66 static final byte alert_certificate_unknown = 46;
67 static final byte alert_illegal_parameter = 47;
68 static final byte alert_unknown_ca = 48;
69 static final byte alert_access_denied = 49;
70 static final byte alert_decode_error = 50;
71 static final byte alert_decrypt_error = 51;
72 static final byte alert_export_restriction = 60;
73 static final byte alert_protocol_version = 70;
74 static final byte alert_insufficient_security = 71;
75 static final byte alert_internal_error = 80;
76 static final byte alert_user_canceled = 90;
77 static final byte alert_no_renegotiation = 100;
78
79 // from RFC 3546 (TLS Extensions)
80 static final byte alert_unsupported_extension = 110;
81 static final byte alert_certificate_unobtainable = 111;
82 static final byte alert_unrecognized_name = 112;
83 static final byte alert_bad_certificate_status_response = 113;
84 static final byte alert_bad_certificate_hash_value = 114;
85
86 static String alertDescription(byte code) {
87 switch (code) {
88
89 case alert_close_notify:
90 return "close_notify";
91 case alert_unexpected_message:
92 return "unexpected_message";
93 case alert_bad_record_mac:
94 return "bad_record_mac";
95 case alert_decryption_failed:
96 return "decryption_failed";
97 case alert_record_overflow:
98 return "record_overflow";
99 case alert_decompression_failure:
100 return "decompression_failure";
101 case alert_handshake_failure:
102 return "handshake_failure";
103 case alert_no_certificate:
104 return "no_certificate";
105 case alert_bad_certificate:
127 case alert_protocol_version:
128 return "protocol_version";
129 case alert_insufficient_security:
130 return "insufficient_security";
131 case alert_internal_error:
132 return "internal_error";
133 case alert_user_canceled:
134 return "user_canceled";
135 case alert_no_renegotiation:
136 return "no_renegotiation";
137 case alert_unsupported_extension:
138 return "unsupported_extension";
139 case alert_certificate_unobtainable:
140 return "certificate_unobtainable";
141 case alert_unrecognized_name:
142 return "unrecognized_name";
143 case alert_bad_certificate_status_response:
144 return "bad_certificate_status_response";
145 case alert_bad_certificate_hash_value:
146 return "bad_certificate_hash_value";
147
148 default:
149 return "<UNKNOWN ALERT: " + (code & 0x0ff) + ">";
150 }
151 }
152
153 static SSLException getSSLException(byte description, String reason) {
154 return getSSLException(description, null, reason);
155 }
156
157 /*
158 * Try to be a little more specific in our choice of
159 * exceptions to throw.
160 */
161 static SSLException getSSLException(byte description, Throwable cause,
162 String reason) {
163
164 SSLException e;
165 // the SSLException classes do not have a no-args constructor
166 // make up a message if there is none
172 }
173 }
174 switch (description) {
175 case alert_handshake_failure:
176 case alert_no_certificate:
177 case alert_bad_certificate:
178 case alert_unsupported_certificate:
179 case alert_certificate_revoked:
180 case alert_certificate_expired:
181 case alert_certificate_unknown:
182 case alert_unknown_ca:
183 case alert_access_denied:
184 case alert_decrypt_error:
185 case alert_export_restriction:
186 case alert_insufficient_security:
187 case alert_unsupported_extension:
188 case alert_certificate_unobtainable:
189 case alert_unrecognized_name:
190 case alert_bad_certificate_status_response:
191 case alert_bad_certificate_hash_value:
192 e = new SSLHandshakeException(reason);
193 break;
194
195 case alert_close_notify:
196 case alert_unexpected_message:
197 case alert_bad_record_mac:
198 case alert_decryption_failed:
199 case alert_record_overflow:
200 case alert_decompression_failure:
201 case alert_illegal_parameter:
202 case alert_decode_error:
203 case alert_protocol_version:
204 case alert_internal_error:
205 case alert_user_canceled:
206 case alert_no_renegotiation:
207 default:
208 e = new SSLException(reason);
209 break;
210 }
211
|
66 static final byte alert_certificate_unknown = 46;
67 static final byte alert_illegal_parameter = 47;
68 static final byte alert_unknown_ca = 48;
69 static final byte alert_access_denied = 49;
70 static final byte alert_decode_error = 50;
71 static final byte alert_decrypt_error = 51;
72 static final byte alert_export_restriction = 60;
73 static final byte alert_protocol_version = 70;
74 static final byte alert_insufficient_security = 71;
75 static final byte alert_internal_error = 80;
76 static final byte alert_user_canceled = 90;
77 static final byte alert_no_renegotiation = 100;
78
79 // from RFC 3546 (TLS Extensions)
80 static final byte alert_unsupported_extension = 110;
81 static final byte alert_certificate_unobtainable = 111;
82 static final byte alert_unrecognized_name = 112;
83 static final byte alert_bad_certificate_status_response = 113;
84 static final byte alert_bad_certificate_hash_value = 114;
85
86 // Sent in response to a TLS_FALLBACK_SCSV-induced handshake failure.
