Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-11 20:35:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix 121710: throw better SSL exceptions.

Browse Source
This commit is contained in:
nicolson%netscape.com 2002-07-04 00:03:47 +00:00
parent 9db79236dd
commit ae2a06d43f
11 changed files with 1010 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
security/jss/org/mozilla/jss/CryptoManager.c
View File

@ -329,6 +329,11 @@ Java_org_mozilla_jss_CryptoManager_initializeAllNative2
goto finish;
}
/*
* Initialize the errcode translation table.
*/
JSS_initErrcodeTranslationTable();
/*
* The rest of the initialization (the NSS stuff) is skipped if
* the initializeJavaOnly flag is set.

18
security/jss/org/mozilla/jss/ssl/SSLServerSocket.c
View File

@ -53,7 +53,7 @@ Java_org_mozilla_jss_ssl_SSLServerSocket_socketListen
if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS) goto finish;
if( PR_Listen(sock->fd, backlog) != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to set listen backlog on socket");
goto finish;
}
@ -83,7 +83,7 @@ Java_org_mozilla_jss_ssl_SSLServerSocket_socketAccept
if( handshakeAsClient ) {
status = SSL_OptionSet(sock->fd, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to set option to handshake as client");
goto finish;
}
@ -101,7 +101,7 @@ Java_org_mozilla_jss_ssl_SSLServerSocket_socketAccept
case PR_IO_PENDING_ERROR:
break; /* out of the switch and loop again */
default:
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to accept new connection");
goto finish;
}
@ -118,7 +118,7 @@ Java_org_mozilla_jss_ssl_SSLServerSocket_socketAccept
status = SSL_HandshakeCallback(newSD->fd, JSSL_HandshakeCallback,
newSD);
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Unable to install handshake callback");
}
@ -163,7 +163,7 @@ Java_org_mozilla_jss_ssl_SSLServerSocket_configServerSessionIDCache(
status = SSL_ConfigServerSessionIDCache(
maxEntries, ssl2Timeout, ssl3Timeout, dirName);
if (status != SECSuccess) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to configure server session ID cache");
goto finish;
}
@ -213,12 +213,12 @@ Java_org_mozilla_jss_ssl_SSLServerSocket_setServerCert(
if (privKey != NULL) {
status = SSL_ConfigSecureServer(sock->fd, cert, privKey, kt_rsa);
if( status != SECSuccess) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to configure secure server certificate and key");
goto finish;
}
} else {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Failed to locate private key");
JSSL_throwSSLSocketException(env, "Failed to locate private key");
goto finish;
}
@ -243,7 +243,7 @@ Java_org_mozilla_jss_ssl_SSLServerSocket_setReuseAddress(
status = PR_SetSocketOption(sock->fd, &sockOptData);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_SetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_SetSocketOption failed");
goto finish;
}
@ -265,7 +265,7 @@ Java_org_mozilla_jss_ssl_SSLServerSocket_getReuseAddress(
status = PR_GetSocketOption(sock->fd, &sockOptData);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_SetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_SetSocketOption failed");
goto finish;
}

48
security/jss/org/mozilla/jss/ssl/SSLSocket.c
View File

@ -57,7 +57,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_setSSLDefaultOption(JNIEnv *env,
/* set the option */
status = SSL_OptionSetDefault(JSSL_enums[joption], on);
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "SSL_OptionSet failed");
JSSL_throwSSLSocketException(env, "SSL_OptionSet failed");
goto finish;
}
@ -84,7 +84,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_forceHandshake(JNIEnv *env, jobject self)
/* do the work */
rv = SSL_ForceHandshake(sock->fd);
if( rv != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "SSL_ForceHandshake failed");
JSSL_throwSSLSocketException(env, "SSL_ForceHandshake failed");
goto finish;
}
@ -118,7 +118,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_setSoLinger(JNIEnv *env, jobject self,
status = PR_SetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_SetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_SetSocketOption failed");
goto finish;
}
@ -142,7 +142,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_getTcpNoDelay(JNIEnv *env, jobject self)
status = PR_GetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_GetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_GetSocketOption failed");
goto finish;
}
@ -169,7 +169,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_setTcpNoDelay(JNIEnv *env, jobject self,
status = PR_SetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_SetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_SetSocketOption failed");
goto finish;
}
@ -193,7 +193,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_getSendBufferSize(JNIEnv *env, jobject self)
status = PR_GetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_GetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_GetSocketOption failed");
goto finish;
}
@ -220,7 +220,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_setSendBufferSize(JNIEnv *env, jobject self,
status = PR_SetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_SetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_SetSocketOption failed");
goto finish;
}
@ -244,7 +244,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_getKeepAlive(JNIEnv *env, jobject self)
status = PR_GetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_GetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_GetSocketOption failed");
goto finish;
}
@ -269,7 +269,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_getReceiveBufferSize(
status = PR_GetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_GetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_GetSocketOption failed");
goto finish;
}
@ -296,7 +296,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_setReceiveBufferSize(
status = PR_SetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_SetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_SetSocketOption failed");
goto finish;
}
@ -323,7 +323,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_setKeepAlive(JNIEnv *env, jobject self,
status = PR_SetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_SetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_SetSocketOption failed");
goto finish;
}
@ -348,7 +348,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_getSoLinger(JNIEnv *env, jobject self)
status = PR_GetSocketOption(sock->fd, &sockOptions);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_GetSocketOption failed");
JSSL_throwSSLSocketException(env, "PR_GetSocketOption failed");
goto finish;
}
@ -431,7 +431,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_socketConnect
if( hostnameStr == NULL ) goto finish;
stat = SSL_SetURL(sock->fd, (char*)hostnameStr);
if( stat != 0 ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Failed to set the SSL URL");
JSSL_throwSSLSocketException(env, "Failed to set the SSL URL");
goto finish;
}
@ -440,7 +440,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_socketConnect
*/
status = PR_Connect(sock->fd, &addr, PR_INTERVAL_NO_TIMEOUT);
if( status != PR_SUCCESS) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Unable to connect");
JSSL_throwSSLSocketException(env, "Unable to connect");
goto finish;
}
@ -493,7 +493,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_getStatus
&subject);
if(secstatus != SECSuccess) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to retrieve socket security status");
goto finish;
}
@ -582,7 +582,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_setCipherPreference(
char buf[128];
PR_snprintf(buf, 128, "Failed to %s cipher 0x%lx\n",
(enable ? "enable" : "disable"), cipher);
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, buf);
JSSL_throwSSLSocketException(env, buf);
goto finish;
}
@ -635,7 +635,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_socketRead(JNIEnv *env, jobject self,
/* just try again */
} else {
/* unrecoverable error */
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Error reading from socket");
goto finish;
}
@ -717,10 +717,10 @@ Java_org_mozilla_jss_ssl_SSLSocket_socketWrite(JNIEnv *env, jobject self,
{
/* just try again */
} else if( err == PR_IO_TIMEOUT_ERROR ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Operation timed out");
JSSL_throwSSLSocketException(env, "Operation timed out");
goto finish;
} else {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to write to socket");
goto finish;
}
@ -749,7 +749,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_shutdownNative(
status = PR_Shutdown(sock->fd, JSSL_enums[how]);
if( status != PR_SUCCESS) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Failed to shutdown socket");
JSSL_throwSSLSocketException(env, "Failed to shutdown socket");
goto finish;
}
@ -768,7 +768,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_invalidateSession(JNIEnv *env, jobject self)
status = SSL_InvalidateSession(sock->fd);
if(status != SECSuccess) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Failed to invalidate session");
JSSL_throwSSLSocketException(env, "Failed to invalidate session");
goto finish;
}
@ -788,7 +788,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_redoHandshake(
status = SSL_ReHandshake(sock->fd, flushCache);
if(status != SECSuccess) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Failed to redo handshake");
JSSL_throwSSLSocketException(env, "Failed to redo handshake");
goto finish;
}
@ -808,7 +808,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_resetHandshakeNative(
status = SSL_ResetHandshake(sock->fd, !asClient);
if(status != SECSuccess) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Failed to redo handshake");
JSSL_throwSSLSocketException(env, "Failed to redo handshake");
goto finish;
}
@ -839,7 +839,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_setCipherPolicyNative(
}
if(status != SECSuccess) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Failed to set cipher policy");
JSSL_throwSSLSocketException(env, "Failed to set cipher policy");
goto finish;
}

