001: /*
002: * Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved.
003: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004: *
005: * This code is free software; you can redistribute it and/or modify it
006: * under the terms of the GNU General Public License version 2 only, as
007: * published by the Free Software Foundation. Sun designates this
008: * particular file as subject to the "Classpath" exception as provided
009: * by Sun in the LICENSE file that accompanied this code.
010: *
011: * This code is distributed in the hope that it will be useful, but WITHOUT
012: * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013: * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014: * version 2 for more details (a copy is included in the LICENSE file that
015: * accompanied this code).
016: *
017: * You should have received a copy of the GNU General Public License version
018: * 2 along with this work; if not, write to the Free Software Foundation,
019: * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020: *
021: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022: * CA 95054 USA or visit www.sun.com if you need additional information or
023: * have any questions.
024: */
025:
026: package sun.security.ssl;
027:
028: import javax.net.ssl.*;
029:
030: /*
031: * A simple class to congregate alerts, their definitions, and common
032: * support methods.
033: */
034:
035: final class Alerts {
036:
037: /*
038: * Alerts are always a fixed two byte format (level/description).
039: */
040:
041: // warnings and fatal errors are package private facilities/constants
042: // Alert levels (enum AlertLevel)
043: static final byte alert_warning = 1;
044: static final byte alert_fatal = 2;
045:
046: /*
047: * Alert descriptions (enum AlertDescription)
048: *
049: * We may not use them all in our processing, but if someone
050: * sends us one, we can at least convert it to a string for the
051: * user.
052: */
053: static final byte alert_close_notify = 0;
054: static final byte alert_unexpected_message = 10;
055: static final byte alert_bad_record_mac = 20;
056: static final byte alert_decryption_failed = 21;
057: static final byte alert_record_overflow = 22;
058: static final byte alert_decompression_failure = 30;
059: static final byte alert_handshake_failure = 40;
060: static final byte alert_no_certificate = 41;
061: static final byte alert_bad_certificate = 42;
062: static final byte alert_unsupported_certificate = 43;
063: static final byte alert_certificate_revoked = 44;
064: static final byte alert_certificate_expired = 45;
065: static final byte alert_certificate_unknown = 46;
066: static final byte alert_illegal_parameter = 47;
067: static final byte alert_unknown_ca = 48;
068: static final byte alert_access_denied = 49;
069: static final byte alert_decode_error = 50;
070: static final byte alert_decrypt_error = 51;
071: static final byte alert_export_restriction = 60;
072: static final byte alert_protocol_version = 70;
073: static final byte alert_insufficient_security = 71;
074: static final byte alert_internal_error = 80;
075: static final byte alert_user_canceled = 90;
076: static final byte alert_no_negotiation = 100;
077:
078: // from RFC 3546 (TLS Extensions)
079: static final byte alert_unsupported_extension = 110;
080: static final byte alert_certificate_unobtainable = 111;
081: static final byte alert_unrecognized_name = 112;
082: static final byte alert_bad_certificate_status_response = 113;
083: static final byte alert_bad_certificate_hash_value = 114;
084:
085: static String alertDescription(byte code) {
086: switch (code) {
087:
088: case alert_close_notify:
089: return "close_notify";
090: case alert_unexpected_message:
091: return "unexpected_message";
092: case alert_bad_record_mac:
093: return "bad_record_mac";
094: case alert_decryption_failed:
095: return "decryption_failed";
096: case alert_record_overflow:
097: return "record_overflow";
098: case alert_decompression_failure:
099: return "decompression_failure";
100: case alert_handshake_failure:
101: return "handshake_failure";
102: case alert_no_certificate:
103: return "no_certificate";
104: case alert_bad_certificate:
105: return "bad_certificate";
106: case alert_unsupported_certificate:
107: return "unsupported_certificate";
108: case alert_certificate_revoked:
109: return "certificate_revoked";
110: case alert_certificate_expired:
111: return "certificate_expired";
112: case alert_certificate_unknown:
113: return "certificate_unknown";
114: case alert_illegal_parameter:
115: return "illegal_parameter";
116: case alert_unknown_ca:
117: return "unknown_ca";
118: case alert_access_denied:
119: return "access_denied";
120: case alert_decode_error:
121: return "decode_error";
122: case alert_decrypt_error:
123: return "decrypt_error";
124: case alert_export_restriction:
125: return "export_restriction";
126: case alert_protocol_version:
127: return "protocol_version";
128: case alert_insufficient_security:
129: return "insufficient_security";
130: case alert_internal_error:
131: return "internal_error";
132: case alert_user_canceled:
133: return "user_canceled";
134: case alert_no_negotiation:
135: return "no_negotiation";
136: case alert_unsupported_extension:
137: return "unsupported_extension";
138: case alert_certificate_unobtainable:
139: return "certificate_unobtainable";
140: case alert_unrecognized_name:
141: return "unrecognized_name";
142: case alert_bad_certificate_status_response:
143: return "bad_certificate_status_response";
144: case alert_bad_certificate_hash_value:
145: return "bad_certificate_hash_value";
146:
147: default:
148: return "<UNKNOWN ALERT: " + (code & 0x0ff) + ">";
149: }
150: }
151:
152: static SSLException getSSLException(byte description, String reason) {
153: return getSSLException(description, null, reason);
154: }
155:
156: /*
157: * Try to be a little more specific in our choice of
158: * exceptions to throw.
159: */
160: static SSLException getSSLException(byte description,
161: Throwable cause, String reason) {
162:
163: SSLException e;
164: // the SSLException classes do not have a no-args constructor
165: // make up a message if there is none
166: if (reason == null) {
167: if (cause != null) {
168: reason = cause.toString();
169: } else {
170: reason = "";
171: }
172: }
173: switch (description) {
174: case alert_handshake_failure:
175: case alert_no_certificate:
176: case alert_bad_certificate:
177: case alert_unsupported_certificate:
178: case alert_certificate_revoked:
179: case alert_certificate_expired:
180: case alert_certificate_unknown:
181: case alert_unknown_ca:
182: case alert_access_denied:
183: case alert_decrypt_error:
184: case alert_export_restriction:
185: case alert_insufficient_security:
186: case alert_unsupported_extension:
187: case alert_certificate_unobtainable:
188: case alert_unrecognized_name:
189: case alert_bad_certificate_status_response:
190: case alert_bad_certificate_hash_value:
191: e = new SSLHandshakeException(reason);
192: break;
193:
194: case alert_close_notify:
195: case alert_unexpected_message:
196: case alert_bad_record_mac:
197: case alert_decryption_failed:
198: case alert_record_overflow:
199: case alert_decompression_failure:
200: case alert_illegal_parameter:
201: case alert_decode_error:
202: case alert_protocol_version:
203: case alert_internal_error:
204: case alert_user_canceled:
205: case alert_no_negotiation:
206: default:
207: e = new SSLException(reason);
208: break;
209: }
210:
211: if (cause != null) {
212: e.initCause(cause);
213: }
214: return e;
215: }
216: }
|