1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * Copyright (c) 2001 by Sun Microsystems, Inc. 3*7c478bd9Sstevel@tonic-gate * All rights reserved. 4*7c478bd9Sstevel@tonic-gate */ 5*7c478bd9Sstevel@tonic-gate 6*7c478bd9Sstevel@tonic-gate /* 7*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the Netscape Public 8*7c478bd9Sstevel@tonic-gate * License Version 1.1 (the "License"); you may not use this file 9*7c478bd9Sstevel@tonic-gate * except in compliance with the License. You may obtain a copy of 10*7c478bd9Sstevel@tonic-gate * the License at http://www.mozilla.org/NPL/ 11*7c478bd9Sstevel@tonic-gate * 12*7c478bd9Sstevel@tonic-gate * Software distributed under the License is distributed on an "AS 13*7c478bd9Sstevel@tonic-gate * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or 14*7c478bd9Sstevel@tonic-gate * implied. See the License for the specific language governing 15*7c478bd9Sstevel@tonic-gate * rights and limitations under the License. 16*7c478bd9Sstevel@tonic-gate * 17*7c478bd9Sstevel@tonic-gate * The Original Code is Mozilla Communicator client code, released 18*7c478bd9Sstevel@tonic-gate * March 31, 1998. 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * The Initial Developer of the Original Code is Netscape 21*7c478bd9Sstevel@tonic-gate * Communications Corporation. Portions created by Netscape are 22*7c478bd9Sstevel@tonic-gate * Copyright (C) 1998-1999 Netscape Communications Corporation. All 23*7c478bd9Sstevel@tonic-gate * Rights Reserved. 24*7c478bd9Sstevel@tonic-gate * 25*7c478bd9Sstevel@tonic-gate * Contributor(s): 26*7c478bd9Sstevel@tonic-gate */ 27*7c478bd9Sstevel@tonic-gate /* 28*7c478bd9Sstevel@tonic-gate * sslerrstrs.h - map SSL errors to strings (used by errormap.c) 29*7c478bd9Sstevel@tonic-gate * 30*7c478bd9Sstevel@tonic-gate */ 31*7c478bd9Sstevel@tonic-gate 32*7c478bd9Sstevel@tonic-gate /* 33*7c478bd9Sstevel@tonic-gate **************************************************************************** 34*7c478bd9Sstevel@tonic-gate * The code below this point was provided by Nelson Bolyard <nelsonb> of the 35*7c478bd9Sstevel@tonic-gate * Netscape Certificate Server team on 27-March-1998. 36*7c478bd9Sstevel@tonic-gate * Taken from the file ns/security/cmd/lib/SSLerrs.h on NSS_1_BRANCH. 37*7c478bd9Sstevel@tonic-gate * Last updated from there: 24-July-1998 by Mark Smith <mcs> 38*7c478bd9Sstevel@tonic-gate * 39*7c478bd9Sstevel@tonic-gate * All of the Directory Server specific changes are enclosed inside 40*7c478bd9Sstevel@tonic-gate * #ifdef NS_DIRECTORY. 41*7c478bd9Sstevel@tonic-gate **************************************************************************** 42*7c478bd9Sstevel@tonic-gate */ 43*7c478bd9Sstevel@tonic-gate 44*7c478bd9Sstevel@tonic-gate /* SSL-specific security error codes */ 45*7c478bd9Sstevel@tonic-gate /* caller must include "sslerr.h" */ 46*7c478bd9Sstevel@tonic-gate 47*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0, 48*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 49*7c478bd9Sstevel@tonic-gate "Unable to communicate securely. Peer does not support high-grade encryption.")) 50*7c478bd9Sstevel@tonic-gate 51*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1, 52*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 53*7c478bd9Sstevel@tonic-gate "Unable to communicate securely. Peer requires high-grade encryption which is not supported.")) 54*7c478bd9Sstevel@tonic-gate 55*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2, 56*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 57*7c478bd9Sstevel@tonic-gate "Cannot communicate securely with peer: no common encryption algorithm(s).")) 58*7c478bd9Sstevel@tonic-gate 59*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3, 60*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 61*7c478bd9Sstevel@tonic-gate "Unable to find the certificate or key necessary for authentication.")) 62*7c478bd9Sstevel@tonic-gate 63*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4, 64*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 65*7c478bd9Sstevel@tonic-gate "Unable to communicate securely with peer: peers's certificate was rejected.")) 66*7c478bd9Sstevel@tonic-gate 67*7c478bd9Sstevel@tonic-gate /* unused (SSL_ERROR_BASE + 5),*/ 68*7c478bd9Sstevel@tonic-gate 69*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6, 70*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 71*7c478bd9Sstevel@tonic-gate "The server has encountered bad data from the client.")) 72*7c478bd9Sstevel@tonic-gate 73*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7, 74*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 75*7c478bd9Sstevel@tonic-gate "The client has encountered bad data from the server.")) 76*7c478bd9Sstevel@tonic-gate 77*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8, 78*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 79*7c478bd9Sstevel@tonic-gate "Unsupported certificate type.")) 80*7c478bd9Sstevel@tonic-gate 81*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9, 82*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 83*7c478bd9Sstevel@tonic-gate "Peer using unsupported version of security protocol.")) 