67
security/jss/org/mozilla/jss/ssl/SSLSocketException.java Normal file
View File

@ -0,0 +1,67 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Network Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
package org.mozilla.jss.ssl;
/**
* A subclass of java.net.SocketException that contains an error code
* from the native (NSS/NSPR) code. These error codes are defined in the
* class <tt>org.mozilla.jss.util.NativeErrcodes</tt>.
* @see org.mozilla.jss.util.NativeErrcodes
*/
public class SSLSocketException extends java.net.SocketException {
private int errcode = -1;
public SSLSocketException(String msg) {
super(msg);
}
public SSLSocketException(String msg, int errcode) {
super(msg);
this.errcode = errcode;
}
/**
* Returns an error code, as defined in class
* <tt>org.mozilla.jss.util.NativeErrcodes</tt>.
* @see org.mozilla.jss.util.NativeErrcodes
*/
public int getErrcode() {
return errcode;
}
}

102
security/jss/org/mozilla/jss/ssl/SSLerrs.h
View File

@ -1,102 +0,0 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
/* SSL-specific security error codes */
/* caller must include "sslerr.h" */
ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
"Unable to communicate securely. Peer does not support high-grade encryption.")
ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
"Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
"Cannot communicate securely with peer: no common encryption algorithm(s).")
ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
"Unable to find the certificate or key necessary for authentication.")
ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
"Unable to communicate securely with peer: peers's certificate was rejected.")
/* unused (SSL_ERROR_BASE + 5),*/
ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
"The server has encountered bad data from the client.")
ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
"The client has encountered bad data from the server.")
ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
"Unsupported certificate type.")
ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
"Peer using unsupported version of security protocol.")
/* unused (SSL_ERROR_BASE + 10),*/
ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
"Client authentication failed: private key in key database does not match public key in certificate database.")
ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13),
defined in sslerr.h
*/
ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
"Peer only supports SSL version 2, which is locally disabled.")
ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
"SSL received a record with an incorrect Message Authentication Code.")
ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
"SSL peer reports incorrect Message Authentication Code.")
ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
"SSL peer cannot verify your certificate.")
ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
"SSL peer rejected your certificate as revoked.")
ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
"SSL peer rejected your certificate as expired.")
ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
"Cannot connect: SSL is disabled.")
ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
"Cannot connect: SSL peer is in another FORTEZZA domain.")

95
security/jss/org/mozilla/jss/ssl/common.c
View File

@ -47,6 +47,75 @@
#include <winsock.h>
#endif
void
JSSL_throwSSLSocketException(JNIEnv *env, char *message)
{
const char *errStr;
PRErrorCode nativeErrcode;
char *msg = NULL;
int msgLen;
jclass excepClass;
jmethodID excepCons;
jobject excepObj;
jstring msgString;
jint result;
/*
* get the error code and error string
*/
nativeErrcode = PR_GetError();
errStr = JSS_strerror(nativeErrcode);
if( errStr == NULL ) {
errStr = "Unknown error";
}
/*
* construct the message
*/
msgLen = strlen(message) + strlen(errStr) + 40;
msg = PR_Malloc(msgLen);
if( msg == NULL ) {
JSS_throw(env, OUT_OF_MEMORY_ERROR);
goto finish;
}
PR_snprintf(msg, msgLen, "%s: (%ld) %s", message, nativeErrcode, errStr);
/*
* turn the message into a Java string
*/
msgString = (*env)->NewStringUTF(env, msg);
if( msgString == NULL ) goto finish;
/*
* Create the exception object
*/
excepClass = (*env)->FindClass(env,
"org.mozilla.jss.ssl.SSLSocketException");
PR_ASSERT(excepClass != NULL);
if( excepClass == NULL ) goto finish;
excepCons = (*env)->GetMethodID(env, excepClass, "<init>",
"(Ljava/lang/String;I)V");
PR_ASSERT( excepCons != NULL );
if( excepCons == NULL ) goto finish;
excepObj = (*env)->NewObject(env, excepClass, excepCons, msgString,
JSS_ConvertNativeErrcodeToJava(nativeErrcode));
PR_ASSERT(excepObj != NULL);
if( excepObj == NULL ) goto finish;
/*
* throw the exception
*/
result = (*env)->Throw(env, excepObj);
PR_ASSERT(result == 0);
finish:
if( msg != NULL ) {
PR_Free(msg);
}
}
/*
* This is done for regular sockets that we connect() and server sockets,
* but not for sockets that come from accept.
@ -66,7 +135,7 @@ Java_org_mozilla_jss_ssl_SocketBase_socketCreate(JNIEnv *env, jobject self,
/* create a TCP socket */
newFD = PR_NewTCPSocket();
if( newFD == NULL ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"PR_NewTCPSocket() returned NULL");
goto finish;
}
@ -83,7 +152,7 @@ Java_org_mozilla_jss_ssl_SocketBase_socketCreate(JNIEnv *env, jobject self,
/* enable SSL on the socket */
newFD = SSL_ImportFD(NULL, newFD);
if( newFD == NULL ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "SSL_ImportFD() returned NULL");
JSSL_throwSSLSocketException(env, "SSL_ImportFD() returned NULL");
goto finish;
}
@ -100,7 +169,7 @@ Java_org_mozilla_jss_ssl_SocketBase_socketCreate(JNIEnv *env, jobject self,
retval = SSL_SetURL(sockdata->fd, chars);
(*env)->ReleaseStringUTFChars(env, host, chars);
if( retval ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to set SSL domain name");
goto finish;
}
@ -108,7 +177,7 @@ Java_org_mozilla_jss_ssl_SocketBase_socketCreate(JNIEnv *env, jobject self,
status = SSL_OptionSet(sockdata->fd, SSL_SECURITY, PR_TRUE);
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Unable to enable SSL security on socket");
goto finish;
}
@ -117,7 +186,7 @@ Java_org_mozilla_jss_ssl_SocketBase_socketCreate(JNIEnv *env, jobject self,
status = SSL_HandshakeCallback(sockdata->fd, JSSL_HandshakeCallback,
sockdata);
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Unable to install handshake callback");
goto finish;
}
@ -139,7 +208,7 @@ Java_org_mozilla_jss_ssl_SocketBase_socketCreate(JNIEnv *env, jobject self,
sockdata->fd, JSSL_DefaultCertAuthCallback, NULL);
}
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Unable to install certificate authentication callback");
goto finish;
}
@ -156,7 +225,7 @@ Java_org_mozilla_jss_ssl_SocketBase_socketCreate(JNIEnv *env, jobject self,
sockdata->fd, JSSL_CallCertSelectionCallback,
(void*) sockdata->clientCertSelectionCallback);
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Unable to install client certificate selection callback");
goto finish;
}
@ -295,7 +364,7 @@ Java_org_mozilla_jss_ssl_SocketBase_socketBind
/* do the bind() call */
status = PR_Bind(sock->fd, &addr);
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "Failed to bind socket");
JSSL_throwSSLSocketException(env, "Failed to bind socket");
goto finish;
}
@ -338,7 +407,7 @@ Java_org_mozilla_jss_ssl_SocketBase_requestClientAuthNoExpiryCheckNative
*/
status = SSL_OptionSet(sock->fd, SSL_REQUEST_CERTIFICATE, b);
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to set REQUEST_CERTIFICATE option on socket");
goto finish;
}
@ -350,7 +419,7 @@ Java_org_mozilla_jss_ssl_SocketBase_requestClientAuthNoExpiryCheckNative
status = SSL_AuthCertificateHook(sock->fd,
JSSL_ConfirmExpiredPeerCert, NULL /*cx*/);
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Failed to set certificate authentication callback");
goto finish;
}
@ -376,7 +445,7 @@ Java_org_mozilla_jss_ssl_SocketBase_setSSLOption
/* set the option */
status = SSL_OptionSet(sock->fd, JSSL_enums[option], on);
if( status != SECSuccess ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "SSL_OptionSet failed");
JSSL_throwSSLSocketException(env, "SSL_OptionSet failed");
goto finish;
}
@ -405,7 +474,7 @@ JSSL_getSockAddr
status = PR_GetPeerName(sock->fd, addr);
}
if( status != PR_SUCCESS ) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION, "PR_GetSockName failed");
JSSL_throwSSLSocketException(env, "PR_GetSockName failed");
}
finish:
@ -498,7 +567,7 @@ Java_org_mozilla_jss_ssl_SocketBase_setClientCert(
status = SSL_GetClientAuthDataHook(sock->fd, JSSL_GetClientAuthData,
(void*)sock);
if(status != SECSuccess) {
JSS_throwMsgPrErr(env, SOCKET_EXCEPTION,
JSSL_throwSSLSocketException(env,
"Unable to set client auth data hook");
goto finish;
}

