1.1 --- a/epoc32/include/sslerr.h Tue Nov 24 13:55:44 2009 +0000
1.2 +++ b/epoc32/include/sslerr.h Tue Mar 16 16:12:26 2010 +0000
1.3 @@ -1,1 +1,191 @@
1.4 -sslerr.h
1.5 +// Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +// All rights reserved.
1.7 +// This component and the accompanying materials are made available
1.8 +// under the terms of the License "Symbian Foundation License v1.0" to Symbian Foundation members and "Symbian Foundation End User License Agreement v1.0" to non-members
1.9 +// which accompanies this distribution, and is available
1.10 +// at the URL "http://www.symbianfoundation.org/legal/licencesv10.html".
1.11 +//
1.12 +// Initial Contributors:
1.13 +// Nokia Corporation - initial contribution.
1.14 +//
1.15 +// Contributors:
1.16 +//
1.17 +// Description:
1.18 +//
1.19 +
1.20 +
1.21 +
1.22 +#ifndef __SSLERR_H__
1.23 +#define __SSLERR_H__
1.24 +
1.25 +/** Base offset for SSL errors. */
1.26 +#define SSL_ERROR_BASE -7400
1.27 +/** Base offset for SSL alerts. */
1.28 +#define SSL_ALERT_BASE 100
1.29 +
1.30 +/**
1.31 + * @file SSLErr.h
1.32 + * Error code definitions for TLS.
1.33 + */
1.34 +
1.35 +/**
1.36 + * No shared cipher was found.
1.37 + * The handshake failed because there was no available shared cipher supported by both the client and the server.
1.38 + */
1.39 +const TInt KErrSSLNoSharedCipher = SSL_ERROR_BASE - 1;
1.40 +
1.41 +/**
1.42 + * The socket already has received data pending on it.
1.43 + * This error is seen when StartClientHandshake is called when
1.44 + * there is already data waiting to be read from the socket. */
1.45 +const TInt KErrSSLSocketBusy = SSL_ERROR_BASE - 2;
1.46 +
1.47 +/** One or more cipher suites passed as an argument was invalid. */
1.48 +const TInt KErrSSLInvalidCipherSuite = SSL_ERROR_BASE - 3;
1.49 +
1.50 +/**
1.51 + * The certificate that was passed as an argument was invalid.
1.52 + * (this could be that actual certificate is not a valid certificate, or if
1.53 + * certman handles are passed, it wasn't found in certman) */
1.54 +const TInt KErrSSLInvalidCert = SSL_ERROR_BASE - 4;
1.55 +
1.56 +/** No client certificate was supplied. */
1.57 +const TInt KErrSSLNoClientCert = SSL_ERROR_BASE - 5;
1.58 +
1.59 +/** The size of the key is too big. */
1.60 +const TInt KErrSSLUnsupportedKeySize = SSL_ERROR_BASE - 6;
1.61 +
1.62 +/** General unsupported key error */
1.63 +const TInt KErrSSLUnsupportedKey = SSL_ERROR_BASE - 7;
1.64 +
1.65 +/** An invalid record was received. */
1.66 +const TInt KErrSSLBadRecordHeader = SSL_ERROR_BASE - 8;
1.67 +
1.68 +/////////////////////////////////////////////////////
1.69 +// Handshake related errors
1.70 +
1.71 +/** Invalid protocol version. */
1.72 +const TInt KErrSSLBadProtocolVersion = SSL_ERROR_BASE - 9;
