1 /* 2 * libZRTP SDK library, implements the ZRTP secure VoIP protocol. 3 * Copyright (c) 2006-2009 Philip R. Zimmermann. All rights reserved. 4 * Contact: http://philzimmermann.com 5 * For licensing and other legal details, see the file zrtp_legal.c. 6 * 7 * Viktor Krykun <v.krikun at zfoneproject.com> 8 */ 9 10 11 /** 12 * \file zrtp_error.h 13 * \brief libzrtp errors definitions 14 */ 15 16 #ifndef __ZRTP_ERROR_H__ 17 #define __ZRTP_ERROR_H__ 18 19 #include "zrtp_config.h" 20 21 /** 22 * \defgroup zrtp_errors Libzrtp Error Definitions 23 * 24 * In this section the ZRTP protocol error codes and the library internal errors are defined. 25 * 26 * When ZRTP Protocl error detected, zrtp_callback_event_t#on_zrtp_security_event is called and 27 * zrtp_session_info_t#last_error contains error code. 28 * \{ 29 */ 30 31 /** 32 * \brief Define protocol error codes according to ZRTP RFC sec. 5.9 33 */ 34 typedef enum zrtp_protocol_error_t 35 { 36 zrtp_error_unknown = 0, 37 zrtp_error_timeout = 1, 38 39 zrtp_error_invalid_packet = 0x10, /** Malformed packet (CRC OK, but wrong structure) */ 40 zrtp_error_software = 0x20, /** Critical software error */ 41 zrtp_error_version = 0x30, /** Unsupported ZRTP version */ 42 zrtp_error_hello_mistmatch = 0x40, /** Hello components mismatch */ 43 44 zrtp_error_hash_unsp = 0x51, /** Hash type not supported */ 45 zrtp_error_cipher_unsp = 0x52, /** Cipher type not supported */ 46 zrtp_error_pktype_unsp = 0x53, /** Public key exchange not supported */ 47 zrtp_error_auth_unsp = 0x54, /** SRTP auth. tag not supported */ 48 zrtp_error_sas_unsp = 0x55, /** SAS scheme not supported */ 49 zrtp_error_no_secret = 0x56, /** No shared secret available, Preshared mode required */ 50 51 zrtp_error_possible_mitm1 = 0x61, /** DH Error: bad pvi or pvr ( == 1, 0, or p-1) */ 52 zrtp_error_possible_mitm2 = 0x62, /** DH Error: hvi != hashed data */ 53 zrtp_error_possible_mitm3 = 0x63, /** Received relayed SAS from untrusted MiTM */ 54 55 zrtp_error_auth_decrypt = 0x70, /** Auth. Error: Bad Confirm pkt HMAC */ 56 zrtp_error_nonse_reuse = 0x80, /** Nonce reuse */ 57 zrtp_error_equal_zid = 0x90, /** Equal ZIDs in Hello */ 58 zrtp_error_service_unavail = 0xA0, /** Service unavailable */ 59 zrtp_error_goclear_unsp = 0x100,/** GoClear packet received, but not allowed */ 60 61 zrtp_error_wrong_zid = 0x202, /** ZID received in new Hello doesn't equal to ZID from the previous stream */ 62 zrtp_error_wrong_meshmac = 0x203, /** Message HMAC doesn't match with pre-received one */ 63 zrtp_error_count 64 } zrtp_protocol_error_t; 65 66 /** 67 * \brief libzrtp functions statuses. 68 * 69 * Note that the value of zrtp_status_ok is equal to zero. This can simplify error checking 70 * somewhat. 71 */ 72 typedef enum zrtp_status_t 73 { 74 zrtp_status_ok = 0, /** OK status */ 75 zrtp_status_fail = 1, /** General, unspecified failure */ 76 zrtp_status_bad_param = 2, /** Wrong, unsupported parameter */ 77 zrtp_status_alloc_fail = 3, /** Fail allocate memory */ 78 zrtp_status_auth_fail = 4, /** SRTP authentication failure */ 79 zrtp_status_cipher_fail = 5, /** Cipher failure on RTP encrypt/decrypt */ 80 zrtp_status_algo_fail = 6, /** General Crypto Algorithm failure */ 81 zrtp_status_key_expired = 7, /** SRTP can't use key any longer */ 82 zrtp_status_buffer_size = 8, /** Input buffer too small */ 83 zrtp_status_drop = 9, /** Packet process DROP status */ 84 zrtp_status_open_fail = 10, /** Failed to open file/device */ 85 zrtp_status_read_fail = 11, /** Unable to read data from the file/stream */ 86 zrtp_status_write_fail = 12, /** Unable to write to the file/stream */ 87 zrtp_status_old_pkt = 13, /** SRTP packet is out of sliding window */ 88 zrtp_status_rp_fail = 14, /** RTP replay protection failed */ 89 zrtp_status_zrp_fail = 15, /** ZRTP replay protection failed */ 90 zrtp_status_crc_fail = 16, /** ZRTP packet CRC is wrong */ 91 zrtp_status_rng_fail = 17, /** Can't generate random value */ 92 zrtp_status_wrong_state = 18, /** Illegal operation in current state */ 93 zrtp_status_attack = 19, /** Attack detected */ 94 zrtp_status_notavailable = 20, /** Function is not available in current configuration */ 95 zrtp_status_count = 21 96 } zrtp_status_t; 97 98 /** \} */ 99 100 /** \manonly */ 101 102 #define ZRTP_MIM2_WARNING_STR \ 103 "Possible Man-In-The-Middle-Attack! Switching to state Error\n"\ 104 "because a packet arrived that was ZRTP_DHPART2, but contained\n"\ 105 "a g^y that didn't match the previous ZRTP_COMMIT.\n" 106 107 #define ZRTP_MITM1_WARNING_STR "DH validating failed. (pvi is 1 or p-1), aborted\n" 108 109 #define ZRTP_VERIFIED_INIT_WARNING_STR \ 110 "Falling back to cleartext because a packet arrived that was\n"\ 111 "ZRTP_CONFIRM1, but which couldn't be verified - the sender must have a different\n"\ 112 "shared secret than we have.\n" 113 114 #define ZRTP_VERIFIED_RESP_WARNING_STR \ 115 "Falling back to cleartext because a packet arrived that was ZRTP_CONFIRM2,\n"\ 116 " but which couldn't be verified - the sender must have a different shared secret than we have.\n" 117 118 #define ZRTP_EQUAL_ZID_WARNING_STR \ 119 "Received a ZRTP_HELLO packet with the same ZRTP ID that we have.\n"\ 120 " This is likely due to a bug in the software. Ignoring the ZRTP_HELLO\n"\ 121 " packet, therefore this call cannot be encrypted.\n" 122 123 #define ZRTP_UNSUPPORTED_COMP_WARNING_STR \ 124 " Received ZRTP_HELLO packet with an algorithms field which had a\n"\ 125 " list of hashes that didn't include any of our supported hashes. Ignoring\n"\ 126 " the ZRTP_HELLO packet, therefore this call cannot be encrypted.\n" 127 128 #define ZRTP_NOT_UNIQUE_NONCE_WARNING_STR \ 129 " Received COMMIT with hash value already used in another stream within this ZRTP session\n" 130 131 #define ZRTP_RELAYED_SAS_FROM_NONMITM_STR \ 132 " Received SAS Relaying message from endpoint which haven't introduced as MiTM.\n" 133 134 /** \endmanonly */ 135 136 #endif /* __ZRTP_ERROR_H__ */ 137