84*7c478bd9Sstevel@tonic-gate 85*7c478bd9Sstevel@tonic-gate /* unused (SSL_ERROR_BASE + 10),*/ 86*7c478bd9Sstevel@tonic-gate 87*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11, 88*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 89*7c478bd9Sstevel@tonic-gate "Client authentication failed: private key in key database does not match public key in certificate database.")) 90*7c478bd9Sstevel@tonic-gate 91*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12, 92*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 93*7c478bd9Sstevel@tonic-gate "Unable to communicate securely with peer: requested domain name does not match the server's certificate.")) 94*7c478bd9Sstevel@tonic-gate 95*7c478bd9Sstevel@tonic-gate /* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13), 96*7c478bd9Sstevel@tonic-gate defined in sslerr.h 97*7c478bd9Sstevel@tonic-gate */ 98*7c478bd9Sstevel@tonic-gate 99*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14), 100*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 101*7c478bd9Sstevel@tonic-gate "Peer only supports SSL version 2, which is locally disabled.")) 102*7c478bd9Sstevel@tonic-gate 103*7c478bd9Sstevel@tonic-gate 104*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15), 105*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 106*7c478bd9Sstevel@tonic-gate "SSL received a record with an incorrect Message Authentication Code.")) 107*7c478bd9Sstevel@tonic-gate 108*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16), 109*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 110*7c478bd9Sstevel@tonic-gate "SSL peer reports incorrect Message Authentication Code.")) 111*7c478bd9Sstevel@tonic-gate 112*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17), 113*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 114*7c478bd9Sstevel@tonic-gate "SSL peer cannot verify your certificate.")) 115*7c478bd9Sstevel@tonic-gate 116*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18), 117*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 118*7c478bd9Sstevel@tonic-gate "SSL peer rejected your certificate as revoked.")) 119*7c478bd9Sstevel@tonic-gate 120*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19), 121*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 122*7c478bd9Sstevel@tonic-gate "SSL peer rejected your certificate as expired.")) 123*7c478bd9Sstevel@tonic-gate 124*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20), 125*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 126*7c478bd9Sstevel@tonic-gate "Cannot connect: SSL is disabled.")) 127*7c478bd9Sstevel@tonic-gate 128*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21), 129*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 130*7c478bd9Sstevel@tonic-gate "Cannot connect: SSL peer is in another FORTEZZA domain.")) 131*7c478bd9Sstevel@tonic-gate 132*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22), 133*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 134*7c478bd9Sstevel@tonic-gate "An unknown SSL cipher suite has been requested.")) 135*7c478bd9Sstevel@tonic-gate 136*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23), 137*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 138*7c478bd9Sstevel@tonic-gate "No cipher suites are present and enabled in this program.")) 139*7c478bd9Sstevel@tonic-gate 140*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24), 141*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 142*7c478bd9Sstevel@tonic-gate "SSL received a record with bad block padding.")) 143*7c478bd9Sstevel@tonic-gate 144*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25), 145*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 146*7c478bd9Sstevel@tonic-gate "SSL received a record that exceeded the maximum permissible length.")) 147*7c478bd9Sstevel@tonic-gate 148*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26), 149*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 150*7c478bd9Sstevel@tonic-gate "SSL attempted to send a record that exceeded the maximum permissible length.")) 151*7c478bd9Sstevel@tonic-gate 152*7c478bd9Sstevel@tonic-gate /* 153*7c478bd9Sstevel@tonic-gate * Received a malformed (too long or short or invalid content) SSL handshake. 154*7c478bd9Sstevel@tonic-gate */ 155*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27), 156*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 157*7c478bd9Sstevel@tonic-gate "SSL received a malformed Hello Request handshake message.")) 158*7c478bd9Sstevel@tonic-gate 159*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28), 160*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 161*7c478bd9Sstevel@tonic-gate "SSL received a malformed Client Hello handshake message.")) 162*7c478bd9Sstevel@tonic-gate 163*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29), 164*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 165*7c478bd9Sstevel@tonic-gate "SSL received a malformed Server Hello handshake message.")) 