3
security/jss/org/mozilla/jss/ssl/jssl.h
View File

@ -131,4 +131,7 @@ JSS_SSL_processExceptions(JNIEnv *env, PRFilePrivate *priv);
JSS_SSL_processExceptions(env, sock->jsockPriv); \
}
void JSSL_throwSSLSocketException(JNIEnv *env, char *message);
#endif

437
security/jss/org/mozilla/jss/util/NativeErrcodes.c Normal file
View File

@ -0,0 +1,437 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Network Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#include <stdlib.h>
#include <secerr.h>
#include <prerror.h>
#include <sslerr.h>
#include <jni.h>
typedef struct {
PRErrorCode native;
int java;
} Errcode;
/*
* This table correlates NSPR and NSS error codes to the enums defined
* in o.m.util.NativeErrcodes. It must be kept in sync with that class.
*/
static Errcode errcodeTable[] = {
{PR_OUT_OF_MEMORY_ERROR, 1},
{PR_BAD_DESCRIPTOR_ERROR, 2},
{PR_WOULD_BLOCK_ERROR, 3},
{PR_ACCESS_FAULT_ERROR, 4},
{PR_INVALID_METHOD_ERROR, 5},
{PR_ILLEGAL_ACCESS_ERROR, 6},
{PR_UNKNOWN_ERROR, 7},
{PR_PENDING_INTERRUPT_ERROR, 8},
{PR_NOT_IMPLEMENTED_ERROR, 9},
{PR_IO_ERROR, 10},
{PR_IO_TIMEOUT_ERROR, 11},
{PR_IO_PENDING_ERROR, 12},
{PR_DIRECTORY_OPEN_ERROR, 13},
{PR_INVALID_ARGUMENT_ERROR, 14},
{PR_ADDRESS_NOT_AVAILABLE_ERROR, 15},
{PR_ADDRESS_NOT_SUPPORTED_ERROR, 16},
{PR_IS_CONNECTED_ERROR, 17},
{PR_BAD_ADDRESS_ERROR, 18},
{PR_ADDRESS_IN_USE_ERROR, 19},
{PR_CONNECT_REFUSED_ERROR, 20},
{PR_NETWORK_UNREACHABLE_ERROR, 21},
{PR_CONNECT_TIMEOUT_ERROR, 22},
{PR_NOT_CONNECTED_ERROR, 23},
{PR_LOAD_LIBRARY_ERROR, 24},
{PR_UNLOAD_LIBRARY_ERROR, 25},
{PR_FIND_SYMBOL_ERROR, 26},
{PR_INSUFFICIENT_RESOURCES_ERROR, 27},
{PR_DIRECTORY_LOOKUP_ERROR, 28},
{PR_TPD_RANGE_ERROR, 29},
{PR_PROC_DESC_TABLE_FULL_ERROR, 30},
{PR_SYS_DESC_TABLE_FULL_ERROR, 31},
{PR_NOT_SOCKET_ERROR, 32},
{PR_NOT_TCP_SOCKET_ERROR, 33},
{PR_SOCKET_ADDRESS_IS_BOUND_ERROR, 34},
{PR_NO_ACCESS_RIGHTS_ERROR, 35},
{PR_OPERATION_NOT_SUPPORTED_ERROR, 36},
{PR_PROTOCOL_NOT_SUPPORTED_ERROR, 37},
{PR_REMOTE_FILE_ERROR, 38},
{PR_BUFFER_OVERFLOW_ERROR, 39},
{PR_CONNECT_RESET_ERROR, 40},
{PR_RANGE_ERROR, 41},
{PR_DEADLOCK_ERROR, 42},
{PR_FILE_IS_LOCKED_ERROR, 43},
{PR_FILE_TOO_BIG_ERROR, 44},
{PR_NO_DEVICE_SPACE_ERROR, 45},
{PR_PIPE_ERROR, 46},
{PR_NO_SEEK_DEVICE_ERROR, 47},
{PR_IS_DIRECTORY_ERROR, 48},
{PR_LOOP_ERROR, 49},
{PR_NAME_TOO_LONG_ERROR, 50},
{PR_FILE_NOT_FOUND_ERROR, 51},
{PR_NOT_DIRECTORY_ERROR, 52},
{PR_READ_ONLY_FILESYSTEM_ERROR, 53},
{PR_DIRECTORY_NOT_EMPTY_ERROR, 54},
{PR_FILESYSTEM_MOUNTED_ERROR, 55},
{PR_NOT_SAME_DEVICE_ERROR, 56},
{PR_DIRECTORY_CORRUPTED_ERROR, 57},
{PR_FILE_EXISTS_ERROR, 58},
{PR_MAX_DIRECTORY_ENTRIES_ERROR, 59},
{PR_INVALID_DEVICE_STATE_ERROR, 60},
{PR_DEVICE_IS_LOCKED_ERROR, 61},
{PR_NO_MORE_FILES_ERROR, 62},
{PR_END_OF_FILE_ERROR, 63},
{PR_FILE_SEEK_ERROR, 64},
{PR_FILE_IS_BUSY_ERROR, 65},
{PR_OPERATION_ABORTED_ERROR, 66},
{PR_IN_PROGRESS_ERROR, 67},
{PR_ALREADY_INITIATED_ERROR, 68},
{PR_GROUP_EMPTY_ERROR, 69},
{PR_INVALID_STATE_ERROR, 70},
{PR_NETWORK_DOWN_ERROR, 71},
{PR_SOCKET_SHUTDOWN_ERROR, 72},
{PR_CONNECT_ABORTED_ERROR, 73},
{PR_HOST_UNREACHABLE_ERROR, 74},
{SSL_ERROR_BASE, 77},
{SSL_ERROR_EXPORT_ONLY_SERVER, 78},
{SSL_ERROR_US_ONLY_SERVER, 79},
{SSL_ERROR_NO_CYPHER_OVERLAP, 80},
{SSL_ERROR_NO_CERTIFICATE, 81},
{SSL_ERROR_BAD_CERTIFICATE, 82},
{SSL_ERROR_BAD_CLIENT, 83},
{SSL_ERROR_BAD_SERVER, 84},
{SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, 85},
{SSL_ERROR_UNSUPPORTED_VERSION, 86},
{SSL_ERROR_WRONG_CERTIFICATE, 87},
{SSL_ERROR_BAD_CERT_DOMAIN, 88},
{SSL_ERROR_POST_WARNING, 89},
{SSL_ERROR_SSL2_DISABLED, 90},
{SSL_ERROR_BAD_MAC_READ, 91},
{SSL_ERROR_BAD_MAC_ALERT, 92},
{SSL_ERROR_BAD_CERT_ALERT, 93},
{SSL_ERROR_REVOKED_CERT_ALERT, 94},
{SSL_ERROR_EXPIRED_CERT_ALERT, 95},
{SSL_ERROR_SSL_DISABLED, 96},
{SSL_ERROR_FORTEZZA_PQG, 97},
{SSL_ERROR_UNKNOWN_CIPHER_SUITE, 98},
{SSL_ERROR_NO_CIPHERS_SUPPORTED, 99},
{SSL_ERROR_BAD_BLOCK_PADDING, 100},
{SSL_ERROR_RX_RECORD_TOO_LONG, 101},
{SSL_ERROR_TX_RECORD_TOO_LONG, 102},
{SSL_ERROR_RX_MALFORMED_HELLO_REQUEST, 103},
{SSL_ERROR_RX_MALFORMED_CLIENT_HELLO, 104},
{SSL_ERROR_RX_MALFORMED_SERVER_HELLO, 105},
{SSL_ERROR_RX_MALFORMED_CERTIFICATE, 106},
{SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH, 107},
{SSL_ERROR_RX_MALFORMED_CERT_REQUEST, 108},
{SSL_ERROR_RX_MALFORMED_HELLO_DONE, 109},
{SSL_ERROR_RX_MALFORMED_CERT_VERIFY, 110},
{SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH, 111},
{SSL_ERROR_RX_MALFORMED_FINISHED, 112},
{SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER, 113},
{SSL_ERROR_RX_MALFORMED_ALERT, 114},
{SSL_ERROR_RX_MALFORMED_HANDSHAKE, 115},
{SSL_ERROR_RX_MALFORMED_APPLICATION_DATA, 116},
{SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST, 117},
{SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO, 118},
{SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO, 119},
{SSL_ERROR_RX_UNEXPECTED_CERTIFICATE, 120},
{SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH, 121},
{SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST, 122},
{SSL_ERROR_RX_UNEXPECTED_HELLO_DONE, 123},
{SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY, 124},
{SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH, 125},
{SSL_ERROR_RX_UNEXPECTED_FINISHED, 126},
{SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER, 127},
{SSL_ERROR_RX_UNEXPECTED_ALERT, 128},
{SSL_ERROR_RX_UNEXPECTED_HANDSHAKE, 129},
{SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, 130},
{SSL_ERROR_RX_UNKNOWN_RECORD_TYPE, 131},
{SSL_ERROR_RX_UNKNOWN_HANDSHAKE, 132},
{SSL_ERROR_RX_UNKNOWN_ALERT, 133},
{SSL_ERROR_CLOSE_NOTIFY_ALERT, 134},
{SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT, 135},
{SSL_ERROR_DECOMPRESSION_FAILURE_ALERT, 136},
{SSL_ERROR_HANDSHAKE_FAILURE_ALERT, 137},
{SSL_ERROR_ILLEGAL_PARAMETER_ALERT, 138},
{SSL_ERROR_UNSUPPORTED_CERT_ALERT, 139},
{SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT, 140},
{SSL_ERROR_GENERATE_RANDOM_FAILURE, 141},
{SSL_ERROR_SIGN_HASHES_FAILURE, 142},
{SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE, 143},
{SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE, 144},
{SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE, 145},
{SSL_ERROR_ENCRYPTION_FAILURE, 146},
{SSL_ERROR_DECRYPTION_FAILURE, 147},
{SSL_ERROR_SOCKET_WRITE_FAILURE, 148},
{SSL_ERROR_MD5_DIGEST_FAILURE, 149},
{SSL_ERROR_SHA_DIGEST_FAILURE, 150},
{SSL_ERROR_MAC_COMPUTATION_FAILURE, 151},
{SSL_ERROR_SYM_KEY_CONTEXT_FAILURE, 152},
{SSL_ERROR_SYM_KEY_UNWRAP_FAILURE, 153},
{SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED, 154},
{SSL_ERROR_IV_PARAM_FAILURE, 155},
{SSL_ERROR_INIT_CIPHER_SUITE_FAILURE, 156},
{SSL_ERROR_SESSION_KEY_GEN_FAILURE, 157},
{SSL_ERROR_NO_SERVER_KEY_FOR_ALG, 158},
{SSL_ERROR_TOKEN_INSERTION_REMOVAL, 159},
{SSL_ERROR_TOKEN_SLOT_NOT_FOUND, 160},
{SSL_ERROR_NO_COMPRESSION_OVERLAP, 161},
{SSL_ERROR_HANDSHAKE_NOT_COMPLETED, 162},
{SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE, 163},
{SSL_ERROR_CERT_KEA_MISMATCH, 164},
{SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA, 165},
{SSL_ERROR_SESSION_NOT_FOUND, 166},
{SSL_ERROR_DECRYPTION_FAILED_ALERT, 167},
{SSL_ERROR_RECORD_OVERFLOW_ALERT, 168},
{SSL_ERROR_UNKNOWN_CA_ALERT, 169},
{SSL_ERROR_ACCESS_DENIED_ALERT, 170},
{SSL_ERROR_DECODE_ERROR_ALERT, 171},
