_UNEXPECTED_CERT_STATUS = (SSL_ERROR_BASE + 125),
1.194 +
1.195 +SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM = (SSL_ERROR_BASE + 126),
1.196 +SSL_ERROR_DIGEST_FAILURE = (SSL_ERROR_BASE + 127),
1.197 +SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM = (SSL_ERROR_BASE + 128),
1.198 +
1.199 +SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK = (SSL_ERROR_BASE + 129),
1.200 +SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL = (SSL_ERROR_BASE + 130),
1.201 +
1.202 +SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT = (SSL_ERROR_BASE + 131),
1.203 +
1.204 +SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */
1.205 +} SSLErrorCodes;
1.206 +#endif /* NO_SECURITY_ERROR_ENUM */
1.207 +
1.208 +#endif /* __SSL_ERR_H_ */
