1 /* This Source Code Form is subject to the terms of the Mozilla Public
2  * License, v. 2.0. If a copy of the MPL was not distributed with this
3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 
5 #ifndef __SEC_ERR_H_
6 #define __SEC_ERR_H_
7 
8 #include "utilrename.h"
9 
10 #define SEC_ERROR_BASE (-0x2000)
11 #define SEC_ERROR_LIMIT (SEC_ERROR_BASE + 1000)
12 
13 #define IS_SEC_ERROR(code) \
14     (((code) >= SEC_ERROR_BASE) && ((code) < SEC_ERROR_LIMIT))
15 
16 #ifndef NO_SECURITY_ERROR_ENUM
17 typedef enum {
18     SEC_ERROR_IO = SEC_ERROR_BASE + 0,
19     SEC_ERROR_LIBRARY_FAILURE = SEC_ERROR_BASE + 1,
20     SEC_ERROR_BAD_DATA = SEC_ERROR_BASE + 2,
21     SEC_ERROR_OUTPUT_LEN = SEC_ERROR_BASE + 3,
22     SEC_ERROR_INPUT_LEN = SEC_ERROR_BASE + 4,
23     SEC_ERROR_INVALID_ARGS = SEC_ERROR_BASE + 5,
24     SEC_ERROR_INVALID_ALGORITHM = SEC_ERROR_BASE + 6,
25     SEC_ERROR_INVALID_AVA = SEC_ERROR_BASE + 7,
26     SEC_ERROR_INVALID_TIME = SEC_ERROR_BASE + 8,
27     SEC_ERROR_BAD_DER = SEC_ERROR_BASE + 9,
28     SEC_ERROR_BAD_SIGNATURE = SEC_ERROR_BASE + 10,
29     SEC_ERROR_EXPIRED_CERTIFICATE = SEC_ERROR_BASE + 11,
30     SEC_ERROR_REVOKED_CERTIFICATE = SEC_ERROR_BASE + 12,
31     SEC_ERROR_UNKNOWN_ISSUER = SEC_ERROR_BASE + 13,
32     SEC_ERROR_BAD_KEY = SEC_ERROR_BASE + 14,
33     SEC_ERROR_BAD_PASSWORD = SEC_ERROR_BASE + 15,
34     SEC_ERROR_RETRY_PASSWORD = SEC_ERROR_BASE + 16,
35     SEC_ERROR_NO_NODELOCK = SEC_ERROR_BASE + 17,
36     SEC_ERROR_BAD_DATABASE = SEC_ERROR_BASE + 18,
37     SEC_ERROR_NO_MEMORY = SEC_ERROR_BASE + 19,
38     SEC_ERROR_UNTRUSTED_ISSUER = SEC_ERROR_BASE + 20,
39     SEC_ERROR_UNTRUSTED_CERT = SEC_ERROR_BASE + 21,
40     SEC_ERROR_DUPLICATE_CERT = (SEC_ERROR_BASE + 22),
41     SEC_ERROR_DUPLICATE_CERT_NAME = (SEC_ERROR_BASE + 23),
42     SEC_ERROR_ADDING_CERT = (SEC_ERROR_BASE + 24),
43     SEC_ERROR_FILING_KEY = (SEC_ERROR_BASE + 25),
44     SEC_ERROR_NO_KEY = (SEC_ERROR_BASE + 26),
45     SEC_ERROR_CERT_VALID = (SEC_ERROR_BASE + 27),
46     SEC_ERROR_CERT_NOT_VALID = (SEC_ERROR_BASE + 28),
47     SEC_ERROR_CERT_NO_RESPONSE = (SEC_ERROR_BASE + 29),
48     SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE = (SEC_ERROR_BASE + 30),
49     SEC_ERROR_CRL_EXPIRED = (SEC_ERROR_BASE + 31),
50     SEC_ERROR_CRL_BAD_SIGNATURE = (SEC_ERROR_BASE + 32),
51     SEC_ERROR_CRL_INVALID = (SEC_ERROR_BASE + 33),
52     SEC_ERROR_EXTENSION_VALUE_INVALID = (SEC_ERROR_BASE + 34),
53     SEC_ERROR_EXTENSION_NOT_FOUND = (SEC_ERROR_BASE + 35),
