Package tlslite :: Module errors
[hide private]
[frames] | no frames]

Source Code for Module tlslite.errors

  1  # Authors:  
  2  #   Trevor Perrin 
  3  #   Dave Baggett (Arcode Corporation) - Added TLSUnsupportedError. 
  4  # 
  5  # See the LICENSE file for legal information regarding use of this file. 
  6   
  7  """Exception classes. 
  8  @sort: TLSError, TLSAbruptCloseError, TLSAlert, TLSLocalAlert, TLSRemoteAlert, 
  9  TLSAuthenticationError, TLSNoAuthenticationError, TLSAuthenticationTypeError, 
 10  TLSFingerprintError, TLSAuthorizationError, TLSValidationError, TLSFaultError, 
 11  TLSUnsupportedError 
 12  """ 
 13  import socket 
 14   
 15  from .constants import AlertDescription, AlertLevel 
 16   
17 -class BaseTLSException(Exception):
18 19 """Metaclass for TLS Lite exceptions. 20 21 Look to L{TLSError} for exceptions that should be caught by tlslite 22 consumers 23 """ 24 25 pass
26
27 -class TLSError(BaseTLSException):
28 29 """Base class for all TLS Lite exceptions.""" 30
31 - def __str__(self):
32 """"At least print out the Exception time for str(...).""" 33 return repr(self)
34
35 -class TLSClosedConnectionError(TLSError, socket.error):
36 """An attempt was made to use the connection after it was closed.""" 37 pass
38
39 -class TLSAbruptCloseError(TLSError):
40 """The socket was closed without a proper TLS shutdown. 41 42 The TLS specification mandates that an alert of some sort 43 must be sent before the underlying socket is closed. If the socket 44 is closed without this, it could signify that an attacker is trying 45 to truncate the connection. It could also signify a misbehaving 46 TLS implementation, or a random network failure. 47 """ 48 pass
49
50 -class TLSAlert(TLSError):
51 """A TLS alert has been signalled.""" 52 pass 53 54 _descriptionStr = {\ 55 AlertDescription.close_notify: "close_notify",\ 56 AlertDescription.unexpected_message: "unexpected_message",\ 57 AlertDescription.bad_record_mac: "bad_record_mac",\ 58 AlertDescription.decryption_failed: "decryption_failed",\ 59 AlertDescription.record_overflow: "record_overflow",\ 60 AlertDescription.decompression_failure: "decompression_failure",\ 61 AlertDescription.handshake_failure: "handshake_failure",\ 62 AlertDescription.no_certificate: "no certificate",\ 63 AlertDescription.bad_certificate: "bad_certificate",\ 64 AlertDescription.unsupported_certificate: "unsupported_certificate",\ 65 AlertDescription.certificate_revoked: "certificate_revoked",\ 66 AlertDescription.certificate_expired: "certificate_expired",\ 67 AlertDescription.certificate_unknown: "certificate_unknown",\ 68 AlertDescription.illegal_parameter: "illegal_parameter",\ 69 AlertDescription.unknown_ca: "unknown_ca",\ 70 AlertDescription.access_denied: "access_denied",\ 71 AlertDescription.decode_error: "decode_error",\ 72 AlertDescription.decrypt_error: "decrypt_error",\ 73 AlertDescription.export_restriction: "export_restriction",\ 74 AlertDescription.protocol_version: "protocol_version",\ 75 AlertDescription.insufficient_security: "insufficient_security",\ 76 AlertDescription.internal_error: "internal_error",\ 77 AlertDescription.inappropriate_fallback: "inappropriate_fallback",\ 78 AlertDescription.user_canceled: "user_canceled",\ 79 AlertDescription.no_renegotiation: "no_renegotiation",\ 80 AlertDescription.unknown_psk_identity: "unknown_psk_identity"}
81
82 -class TLSLocalAlert(TLSAlert):
83 """A TLS alert has been signalled by the local implementation. 84 85 @type description: int 86 @ivar description: Set to one of the constants in 87 L{tlslite.constants.AlertDescription} 88 89 @type level: int 90 @ivar level: Set to one of the constants in 91 L{tlslite.constants.AlertLevel} 92 93 @type message: str 94 @ivar message: Description of what went wrong. 95 """
96 - def __init__(self, alert, message=None):
