diff options
Diffstat (limited to 'pki/base/tps/src/httpClient/nscperror.cpp')
| -rw-r--r-- | pki/base/tps/src/httpClient/nscperror.cpp | 358 |
1 files changed, 358 insertions, 0 deletions
diff --git a/pki/base/tps/src/httpClient/nscperror.cpp b/pki/base/tps/src/httpClient/nscperror.cpp new file mode 100644 index 000000000..38c722de2 --- /dev/null +++ b/pki/base/tps/src/httpClient/nscperror.cpp @@ -0,0 +1,358 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This library is free software; you can redistribute it and/or +// modify it under the terms of the GNU Lesser General Public +// License as published by the Free Software Foundation; +// version 2.1 of the License. +// +// This library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +// Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public +// License along with this library; if not, write to the Free Software +// Foundation, Inc., 51 Franklin Street, Fifth Floor, +// Boston, MA 02110-1301 USA +// +// Copyright (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +/* nscperrors.c + * Very crude error handling for nspr and libsec. + */ + +#include "prerror.h" + +#define NSCP_NSPR_ERROR_BASE (PR_NSPR_ERROR_BASE) +#define NSCP_NSPR_MAX_ERROR ((PR_MAX_ERROR) - 1) +#define NSCP_LIBSEC_ERROR_BASE (-8192) +#define NSCP_LIBSEC_MAX_ERROR (NSCP_LIBSEC_ERROR_BASE + 118) +#define NSCP_LIBSSL_ERROR_BASE (-12288) +#define NSCP_LIBSSL_MAX_ERROR (NSCP_LIBSSL_ERROR_BASE + 89) + +typedef struct nscp_error_t { + int errorNumber; + const char *errorString; +} nscp_error_t; + +nscp_error_t nscp_nspr_errors[] = { + { 0, "Out of memory" }, + { 1, "Bad file descriptor" }, + { 2, "Data temporarily not available" }, + { 3, "Access fault" }, + { 4, "Invalid method" }, + { 5, "Illegal access" }, + { 6, "Unknown error" }, + { 7, "Pending interrupt" }, + { 8, "Not implemented" }, + { 9, "IO error" }, + { 10, "IO timeout error" }, + { 11, "IO already pending error" }, + { 12, "Directory open error" }, + { 13, "Invalid Argument" }, + { 14, "Address not available" }, + { 15, "Address not supported" }, + { 16, "Already connected" }, + { 17, "Bad address" }, + { 18, "Address already in use" }, + { 19, "Connection refused" }, + { 20, "Network unreachable" }, + { 21, "Connection timed out" }, + { 22, "Not connected" }, + { 23, "Load library error" }, + { 24, "Unload library error" }, + { 25, "Find symbol error" }, + { 26, "Insufficient resources" }, + { 27, "Directory lookup error" }, + { 28, "Invalid thread private data key" }, + { 29, "PR_PROC_DESC_TABLE_FULL_ERROR" }, + { 30, "PR_SYS_DESC_TABLE_FULL_ERROR" }, + { 31, "Descriptor is not a socket" }, + { 32, "Descriptor is not a TCP socket" }, + { 33, "Socket address is already bound" }, + { 34, "No access rights" }, + { 35, "Operation not supported" }, + { 36, "Protocol not supported" }, + { 37, "Remote file error" }, + { 38, "Buffer overflow error" }, + { 39, "Connection reset by peer" }, + { 40, "Range error" }, + { 41, "Deadlock error" }, + { 42, "File is locked" }, + { 43, "File is too big" }, + { 44, "No space on device" }, + { 45, "Pipe error" }, + { 46, "No seek on device" }, + { 47, "File is a directory" }, + { 48, "Loop error" }, + { 49, "Name too long" }, + { 50, "File not