54     SEC_ERROR_CA_CERT_INVALID = (SEC_ERROR_BASE + 36),
55     SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID = (SEC_ERROR_BASE + 37),
56     SEC_ERROR_CERT_USAGES_INVALID = (SEC_ERROR_BASE + 38),
57     SEC_INTERNAL_ONLY = (SEC_ERROR_BASE + 39),
58     SEC_ERROR_INVALID_KEY = (SEC_ERROR_BASE + 40),
59     SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 41),
60     SEC_ERROR_OLD_CRL = (SEC_ERROR_BASE + 42),
61     SEC_ERROR_NO_EMAIL_CERT = (SEC_ERROR_BASE + 43),
62     SEC_ERROR_NO_RECIPIENT_CERTS_QUERY = (SEC_ERROR_BASE + 44),
63     SEC_ERROR_NOT_A_RECIPIENT = (SEC_ERROR_BASE + 45),
64     SEC_ERROR_PKCS7_KEYALG_MISMATCH = (SEC_ERROR_BASE + 46),
65     SEC_ERROR_PKCS7_BAD_SIGNATURE = (SEC_ERROR_BASE + 47),
66     SEC_ERROR_UNSUPPORTED_KEYALG = (SEC_ERROR_BASE + 48),
67     SEC_ERROR_DECRYPTION_DISALLOWED = (SEC_ERROR_BASE + 49),
68     /* Fortezza Alerts */
69     XP_SEC_FORTEZZA_BAD_CARD = (SEC_ERROR_BASE + 50),
70     XP_SEC_FORTEZZA_NO_CARD = (SEC_ERROR_BASE + 51),
71     XP_SEC_FORTEZZA_NONE_SELECTED = (SEC_ERROR_BASE + 52),
72     XP_SEC_FORTEZZA_MORE_INFO = (SEC_ERROR_BASE + 53),
73     XP_SEC_FORTEZZA_PERSON_NOT_FOUND = (SEC_ERROR_BASE + 54),
74     XP_SEC_FORTEZZA_NO_MORE_INFO = (SEC_ERROR_BASE + 55),
75     XP_SEC_FORTEZZA_BAD_PIN = (SEC_ERROR_BASE + 56),
76     XP_SEC_FORTEZZA_PERSON_ERROR = (SEC_ERROR_BASE + 57),
77     SEC_ERROR_NO_KRL = (SEC_ERROR_BASE + 58),
78     SEC_ERROR_KRL_EXPIRED = (SEC_ERROR_BASE + 59),
79     SEC_ERROR_KRL_BAD_SIGNATURE = (SEC_ERROR_BASE + 60),
80     SEC_ERROR_REVOKED_KEY = (SEC_ERROR_BASE + 61),
81     SEC_ERROR_KRL_INVALID = (SEC_ERROR_BASE + 62),
82     SEC_ERROR_NEED_RANDOM = (SEC_ERROR_BASE + 63),
83     SEC_ERROR_NO_MODULE = (SEC_ERROR_BASE + 64),
84     SEC_ERROR_NO_TOKEN = (SEC_ERROR_BASE + 65),
85     SEC_ERROR_READ_ONLY = (SEC_ERROR_BASE + 66),
86     SEC_ERROR_NO_SLOT_SELECTED = (SEC_ERROR_BASE + 67),
87     SEC_ERROR_CERT_NICKNAME_COLLISION = (SEC_ERROR_BASE + 68),
88     SEC_ERROR_KEY_NICKNAME_COLLISION = (SEC_ERROR_BASE + 69),
89     SEC_ERROR_SAFE_NOT_CREATED = (SEC_ERROR_BASE + 70),
90     SEC_ERROR_BAGGAGE_NOT_CREATED = (SEC_ERROR_BASE + 71),
91     XP_JAVA_REMOVE_PRINCIPAL_ERROR = (SEC_ERROR_BASE + 72),
92     XP_JAVA_DELETE_PRIVILEGE_ERROR = (SEC_ERROR_BASE + 73),
93     XP_JAVA_CERT_NOT_EXISTS_ERROR = (SEC_ERROR_BASE + 74),
94     SEC_ERROR_BAD_EXPORT_ALGORITHM = (SEC_ERROR_BASE + 75),
95     SEC_ERROR_EXPORTING_CERTIFICATES = (SEC_ERROR_BASE + 76),
96     SEC_ERROR_IMPORTING_CERTIFICATES = (SEC_ERROR_BASE + 77),