{SSL_ERROR_DECRYPT_ERROR_ALERT, 172},
{SSL_ERROR_EXPORT_RESTRICTION_ALERT, 173},
{SSL_ERROR_PROTOCOL_VERSION_ALERT, 174},
{SSL_ERROR_INSUFFICIENT_SECURITY_ALERT, 175},
{SSL_ERROR_INTERNAL_ERROR_ALERT, 176},
{SSL_ERROR_USER_CANCELED_ALERT, 177},
{SSL_ERROR_NO_RENEGOTIATION_ALERT, 178},
{SEC_ERROR_IO, 179},
{SEC_ERROR_LIBRARY_FAILURE, 180},
{SEC_ERROR_BAD_DATA, 181},
{SEC_ERROR_OUTPUT_LEN, 182},
{SEC_ERROR_INPUT_LEN, 183},
{SEC_ERROR_INVALID_ARGS, 184},
{SEC_ERROR_INVALID_ALGORITHM, 185},
{SEC_ERROR_INVALID_AVA, 186},
{SEC_ERROR_INVALID_TIME, 187},
{SEC_ERROR_BAD_DER, 188},
{SEC_ERROR_BAD_SIGNATURE, 189},
{SEC_ERROR_EXPIRED_CERTIFICATE, 190},
{SEC_ERROR_REVOKED_CERTIFICATE, 191},
{SEC_ERROR_UNKNOWN_ISSUER, 192},
{SEC_ERROR_BAD_KEY, 193},
{SEC_ERROR_BAD_PASSWORD, 194},
{SEC_ERROR_RETRY_PASSWORD, 195},
{SEC_ERROR_NO_NODELOCK, 196},
{SEC_ERROR_BAD_DATABASE, 197},
{SEC_ERROR_NO_MEMORY, 198},
{SEC_ERROR_UNTRUSTED_ISSUER, 199},
{SEC_ERROR_UNTRUSTED_CERT, 200},
{SEC_ERROR_DUPLICATE_CERT, 201},
{SEC_ERROR_DUPLICATE_CERT_NAME, 202},
{SEC_ERROR_ADDING_CERT, 203},
{SEC_ERROR_FILING_KEY, 204},
{SEC_ERROR_NO_KEY, 205},
{SEC_ERROR_CERT_VALID, 206},
{SEC_ERROR_CERT_NOT_VALID, 207},
{SEC_ERROR_CERT_NO_RESPONSE, 208},
{SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, 209},
{SEC_ERROR_CRL_EXPIRED, 210},
{SEC_ERROR_CRL_BAD_SIGNATURE, 211},
{SEC_ERROR_CRL_INVALID, 212},
{SEC_ERROR_EXTENSION_VALUE_INVALID, 213},
{SEC_ERROR_EXTENSION_NOT_FOUND, 214},
{SEC_ERROR_CA_CERT_INVALID, 215},
{SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, 216},
{SEC_ERROR_CERT_USAGES_INVALID, 217},
{SEC_INTERNAL_ONLY, 218},
{SEC_ERROR_INVALID_KEY, 219},
{SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, 220},
{SEC_ERROR_OLD_CRL, 221},
{SEC_ERROR_NO_EMAIL_CERT, 222},
{SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, 223},
{SEC_ERROR_NOT_A_RECIPIENT, 224},
{SEC_ERROR_PKCS7_KEYALG_MISMATCH, 225},
{SEC_ERROR_PKCS7_BAD_SIGNATURE, 226},
{SEC_ERROR_UNSUPPORTED_KEYALG, 227},
{SEC_ERROR_DECRYPTION_DISALLOWED, 228},
{XP_SEC_FORTEZZA_BAD_CARD, 229},
{XP_SEC_FORTEZZA_NO_CARD, 230},
{XP_SEC_FORTEZZA_NONE_SELECTED, 231},
{XP_SEC_FORTEZZA_MORE_INFO, 232},
{XP_SEC_FORTEZZA_PERSON_NOT_FOUND, 233},
{XP_SEC_FORTEZZA_NO_MORE_INFO, 234},
{XP_SEC_FORTEZZA_BAD_PIN, 235},
{XP_SEC_FORTEZZA_PERSON_ERROR, 236},
{SEC_ERROR_NO_KRL, 237},
{SEC_ERROR_KRL_EXPIRED, 238},
{SEC_ERROR_KRL_BAD_SIGNATURE, 239},
{SEC_ERROR_REVOKED_KEY, 240},
{SEC_ERROR_KRL_INVALID, 241},
{SEC_ERROR_NEED_RANDOM, 242},
{SEC_ERROR_NO_MODULE, 243},
{SEC_ERROR_NO_TOKEN, 244},
{SEC_ERROR_READ_ONLY, 245},
{SEC_ERROR_NO_SLOT_SELECTED, 246},
{SEC_ERROR_CERT_NICKNAME_COLLISION, 247},
{SEC_ERROR_KEY_NICKNAME_COLLISION, 248},
{SEC_ERROR_SAFE_NOT_CREATED, 249},
{SEC_ERROR_BAGGAGE_NOT_CREATED, 250},
{XP_JAVA_REMOVE_PRINCIPAL_ERROR, 251},
{XP_JAVA_DELETE_PRIVILEGE_ERROR, 252},
{XP_JAVA_CERT_NOT_EXISTS_ERROR, 253},
{SEC_ERROR_BAD_EXPORT_ALGORITHM, 254},
{SEC_ERROR_EXPORTING_CERTIFICATES, 255},
{SEC_ERROR_IMPORTING_CERTIFICATES, 256},
{SEC_ERROR_PKCS12_DECODING_PFX, 257},
{SEC_ERROR_PKCS12_INVALID_MAC, 258},
{SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, 259},
{SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE, 260},
{SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, 261},
{SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, 262},
{SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, 263},
{SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT, 264},
{SEC_ERROR_PKCS12_CERT_COLLISION, 265},
{SEC_ERROR_USER_CANCELLED, 266},
{SEC_ERROR_PKCS12_DUPLICATE_DATA, 267},
{SEC_ERROR_MESSAGE_SEND_ABORTED, 268},
{SEC_ERROR_INADEQUATE_KEY_USAGE, 269},
{SEC_ERROR_INADEQUATE_CERT_TYPE, 270},
{SEC_ERROR_CERT_ADDR_MISMATCH, 271},
{SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, 272},
{SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, 273},
{SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, 274},
{SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, 275},
{SEC_ERROR_PKCS12_UNABLE_TO_WRITE, 276},
{SEC_ERROR_PKCS12_UNABLE_TO_READ, 277},
{SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, 278},
{SEC_ERROR_KEYGEN_FAIL, 279},
{SEC_ERROR_INVALID_PASSWORD, 280},
{SEC_ERROR_RETRY_OLD_PASSWORD, 281},
{SEC_ERROR_BAD_NICKNAME, 282},
{SEC_ERROR_NOT_FORTEZZA_ISSUER, 283},
{SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY, 284},
{SEC_ERROR_JS_INVALID_MODULE_NAME, 285},
{SEC_ERROR_JS_INVALID_DLL, 286},
{SEC_ERROR_JS_ADD_MOD_FAILURE, 287},
{SEC_ERROR_JS_DEL_MOD_FAILURE, 288},
{SEC_ERROR_OLD_KRL, 289},
{SEC_ERROR_CKL_CONFLICT, 290},
{SEC_ERROR_CERT_NOT_IN_NAME_SPACE, 291},
{SEC_ERROR_KRL_NOT_YET_VALID, 292},
{SEC_ERROR_CRL_NOT_YET_VALID, 293},
{SEC_ERROR_UNKNOWN_CERT, 294},
{SEC_ERROR_UNKNOWN_SIGNER, 295},
{SEC_ERROR_CERT_BAD_ACCESS_LOCATION, 296},
{SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, 297},
{SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, 298},
{SEC_ERROR_OCSP_MALFORMED_REQUEST, 299},
{SEC_ERROR_OCSP_SERVER_ERROR, 300},
{SEC_ERROR_OCSP_TRY_SERVER_LATER, 301},
{SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, 302},
{SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, 303},
{SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, 304},
{SEC_ERROR_OCSP_UNKNOWN_CERT, 305},
{SEC_ERROR_OCSP_NOT_ENABLED, 306},
{SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, 307},
{SEC_ERROR_OCSP_MALFORMED_RESPONSE, 308},
{SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, 309},
{SEC_ERROR_OCSP_FUTURE_RESPONSE, 310},
{SEC_ERROR_OCSP_OLD_RESPONSE, 311},
{SEC_ERROR_DIGEST_NOT_FOUND, 312},
{SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE, 313}
};
#define numErrcodes (sizeof(errcodeTable)/sizeof(Errcode))
static int
errcodeCompare(const void *elem1, const void *elem2)
{
Errcode *ec1, *ec2;
ec1 = (Errcode*) elem1;
ec2 = (Errcode*) elem2;
if( ec1->native < ec2->native ) {
return -1;
} else if( ec1->native == ec2->native ) {
return 0;
} else {
/* ec1->native > ec2->native */
return 1;
}
}
#ifdef DEBUG
static int initialized = 0;
#endif
/************************************************************************
**
** J S S _ i n i t E r r c o d e T r a n s l a t i o n T a b l e.
**
** Initializes the error code translation table. This should be called
** by CryptoManager.initialize(), and must be called before any calls to
** JSS_ConvertNativeErrcodeToJava.
**
*/
void
JSS_initErrcodeTranslationTable() {
/* sort the table by native errcode */
qsort(errcodeTable, numErrcodes, sizeof(Errcode), errcodeCompare);
#ifdef DEBUG
initialized = 1;
#endif
}
/************************************************************************
**
** J S S _ C o n v e r t N a t i v e E r r c o d e T o J a v a
**
** Converts an NSPR or NSS error code to a Java error code.
** (defined in the class o.m.util.NativeErrcodes)
**
** Returns
** The Java error code, or -1 if a corresponding Java error code could
** not be found.
*/
int
JSS_ConvertNativeErrcodeToJava(PRErrorCode nativeErrcode) {
Errcode key;
Errcode *target;
#ifdef DEBUG
PR_ASSERT(initialized);
#endif
key.native = nativeErrcode;
target = bsearch( &key, errcodeTable, numErrcodes, sizeof(Errcode),
errcodeCompare );
if( target == NULL ) {
return -1;
} else {
return target->java;
}
}