1.73 +
1.74 +/** The server only supports the SSL2.0 protocol. */
1.75 +const TInt KErrSSL2ServerOnly = SSL_ERROR_BASE - 10;
1.76 +
1.77 +/** Unexpected message. */
1.78 +const TInt KErrSSLUnexpectedMessage = SSL_ERROR_BASE - 11;
1.79 +
1.80 +/** Unsupported cipher. */
1.81 +const TInt KErrSSLUnsupportedCipher = SSL_ERROR_BASE - 12;
1.82 +
1.83 +/** Bad MAC. */
1.84 +const TInt KErrSSLBadMAC = SSL_ERROR_BASE - 13;
1.85 +
1.86 +/** An SSL alert was received from the remote end, which caused the connection to be terminated. */
1.87 +const TInt KErrSSLReceivedAlert = SSL_ERROR_BASE - 14;
1.88 +
1.89 +
1.90 +/** An invalid handshake message was received. */
1.91 +const TInt KErrSSLRecvNotSupportedHS = SSL_ERROR_BASE - 15;
1.92 +
1.93 +/** A field in the handshake record being parsed was too big. */
1.94 +const TInt KErrSSLHSRecordFieldTooBig = SSL_ERROR_BASE - 16;
1.95 +
1.96 +/** Record header field too big. */
1.97 +const TInt KErrSSLRecordHeaderTooBig = SSL_ERROR_BASE - 17;
1.98 +
1.99 +/** Send data field too big. */
1.100 +const TInt KErrSSLSendDataTooBig = SSL_ERROR_BASE - 18;
1.101 +
1.102 +/** No certificate. */
1.103 +const TInt KErrSSLNoCertificate = SSL_ERROR_BASE - 19;
1.104 +
1.105 +/** Invalid hash. */
1.106 +const TInt KErrSSLInvalidHash = SSL_ERROR_BASE - 20;
1.107 +
1.108 +/** Send cancelled. */
1.109 +const TInt KErrSSLSendCanceled = SSL_ERROR_BASE - 21;
1.110 +
1.111 +/** Receieve cancelled. */
1.112 +const TInt KErrSSLRecvCanceled = SSL_ERROR_BASE - 22;
1.113 +
1.114 +/** CancelHandshake was called during one of the handshake methods. */
1.115 +const TInt KErrSSLHandshakeCanceled = SSL_ERROR_BASE - 23;
1.116 +
1.117 +/** Write failed. */
1.118 +const TInt KErrSSLWriteFailed = SSL_ERROR_BASE - 24;
1.119 +
1.120 +/** The SSL.dll couldn't be loaded by the adaptor. */
1.121 +const TInt KErrSSLFailedToLoad = SSL_ERROR_BASE - 25;
1.122 +
1.123 +/** An unspecified error was signaled from the SSL.dll to the adaptor. */
1.124 +const TInt KErrSSLDisconnectIndication = SSL_ERROR_BASE - 26;
1.125 +
1.126 +/** A leave occured in the SSL.dll. */
1.127 +const TInt KErrSSLDllLeave = SSL_ERROR_BASE - 27;
1.128 +
1.129 +/** A leave occured in the SSL.dll. */
1.130 +const TInt KErrSSLNullTlsSession = SSL_ERROR_BASE - 28;
1.131 +
1.132 +/////////////////////////////////////////////////////
1.133 +// These error codes are equivalent to the standard TLS protocol Alert message
1.134 +// errors as defined in the TLS RFC. They include all those defined in SSL3.0
1.135 +// The end number of each error is the same as per the RFC, so by using the
1.136 +// SSL_ERROR_BASE and SSL_ALERT_BASE defines, errors codes can be constructed
1.137 +// directly from the field within an alert message.