97     SEC_ERROR_PKCS12_DECODING_PFX = (SEC_ERROR_BASE + 78),
98     SEC_ERROR_PKCS12_INVALID_MAC = (SEC_ERROR_BASE + 79),
99     SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM = (SEC_ERROR_BASE + 80),
100     SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE = (SEC_ERROR_BASE + 81),
101     SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE = (SEC_ERROR_BASE + 82),
102     SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM = (SEC_ERROR_BASE + 83),
103     SEC_ERROR_PKCS12_UNSUPPORTED_VERSION = (SEC_ERROR_BASE + 84),
104     SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT = (SEC_ERROR_BASE + 85),
105     SEC_ERROR_PKCS12_CERT_COLLISION = (SEC_ERROR_BASE + 86),
106     SEC_ERROR_USER_CANCELLED = (SEC_ERROR_BASE + 87),
107     SEC_ERROR_PKCS12_DUPLICATE_DATA = (SEC_ERROR_BASE + 88),
108     SEC_ERROR_MESSAGE_SEND_ABORTED = (SEC_ERROR_BASE + 89),
109     SEC_ERROR_INADEQUATE_KEY_USAGE = (SEC_ERROR_BASE + 90),
110     SEC_ERROR_INADEQUATE_CERT_TYPE = (SEC_ERROR_BASE + 91),
111     SEC_ERROR_CERT_ADDR_MISMATCH = (SEC_ERROR_BASE + 92),
112     SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY = (SEC_ERROR_BASE + 93),
113     SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN = (SEC_ERROR_BASE + 94),
114     SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME = (SEC_ERROR_BASE + 95),
115     SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY = (SEC_ERROR_BASE + 96),
116     SEC_ERROR_PKCS12_UNABLE_TO_WRITE = (SEC_ERROR_BASE + 97),
117     SEC_ERROR_PKCS12_UNABLE_TO_READ = (SEC_ERROR_BASE + 98),
118     SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED = (SEC_ERROR_BASE + 99),
119     SEC_ERROR_KEYGEN_FAIL = (SEC_ERROR_BASE + 100),
120     SEC_ERROR_INVALID_PASSWORD = (SEC_ERROR_BASE + 101),
121     SEC_ERROR_RETRY_OLD_PASSWORD = (SEC_ERROR_BASE + 102),
122     SEC_ERROR_BAD_NICKNAME = (SEC_ERROR_BASE + 103),
123     SEC_ERROR_NOT_FORTEZZA_ISSUER = (SEC_ERROR_BASE + 104),
124     SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY = (SEC_ERROR_BASE + 105),
125     SEC_ERROR_JS_INVALID_MODULE_NAME = (SEC_ERROR_BASE + 106),
126     SEC_ERROR_JS_INVALID_DLL = (SEC_ERROR_BASE + 107),
127     SEC_ERROR_JS_ADD_MOD_FAILURE = (SEC_ERROR_BASE + 108),
128     SEC_ERROR_JS_DEL_MOD_FAILURE = (SEC_ERROR_BASE + 109),
129     SEC_ERROR_OLD_KRL = (SEC_ERROR_BASE + 110),
130     SEC_ERROR_CKL_CONFLICT = (SEC_ERROR_BASE + 111),
131     SEC_ERROR_CERT_NOT_IN_NAME_SPACE = (SEC_ERROR_BASE + 112),
132     SEC_ERROR_KRL_NOT_YET_VALID = (SEC_ERROR_BASE + 113),