358
security/jss/org/mozilla/jss/util/NativeErrcodes.java Normal file
View File

@ -0,0 +1,358 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Network Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
package org.mozilla.jss.util;
/**
An enumeration of all error codes from NSS and NSPR.
The integer values associated with each error code are subject to change, so
<b>DO NOT DEPEND ON THEM</b>. Only use the symbolic names.
*/
public class NativeErrcodes {
public static final int PR_OUT_OF_MEMORY_ERROR = 1;
public static final int PR_BAD_DESCRIPTOR_ERROR = 2;
public static final int PR_WOULD_BLOCK_ERROR = 3;
public static final int PR_ACCESS_FAULT_ERROR = 4;
public static final int PR_INVALID_METHOD_ERROR = 5;
public static final int PR_ILLEGAL_ACCESS_ERROR = 6;
public static final int PR_UNKNOWN_ERROR = 7;
public static final int PR_PENDING_INTERRUPT_ERROR = 8;
public static final int PR_NOT_IMPLEMENTED_ERROR = 9;
public static final int PR_IO_ERROR = 10;
public static final int PR_IO_TIMEOUT_ERROR = 11;
public static final int PR_IO_PENDING_ERROR = 12;
public static final int PR_DIRECTORY_OPEN_ERROR = 13;
public static final int PR_INVALID_ARGUMENT_ERROR = 14;
public static final int PR_ADDRESS_NOT_AVAILABLE_ERROR = 15;
public static final int PR_ADDRESS_NOT_SUPPORTED_ERROR = 16;
public static final int PR_IS_CONNECTED_ERROR = 17;
public static final int PR_BAD_ADDRESS_ERROR = 18;
public static final int PR_ADDRESS_IN_USE_ERROR = 19;
public static final int PR_CONNECT_REFUSED_ERROR = 20;
public static final int PR_NETWORK_UNREACHABLE_ERROR = 21;
public static final int PR_CONNECT_TIMEOUT_ERROR = 22;
public static final int PR_NOT_CONNECTED_ERROR = 23;
public static final int PR_LOAD_LIBRARY_ERROR = 24;
public static final int PR_UNLOAD_LIBRARY_ERROR = 25;
public static final int PR_FIND_SYMBOL_ERROR = 26;
public static final int PR_INSUFFICIENT_RESOURCES_ERROR = 27;
public static final int PR_DIRECTORY_LOOKUP_ERROR = 28;
public static final int PR_TPD_RANGE_ERROR = 29;
public static final int PR_PROC_DESC_TABLE_FULL_ERROR = 30;
public static final int PR_SYS_DESC_TABLE_FULL_ERROR = 31;
public static final int PR_NOT_SOCKET_ERROR = 32;
public static final int PR_NOT_TCP_SOCKET_ERROR = 33;
public static final int PR_SOCKET_ADDRESS_IS_BOUND_ERROR = 34;
public static final int PR_NO_ACCESS_RIGHTS_ERROR = 35;
public static final int PR_OPERATION_NOT_SUPPORTED_ERROR = 36;
public static final int PR_PROTOCOL_NOT_SUPPORTED_ERROR = 37;
public static final int PR_REMOTE_FILE_ERROR = 38;
public static final int PR_BUFFER_OVERFLOW_ERROR = 39;
public static final int PR_CONNECT_RESET_ERROR = 40;
public static final int PR_RANGE_ERROR = 41;
public static final int PR_DEADLOCK_ERROR = 42;
public static final int PR_FILE_IS_LOCKED_ERROR = 43;
public static final int PR_FILE_TOO_BIG_ERROR = 44;
public static final int PR_NO_DEVICE_SPACE_ERROR = 45;
public static final int PR_PIPE_ERROR = 46;
public static final int PR_NO_SEEK_DEVICE_ERROR = 47;
public static final int PR_IS_DIRECTORY_ERROR = 48;
public static final int PR_LOOP_ERROR = 49;
public static final int PR_NAME_TOO_LONG_ERROR = 50;
public static final int PR_FILE_NOT_FOUND_ERROR = 51;
public static final int PR_NOT_DIRECTORY_ERROR = 52;
public static final int PR_READ_ONLY_FILESYSTEM_ERROR = 53;
public static final int PR_DIRECTORY_NOT_EMPTY_ERROR = 54;
public static final int PR_FILESYSTEM_MOUNTED_ERROR = 55;
public static final int PR_NOT_SAME_DEVICE_ERROR = 56;
public static final int PR_DIRECTORY_CORRUPTED_ERROR = 57;
public static final int PR_FILE_EXISTS_ERROR = 58;
public static final int PR_MAX_DIRECTORY_ENTRIES_ERROR = 59;
public static final int PR_INVALID_DEVICE_STATE_ERROR = 60;
public static final int PR_DEVICE_IS_LOCKED_ERROR = 61;
public static final int PR_NO_MORE_FILES_ERROR = 62;
public static final int PR_END_OF_FILE_ERROR = 63;
public static final int PR_FILE_SEEK_ERROR = 64;
public static final int PR_FILE_IS_BUSY_ERROR = 65;
public static final int PR_OPERATION_ABORTED_ERROR = 66;
public static final int PR_IN_PROGRESS_ERROR = 67;
public static final int PR_ALREADY_INITIATED_ERROR = 68;
public static final int PR_GROUP_EMPTY_ERROR = 69;
public static final int PR_INVALID_STATE_ERROR = 70;
public static final int PR_NETWORK_DOWN_ERROR = 71;
public static final int PR_SOCKET_SHUTDOWN_ERROR = 72;
public static final int PR_CONNECT_ABORTED_ERROR = 73;
public static final int PR_HOST_UNREACHABLE_ERROR = 74;
public static final int SSL_ERROR_BASE = 77;
public static final int SSL_ERROR_EXPORT_ONLY_SERVER = 78;
public static final int SSL_ERROR_US_ONLY_SERVER = 79;
public static final int SSL_ERROR_NO_CYPHER_OVERLAP = 80;
public static final int SSL_ERROR_NO_CERTIFICATE = 81;
public static final int SSL_ERROR_BAD_CERTIFICATE = 82;
public static final int SSL_ERROR_BAD_CLIENT = 83;
public static final int SSL_ERROR_BAD_SERVER = 84;
public static final int SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE = 85;
public static final int SSL_ERROR_UNSUPPORTED_VERSION = 86;
public static final int SSL_ERROR_WRONG_CERTIFICATE = 87;
public static final int SSL_ERROR_BAD_CERT_DOMAIN = 88;
public static final int SSL_ERROR_POST_WARNING = 89;
public static final int SSL_ERROR_SSL2_DISABLED = 90;
public static final int SSL_ERROR_BAD_MAC_READ = 91;
public static final int SSL_ERROR_BAD_MAC_ALERT = 92;
public static final int SSL_ERROR_BAD_CERT_ALERT = 93;
public static final int SSL_ERROR_REVOKED_CERT_ALERT = 94;
public static final int SSL_ERROR_EXPIRED_CERT_ALERT = 95;
public static final int SSL_ERROR_SSL_DISABLED = 96;
public static final int SSL_ERROR_FORTEZZA_PQG = 97;
public static final int SSL_ERROR_UNKNOWN_CIPHER_SUITE = 98;
public static final int SSL_ERROR_NO_CIPHERS_SUPPORTED = 99;
public static final int SSL_ERROR_BAD_BLOCK_PADDING = 100;
public static final int SSL_ERROR_RX_RECORD_TOO_LONG = 101;
public static final int SSL_ERROR_TX_RECORD_TOO_LONG = 102;
public static final int SSL_ERROR_RX_MALFORMED_HELLO_REQUEST = 103;
public static final int SSL_ERROR_RX_MALFORMED_CLIENT_HELLO = 104;
public static final int SSL_ERROR_RX_MALFORMED_SERVER_HELLO = 105;
public static final int SSL_ERROR_RX_MALFORMED_CERTIFICATE = 106;
public static final int SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH = 107;
public static final int SSL_ERROR_RX_MALFORMED_CERT_REQUEST = 108;
public static final int SSL_ERROR_RX_MALFORMED_HELLO_DONE = 109;
public static final int SSL_ERROR_RX_MALFORMED_CERT_VERIFY = 110;
public static final int SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH = 111;
