238 lines
6.3 KiB
Plaintext
238 lines
6.3 KiB
Plaintext
.TH TLS-ERRORS 5
|
|
.SH NAME
|
|
tls-errors - BearSSL TLS and X.509 error codes
|
|
|
|
.SH DESCRIPTION
|
|
MontaukOS uses BearSSL for TLS 1.2 connections. When a TLS
|
|
operation fails, an integer error code is reported. This page
|
|
lists all possible error codes.
|
|
|
|
.SH SSL/TLS ENGINE ERRORS
|
|
|
|
.B 0 BR_ERR_OK
|
|
No error.
|
|
|
|
.B 1 BR_ERR_BAD_PARAM
|
|
Caller-provided parameter is incorrect.
|
|
|
|
.B 2 BR_ERR_BAD_STATE
|
|
Operation cannot be applied in the current engine state.
|
|
|
|
.B 3 BR_ERR_UNSUPPORTED_VERSION
|
|
Incoming protocol or record version is unsupported.
|
|
|
|
.B 4 BR_ERR_BAD_VERSION
|
|
Incoming record version does not match the expected version.
|
|
|
|
.B 5 BR_ERR_BAD_LENGTH
|
|
Incoming record length is invalid.
|
|
|
|
.B 6 BR_ERR_TOO_LARGE
|
|
Incoming record is too large, or buffer is too small for the
|
|
handshake message to send.
|
|
|
|
.B 7 BR_ERR_BAD_MAC
|
|
Decryption found invalid padding, or the record MAC is
|
|
not correct.
|
|
|
|
.B 8 BR_ERR_NO_RANDOM
|
|
No initial entropy was provided and none could be obtained
|
|
from the OS.
|
|
|
|
.B 9 BR_ERR_UNKNOWN_TYPE
|
|
Incoming record type is unknown.
|
|
|
|
.B 10 BR_ERR_UNEXPECTED
|
|
Incoming record or message has wrong type for the current
|
|
engine state.
|
|
|
|
.B 12 BR_ERR_BAD_CCS
|
|
ChangeCipherSpec message from the peer has invalid contents.
|
|
|
|
.B 13 BR_ERR_BAD_ALERT
|
|
Alert message from the peer has invalid contents (odd length).
|
|
|
|
.B 14 BR_ERR_BAD_HANDSHAKE
|
|
Incoming handshake message decoding failed.
|
|
|
|
.B 15 BR_ERR_OVERSIZED_ID
|
|
ServerHello contains a session ID larger than 32 bytes.
|
|
|
|
.B 16 BR_ERR_BAD_CIPHER_SUITE
|
|
Server wants to use a cipher suite that we did not advertise,
|
|
or we tried to advertise a cipher suite that we do not support.
|
|
|
|
.B 17 BR_ERR_BAD_COMPRESSION
|
|
Server wants to use a compression method that we did not
|
|
advertise.
|
|
|
|
.B 18 BR_ERR_BAD_FRAGLEN
|
|
Server's max fragment length does not match client's.
|
|
|
|
.B 19 BR_ERR_BAD_SECRENEG
|
|
Secure renegotiation failed.
|
|
|
|
.B 20 BR_ERR_EXTRA_EXTENSION
|
|
Server sent an extension type that we did not announce, or
|
|
used the same extension type more than once in ServerHello.
|
|
|
|
.B 21 BR_ERR_BAD_SNI
|
|
Invalid Server Name Indication contents (when used by the
|
|
server, this extension shall be empty).
|
|
|
|
.B 22 BR_ERR_BAD_HELLO_DONE
|
|
Invalid ServerHelloDone from the server (length is not 0).
|
|
|
|
.B 23 BR_ERR_LIMIT_EXCEEDED
|
|
Internal limit exceeded (e.g. server's public key is too
|
|
large).
|
|
|
|
.B 24 BR_ERR_BAD_FINISHED
|
|
Finished message from peer does not match the expected value.
|
|
|
|
.B 25 BR_ERR_RESUME_MISMATCH
|
|
Session resumption attempted with a different version or
|
|
cipher suite.
|
|
|
|
.B 26 BR_ERR_INVALID_ALGORITHM
|
|
Unsupported or invalid algorithm (ECDHE curve, signature
|
|
algorithm, hash function).
|
|
|
|
.B 27 BR_ERR_BAD_SIGNATURE
|
|
Invalid signature on ServerKeyExchange or CertificateVerify.
|
|
|
|
.B 28 BR_ERR_WRONG_KEY_USAGE
|
|
Peer's public key does not have the proper type or is not
|
|
allowed for the requested operation.
|
|
|
|
.B 29 BR_ERR_NO_CLIENT_AUTH
|
|
Client did not send a certificate upon request, or the client
|
|
certificate could not be validated.
|
|
|
|
.B 31 BR_ERR_IO
|
|
I/O error or premature close on the underlying transport.
|
|
|
|
.SH X.509 CERTIFICATE ERRORS
|
|
|
|
.B 32 BR_ERR_X509_OK
|
|
X.509 validation was successful (not an error).