found" }, + { 51, "File is not a directory" }, + { 52, "Read-only filesystem" }, + { 53, "Directory not empty" }, + { 54, "Filesystem mounted" }, + { 55, "Not same device" }, + { 56, "Directory corrupted" }, + { 57, "File exists" }, + { 58, "Maximum directory entries" }, + { 59, "Invalid device state" }, + { 60, "Device is locked" }, + { 61, "No more files" }, + { 62, "End of file" }, + { 63, "File seek error" }, + { 64, "File is busy" }, + { 65, "NSPR error 65" }, + { 66, "In progress error" }, + { 67, "Already initiated" }, + { 68, "Group empty" }, + { 69, "Invalid state" }, + { 70, "Network down" }, + { 71, "Socket shutdown" }, + { 72, "Connect aborted" }, + { 73, "Host unreachable" } +}; + +#if (PR_MAX_ERROR - PR_NSPR_ERROR_BASE) > 74 +// cfu temporarily get rid of the "#error NSPR error table is too small" error +//#error NSPR error table is too small +#endif + +nscp_error_t nscp_libsec_errors[] = { + { 0, "SEC_ERROR_IO - I/O Error" }, + { 1, "SEC_ERROR_LIBRARY_FAILURE - Library Failure" }, + { 2, "SEC_ERROR_BAD_DATA - Bad data was received" }, + { 3, "SEC_ERROR_OUTPUT_LEN" }, + { 4, "SEC_ERROR_INPUT_LEN" }, + { 5, "SEC_ERROR_INVALID_ARGS" }, + { 6, "SEC_ERROR_INVALID_ALGORITHM - Certificate contains invalid encryption or signature algorithm" }, + { 7, "SEC_ERROR_INVALID_AVA" }, + { 8, "SEC_ERROR_INVALID_TIME - Certificate contains an invalid time value" }, + { 9, "SEC_ERROR_BAD_DER - Certificate is improperly DER encoded" }, + { 10, "SEC_ERROR_BAD_SIGNATURE - Certificate has invalid signature" }, + { 11, "SEC_ERROR_EXPIRED_CERTIFICATE - Certificate has expired" }, + { 12, "SEC_ERROR_REVOKED_CERTIFICATE - Certificate has been revoked" }, + { 13, "SEC_ERROR_UNKNOWN_ISSUER - Certificate is signed by an unknown issuer" }, + { 14, "SEC_ERROR_BAD_KEY - Invalid public key in certificate." }, + { 15, "SEC_ERROR_BAD_PASSWORD" }, + { 16, "SEC_ERROR_UNUSED" }, + { 17, "SEC_ERROR_NO_NODELOCK" }, + { 18, "SEC_ERROR_BAD_DATABASE - Problem using certificate or key database" }, + { 19, "SEC_ERROR_NO_MEMORY - Out of Memory" }, + { 20, "SEC_ERROR_UNTRUSTED_ISSUER - Certificate is signed by an untrusted issuer" }, + { 21, "SEC_ERROR_UNTRUSTED_CERT" }, + { 22, "SEC_ERROR_DUPLICATE_CERT" }, + { 23, "SEC_ERROR_DUPLICATE_CERT_TIME" }, + { 24, "SEC_ERROR_ADDING_CERT" }, + { 25, "SEC_ERROR_FILING_KEY" }, + { 26, "SEC_ERROR_NO_KEY" }, + { 27, "SEC_ERROR_CERT_VALID" }, + { 28, "SEC_ERROR_CERT_NOT_VALID" }, + { 29, "SEC_ERROR_CERT_NO_RESPONSE" }, + { 30, "SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE" }, + { 31, "SEC_ERROR_CRL_EXPIRED" }, + { 32, "SEC_ERROR_CRL_BAD_SIGNATURE" }, + { 33, "SEC_ERROR_CRL_INVALID" }, + { 34, "SEC_ERROR_EXTENSION_VALUE_INVALID" }, + { 35, "SEC_ERROR_EXTENSION_NOT_FOUND" }, + { 36, "SEC_ERROR_CA_CERT_INVALID" }, + { 37, "SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID" }, + { 38, "SEC_ERROR_CERT_USAGES_INVALID" }, + { 39, "SEC_INTERNAL_ONLY" }, + { 40, "SEC_ERROR_INVALID_KEY" }, + { 41, "SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION" }, + { 42, "SEC_ERROR_OLD_CRL" }, + { 43, "SEC_ERROR_NO_EMAIL_CERT" }, + { 44, "SEC_ERROR_NO_RECIPIENT_CERTS_QUERY" }, + { 45, "SEC_ERROR_NOT_A_RECIPIENT" }, + { 46, "SEC_ERROR_PKCS7_KEYALG_MISMATCH" }, + { 