public static final int SSL_ERROR_RX_MALFORMED_FINISHED = 112;
public static final int SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER = 113;
public static final int SSL_ERROR_RX_MALFORMED_ALERT = 114;
public static final int SSL_ERROR_RX_MALFORMED_HANDSHAKE = 115;
public static final int SSL_ERROR_RX_MALFORMED_APPLICATION_DATA = 116;
public static final int SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST = 117;
public static final int SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO = 118;
public static final int SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO = 119;
public static final int SSL_ERROR_RX_UNEXPECTED_CERTIFICATE = 120;
public static final int SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH = 121;
public static final int SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST = 122;
public static final int SSL_ERROR_RX_UNEXPECTED_HELLO_DONE = 123;
public static final int SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY = 124;
public static final int SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH = 125;
public static final int SSL_ERROR_RX_UNEXPECTED_FINISHED = 126;
public static final int SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER = 127;
public static final int SSL_ERROR_RX_UNEXPECTED_ALERT = 128;
public static final int SSL_ERROR_RX_UNEXPECTED_HANDSHAKE = 129;
public static final int SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA = 130;
public static final int SSL_ERROR_RX_UNKNOWN_RECORD_TYPE = 131;
public static final int SSL_ERROR_RX_UNKNOWN_HANDSHAKE = 132;
public static final int SSL_ERROR_RX_UNKNOWN_ALERT = 133;
public static final int SSL_ERROR_CLOSE_NOTIFY_ALERT = 134;
public static final int SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT = 135;
public static final int SSL_ERROR_DECOMPRESSION_FAILURE_ALERT = 136;
public static final int SSL_ERROR_HANDSHAKE_FAILURE_ALERT = 137;
public static final int SSL_ERROR_ILLEGAL_PARAMETER_ALERT = 138;
public static final int SSL_ERROR_UNSUPPORTED_CERT_ALERT = 139;
public static final int SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT = 140;
public static final int SSL_ERROR_GENERATE_RANDOM_FAILURE = 141;
public static final int SSL_ERROR_SIGN_HASHES_FAILURE = 142;
public static final int SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE = 143;
public static final int SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE = 144;
public static final int SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE = 145;
public static final int SSL_ERROR_ENCRYPTION_FAILURE = 146;
public static final int SSL_ERROR_DECRYPTION_FAILURE = 147;
public static final int SSL_ERROR_SOCKET_WRITE_FAILURE = 148;
public static final int SSL_ERROR_MD5_DIGEST_FAILURE = 149;
public static final int SSL_ERROR_SHA_DIGEST_FAILURE = 150;
public static final int SSL_ERROR_MAC_COMPUTATION_FAILURE = 151;
public static final int SSL_ERROR_SYM_KEY_CONTEXT_FAILURE = 152;
public static final int SSL_ERROR_SYM_KEY_UNWRAP_FAILURE = 153;
public static final int SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED = 154;
public static final int SSL_ERROR_IV_PARAM_FAILURE = 155;
public static final int SSL_ERROR_INIT_CIPHER_SUITE_FAILURE = 156;
public static final int SSL_ERROR_SESSION_KEY_GEN_FAILURE = 157;
public static final int SSL_ERROR_NO_SERVER_KEY_FOR_ALG = 158;
public static final int SSL_ERROR_TOKEN_INSERTION_REMOVAL = 159;
public static final int SSL_ERROR_TOKEN_SLOT_NOT_FOUND = 160;
public static final int SSL_ERROR_NO_COMPRESSION_OVERLAP = 161;
public static final int SSL_ERROR_HANDSHAKE_NOT_COMPLETED = 162;
public static final int SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE = 163;
public static final int SSL_ERROR_CERT_KEA_MISMATCH = 164;
public static final int SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA = 165;
public static final int SSL_ERROR_SESSION_NOT_FOUND = 166;
public static final int SSL_ERROR_DECRYPTION_FAILED_ALERT = 167;
public static final int SSL_ERROR_RECORD_OVERFLOW_ALERT = 168;
public static final int SSL_ERROR_UNKNOWN_CA_ALERT = 169;
public static final int SSL_ERROR_ACCESS_DENIED_ALERT = 170;
public static final int SSL_ERROR_DECODE_ERROR_ALERT = 171;
public static final int SSL_ERROR_DECRYPT_ERROR_ALERT = 172;
public static final int SSL_ERROR_EXPORT_RESTRICTION_ALERT = 173;
public static final int SSL_ERROR_PROTOCOL_VERSION_ALERT = 174;
public static final int SSL_ERROR_INSUFFICIENT_SECURITY_ALERT = 175;
public static final int SSL_ERROR_INTERNAL_ERROR_ALERT = 176;
public static final int SSL_ERROR_USER_CANCELED_ALERT = 177;
public static final int SSL_ERROR_NO_RENEGOTIATION_ALERT = 178;
public static final int SEC_ERROR_IO = 179;
public static final int SEC_ERROR_LIBRARY_FAILURE = 180;
public static final int SEC_ERROR_BAD_DATA = 181;
public static final int SEC_ERROR_OUTPUT_LEN = 182;
public static final int SEC_ERROR_INPUT_LEN = 183;
public static final int SEC_ERROR_INVALID_ARGS = 184;
public static final int SEC_ERROR_INVALID_ALGORITHM = 185;
public static final int SEC_ERROR_INVALID_AVA = 186;
public static final int SEC_ERROR_INVALID_TIME = 187;
public static final int SEC_ERROR_BAD_DER = 188;
public static final int SEC_ERROR_BAD_SIGNATURE = 189;
public static final int SEC_ERROR_EXPIRED_CERTIFICATE = 190;
public static final int SEC_ERROR_REVOKED_CERTIFICATE = 191;
public static final int SEC_ERROR_UNKNOWN_ISSUER = 192;
public static final int SEC_ERROR_BAD_KEY = 193;
public static final int SEC_ERROR_BAD_PASSWORD = 194;
public static final int SEC_ERROR_RETRY_PASSWORD = 195;
public static final int SEC_ERROR_NO_NODELOCK = 196;
public static final int SEC_ERROR_BAD_DATABASE = 197;
public static final int SEC_ERROR_NO_MEMORY = 198;
public static final int SEC_ERROR_UNTRUSTED_ISSUER = 199;
public static final int SEC_ERROR_UNTRUSTED_CERT = 200;
public static final int SEC_ERROR_DUPLICATE_CERT = 201;
public static final int SEC_ERROR_DUPLICATE_CERT_NAME = 202;
public static final int SEC_ERROR_ADDING_CERT = 203;
public static final int SEC_ERROR_FILING_KEY = 204;
public static final int SEC_ERROR_NO_KEY = 205;
public static final int SEC_ERROR_CERT_VALID = 206;
public static final int SEC_ERROR_CERT_NOT_VALID = 207;
public static final int SEC_ERROR_CERT_NO_RESPONSE = 208;
public static final int SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE = 209;
public static final int SEC_ERROR_CRL_EXPIRED = 210;
public static final int SEC_ERROR_CRL_BAD_SIGNATURE = 211;
