1 /* 2 * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved. 3 */ 4 5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright notice, 11 * this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright notice, 14 * this list of conditions and the following disclaimer in the documentation 15 * and/or other materials provided with the distribution. 16 * 17 * 3. The end-user documentation included with the redistribution, if any, must 18 * include the following acknowledgment: 19 * 20 * "This product includes software developed by IAIK of Graz University of 21 * Technology." 22 * 23 * Alternately, this acknowledgment may appear in the software itself, if 24 * and wherever such third-party acknowledgments normally appear. 25 * 26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of 27 * Technology" must not be used to endorse or promote products derived from 28 * this software without prior written permission. 29 * 30 * 5. Products derived from this software may not be called 31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior 32 * written permission of Graz University of Technology. 33 * 34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED 35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE 38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 45 * POSSIBILITY OF SUCH DAMAGE. 46 */ 47 48 package sun.security.pkcs11.wrapper; 49 50 import java.util.*; 51 import static sun.security.pkcs11.wrapper.PKCS11Constants.*; 52 53 /** 54 * This is the superclass of all checked exceptions used by this package. An 55 * exception of this class indicates that a function call to the underlying 56 * PKCS#11 module returned a value not equal to CKR_OK. The application can get 57 * the returned value by calling getErrorCode(). A return value not equal to 58 * CKR_OK is the only reason for such an exception to be thrown. 59 * PKCS#11 defines the meaning of an error-code, which may depend on the 60 * context in which the error occurs. 61 * 62 * @author <a href="mailto:Karl.Scheibelhofer@iaik.at"> Karl Scheibelhofer </a> 63 * @invariants 64 */ 65 public class PKCS11Exception extends Exception { 66 private static final long serialVersionUID = 4877072363729195L; 67 68 /** 69 * The code of the error which was the reason for this exception. 70 */ 71 protected long errorCode_; 72 73 private static final Map<Long,String> errorMap; 74 75 static { 76 long[] errorCodes = new long[] { 77 CKR_OK, 78 CKR_CANCEL, 79 CKR_HOST_MEMORY, 80 CKR_SLOT_ID_INVALID, 81 CKR_GENERAL_ERROR, 82 CKR_FUNCTION_FAILED, 83 CKR_ARGUMENTS_BAD, 84 CKR_NO_EVENT, 85 CKR_NEED_TO_CREATE_THREADS, 86 CKR_CANT_LOCK, 87 CKR_ATTRIBUTE_READ_ONLY, 88 CKR_ATTRIBUTE_SENSITIVE, 89 CKR_ATTRIBUTE_TYPE_INVALID, 90 CKR_ATTRIBUTE_VALUE_INVALID, 91 CKR_ACTION_PROHIBITED, 92 CKR_DATA_INVALID, 93 CKR_DATA_LEN_RANGE, 94 CKR_DEVICE_ERROR, 95 CKR_DEVICE_MEMORY, 96 CKR_DEVICE_REMOVED, 97 CKR_ENCRYPTED_DATA_INVALID, 98 CKR_ENCRYPTED_DATA_LEN_RANGE, 99 CKR_AEAD_DECRYPT_FAILED, 100 CKR_FUNCTION_CANCELED, 101 CKR_FUNCTION_NOT_PARALLEL, 102 CKR_FUNCTION_NOT_SUPPORTED, 103 CKR_KEY_HANDLE_INVALID, 104 CKR_KEY_SIZE_RANGE, 105 CKR_KEY_TYPE_INCONSISTENT, 106 