47, "SEC_ERROR_PKCS7_BAD_SIGNATURE" }, + { 48, "SEC_ERROR_UNSUPPORTED_KEYALG" }, + { 49, "SEC_ERROR_DECRYPTION_DISALLOWED" }, + { 50, "XP_SEC_FORTEZZA_BAD_CARD" }, + { 51, "XP_SEC_FORTEZZA_NO_CARD" }, + { 52, "XP_SEC_FORTEZZA_NONE_SELECTED" }, + { 53, "XP_SEC_FORTEZZA_MORE_INFO" }, + { 54, "XP_SEC_FORTEZZA_PERSON_NOT_FOUND" }, + { 55, "XP_SEC_FORTEZZA_NO_MORE_INFO" }, + { 56, "XP_SEC_FORTEZZA_BAD_PIN" }, + { 57, "XP_SEC_FORTEZZA_PERSON_ERROR" }, + { 58, "SEC_ERROR_NO_KRL" }, + { 59, "SEC_ERROR_KRL_EXPIRED" }, + { 60, "SEC_ERROR_KRL_BAD_SIGNATURE" }, + { 61, "SEC_ERROR_REVOKED_KEY" }, + { 62, "SEC_ERROR_KRL_INVALID" }, + { 63, "SEC_ERROR_NEED_RANDOM" }, + { 64, "SEC_ERROR_NO_MODULE" }, + { 65, "SEC_ERROR_NO_TOKEN" }, + { 66, "SEC_ERROR_READ_ONLY" }, + { 67, "SEC_ERROR_NO_SLOT_SELECTED" }, + { 68, "SEC_ERROR_CERT_NICKNAME_COLLISION" }, + { 69, "SEC_ERROR_KEY_NICKNAME_COLLISION" }, + { 70, "SEC_ERROR_SAFE_NOT_CREATED" }, + { 71, "SEC_ERROR_BAGGAGE_NOT_CREATED" }, + { 72, "XP_JAVA_REMOVE_PRINCIPAL_ERROR" }, + { 73, "XP_JAVA_DELETE_PRIVILEGE_ERROR" }, + { 74, "XP_JAVA_CERT_NOT_EXISTS_ERROR" }, + { 75, "SEC_ERROR_BAD_EXPORT_ALGORITHM" }, + { 76, "SEC_ERROR_EXPORTING_CERTIFICATES" }, + { 77, "SEC_ERROR_IMPORTING_CERTIFICATES" }, + { 78, "SEC_ERROR_PKCS12_DECODING_PFX" }, + { 79, "SEC_ERROR_PKCS12_INVALID_MAC" }, + { 80, "SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM" }, + { 81, "SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE" }, + { 82, "SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE" }, + { 83, "SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM" }, + { 84, "SEC_ERROR_PKCS12_UNSUPPORTED_VERSION" }, + { 85, "SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT" }, + { 86, "SEC_ERROR_PKCS12_CERT_COLLISION" }, + { 87, "SEC_ERROR_USER_CANCELLED" }, + { 88, "SEC_ERROR_PKCS12_DUPLICATE_DATA" }, + { 89, "SEC_ERROR_MESSAGE_SEND_ABORTED" }, + { 90, "SEC_ERROR_INADEQUATE_KEY_USAGE" }, + { 91, "SEC_ERROR_INADEQUATE_CERT_TYPE" }, + { 92, "SEC_ERROR_CERT_ADDR_MISMATCH" }, + { 93, "SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY" }, + { 94, "SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN" }, + { 95, "SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME" }, + { 96, "SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY" }, + { 97, "SEC_ERROR_PKCS12_UNABLE_TO_WRITE" }, + { 98, "SEC_ERROR_PKCS12_UNABLE_TO_READ" }, + { 99, "SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED" }, + { 100, "SEC_ERROR_KEYGEN_FAIL" }, + { 101, "SEC_ERROR_INVALID_PASSWORD" }, + { 102, "SEC_ERROR_RETRY_OLD_PASSWORD" }, + { 103, "SEC_ERROR_BAD_NICKNAME" }, + { 104, "SEC_ERROR_NOT_FORTEZZA_ISSUER" }, + { 105, "unused error" }, + { 106, "SEC_ERROR_JS_INVALID_MODULE_NAME" }, + { 107, "SEC_ERROR_JS_INVALID_DLL" }, + { 108, "SEC_ERROR_JS_ADD_MOD_FAILURE" }, + { 109, "SEC_ERROR_JS_DEL_MOD_FAILURE" }, + { 110, "SEC_ERROR_OLD_KRL" }, + { 111, "SEC_ERROR_CKL_CONFLICT" }, + { 112, "SEC_ERROR_CERT_NOT_IN_NAME_SPACE" }, + { 113, "SEC_ERROR_KRL_NOT_YET_VALID" }, + { 114, "SEC_ERROR_CRL_NOT_YET_VALID" }, + { 115, "SEC_ERROR_CERT_STATUS_SERVER_ERROR" }, + { 116, "SEC_ERROR_CERT_STATUS_UNKNOWN" }, + { 117, "SEC_ERROR_CERT_REVOKED_SINCE" }, + { 