public static final int SEC_ERROR_CRL_INVALID = 212;
public static final int SEC_ERROR_EXTENSION_VALUE_INVALID = 213;
public static final int SEC_ERROR_EXTENSION_NOT_FOUND = 214;
public static final int SEC_ERROR_CA_CERT_INVALID = 215;
public static final int SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID = 216;
public static final int SEC_ERROR_CERT_USAGES_INVALID = 217;
public static final int SEC_INTERNAL_ONLY = 218;
public static final int SEC_ERROR_INVALID_KEY = 219;
public static final int SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION = 220;
public static final int SEC_ERROR_OLD_CRL = 221;
public static final int SEC_ERROR_NO_EMAIL_CERT = 222;
public static final int SEC_ERROR_NO_RECIPIENT_CERTS_QUERY = 223;
public static final int SEC_ERROR_NOT_A_RECIPIENT = 224;
public static final int SEC_ERROR_PKCS7_KEYALG_MISMATCH = 225;
public static final int SEC_ERROR_PKCS7_BAD_SIGNATURE = 226;
public static final int SEC_ERROR_UNSUPPORTED_KEYALG = 227;
public static final int SEC_ERROR_DECRYPTION_DISALLOWED = 228;
public static final int XP_SEC_FORTEZZA_BAD_CARD = 229;
public static final int XP_SEC_FORTEZZA_NO_CARD = 230;
public static final int XP_SEC_FORTEZZA_NONE_SELECTED = 231;
public static final int XP_SEC_FORTEZZA_MORE_INFO = 232;
public static final int XP_SEC_FORTEZZA_PERSON_NOT_FOUND = 233;
public static final int XP_SEC_FORTEZZA_NO_MORE_INFO = 234;
public static final int XP_SEC_FORTEZZA_BAD_PIN = 235;
public static final int XP_SEC_FORTEZZA_PERSON_ERROR = 236;
public static final int SEC_ERROR_NO_KRL = 237;
public static final int SEC_ERROR_KRL_EXPIRED = 238;
public static final int SEC_ERROR_KRL_BAD_SIGNATURE = 239;
public static final int SEC_ERROR_REVOKED_KEY = 240;
public static final int SEC_ERROR_KRL_INVALID = 241;
public static final int SEC_ERROR_NEED_RANDOM = 242;
public static final int SEC_ERROR_NO_MODULE = 243;
public static final int SEC_ERROR_NO_TOKEN = 244;
public static final int SEC_ERROR_READ_ONLY = 245;
public static final int SEC_ERROR_NO_SLOT_SELECTED = 246;
public static final int SEC_ERROR_CERT_NICKNAME_COLLISION = 247;
public static final int SEC_ERROR_KEY_NICKNAME_COLLISION = 248;
public static final int SEC_ERROR_SAFE_NOT_CREATED = 249;
public static final int SEC_ERROR_BAGGAGE_NOT_CREATED = 250;
public static final int XP_JAVA_REMOVE_PRINCIPAL_ERROR = 251;
public static final int XP_JAVA_DELETE_PRIVILEGE_ERROR = 252;
public static final int XP_JAVA_CERT_NOT_EXISTS_ERROR = 253;
public static final int SEC_ERROR_BAD_EXPORT_ALGORITHM = 254;
public static final int SEC_ERROR_EXPORTING_CERTIFICATES = 255;
public static final int SEC_ERROR_IMPORTING_CERTIFICATES = 256;
public static final int SEC_ERROR_PKCS12_DECODING_PFX = 257;
public static final int SEC_ERROR_PKCS12_INVALID_MAC = 258;
public static final int SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM = 259;
public static final int SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE = 260;
public static final int SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE = 261;
public static final int SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM = 262;
public static final int SEC_ERROR_PKCS12_UNSUPPORTED_VERSION = 263;
public static final int SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT = 264;
public static final int SEC_ERROR_PKCS12_CERT_COLLISION = 265;
public static final int SEC_ERROR_USER_CANCELLED = 266;
public static final int SEC_ERROR_PKCS12_DUPLICATE_DATA = 267;
public static final int SEC_ERROR_MESSAGE_SEND_ABORTED = 268;
public static final int SEC_ERROR_INADEQUATE_KEY_USAGE = 269;
public static final int SEC_ERROR_INADEQUATE_CERT_TYPE = 270;
public static final int SEC_ERROR_CERT_ADDR_MISMATCH = 271;
public static final int SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY = 272;
public static final int SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN = 273;
public static final int SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME = 274;
public static final int SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY = 275;
public static final int SEC_ERROR_PKCS12_UNABLE_TO_WRITE = 276;
public static final int SEC_ERROR_PKCS12_UNABLE_TO_READ = 277;
public static final int SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED = 278;
public static final int SEC_ERROR_KEYGEN_FAIL = 279;
public static final int SEC_ERROR_INVALID_PASSWORD = 280;
public static final int SEC_ERROR_RETRY_OLD_PASSWORD = 281;
public static final int SEC_ERROR_BAD_NICKNAME = 282;
public static final int SEC_ERROR_NOT_FORTEZZA_ISSUER = 283;
public static final int SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY = 284;
public static final int SEC_ERROR_JS_INVALID_MODULE_NAME = 285;
public static final int SEC_ERROR_JS_INVALID_DLL = 286;
public static final int SEC_ERROR_JS_ADD_MOD_FAILURE = 287;
public static final int SEC_ERROR_JS_DEL_MOD_FAILURE = 288;
public static final int SEC_ERROR_OLD_KRL = 289;
public static final int SEC_ERROR_CKL_CONFLICT = 290;
public static final int SEC_ERROR_CERT_NOT_IN_NAME_SPACE = 291;
public static final int SEC_ERROR_KRL_NOT_YET_VALID = 292;
public static final int SEC_ERROR_CRL_NOT_YET_VALID = 293;
public static final int SEC_ERROR_UNKNOWN_CERT = 294;
public static final int SEC_ERROR_UNKNOWN_SIGNER = 295;
public static final int SEC_ERROR_CERT_BAD_ACCESS_LOCATION = 296;
public static final int SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE = 297;
public static final int SEC_ERROR_OCSP_BAD_HTTP_RESPONSE = 298;
public static final int SEC_ERROR_OCSP_MALFORMED_REQUEST = 299;
public static final int SEC_ERROR_OCSP_SERVER_ERROR = 300;
public static final int SEC_ERROR_OCSP_TRY_SERVER_LATER = 301;
public static final int SEC_ERROR_OCSP_REQUEST_NEEDS_SIG = 302;
public static final int SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST = 303;
public static final int SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS = 304;
public static final int SEC_ERROR_OCSP_UNKNOWN_CERT = 305;
public static final int SEC_ERROR_OCSP_NOT_ENABLED = 306;
public static final int SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER = 307;
public static final int SEC_ERROR_OCSP_MALFORMED_RESPONSE = 308;
public static final int SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE = 309;
public static final int SEC_ERROR_OCSP_FUTURE_RESPONSE = 310;
public static final int SEC_ERROR_OCSP_OLD_RESPONSE = 311;
public static final int SEC_ERROR_DIGEST_NOT_FOUND = 312;
public static final int SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE = 313;
}

