Package tlslite :: Module errors
[hide private]
[frames] | no frames]

Source Code for Module tlslite.errors

  1  # Authors:  
  2  #   Trevor Perrin 
  3  #   Dave Baggett (Arcode Corporation) - Added TLSUnsupportedError. 
  4  # 
  5  # See the LICENSE file for legal information regarding use of this file. 
  6   
  7  """Exception classes. 
  8  @sort: TLSError, TLSAbruptCloseError, TLSAlert, TLSLocalAlert, TLSRemoteAlert, 
  9  TLSAuthenticationError, TLSNoAuthenticationError, TLSAuthenticationTypeError, 
 10  TLSFingerprintError, TLSAuthorizationError, TLSValidationError, TLSFaultError, 
 11  TLSUnsupportedError 
 12  """ 
 13  import socket 
 14   
 15  from .constants import AlertDescription, AlertLevel 
 16   
17 -class BaseTLSException(Exception):
18 19 """Metaclass for TLS Lite exceptions. 20 21 Look to L{TLSError} for exceptions that should be caught by tlslite 22 consumers 23 """ 24 25 pass
26
27 -class EncryptionError(BaseTLSException):
28 """Base class for exceptions thrown while encrypting"""
29
30 -class TLSError(BaseTLSException):
31 32 """Base class for all TLS Lite exceptions.""" 33
34 - def __str__(self):
35 """"At least print out the Exception time for str(...).""" 36 return repr(self)
37
38 -class TLSClosedConnectionError(TLSError, socket.error):
39 """An attempt was made to use the connection after it was closed.""" 40 pass
41
42 -class TLSAbruptCloseError(TLSError):
43 """The socket was closed without a proper TLS shutdown. 44 45 The TLS specification mandates that an alert of some sort 46 must be sent before the underlying socket is closed. If the socket 47 is closed without this, it could signify that an attacker is trying 48 to truncate the connection. It could also signify a misbehaving 49 TLS implementation, or a random network failure. 50 """ 51 pass
52
53 -class TLSAlert(TLSError):
54 """A TLS alert has been signalled.""" 55 pass 56 57 _descriptionStr = {\ 58 AlertDescription.close_notify: "close_notify",\ 59 AlertDescription.unexpected_message: "unexpected_message",\ 60 AlertDescription.bad_record_mac: "bad_record_mac",\ 61 AlertDescription.decryption_failed: "decryption_failed",\ 62 AlertDescription.record_overflow: "record_overflow",\ 63 AlertDescription.decompression_failure: "decompression_failure",\ 64 AlertDescription.handshake_failure: "handshake_failure",\ 65 AlertDescription.no_certificate: "no certificate",\ 66 AlertDescription.bad_certificate: "bad_certificate",\ 67 AlertDescription.unsupported_certificate: "unsupported_certificate",\ 68 AlertDescription.certificate_revoked: "certificate_revoked",\ 69 AlertDescription.certificate_expired: "certificate_expired",\ 70 AlertDescription.certificate_unknown: "certificate_unknown",\ 71 AlertDescription.illegal_parameter: "illegal_parameter",\ 72 AlertDescription.unknown_ca: "unknown_ca",\ 73 AlertDescription.access_denied: "access_denied",\ 74 AlertDescription.decode_error: "decode_error",\ 75 AlertDescription.decrypt_error: "decrypt_error",\ 76 AlertDescription.export_restriction: "export_restriction",\ 77 AlertDescription.protocol_version: "protocol_version",\ 78 AlertDescription.insufficient_security: "insufficient_security",\ 79 AlertDescription.internal_error: "internal_error",\ 80 AlertDescription.inappropriate_fallback: "inappropriate_fallback",\ 81 AlertDescription.user_canceled: "user_canceled",\ 82 AlertDescription.no_renegotiation: "no_renegotiation",\ 83 AlertDescription.unknown_psk_identity: "unknown_psk_identity"}
84
85 -class TLSLocalAlert(TLSAlert):
86 """A TLS alert has been signalled by the local implementation. 87 88 @type description: int 89 @ivar description: Set to one of the constants in 90 L{tlslite.constants.AlertDescription} 91 92 @type level: int 93 @ivar level: Set to one of the constants in 94 L{tlslite.constants.AlertLevel} 95 96 @type message: str 97 @ivar message: Description of what went wrong. 98 """
99 - def __init__(self, alert, message=None):
100 self.description = alert.description 101 self.level = alert.level 102 self.message = message
103
104 - def __str__(self):
105 alertStr = TLSAlert._descriptionStr.get(self.description) 106 if alertStr == None: 107 alertStr = str(self.description) 108 if self.message: 109 return alertStr + ": " + self.message 110 else: 111 return alertStr
112
113 -class TLSRemoteAlert(TLSAlert):