118, "SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE" } +}; + +nscp_error_t nscp_libssl_errors[] = { + { 0, "SSL_ERROR_EXPORT_ONLY_SERVER - client does not support high-grade encryption." }, + { 1, "SSL_ERROR_US_ONLY_SERVER - client requires high-grade encryption which is not supported." }, + { 2, "SSL_ERROR_NO_CYPHER_OVERLAP - no common encryption algorithm(s) with client." }, + { 3, "SSL_ERROR_NO_CERTIFICATE - unable to find the certificate or key necessary for authentication." }, + { 4, "SSL_ERROR_BAD_CERTIFICATE - unable to communicate securely wih peer: peer's certificate was rejected." }, + { 5, "unused SSL error #5" }, + { 6, "SSL_ERROR_BAD_CLIENT - protocol error." }, + { 7, "SSL_ERROR_BAD_SERVER - protocol error." }, + { 8, "SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE - unsupported certificate type." }, + { 9, "SSL_ERROR_UNSUPPORTED_VERSION - client is using unsupported SSL version." }, + { 10, "unused SSL error #10" }, + { 11, "SSL_ERROR_WRONG_CERTIFICATE - the public key in the server's own certificate does not match its private key" }, + { 12, "SSL_ERROR_BAD_CERT_DOMAIN - requested domain name does not match the server's certificate." }, + { 13, "SSL_ERROR_POST_WARNING" }, + { 14, "SSL_ERROR_SSL2_DISABLED - peer only supports SSL version 2, which is locally disabled" }, + { 15, "SSL_ERROR_BAD_MAC_READ - SSL has received a record with an incorrect Message Authentication Code." }, + { 16, "SSL_ERROR_BAD_MAC_ALERT - SSL has received an error indicating an incorrect Message Authentication Code." }, + { 17, "SSL_ERROR_BAD_CERT_ALERT - SSL client cannot verify your certificate." }, + { 18, "SSL_ERROR_REVOKED_CERT_ALERT - the server has rejected your certificate as revoked." }, + { 19, "SSL_ERROR_EXPIRED_CERT_ALERT - the server has rejected your certificate as expired." }, + { 20, "SSL_ERROR_SSL_DISABLED - cannot connect: SSL is disabled." }, + { 21, "SSL_ERROR_FORTEZZA_PQG - cannot connect: SSL peer is in another Fortezza domain" }, + { 22, "SSL_ERROR_UNKNOWN_CIPHER_SUITE - an unknown SSL cipher suite has been requested" }, + { 23, "SSL_ERROR_NO_CIPHERS_SUPPORTED - no cipher suites are present and enabled in this program" }, + { 24, "SSL_ERROR_BAD_BLOCK_PADDING" }, + { 25, "SSL_ERROR_RX_RECORD_TOO_LONG" }, + { 26, "SSL_ERROR_TX_RECORD_TOO_LONG" }, + { 27, "SSL_ERROR_RX_MALFORMED_HELLO_REQUEST" }, + { 28, "SSL_ERROR_RX_MALFORMED_CLIENT_HELLO" }, + { 29, "SSL_ERROR_RX_MALFORMED_SERVER_HELLO" }, + { 30, "SSL_ERROR_RX_MALFORMED_CERTIFICATE" }, + { 31, "SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH" }, + { 32, "SSL_ERROR_RX_MALFORMED_CERT_REQUEST" }, + { 33, "SSL_ERROR_RX_MALFORMED_HELLO_DONE" }, + { 34, "SSL_ERROR_RX_MALFORMED_CERT_VERIFY" }, + { 35, "SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH" }, + { 36, "SSL_ERROR_RX_MALFORMED_FINISHED" }, + { 37, "SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER" }, + { 38, "SSL_ERROR_RX_MALFORMED_ALERT" }, + { 39, "SSL_ERROR_RX_MALFORMED_HANDSHAKE" }, + { 40, "SSL_ERROR_RX_MALFORMED_APPLICATION_DATA" }, + { 41, "SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST" }, + { 42, "SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO" }, + { 43, "SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO" }, + { 