133     SEC_ERROR_CRL_NOT_YET_VALID = (SEC_ERROR_BASE + 114),
134     SEC_ERROR_UNKNOWN_CERT = (SEC_ERROR_BASE + 115),
135     SEC_ERROR_UNKNOWN_SIGNER = (SEC_ERROR_BASE + 116),
136     SEC_ERROR_CERT_BAD_ACCESS_LOCATION = (SEC_ERROR_BASE + 117),
137     SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE = (SEC_ERROR_BASE + 118),
138     SEC_ERROR_OCSP_BAD_HTTP_RESPONSE = (SEC_ERROR_BASE + 119),
139     SEC_ERROR_OCSP_MALFORMED_REQUEST = (SEC_ERROR_BASE + 120),
140     SEC_ERROR_OCSP_SERVER_ERROR = (SEC_ERROR_BASE + 121),
141     SEC_ERROR_OCSP_TRY_SERVER_LATER = (SEC_ERROR_BASE + 122),
142     SEC_ERROR_OCSP_REQUEST_NEEDS_SIG = (SEC_ERROR_BASE + 123),
143     SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST = (SEC_ERROR_BASE + 124),
144     SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS = (SEC_ERROR_BASE + 125),
145     SEC_ERROR_OCSP_UNKNOWN_CERT = (SEC_ERROR_BASE + 126),
146     SEC_ERROR_OCSP_NOT_ENABLED = (SEC_ERROR_BASE + 127),
147     SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER = (SEC_ERROR_BASE + 128),
148     SEC_ERROR_OCSP_MALFORMED_RESPONSE = (SEC_ERROR_BASE + 129),
149     SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE = (SEC_ERROR_BASE + 130),
150     SEC_ERROR_OCSP_FUTURE_RESPONSE = (SEC_ERROR_BASE + 131),
151     SEC_ERROR_OCSP_OLD_RESPONSE = (SEC_ERROR_BASE + 132),
152     /* smime stuff */
153     SEC_ERROR_DIGEST_NOT_FOUND = (SEC_ERROR_BASE + 133),
154     SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE = (SEC_ERROR_BASE + 134),
155     SEC_ERROR_MODULE_STUCK = (SEC_ERROR_BASE + 135),
156     SEC_ERROR_BAD_TEMPLATE = (SEC_ERROR_BASE + 136),
157     SEC_ERROR_CRL_NOT_FOUND = (SEC_ERROR_BASE + 137),
158     SEC_ERROR_REUSED_ISSUER_AND_SERIAL = (SEC_ERROR_BASE + 138),
159     SEC_ERROR_BUSY = (SEC_ERROR_BASE + 139),
160     SEC_ERROR_EXTRA_INPUT = (SEC_ERROR_BASE + 140),
161     /* error codes used by elliptic curve code */
162     SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE = (SEC_ERROR_BASE + 141),
163     SEC_ERROR_UNSUPPORTED_EC_POINT_FORM = (SEC_ERROR_BASE + 142),
164     SEC_ERROR_UNRECOGNIZED_OID = (SEC_ERROR_BASE + 143),
165     SEC_ERROR_OCSP_INVALID_SIGNING_CERT = (SEC_ERROR_BASE + 144),
166     /* new revocation errors */
167     SEC_ERROR_REVOKED_CERTIFICATE_CRL = (SEC_ERROR_BASE + 145),
168     SEC_ERROR_REVOKED_CERTIFICATE_OCSP = (SEC_ERROR_BASE + 146),
169     SEC_ERROR_CRL_INVALID_VERSION = (SEC_ERROR_BASE + 147),
170     SEC_ERROR_CRL_V1_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 148),