87 static final byte alert_inappropriate_fallback = 86;
88
89 static String alertDescription(byte code) {
90 switch (code) {
91
92 case alert_close_notify:
93 return "close_notify";
94 case alert_unexpected_message:
95 return "unexpected_message";
96 case alert_bad_record_mac:
97 return "bad_record_mac";
98 case alert_decryption_failed:
99 return "decryption_failed";
100 case alert_record_overflow:
101 return "record_overflow";
102 case alert_decompression_failure:
103 return "decompression_failure";
104 case alert_handshake_failure:
105 return "handshake_failure";
106 case alert_no_certificate:
107 return "no_certificate";
108 case alert_bad_certificate:
130 case alert_protocol_version:
131 return "protocol_version";
132 case alert_insufficient_security:
133 return "insufficient_security";
134 case alert_internal_error:
135 return "internal_error";
136 case alert_user_canceled:
137 return "user_canceled";
138 case alert_no_renegotiation:
139 return "no_renegotiation";
140 case alert_unsupported_extension:
141 return "unsupported_extension";
142 case alert_certificate_unobtainable:
143 return "certificate_unobtainable";
144 case alert_unrecognized_name:
145 return "unrecognized_name";
146 case alert_bad_certificate_status_response:
147 return "bad_certificate_status_response";
148 case alert_bad_certificate_hash_value:
149 return "bad_certificate_hash_value";
150 case alert_inappropriate_fallback:
151 return "inappropriate_fallback";
152
153 default:
154 return "<UNKNOWN ALERT: " + (code & 0x0ff) + ">";
155 }
156 }
157
158 static SSLException getSSLException(byte description, String reason) {
159 return getSSLException(description, null, reason);
160 }
161
162 /*
163 * Try to be a little more specific in our choice of
164 * exceptions to throw.
165 */
166 static SSLException getSSLException(byte description, Throwable cause,
167 String reason) {
168
169 SSLException e;
170 // the SSLException classes do not have a no-args constructor
171 // make up a message if there is none
177 }
178 }
179 switch (description) {
180 case alert_handshake_failure:
181 case alert_no_certificate:
182 case alert_bad_certificate:
183 case alert_unsupported_certificate:
184 case alert_certificate_revoked:
185 case alert_certificate_expired:
186 case alert_certificate_unknown:
187 case alert_unknown_ca:
188 case alert_access_denied:
189 case alert_decrypt_error:
190 case alert_export_restriction:
191 case alert_insufficient_security:
192 case alert_unsupported_extension:
193 case alert_certificate_unobtainable:
194 case alert_unrecognized_name:
195 case alert_bad_certificate_status_response:
196 case alert_bad_certificate_hash_value:
197 case alert_inappropriate_fallback:
198 e = new SSLHandshakeException(reason);
199 break;
200
201 case alert_close_notify:
202 case alert_unexpected_message:
203 case alert_bad_record_mac:
204 case alert_decryption_failed:
205 case alert_record_overflow:
206 case alert_decompression_failure:
207 case alert_illegal_parameter:
208 case alert_decode_error:
209 case alert_protocol_version:
210 case alert_internal_error:
211 case alert_user_canceled:
212 case alert_no_renegotiation:
213 default:
214 e = new SSLException(reason);
215 break;
216 }
217
|