114 """A TLS alert has been signalled by the remote implementation. 115 116 @type description: int 117 @ivar description: Set to one of the constants in 118 L{tlslite.constants.AlertDescription} 119 120 @type level: int 121 @ivar level: Set to one of the constants in 122 L{tlslite.constants.AlertLevel} 123 """
124 - def __init__(self, alert):
125 self.description = alert.description 126 self.level = alert.level
127
128 - def __str__(self):
129 alertStr = TLSAlert._descriptionStr.get(self.description) 130 if alertStr == None: 131 alertStr = str(self.description) 132 return alertStr
133
134 -class TLSAuthenticationError(TLSError):
135 """The handshake succeeded, but the other party's authentication 136 was inadequate. 137 138 This exception will only be raised when a 139 L{tlslite.Checker.Checker} has been passed to a handshake function. 140 The Checker will be invoked once the handshake completes, and if 141 the Checker objects to how the other party authenticated, a 142 subclass of this exception will be raised. 143 """ 144 pass
145
146 -class TLSNoAuthenticationError(TLSAuthenticationError):
147 """The Checker was expecting the other party to authenticate with a 148 certificate chain, but this did not occur.""" 149 pass
150
151 -class TLSAuthenticationTypeError(TLSAuthenticationError):
152 """The Checker was expecting the other party to authenticate with a 153 different type of certificate chain.""" 154 pass
155
156 -class TLSFingerprintError(TLSAuthenticationError):
157 """The Checker was expecting the other party to authenticate with a 158 certificate chain that matches a different fingerprint.""" 159 pass
160
161 -class TLSAuthorizationError(TLSAuthenticationError):
162 """The Checker was expecting the other party to authenticate with a 163 certificate chain that has a different authorization.""" 164 pass
165
166 -class TLSValidationError(TLSAuthenticationError):
167 """The Checker has determined that the other party's certificate 168 chain is invalid."""
169 - def __init__(self, msg, info=None):
170 # Include a dict containing info about this validation failure 171 TLSAuthenticationError.__init__(self, msg) 172 self.info = info
173
174 -class TLSFaultError(TLSError):
175 """The other party responded incorrectly to an induced fault. 176 177 This exception will only occur during fault testing, when a 178 TLSConnection's fault variable is set to induce some sort of 179 faulty behavior, and the other party doesn't respond appropriately. 180 """ 181 pass
182 183
184 -class TLSUnsupportedError(TLSError):
185 """The implementation doesn't support the requested (or required) 186 capabilities.""" 187 pass
188
189 -class TLSInternalError(TLSError):
190 """The internal state of object is unexpected or invalid. 191 192 Caused by incorrect use of API. 193 """ 194 pass
195
196 -class TLSProtocolException(BaseTLSException):
197 198 """Exceptions used internally for handling errors in received messages""" 199 200 pass
201
202 -class TLSIllegalParameterException(TLSProtocolException):
203 204 """Parameters specified in message were incorrect or invalid""" 205 206 pass
207
208 -class TLSRecordOverflow(TLSProtocolException):
209 210 """The received record size was too big""" 211 212 pass
213
214 -class TLSDecryptionFailed(TLSProtocolException):
215 216 """Decryption of data was unsuccessful""" 217 218 pass
219
220 -class TLSBadRecordMAC(TLSProtocolException):
221 222 """Bad MAC (or padding in case of mac-then-encrypt)""" 223 224 pass
225
226 -class TLSInsufficientSecurity(TLSProtocolException):
227 """Parameters selected by user are too weak""" 228 229 pass
230
231 -class TLSUnknownPSKIdentity(TLSProtocolException):
232 """The PSK or SRP identity is unknown""" 233 234 pass
235 236
237 -class TLSHandshakeFailure(TLSProtocolException):
238 """Could not find acceptable set of handshake parameters""" 239 240 pass
241 242
243 -class MaskTooLongError(EncryptionError):
244 """The maskLen passed into function is too high""" 245 246 pass
247
248 -class MessageTooLongError(EncryptionError):
249 """The message passed into function is too long""" 250 251 pass
252
253 -class EncodingError(EncryptionError):
254 """An error appeared while encoding""" 255 256 pass
257
258 -class InvalidSignature(EncryptionError):
259 """Verification function found invalid signature""" 260 261 pass
262
263 -class UnknownRSAType(EncryptionError):
264 """Unknown RSA algorithm type passed""" 265 266 pass
267