1
2
3
4
5
6
7 """Exception classes.
8 @sort: TLSError, TLSAbruptCloseError, TLSAlert, TLSLocalAlert, TLSRemoteAlert,
9 TLSAuthenticationError, TLSNoAuthenticationError, TLSAuthenticationTypeError,
10 TLSFingerprintError, TLSAuthorizationError, TLSValidationError, TLSFaultError,
11 TLSUnsupportedError
12 """
13 import socket
14
15 from .constants import AlertDescription, AlertLevel
16
18
19 """Metaclass for TLS Lite exceptions.
20
21 Look to L{TLSError} for exceptions that should be caught by tlslite
22 consumers
23 """
24
25 pass
26
28 """Base class for exceptions thrown while encrypting"""
29
31
32 """Base class for all TLS Lite exceptions."""
33
35 """"At least print out the Exception time for str(...)."""
36 return repr(self)
37
39 """An attempt was made to use the connection after it was closed."""
40 pass
41
43 """The socket was closed without a proper TLS shutdown.
44
45 The TLS specification mandates that an alert of some sort
46 must be sent before the underlying socket is closed. If the socket
47 is closed without this, it could signify that an attacker is trying
48 to truncate the connection. It could also signify a misbehaving
49 TLS implementation, or a random network failure.
50 """
51 pass
52
54 """A TLS alert has been signalled."""
55 pass
56
57 _descriptionStr = {\
58 AlertDescription.close_notify: "close_notify",\
59 AlertDescription.unexpected_message: "unexpected_message",\
60 AlertDescription.bad_record_mac: "bad_record_mac",\
61 AlertDescription.decryption_failed: "decryption_failed",\
62 AlertDescription.record_overflow: "record_overflow",\
63 AlertDescription.decompression_failure: "decompression_failure",\
64 AlertDescription.handshake_failure: "handshake_failure",\
65 AlertDescription.no_certificate: "no certificate",\
66 AlertDescription.bad_certificate: "bad_certificate",\
67 AlertDescription.unsupported_certificate: "unsupported_certificate",\
68 AlertDescription.certificate_revoked: "certificate_revoked",\
69 AlertDescription.certificate_expired: "certificate_expired",\
70 AlertDescription.certificate_unknown: "certificate_unknown",\
71 AlertDescription.illegal_parameter: "illegal_parameter",\
72 AlertDescription.unknown_ca: "unknown_ca",\
73 AlertDescription.access_denied: "access_denied",\
74 AlertDescription.decode_error: "decode_error",\
75 AlertDescription.decrypt_error: "decrypt_error",\
76 AlertDescription.export_restriction: "export_restriction",\
77 AlertDescription.protocol_version: "protocol_version",\
78 AlertDescription.insufficient_security: "insufficient_security",\
79 AlertDescription.internal_error: "internal_error",\
80 AlertDescription.inappropriate_fallback: "inappropriate_fallback",\
81 AlertDescription.user_canceled: "user_canceled",\
82 AlertDescription.no_renegotiation: "no_renegotiation",\
83 AlertDescription.unknown_psk_identity: "unknown_psk_identity"}
84
86 """A TLS alert has been signalled by the local implementation.
87
88 @type description: int
89 @ivar description: Set to one of the constants in
90 L{tlslite.constants.AlertDescription}
91
92 @type level: int
93 @ivar level: Set to one of the constants in
94 L{tlslite.constants.AlertLevel}
95
96 @type message: str
97 @ivar message: Description of what went wrong.
98 """
99 - def __init__(self, alert, message=None):
100 self.description = alert.description
101 self.level = alert.level
102 self.message = message
103
105 alertStr = TLSAlert._descriptionStr.get(self.description)
106 if alertStr == None:
107 alertStr = str(self.description)
108 if self.message:
109 return alertStr + ": " + self.message
110 else:
111 return alertStr
112
114 """A TLS alert has been signalled by the remote implementation.
115
116 @type description: int
117 @ivar description: Set to one of the constants in
118 L{tlslite.constants.AlertDescription}
119
120 @type level: int
121 @ivar level: Set to one of the constants in
122 L{tlslite.constants.AlertLevel}
123 """
125 self.description = alert.description
126 self.level = alert.level
127
129 alertStr = TLSAlert._descriptionStr.get(self.description)
130 if alertStr == None:
131 alertStr = str(self.description)
132 return alertStr
133
135 """The handshake succeeded, but the other party's authentication
136 was inadequate.
137
138 This exception will only be raised when a
139 L{tlslite.Checker.Checker} has been passed to a handshake function.
140 The Checker will be invoked once the handshake completes, and if
141 the Checker objects to how the other party authenticated, a
142 subclass of this exception will be raised.
143 """
144 pass
145
147 """The Checker was expecting the other party to authenticate with a
148 certificate chain, but this did not occur."""
149 pass
150
152 """The Checker was expecting the other party to authenticate with a
153 different type of certificate chain."""
154 pass
155
157 """The Checker was expecting the other party to authenticate with a
158 certificate chain that matches a different fingerprint."""
159 pass
160
162 """The Checker was expecting the other party to authenticate with a
163 certificate chain that has a different authorization."""
164 pass
165
167 """The Checker has determined that the other party's certificate
168 chain is invalid."""
173
175 """The other party responded incorrectly to an induced fault.
176
177 This exception will only occur during fault testing, when a
178 TLSConnection's fault variable is set to induce some sort of
179 faulty behavior, and the other party doesn't respond appropriately.
180 """
181 pass
182
183
185 """The implementation doesn't support the requested (or required)
186 capabilities."""
187 pass
188
190 """The internal state of object is unexpected or invalid.
191
192 Caused by incorrect use of API.
193 """
194 pass
195
197
198 """Exceptions used internally for handling errors in received messages"""
199
200 pass
201
203
204 """Parameters specified in message were incorrect or invalid"""
205
206 pass
207
209
210 """The received record size was too big"""
211
212 pass
213
215
216 """Decryption of data was unsuccessful"""
217
218 pass
219
221
222 """Bad MAC (or padding in case of mac-then-encrypt)"""
223
224 pass
225
227 """Parameters selected by user are too weak"""
228
229 pass
230
232 """The PSK or SRP identity is unknown"""
233
234 pass
235
240
245
247 """An error appeared while encoding"""
248
249 pass
250
252 """Verification function found invalid signature"""
253
254 pass
255
257 """Unknown RSA algorithm type passed"""
258
259 pass
260