CKR_KEY_NOT_NEEDED, 107 CKR_KEY_CHANGED, 108 CKR_KEY_NEEDED, 109 CKR_KEY_INDIGESTIBLE, 110 CKR_KEY_FUNCTION_NOT_PERMITTED, 111 CKR_KEY_NOT_WRAPPABLE, 112 CKR_KEY_UNEXTRACTABLE, 113 CKR_MECHANISM_INVALID, 114 CKR_MECHANISM_PARAM_INVALID, 115 CKR_OBJECT_HANDLE_INVALID, 116 CKR_OPERATION_ACTIVE, 117 CKR_OPERATION_NOT_INITIALIZED, 118 CKR_PIN_INCORRECT, 119 CKR_PIN_INVALID, 120 CKR_PIN_LEN_RANGE, 121 CKR_PIN_EXPIRED, 122 CKR_PIN_LOCKED, 123 CKR_SESSION_CLOSED, 124 CKR_SESSION_COUNT, 125 CKR_SESSION_HANDLE_INVALID, 126 CKR_SESSION_PARALLEL_NOT_SUPPORTED, 127 CKR_SESSION_READ_ONLY, 128 CKR_SESSION_EXISTS, 129 CKR_SESSION_READ_ONLY_EXISTS, 130 CKR_SESSION_READ_WRITE_SO_EXISTS, 131 CKR_SIGNATURE_INVALID, 132 CKR_SIGNATURE_LEN_RANGE, 133 CKR_TEMPLATE_INCOMPLETE, 134 CKR_TEMPLATE_INCONSISTENT, 135 CKR_TOKEN_NOT_PRESENT, 136 CKR_TOKEN_NOT_RECOGNIZED, 137 CKR_TOKEN_WRITE_PROTECTED, 138 CKR_UNWRAPPING_KEY_HANDLE_INVALID, 139 CKR_UNWRAPPING_KEY_SIZE_RANGE, 140 CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, 141 CKR_USER_ALREADY_LOGGED_IN, 142 CKR_USER_NOT_LOGGED_IN, 143 CKR_USER_PIN_NOT_INITIALIZED, 144 CKR_USER_TYPE_INVALID, 145 CKR_USER_ANOTHER_ALREADY_LOGGED_IN, 146 CKR_USER_TOO_MANY_TYPES, 147 CKR_WRAPPED_KEY_INVALID, 148 CKR_WRAPPED_KEY_LEN_RANGE, 149 CKR_WRAPPING_KEY_HANDLE_INVALID, 150 CKR_WRAPPING_KEY_SIZE_RANGE, 151 CKR_WRAPPING_KEY_TYPE_INCONSISTENT, 152 CKR_RANDOM_SEED_NOT_SUPPORTED, 153 CKR_RANDOM_NO_RNG, 154 CKR_DOMAIN_PARAMS_INVALID, 155 CKR_CURVE_NOT_SUPPORTED, 156 CKR_BUFFER_TOO_SMALL, 157 CKR_SAVED_STATE_INVALID, 158 CKR_INFORMATION_SENSITIVE, 159 CKR_STATE_UNSAVEABLE, 160 CKR_CRYPTOKI_NOT_INITIALIZED, 161 CKR_CRYPTOKI_ALREADY_INITIALIZED, 162 CKR_MUTEX_BAD, 163 CKR_MUTEX_NOT_LOCKED, 164 CKR_NEW_PIN_MODE, 165 CKR_NEXT_OTP, 166 CKR_EXCEEDED_MAX_ITERATIONS, 167 CKR_FIPS_SELF_TEST_FAILED, 168 CKR_LIBRARY_LOAD_FAILED, 169 CKR_PIN_TOO_WEAK, 170 CKR_PUBLIC_KEY_INVALID, 171 CKR_FUNCTION_REJECTED, 172 CKR_TOKEN_RESOURCE_EXCEEDED, 173 CKR_OPERATION_CANCEL_FAILED, 174 CKR_VENDOR_DEFINED, 175 }; 176 String[] errorMessages = new String[] { 177 "CKR_OK", 178 "CKR_CANCEL", 179 "CKR_HOST_MEMORY", 180 "CKR_SLOT_ID_INVALID", 181 "CKR_GENERAL_ERROR", 182 "CKR_FUNCTION_FAILED", 183 "CKR_ARGUMENTS_BAD", 184 "CKR_NO_EVENT", 185 "CKR_NEED_TO_CREATE_THREADS", 186 "CKR_CANT_LOCK", 187 "CKR_ATTRIBUTE_READ_ONLY", 188 "CKR_ATTRIBUTE_SENSITIVE", 189 "CKR_ATTRIBUTE_TYPE_INVALID", 190 "CKR_ATTRIBUTE_VALUE_INVALID", 191 "CKR_ACTION_PROHIBITED", 192 "CKR_DATA_INVALID", 193 "CKR_DATA_LEN_RANGE", 194 "CKR_DEVICE_ERROR", 195 "CKR_DEVICE_MEMORY", 196 "CKR_DEVICE_REMOVED", 197 "CKR_ENCRYPTED_DATA_INVALID", 198 "CKR_ENCRYPTED_DATA_LEN_RANGE", 199 "CKR_AEAD_DECRYPT_FAILED", 200 "CKR_FUNCTION_CANCELED", 201 "CKR_FUNCTION_NOT_PARALLEL", 202 "CKR_FUNCTION_NOT_SUPPORTED", 203 "CKR_KEY_HANDLE_INVALID", 204 "CKR_KEY_SIZE_RANGE", 205 "CKR_KEY_TYPE_INCONSISTENT", 206 "CKR_KEY_NOT_NEEDED", 207 "CKR_KEY_CHANGED", 208 "CKR_KEY_NEEDED", 209 "CKR_KEY_INDIGESTIBLE", 210 "CKR_KEY_FUNCTION_NOT_PERMITTED", 211 "CKR_KEY_NOT_WRAPPABLE", 212 "CKR_KEY_UNEXTRACTABLE", 213 "CKR_MECHANISM_INVALID", 214 "CKR_MECHANISM_PARAM_INVALID", 215 "CKR_OBJECT_HANDLE_INVALID", 216 "CKR_OPERATION_ACTIVE", 217 "CKR_OPERATION_NOT_INITIALIZED", 218 "CKR_PIN_INCORRECT", 219 "CKR_PIN_INVALID", 220 "CKR_PIN_LEN_RANGE", 221 "CKR_PIN_EXPIRED", 222 "CKR_PIN_LOCKED", 223 "CKR_SESSION_CLOSED", 224 "CKR_SESSION_COUNT", 225 "CKR_SESSION_HANDLE_INVALID", 226 "CKR_SESSION_PARALLEL_NOT_SUPPORTED", 227 "CKR_SESSION_READ_ONLY", 228 "CKR_SESSION_EXISTS", 229 "CKR_SESSION_READ_ONLY_EXISTS", 230 "CKR_SESSION_READ_WRITE_SO_EXISTS", 231 "CKR_SIGNATURE_INVALID", 232 "CKR_SIGNATURE_LEN_RANGE", 233 "CKR_TEMPLATE_INCOMPLETE", 234 "CKR_TEMPLATE_INCONSISTENT", 235 "CKR_TOKEN_NOT_PRESENT", 236 "CKR_TOKEN_NOT_RECOGNIZED", 237 "CKR_TOKEN_WRITE_PROTECTED", 238 "CKR_UNWRAPPING_KEY_HANDLE_INVALID", 239 "CKR_UNWRAPPING_KEY_SIZE_RANGE", 240 "CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT", 241 "CKR_USER_ALREADY_LOGGED_IN", 242 "CKR_USER_NOT_LOGGED_IN", 243 "CKR_USER_PIN_NOT_INITIALIZED", 244 "CKR_USER_TYPE_INVALID", 245 "CKR_USER_ANOTHER_ALREADY_LOGGED_IN", 246 "CKR_USER_TOO_MANY_TYPES", 247 "CKR_WRAPPED_KEY_INVALID", 248 "CKR_WRAPPED_KEY_LEN_RANGE", 249 "CKR_WRAPPING_KEY_HANDLE_INVALID", 250 "CKR_WRAPPING_KEY_SIZE_RANGE", 251 "CKR_WRAPPING_KEY_TYPE_INCONSISTENT", 252 "CKR_RANDOM_SEED_NOT_SUPPORTED", 253 "CKR_RANDOM_NO_RNG", 254 "CKR_DOMAIN_PARAMS_INVALID", 255 "CKR_CURVE_NOT_SUPPORTED", 256 "CKR_BUFFER_TOO_SMALL", 257 "CKR_SAVED_STATE_INVALID", 258 "CKR_INFORMATION_SENSITIVE", 259 "CKR_STATE_UNSAVEABLE", 260 "CKR_CRYPTOKI_NOT_INITIALIZED", 261 "CKR_CRYPTOKI_ALREADY_INITIALIZED", 262 "CKR_MUTEX_BAD", 263 "CKR_MUTEX_NOT_LOCKED", 264 "CKR_NEW_PIN_MODE", 265 "CKR_NEXT_OTP", 266 "CKR_EXCEEDED_MAX_ITERATIONS", 267 "CKR_FIPS_SELF_TEST_FAILED", 268 "CKR_LIBRARY_LOAD_FAILED", 269 "CKR_PIN_TOO_WEAK", 270 "CKR_PUBLIC_KEY_INVALID", 271 "CKR_FUNCTION_REJECTED", 272 "CKR_TOKEN_RESOURCE_EXCEEDED", 273 "CKR_OPERATION_CANCEL_FAILED", 274 "CKR_VENDOR_DEFINED", 275 }; 276 errorMap = new HashMap<Long,String>(); 277 for (int i = 0; i < errorCodes.length; i++) { Long.valueOf(errorCodes[i])278 errorMap.put(Long.valueOf(errorCodes[i]), errorMessages[i]); 279 } 280 } 281 282 283 /** 284 * Constructor taking the error code as defined for the CKR_* constants 285 * in PKCS#11. 286 */ PKCS11Exception(long errorCode)287 public PKCS11Exception(long errorCode) { 288 errorCode_ = errorCode; 289 } 290 291 /** 292 * This method gets the corresponding text error message from 293 * a property file. If this file is not available, it returns the error 294 * code as a hex-string. 295 * 296 * @return The message or the error code; e.g. "CKR_DEVICE_ERROR" or 297 * "0x00000030". 298 * @preconditions 299 * @postconditions (result <> null) 300 */ getMessage()301 public String getMessage() { 302 String message = errorMap.get(Long.valueOf(errorCode_)); 303 if (message == null) { 304 message = "0x" + Functions.toFullHexString((int)errorCode_); 305 } 306 return message; 307 } 308 309 /** 310 * Returns the PKCS#11 error code. 311 * 312 * @return The error code; e.g. 0x00000030. 313 * @preconditions 314 * @postconditions 315 */ getErrorCode()316 public long getErrorCode() { 317 return errorCode_ ; 318 } 319 320 } 321