97 self.description = alert.description 98 self.level = alert.level 99 self.message = message
100
101 - def __str__(self):
102 alertStr = TLSAlert._descriptionStr.get(self.description) 103 if alertStr == None: 104 alertStr = str(self.description) 105 if self.message: 106 return alertStr + ": " + self.message 107 else: 108 return alertStr
109
110 -class TLSRemoteAlert(TLSAlert):
111 """A TLS alert has been signalled by the remote implementation. 112 113 @type description: int 114 @ivar description: Set to one of the constants in 115 L{tlslite.constants.AlertDescription} 116 117 @type level: int 118 @ivar level: Set to one of the constants in 119 L{tlslite.constants.AlertLevel} 120 """
121 - def __init__(self, alert):
122 self.description = alert.description 123 self.level = alert.level
124
125 - def __str__(self):
126 alertStr = TLSAlert._descriptionStr.get(self.description) 127 if alertStr == None: 128 alertStr = str(self.description) 129 return alertStr
130
131 -class TLSAuthenticationError(TLSError):
132 """The handshake succeeded, but the other party's authentication 133 was inadequate. 134 135 This exception will only be raised when a 136 L{tlslite.Checker.Checker} has been passed to a handshake function. 137 The Checker will be invoked once the handshake completes, and if 138 the Checker objects to how the other party authenticated, a 139 subclass of this exception will be raised. 140 """ 141 pass
142
143 -class TLSNoAuthenticationError(TLSAuthenticationError):
144 """The Checker was expecting the other party to authenticate with a 145 certificate chain, but this did not occur.""" 146 pass
147
148 -class TLSAuthenticationTypeError(TLSAuthenticationError):
149 """The Checker was expecting the other party to authenticate with a 150 different type of certificate chain.""" 151 pass
152
153 -class TLSFingerprintError(TLSAuthenticationError):
154 """The Checker was expecting the other party to authenticate with a 155 certificate chain that matches a different fingerprint.""" 156 pass
157
158 -class TLSAuthorizationError(TLSAuthenticationError):
159 """The Checker was expecting the other party to authenticate with a 160 certificate chain that has a different authorization.""" 161 pass
162
163 -class TLSValidationError(TLSAuthenticationError):
164 """The Checker has determined that the other party's certificate 165 chain is invalid."""
166 - def __init__(self, msg, info=None):
167 # Include a dict containing info about this validation failure 168 TLSAuthenticationError.__init__(self, msg) 169 self.info = info
170
171 -class TLSFaultError(TLSError):
172 """The other party responded incorrectly to an induced fault. 173 174 This exception will only occur during fault testing, when a 175 TLSConnection's fault variable is set to induce some sort of 176 faulty behavior, and the other party doesn't respond appropriately. 177 """ 178 pass
179 180
181 -class TLSUnsupportedError(TLSError):
182 """The implementation doesn't support the requested (or required) 183 capabilities.""" 184 pass
185
186 -class TLSInternalError(TLSError):
187 """The internal state of object is unexpected or invalid. 188 189 Caused by incorrect use of API. 190 """ 191 pass
192
193 -class TLSProtocolException(BaseTLSException):
194 195 """Exceptions used internally for handling errors in received messages""" 196 197 pass
198
199 -class TLSIllegalParameterException(TLSProtocolException):
200 201 """Parameters specified in message were incorrect or invalid""" 202 203 pass
204
205 -class TLSRecordOverflow(TLSProtocolException):
206 207 """The received record size was too big""" 208 209 pass
210
211 -class TLSDecryptionFailed(TLSProtocolException):
212 213 """Decryption of data was unsuccessful""" 214 215 pass
216
217 -class TLSBadRecordMAC(TLSProtocolException):
218 219 """Bad MAC (or padding in case of mac-then-encrypt)""" 220 221 pass
222