171     SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 149),
172     SEC_ERROR_UNKNOWN_OBJECT_TYPE = (SEC_ERROR_BASE + 150),
173     SEC_ERROR_INCOMPATIBLE_PKCS11 = (SEC_ERROR_BASE + 151),
174     SEC_ERROR_NO_EVENT = (SEC_ERROR_BASE + 152),
175     SEC_ERROR_CRL_ALREADY_EXISTS = (SEC_ERROR_BASE + 153),
176     SEC_ERROR_NOT_INITIALIZED = (SEC_ERROR_BASE + 154),
177     SEC_ERROR_TOKEN_NOT_LOGGED_IN = (SEC_ERROR_BASE + 155),
178     SEC_ERROR_OCSP_RESPONDER_CERT_INVALID = (SEC_ERROR_BASE + 156),
179     SEC_ERROR_OCSP_BAD_SIGNATURE = (SEC_ERROR_BASE + 157),
180 
181     SEC_ERROR_OUT_OF_SEARCH_LIMITS = (SEC_ERROR_BASE + 158),
182     SEC_ERROR_INVALID_POLICY_MAPPING = (SEC_ERROR_BASE + 159),
183     SEC_ERROR_POLICY_VALIDATION_FAILED = (SEC_ERROR_BASE + 160),
184     /* No longer used.  Unknown AIA location types are now silently ignored. */
185     SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE = (SEC_ERROR_BASE + 161),
186     SEC_ERROR_BAD_HTTP_RESPONSE = (SEC_ERROR_BASE + 162),
187     SEC_ERROR_BAD_LDAP_RESPONSE = (SEC_ERROR_BASE + 163),
188     SEC_ERROR_FAILED_TO_ENCODE_DATA = (SEC_ERROR_BASE + 164),
189     SEC_ERROR_BAD_INFO_ACCESS_LOCATION = (SEC_ERROR_BASE + 165),
190 
191     SEC_ERROR_LIBPKIX_INTERNAL = (SEC_ERROR_BASE + 166),
192 
193     SEC_ERROR_PKCS11_GENERAL_ERROR = (SEC_ERROR_BASE + 167),
194     SEC_ERROR_PKCS11_FUNCTION_FAILED = (SEC_ERROR_BASE + 168),
195     SEC_ERROR_PKCS11_DEVICE_ERROR = (SEC_ERROR_BASE + 169),
196 
197     SEC_ERROR_BAD_INFO_ACCESS_METHOD = (SEC_ERROR_BASE + 170),
198     SEC_ERROR_CRL_IMPORT_FAILED = (SEC_ERROR_BASE + 171),
199 
200     SEC_ERROR_EXPIRED_PASSWORD = (SEC_ERROR_BASE + 172),
201     SEC_ERROR_LOCKED_PASSWORD = (SEC_ERROR_BASE + 173),
202 
203     SEC_ERROR_UNKNOWN_PKCS11_ERROR = (SEC_ERROR_BASE + 174),
204 
205     SEC_ERROR_BAD_CRL_DP_URL = (SEC_ERROR_BASE + 175),
206 
207     SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED = (SEC_ERROR_BASE + 176),
208 
209     SEC_ERROR_LEGACY_DATABASE = (SEC_ERROR_BASE + 177),
210 
211     SEC_ERROR_APPLICATION_CALLBACK_ERROR = (SEC_ERROR_BASE + 178),
212 
213     SEC_ERROR_INVALID_STATE = (SEC_ERROR_BASE + 179),
214 
215     SEC_ERROR_POLICY_LOCKED = (SEC_ERROR_BASE + 180),
216     SEC_ERROR_SIGNATURE_ALGORITHM_DISABLED = (SEC_ERROR_BASE + 181),
217 
218     /* Add new error codes above here. */
219     SEC_ERROR_END_OF_LIST
220 } SECErrorCodes;
221 #endif /* NO_SECURITY_ERROR_ENUM */
222 
223 #endif /* __SEC_ERR_H_ */
224