1// Copyright 2009 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5package tls 6 7import "strconv" 8 9// An AlertError is a TLS alert. 10// 11// When using a QUIC transport, QUICConn methods will return an error 12// which wraps AlertError rather than sending a TLS alert. 13type AlertError uint8 14 15func (e AlertError) Error() string { 16 return alert(e).String() 17} 18 19type alert uint8 20 21const ( 22 // alert level 23 alertLevelWarning = 1 24 alertLevelError = 2 25) 26 27const ( 28 alertCloseNotify alert = 0 29 alertUnexpectedMessage alert = 10 30 alertBadRecordMAC alert = 20 31 alertDecryptionFailed alert = 21 32 alertRecordOverflow alert = 22 33 alertDecompressionFailure alert = 30 34 alertHandshakeFailure alert = 40 35 alertBadCertificate alert = 42 36 alertUnsupportedCertificate alert = 43 37 alertCertificateRevoked alert = 44 38 alertCertificateExpired alert = 45 39 alertCertificateUnknown alert = 46 40 alertIllegalParameter alert = 47 41 alertUnknownCA alert = 48 42 alertAccessDenied alert = 49 43 alertDecodeError alert = 50 44 alertDecryptError alert = 51 45 alertExportRestriction alert = 60 46 alertProtocolVersion alert = 70 47 alertInsufficientSecurity alert = 71 48 alertInternalError alert = 80 49 alertInappropriateFallback alert = 86 50 alertUserCanceled alert = 90 51 alertNoRenegotiation alert = 100 52 alertMissingExtension alert = 109 53 alertUnsupportedExtension alert = 110 54 alertCertificateUnobtainable alert = 111 55 alertUnrecognizedName alert = 112 56 alertBadCertificateStatusResponse alert = 113 57 alertBadCertificateHashValue alert = 114 58 alertUnknownPSKIdentity alert = 115 59 alertCertificateRequired alert = 116 60 alertNoApplicationProtocol alert = 120 61 alertECHRequired alert = 121 62) 63 64var alertText = map[alert]string{ 65 alertCloseNotify: "close notify", 66 alertUnexpectedMessage: "unexpected message", 67 alertBadRecordMAC: "bad record MAC", 68 alertDecryptionFailed: "decryption failed", 69 alertRecordOverflow: "record overflow", 70 alertDecompressionFailure: "decompression failure", 71 alertHandshakeFailure: "handshake failure", 72 alertBadCertificate: "bad certificate", 73 alertUnsupportedCertificate: "unsupported certificate", 74 alertCertificateRevoked: "revoked certificate", 75 alertCertificateExpired: "expired certificate", 76 alertCertificateUnknown: "unknown certificate", 77 alertIllegalParameter: "illegal parameter", 78 alertUnknownCA: "unknown certificate authority", 79 alertAccessDenied: "access denied", 80 alertDecodeError: "error decoding message", 81 alertDecryptError: "error decrypting message", 82 alertExportRestriction: "export restriction", 83 alertProtocolVersion: "protocol version not supported", 84 alertInsufficientSecurity: "insufficient security level", 85 alertInternalError: "internal error", 86 alertInappropriateFallback: "inappropriate fallback", 87 alertUserCanceled: "user canceled", 88 alertNoRenegotiation: "no renegotiation", 89 alertMissingExtension: "missing extension", 90 alertUnsupportedExtension: "unsupported extension", 91 alertCertificateUnobtainable: "certificate unobtainable", 92 alertUnrecognizedName: "unrecognized name", 93 alertBadCertificateStatusResponse: "bad certificate status response", 94 alertBadCertificateHashValue: "bad certificate hash value", 95 alertUnknownPSKIdentity: "unknown PSK identity", 96 alertCertificateRequired: "certificate required", 97 alertNoApplicationProtocol: "no application protocol", 98 alertECHRequired: "encrypted client hello required", 99} 100 101func (e alert) String() string { 102 s, ok := alertText[e] 103 if ok { 104 return "tls: " + s 105 } 106 return "tls: alert(" + strconv.Itoa(int(e)) + ")" 107} 108 109func (e alert) Error() string { 110 return e.String() 111} 112