166*7c478bd9Sstevel@tonic-gate 167*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30), 168*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 169*7c478bd9Sstevel@tonic-gate "SSL received a malformed Certificate handshake message.")) 170*7c478bd9Sstevel@tonic-gate 171*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31), 172*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 173*7c478bd9Sstevel@tonic-gate "SSL received a malformed Server Key Exchange handshake message.")) 174*7c478bd9Sstevel@tonic-gate 175*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32), 176*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 177*7c478bd9Sstevel@tonic-gate "SSL received a malformed Certificate Request handshake message.")) 178*7c478bd9Sstevel@tonic-gate 179*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33), 180*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 181*7c478bd9Sstevel@tonic-gate "SSL received a malformed Server Hello Done handshake message.")) 182*7c478bd9Sstevel@tonic-gate 183*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34), 184*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 185*7c478bd9Sstevel@tonic-gate "SSL received a malformed Certificate Verify handshake message.")) 186*7c478bd9Sstevel@tonic-gate 187*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35), 188*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 189*7c478bd9Sstevel@tonic-gate "SSL received a malformed Client Key Exchange handshake message.")) 190*7c478bd9Sstevel@tonic-gate 191*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36), 192*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 193*7c478bd9Sstevel@tonic-gate "SSL received a malformed Finished handshake message.")) 194*7c478bd9Sstevel@tonic-gate 195*7c478bd9Sstevel@tonic-gate /* 196*7c478bd9Sstevel@tonic-gate * Received a malformed (too long or short) SSL record. 197*7c478bd9Sstevel@tonic-gate */ 198*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37), 199*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 200*7c478bd9Sstevel@tonic-gate "SSL received a malformed Change Cipher Spec record.")) 201*7c478bd9Sstevel@tonic-gate 202*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38), 203*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 204*7c478bd9Sstevel@tonic-gate "SSL received a malformed Alert record.")) 205*7c478bd9Sstevel@tonic-gate 206*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39), 207*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 208*7c478bd9Sstevel@tonic-gate "SSL received a malformed Handshake record.")) 209*7c478bd9Sstevel@tonic-gate 210*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40), 211*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 212*7c478bd9Sstevel@tonic-gate "SSL received a malformed Application Data record.")) 213*7c478bd9Sstevel@tonic-gate 214*7c478bd9Sstevel@tonic-gate /* 215*7c478bd9Sstevel@tonic-gate * Received an SSL handshake that was inappropriate for the state we're in. 216*7c478bd9Sstevel@tonic-gate * E.g. Server received message from server, or wrong state in state machine. 217*7c478bd9Sstevel@tonic-gate */ 218*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41), 219*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 220*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Hello Request handshake message.")) 221*7c478bd9Sstevel@tonic-gate 222*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42), 223*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 224*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Client Hello handshake message.")) 225*7c478bd9Sstevel@tonic-gate 226*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43), 227*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 228*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Server Hello handshake message.")) 229*7c478bd9Sstevel@tonic-gate 230*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44), 231*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 232*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Certificate handshake message.")) 233*7c478bd9Sstevel@tonic-gate 234*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45), 235*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 236*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Server Key Exchange handshake message.")) 237*7c478bd9Sstevel@tonic-gate 238*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46), 239*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 240*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Certificate Request handshake message.")) 241*7c478bd9Sstevel@tonic-gate 242*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47), 243*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 244*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Server Hello Done handshake message.")) 245*7c478bd9Sstevel@tonic-gate 246*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48), 247*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 248*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Certificate Verify handshake message.")) 249*7c478bd9Sstevel@tonic-gate 250*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49), 251*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 252*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Cllient Key Exchange handshake message.")) 