Package tlslite :: Module errors
[hide private]
[frames] | no frames]

Source Code for Module tlslite.errors

  1  # Author: Trevor Perrin 
  2  # See the LICENSE file for legal information regarding use of this file. 
  3   
  4  """Exception classes. 
  5  @sort: TLSError, TLSAbruptCloseError, TLSAlert, TLSLocalAlert, TLSRemoteAlert, 
  6  TLSAuthenticationError, TLSNoAuthenticationError, TLSAuthenticationTypeError, 
  7  TLSFingerprintError, TLSAuthorizationError, TLSValidationError, TLSFaultError 
  8  """ 
  9   
 10  from .constants import AlertDescription, AlertLevel 
 11   
12 -class TLSError(Exception):
13 """Base class for all TLS Lite exceptions.""" 14
15 - def __str__(self):
16 """"At least print out the Exception time for str(...).""" 17 return repr(self)
18
19 -class TLSAbruptCloseError(TLSError):
20 """The socket was closed without a proper TLS shutdown. 21 22 The TLS specification mandates that an alert of some sort 23 must be sent before the underlying socket is closed. If the socket 24 is closed without this, it could signify that an attacker is trying 25 to truncate the connection. It could also signify a misbehaving 26 TLS implementation, or a random network failure. 27 """ 28 pass
29
30 -class TLSAlert(TLSError):
31 """A TLS alert has been signalled.""" 32 pass 33 34 _descriptionStr = {\ 35 AlertDescription.close_notify: "close_notify",\ 36 AlertDescription.unexpected_message: "unexpected_message",\ 37 AlertDescription.bad_record_mac: "bad_record_mac",\ 38 AlertDescription.decryption_failed: "decryption_failed",\ 39 AlertDescription.record_overflow: "record_overflow",\ 40 AlertDescription.decompression_failure: "decompression_failure",\ 41 AlertDescription.handshake_failure: "handshake_failure",\ 42 AlertDescription.no_certificate: "no certificate",\ 43 AlertDescription.bad_certificate: "bad_certificate",\ 44 AlertDescription.unsupported_certificate: "unsupported_certificate",\ 45 AlertDescription.certificate_revoked: "certificate_revoked",\ 46 AlertDescription.certificate_expired: "certificate_expired",\ 47 AlertDescription.certificate_unknown: "certificate_unknown",\ 48 AlertDescription.illegal_parameter: "illegal_parameter",\ 49 AlertDescription.unknown_ca: "unknown_ca",\ 50 AlertDescription.access_denied: "access_denied",\ 51 AlertDescription.decode_error: "decode_error",\ 52 AlertDescription.decrypt_error: "decrypt_error",\ 53 AlertDescription.export_restriction: "export_restriction",\ 54 AlertDescription.protocol_version: "protocol_version",\ 55 AlertDescription.insufficient_security: "insufficient_security",\ 56 AlertDescription.internal_error: "internal_error",\ 57 AlertDescription.user_canceled: "user_canceled",\ 58 AlertDescription.no_renegotiation: "no_renegotiation",\ 59 AlertDescription.unknown_psk_identity: "unknown_psk_identity"}
60
61 -class TLSLocalAlert(TLSAlert):
62 """A TLS alert has been signalled by the local implementation. 63 64 @type description: int 65 @ivar description: Set to one of the constants in 66 L{tlslite.constants.AlertDescription} 67 68 @type level: int 69 @ivar level: Set to one of the constants in 70 L{tlslite.constants.AlertLevel} 71 72 @type message: str 73 @ivar message: Description of what went wrong. 74 """
75 - def __init__(self, alert, message=None):
76 self.description = alert.description 77 self.level = alert.level 78 self.message = message
79
80 - def __str__(self):
81 alertStr = TLSAlert._descriptionStr.get(self.description) 82 if alertStr == None: 83 alertStr = str(self.description) 84 if self.message: 85 return alertStr + ": " + self.message 86 else: 87 return alertStr
88
89 -class TLSRemoteAlert(TLSAlert):
90 """A TLS alert has been signalled by the remote implementation. 91 92 @type description: int 93 @ivar description: Set to one of the constants in 94 L{tlslite.constants.AlertDescription} 95 96 @type level: int 97 @ivar level: Set to one of the constants in 98 L{tlslite.constants.AlertLevel} 99 """
100 - def __init__(self, alert):
101 self.description = alert.description 102 self.level = alert.level
103
104 - def __str__(self):
105 alertStr = TLSAlert._descriptionStr.get(self.description) 106 if alertStr == None: 107 alertStr = str(self.description) 108 return alertStr
109
110 -class TLSAuthenticationError(TLSError):
111 """The handshake succeeded, but the other party's authentication 112 was inadequate. 113 114 This exception will only be raised when a 115 L{tlslite.Checker.Checker} has been passed to a handshake function. 116 The Checker will be invoked once the handshake completes, and if 117 the Checker objects to how the other party authenticated, a 118 subclass of this exception will be raised. 119 """ 120 pass
121
122 -class TLSNoAuthenticationError(TLSAuthenticationError):
123 """The Checker was expecting the other party to authenticate with a 124 certificate chain, but this did not occur.""" 125 pass
126
127 -class TLSAuthenticationTypeError(TLSAuthenticationError):
128 """The Checker was expecting the other party to authenticate with a 129 different type of certificate chain.""" 130 pass
131
132 -class TLSFingerprintError(TLSAuthenticationError):
133 """The Checker was expecting the other party to authenticate with a 134 certificate chain that matches a different fingerprint.""" 135 pass
136
137 -class TLSAuthorizationError(TLSAuthenticationError):
138 """The Checker was expecting the other party to authenticate with a 139 certificate chain that has a different authorization.""" 140 pass
141
142 -class TLSValidationError(TLSAuthenticationError):
143 """The Checker has determined that the other party's certificate 144 chain is invalid.""" 145 pass
146 147
148 -class TLSTackMissingError(TLSAuthenticationError):
149 """No TACK was presented.""" 150 pass
151
152 -class TLSTackMismatchError(TLSAuthenticationError):
153 """The chosen TACK ID did not match the presented TACK ID.""" 154 pass
155
156 -class TLSTackBreakError(TLSAuthenticationError):
157 """The chosen TACK ID is broken by a TACK Break Signature.""" 158 pass
159 160
161 -class TLSFaultError(TLSError):
162 """The other party responded incorrectly to an induced fault. 163 164 This exception will only occur during fault testing, when a 165 TLSConnection's fault variable is set to induce some sort of 166 faulty behavior, and the other party doesn't respond appropriately. 167 """ 168 pass
169