24
security/jss/org/mozilla/jss/util/jssutil.h
View File

@ -278,6 +278,30 @@ JSS_throwMsgPrErrArg(JNIEnv *env, char *throwableClassName, char *message,
#define JSS_throwMsgPrErr(e, cn, m) \
JSS_throwMsgPrErrArg((e), (cn), (m), PR_GetError())
/************************************************************************
**
** J S S _ i n i t E r r c o d e T r a n s l a t i o n T a b l e.
**
** Initializes the error code translation table. This should be called
** by CryptoManager.initialize(), and must be called before any calls to
** JSS_ConvertNativeErrcodeToJava.
**
*/
void JSS_initErrcodeTranslationTable();
/************************************************************************
**
** J S S _ C o n v e r t N a t i v e E r r c o d e T o J a v a
**
** Converts an NSPR or NSS error code to a Java error code.
** (defined in the class o.m.util.NativeErrcodes)
**
** Returns
** The Java error code, or -1 if a corresponding Java error code could
** not be found.
*/
int JSS_ConvertNativeErrcodeToJava(int nativeErrcode);
PR_END_EXTERN_C
#endif

1
security/jss/org/mozilla/jss/util/manifest.mn
View File

@ -51,6 +51,7 @@ PRIVATE_EXPORTS = jssutil.h \
CSRCS = jssutil.c \
jssver.c \
errstrings.c \
NativeErrcodes.c \
$(NULL)
LIBRARY_NAME = jssutil