253*7c478bd9Sstevel@tonic-gate 254*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50), 255*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 256*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Finished handshake message.")) 257*7c478bd9Sstevel@tonic-gate 258*7c478bd9Sstevel@tonic-gate /* 259*7c478bd9Sstevel@tonic-gate * Received an SSL record that was inappropriate for the state we're in. 260*7c478bd9Sstevel@tonic-gate */ 261*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51), 262*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 263*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Change Cipher Spec record.")) 264*7c478bd9Sstevel@tonic-gate 265*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52), 266*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 267*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Alert record.")) 268*7c478bd9Sstevel@tonic-gate 269*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53), 270*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 271*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Handshake record.")) 272*7c478bd9Sstevel@tonic-gate 273*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54), 274*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 275*7c478bd9Sstevel@tonic-gate "SSL received an unexpected Application Data record.")) 276*7c478bd9Sstevel@tonic-gate 277*7c478bd9Sstevel@tonic-gate /* 278*7c478bd9Sstevel@tonic-gate * Received record/message with unknown discriminant. 279*7c478bd9Sstevel@tonic-gate */ 280*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55), 281*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 282*7c478bd9Sstevel@tonic-gate "SSL received a record with an unknown content type.")) 283*7c478bd9Sstevel@tonic-gate 284*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56), 285*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 286*7c478bd9Sstevel@tonic-gate "SSL received a handshake message with an unknown message type.")) 287*7c478bd9Sstevel@tonic-gate 288*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57), 289*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 290*7c478bd9Sstevel@tonic-gate "SSL received an alert record with an unknown alert description.")) 291*7c478bd9Sstevel@tonic-gate 292*7c478bd9Sstevel@tonic-gate /* 293*7c478bd9Sstevel@tonic-gate * Received an alert reporting what we did wrong. (more alerts above) 294*7c478bd9Sstevel@tonic-gate */ 295*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58), 296*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 297*7c478bd9Sstevel@tonic-gate "SSL peer has closed this connection.")) 298*7c478bd9Sstevel@tonic-gate 299*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59), 300*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 301*7c478bd9Sstevel@tonic-gate "SSL peer was not expecting a handshake message it received.")) 302*7c478bd9Sstevel@tonic-gate 303*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60), 304*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 305*7c478bd9Sstevel@tonic-gate "SSL peer was unable to succesfully decompress an SSL record it received.")) 306*7c478bd9Sstevel@tonic-gate 307*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61), 308*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 309*7c478bd9Sstevel@tonic-gate "SSL peer was unable to negotiate an acceptable set of security parameters.")) 310*7c478bd9Sstevel@tonic-gate 311*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62), 312*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 313*7c478bd9Sstevel@tonic-gate "SSL peer rejected a handshake message for unacceptable content.")) 314*7c478bd9Sstevel@tonic-gate 315*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63), 316*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 317*7c478bd9Sstevel@tonic-gate "SSL peer does not support certificates of the type it received.")) 318*7c478bd9Sstevel@tonic-gate 319*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64), 320*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 321*7c478bd9Sstevel@tonic-gate "SSL peer had some unspecified issue with the certificate it received.")) 322*7c478bd9Sstevel@tonic-gate 323*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65), 324*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 325*7c478bd9Sstevel@tonic-gate "SSL experienced a failure of its random number generator.")) 326*7c478bd9Sstevel@tonic-gate 327*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66), 328*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 329*7c478bd9Sstevel@tonic-gate "Unable to digitally sign data required to verify your certificate.")) 330*7c478bd9Sstevel@tonic-gate 331*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67), 332*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 333*7c478bd9Sstevel@tonic-gate "SSL was unable to extract the public key from the peer's certificate.")) 