|
|
|
|
.B 33 BR_ERR_X509_INVALID_VALUE
|
|
Invalid value in an ASN.1 structure.
|
|
|
|
.B 34 BR_ERR_X509_TRUNCATED
|
|
Truncated certificate.
|
|
|
|
.B 35 BR_ERR_X509_EMPTY_CHAIN
|
|
Empty certificate chain (no certificate at all).
|
|
|
|
.B 36 BR_ERR_X509_INNER_TRUNC
|
|
Inner element extends beyond outer element size.
|
|
|
|
.B 37 BR_ERR_X509_BAD_TAG_CLASS
|
|
Unsupported tag class (application or private).
|
|
|
|
.B 38 BR_ERR_X509_BAD_TAG_VALUE
|
|
Unsupported tag value.
|
|
|
|
.B 39 BR_ERR_X509_INDEFINITE_LENGTH
|
|
Indefinite length encoding found.
|
|
|
|
.B 40 BR_ERR_X509_EXTRA_ELEMENT
|
|
Extraneous element in certificate.
|
|
|
|
.B 41 BR_ERR_X509_UNEXPECTED
|
|
Unexpected element in certificate.
|
|
|
|
.B 42 BR_ERR_X509_NOT_CONSTRUCTED
|
|
Expected constructed element, but found primitive.
|
|
|
|
.B 43 BR_ERR_X509_NOT_PRIMITIVE
|
|
Expected primitive element, but found constructed.
|
|
|
|
.B 44 BR_ERR_X509_PARTIAL_BYTE
|
|
BIT STRING length is not a multiple of 8.
|
|
|
|
.B 45 BR_ERR_X509_BAD_BOOLEAN
|
|
BOOLEAN value has invalid length.
|
|
|
|
.B 46 BR_ERR_X509_OVERFLOW
|
|
Value is off-limits (overflow).
|
|
|
|
.B 47 BR_ERR_X509_BAD_DN
|
|
Invalid distinguished name.
|
|
|
|
.B 48 BR_ERR_X509_BAD_TIME
|
|
Invalid date/time representation in certificate.
|
|
|
|
.B 49 BR_ERR_X509_UNSUPPORTED
|
|
Certificate contains unsupported features that cannot be
|
|
ignored.
|
|
|
|
.B 50 BR_ERR_X509_LIMIT_EXCEEDED
|
|
Key or signature size exceeds internal limits.
|
|
|
|
.B 51 BR_ERR_X509_WRONG_KEY_TYPE
|
|
Key type does not match that which was expected.
|
|
|
|
.B 52 BR_ERR_X509_BAD_SIGNATURE
|
|
Signature is invalid.
|
|
|
|
.B 53 BR_ERR_X509_TIME_UNKNOWN
|
|
Validation time is unknown (no time was set).
|
|
|
|
.B 54 BR_ERR_X509_EXPIRED
|
|
Certificate is expired or not yet valid.
|
|
|
|
.B 55 BR_ERR_X509_DN_MISMATCH
|
|
Issuer/subject DN mismatch in the chain.
|
|
|
|
.B 56 BR_ERR_X509_BAD_SERVER_NAME
|
|
Expected server name was not found in the chain.
|
|
|
|
.B 57 BR_ERR_X509_CRITICAL_EXTENSION
|
|
Unknown critical extension in certificate.
|
|
|
|
.B 58 BR_ERR_X509_NOT_CA
|
|
Not a CA, or path length constraint violation.
|
|
|
|
.B 59 BR_ERR_X509_FORBIDDEN_KEY_USAGE
|
|
Key Usage extension prohibits the intended usage.
|
|
|
|
.B 60 BR_ERR_X509_WEAK_PUBLIC_KEY
|
|
Public key found in certificate is too small.
|
|
|
|
.B 62 BR_ERR_X509_NOT_TRUSTED
|
|
Chain could not be linked to a trust anchor.
|
|
|
|
.SH FATAL ALERTS
|
|
When a fatal alert is received from the peer, the error code
|
|
is 256 + the TLS alert value. When a fatal alert is sent to
|
|
the peer, the error code is 512 + the TLS alert value.
|
|
|
|
Common alert values:
|
|
0 close_notify
|
|
10 unexpected_message
|
|
20 bad_record_mac
|
|
40 handshake_failure
|
|
42 bad_certificate
|
|
43 unsupported_certificate
|
|
44 certificate_revoked
|
|
45 certificate_expired
|
|
46 certificate_unknown
|
|
47 illegal_parameter
|
|
48 unknown_ca
|
|
50 decode_error
|
|
51 decrypt_error
|
|
70 protocol_version
|
|
71 insufficient_security
|
|
80 internal_error
|
|
86 unrecognized_name
|
|
112 no_application_protocol
|
|
|
|
For example, error 296 means a handshake_failure alert was
|
|
received (256 + 40 = 296).
|
|
|
|
.SH SEE ALSO
|
|
fetch(1), syscalls(2)
|