1.138 +/** Close notification. */
1.139 +const TInt KErrSSLAlertCloseNotify = SSL_ERROR_BASE - SSL_ALERT_BASE - 0;
1.140 +/** An inappropriate message was received. */
1.141 +const TInt KErrSSLAlertUnexpectedMessage = SSL_ERROR_BASE - SSL_ALERT_BASE - 10;
1.142 +/** A record was received with an incorrect MAC. */
1.143 +const TInt KErrSSLAlertBadRecordMac = SSL_ERROR_BASE - SSL_ALERT_BASE - 20;
1.144 +/** A TLS cipher text was decrypted in an invalid way. */
1.145 +const TInt KErrSSLAlertDecryptionFailed = SSL_ERROR_BASE - SSL_ALERT_BASE - 21;
1.146 +/** A TLS cipher text record was received which was too long. */
1.147 +const TInt KErrSSLAlertRecordOverflow = SSL_ERROR_BASE - SSL_ALERT_BASE - 22;
1.148 +/** The decompression function received improper input. */
1.149 +const TInt KErrSSLAlertDecompressionFailure = SSL_ERROR_BASE - SSL_ALERT_BASE - 30;
1.150 +/** With given the options available, the sender was unable to negotiate an acceptable
1.151 +* set of security parameters . */
1.152 +const TInt KErrSSLAlertHandshakeFailure = SSL_ERROR_BASE - SSL_ALERT_BASE - 40;
1.153 +/** No certificate. */
1.154 +const TInt KErrSSLAlertNoCertificate = SSL_ERROR_BASE - SSL_ALERT_BASE - 41;
1.155 +/** A certificate was corrupt, e.g. contained signatures that could not be verified. */
1.156 +const TInt KErrSSLAlertBadCertificate = SSL_ERROR_BASE - SSL_ALERT_BASE - 42;
1.157 +/** The certificate was of an unsupported type. */
1.158 +const TInt KErrSSLAlertUnsupportedCertificate = SSL_ERROR_BASE - SSL_ALERT_BASE - 43;
1.159 +/** The certificate was revoked. */
1.160 +const TInt KErrSSLAlertCertificateRevoked = SSL_ERROR_BASE - SSL_ALERT_BASE - 44;
1.161 +/** The certificate was expired. */
1.162 +const TInt KErrSSLAlertCertificateExpired = SSL_ERROR_BASE - SSL_ALERT_BASE - 45;
1.163 +/** An unspecified problem with the certificate. Certificate can not be used. */
1.164 +const TInt KErrSSLAlertCertificateUnknown = SSL_ERROR_BASE - SSL_ALERT_BASE - 46;
1.165 +/** A field in the handshake was out of range or inconsistent with other fields. */
1.166 +const TInt KErrSSLAlertIllegalParameter = SSL_ERROR_BASE - SSL_ALERT_BASE - 47;
1.167 +
1.168 +/** The certificate was not accepted.
1.169 +*
1.170 +* Either the CA certificate could not be located
1.171 +* or the CA could not be matched with a known trusted CA. */
1.172 +const TInt KErrSSLAlertUnknownCA = SSL_ERROR_BASE - SSL_ALERT_BASE - 48;
1.173 +/** A valid certificate was received, but the access control denied access. */
1.174 +const TInt KErrSSLAlertAccessDenied = SSL_ERROR_BASE - SSL_ALERT_BASE - 49;
1.175 +/** A message could not be decoded, e.g. some field was out of the specified range. */
1.176 +const TInt KErrSSLAlertDecodeError = SSL_ERROR_BASE - SSL_ALERT_BASE - 50;
1.177 +/** A handshake cryptographic operation failed. */
1.178 +const TInt KErrSSLAlertDecryptError = SSL_ERROR_BASE - SSL_ALERT_BASE - 51;
1.179 +/** A negotiation was not allowed due to export restrictions. */
1.180 +const TInt KErrSSLAlertExportRestriction = SSL_ERROR_BASE - SSL_ALERT_BASE - 60;
1.181 +/** The protocol version was not supported, e.g. the client has attempted to negotiate
1.182 +* a recognised, but unsupported protocol. */
1.183 +const TInt KErrSSLAlertProtocolVersion = SSL_ERROR_BASE - SSL_ALERT_BASE - 70;
1.184 +/** Returned instead of KErrSSLAlertHandshakeFailure when the negotiation fails
1.185 +* because the server requests ciphers more secure than those supported by the client. */
1.186 +const TInt KErrSSLAlertInsufficientSecurity = SSL_ERROR_BASE - SSL_ALERT_BASE - 71;
1.187 +/** An internal error. */
1.188 +const TInt KErrSSLAlertInternalError = SSL_ERROR_BASE - SSL_ALERT_BASE - 80;
1.189 +/** This handshake is being cancelled by the user. */
1.190 +const TInt KErrSSLAlertUserCanceled = SSL_ERROR_BASE - SSL_ALERT_BASE - 90;
1.191 +/** No renegotiation will be accepted. */
1.192 +const TInt KErrSSLAlertNoRenegotiation = SSL_ERROR_BASE - SSL_ALERT_BASE - 100;
1.193 +
1.194 +
1.195 +#endif // __SSLERR_H__