334*7c478bd9Sstevel@tonic-gate 335*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68), 336*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 337*7c478bd9Sstevel@tonic-gate "Unspecified failure while processing SSL Server Key Exchange handshake.")) 338*7c478bd9Sstevel@tonic-gate 339*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69), 340*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 341*7c478bd9Sstevel@tonic-gate "Unspecified failure while processing SSL Client Key Exchange handshake.")) 342*7c478bd9Sstevel@tonic-gate 343*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70), 344*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 345*7c478bd9Sstevel@tonic-gate "Bulk data encryption algorithm failed in selected cipher suite.")) 346*7c478bd9Sstevel@tonic-gate 347*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71), 348*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 349*7c478bd9Sstevel@tonic-gate "Bulk data decryption algorithm failed in selected cipher suite.")) 350*7c478bd9Sstevel@tonic-gate 351*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72), 352*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 353*7c478bd9Sstevel@tonic-gate "Attempt to write encrypted data to underlying socket failed.")) 354*7c478bd9Sstevel@tonic-gate 355*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73), 356*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 357*7c478bd9Sstevel@tonic-gate "MD5 digest function failed.")) 358*7c478bd9Sstevel@tonic-gate 359*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74), 360*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 361*7c478bd9Sstevel@tonic-gate "SHA-1 digest function failed.")) 362*7c478bd9Sstevel@tonic-gate 363*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75), 364*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 365*7c478bd9Sstevel@tonic-gate "MAC computation failed.")) 366*7c478bd9Sstevel@tonic-gate 367*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76), 368*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 369*7c478bd9Sstevel@tonic-gate "Failure to create Symmetric Key context.")) 370*7c478bd9Sstevel@tonic-gate 371*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77), 372*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 373*7c478bd9Sstevel@tonic-gate "Failure to unwrap the Symmetric key in Client Key Exchange message.")) 374*7c478bd9Sstevel@tonic-gate 375*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78), 376*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 377*7c478bd9Sstevel@tonic-gate "SSL Server attempted to use domestic-grade public key with export cipher suite.")) 378*7c478bd9Sstevel@tonic-gate 379*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79), 380*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 381*7c478bd9Sstevel@tonic-gate "PKCS11 code failed to translate an IV into a param.")) 382*7c478bd9Sstevel@tonic-gate 383*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80), 384*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 385*7c478bd9Sstevel@tonic-gate "Failed to initialize the selected cipher suite.")) 386*7c478bd9Sstevel@tonic-gate 387*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81), 388*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 389*7c478bd9Sstevel@tonic-gate "Client failed to generate session keys for SSL session.")) 390*7c478bd9Sstevel@tonic-gate 391*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82), 392*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 393*7c478bd9Sstevel@tonic-gate "Server has no key for the attempted key exchange algorithm.")) 394*7c478bd9Sstevel@tonic-gate 395*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83), 396*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 397*7c478bd9Sstevel@tonic-gate "PKCS#11 token was inserted or removed while operation was in progress.")) 398*7c478bd9Sstevel@tonic-gate 399*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84), 400*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 401*7c478bd9Sstevel@tonic-gate "No PKCS#11 token could be found to do a required operation.")) 402*7c478bd9Sstevel@tonic-gate 403*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85), 404*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 405*7c478bd9Sstevel@tonic-gate "Cannot communicate securely with peer: no common compression algorithm(s).")) 406*7c478bd9Sstevel@tonic-gate 407*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86), 408*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 409*7c478bd9Sstevel@tonic-gate "Cannot initiate another SSL handshake until current handshake is complete.")) 410*7c478bd9Sstevel@tonic-gate 411*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87), 412*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 413*7c478bd9Sstevel@tonic-gate "Received incorrect handshakes hash values from peer.")) 414*7c478bd9Sstevel@tonic-gate 415*7c478bd9Sstevel@tonic-gate ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88), 416*7c478bd9Sstevel@tonic-gate dgettext(TEXT_DOMAIN, 417*7c478bd9Sstevel@tonic-gate "The certificate provided cannot be used with the selected key exchange algorithm.")) 418