44, "SSL_ERROR_RX_UNEXPECTED_CERTIFICATE" }, + { 45, "SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH" }, + { 46, "SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST" }, + { 47, "SSL_ERROR_RX_UNEXPECTED_HELLO_DONE" }, + { 48, "SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY" }, + { 49, "SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH" }, + { 50, "SSL_ERROR_RX_UNEXPECTED_FINISHED" }, + { 51, "SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER" }, + { 52, "SSL_ERROR_RX_UNEXPECTED_ALERT" }, + { 53, "SSL_ERROR_RX_UNEXPECTED_HANDSHAKE" }, + { 54, "SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA" }, + { 55, "SSL_ERROR_RX_UNKNOWN_RECORD_TYPE" }, + { 56, "SSL_ERROR_RX_UNKNOWN_HANDSHAKE" }, + { 57, "SSL_ERROR_RX_UNKNOWN_ALERT" }, + { 58, "SSL_ERROR_CLOSE_NOTIFY_ALERT - SSL peer has closed the connection" }, + { 59, "SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT" }, + { 60, "SSL_ERROR_DECOMPRESSION_FAILURE_ALERT" }, + { 61, "SSL_ERROR_HANDSHAKE_FAILURE_ALERT" }, + { 62, "SSL_ERROR_ILLEGAL_PARAMETER_ALERT" }, + { 63, "SSL_ERROR_UNSUPPORTED_CERT_ALERT" }, + { 64, "SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT" }, + { 65, "SSL_ERROR_GENERATE_RANDOM_FAILURE" }, + { 66, "SSL_ERROR_SIGN_HASHES_FAILURE" }, + { 67, "SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE" }, + { 68, "SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE" }, + { 69, "SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE" }, + { 70, "SSL_ERROR_ENCRYPTION_FAILURE" }, + { 71, "SSL_ERROR_DECRYPTION_FAILURE" }, + { 72, "SSL_ERROR_SOCKET_WRITE_FAILURE" }, + { 73, "SSL_ERROR_MD5_DIGEST_FAILURE" }, + { 74, "SSL_ERROR_SHA_DIGEST_FAILURE" }, + { 75, "SSL_ERROR_MAC_COMPUTATION_FAILURE" }, + { 76, "SSL_ERROR_SYM_KEY_CONTEXT_FAILURE" }, + { 77, "SSL_ERROR_SYM_KEY_UNWRAP_FAILURE" }, + { 78, "SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED" }, + { 79, "SSL_ERROR_IV_PARAM_FAILURE" }, + { 80, "SSL_ERROR_INIT_CIPHER_SUITE_FAILURE" }, + { 81, "SSL_ERROR_SESSION_KEY_GEN_FAILURE" }, + { 82, "SSL_ERROR_NO_SERVER_KEY_FOR_ALG" }, + { 83, "SSL_ERROR_TOKEN_INSERTION_REMOVAL" }, + { 84, "SSL_ERROR_TOKEN_SLOT_NOT_FOUND" }, + { 85, "SSL_ERROR_NO_COMPRESSION_OVERLAP" }, + { 86, "SSL_ERROR_HANDSHAKE_NOT_COMPLETED" }, + { 87, "SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE" }, + { 88, "SSL_ERROR_CERT_KEA_MISMATCH" }, + { 89, "SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA - the CA that signed the client certificate is not trusted locally" } +}; + +#ifdef WIN32 +#define __EXPORT __declspec(dllexport) +#else +#define __EXPORT +#endif + +__EXPORT const char* nscperror_lookup(int error) +{ + const char *errmsg; + + if ((error >= NSCP_NSPR_ERROR_BASE) && (error <= NSCP_NSPR_MAX_ERROR)) { + errmsg = nscp_nspr_errors[error-NSCP_NSPR_ERROR_BASE].errorString; + return errmsg; + } else if ((error >= NSCP_LIBSEC_ERROR_BASE) && + (error <= NSCP_LIBSEC_MAX_ERROR)) { + return nscp_libsec_errors[error-NSCP_LIBSEC_ERROR_BASE].errorString; + } else if ((error >= NSCP_LIBSSL_ERROR_BASE) && + (error <= NSCP_LIBSSL_MAX_ERROR)) { + return nscp_libssl_errors[error-NSCP_LIBSSL_ERROR_BASE].errorString; + } else { + return (const char *)NULL; + } +} |