ea9a0d5313
Rather than blindly select SHA-1 if we can't find a matching one, act as if the peer advertised rsa_pkcs1_sha1 and ecdsa_sha1. This means that we will fail the handshake if no common algorithm may be found. This is done in preparation for removing the SHA-1 default in TLS 1.3. Change-Id: I3584947909d3d6988b940f9404044cace265b20d Reviewed-on: https://boringssl-review.googlesource.com/8695 Reviewed-by: David Benjamin <davidben@google.com>
185 lines
5.8 KiB
Plaintext
185 lines
5.8 KiB
Plaintext
SSL,100,APP_DATA_IN_HANDSHAKE
|
|
SSL,101,ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT
|
|
SSL,102,BAD_ALERT
|
|
SSL,103,BAD_CHANGE_CIPHER_SPEC
|
|
SSL,104,BAD_DATA_RETURNED_BY_CALLBACK
|
|
SSL,105,BAD_DH_P_LENGTH
|
|
SSL,106,BAD_DIGEST_LENGTH
|
|
SSL,107,BAD_ECC_CERT
|
|
SSL,108,BAD_ECPOINT
|
|
SSL,109,BAD_HANDSHAKE_RECORD
|
|
SSL,110,BAD_HELLO_REQUEST
|
|
SSL,111,BAD_LENGTH
|
|
SSL,112,BAD_PACKET_LENGTH
|
|
SSL,113,BAD_RSA_ENCRYPT
|
|
SSL,114,BAD_SIGNATURE
|
|
SSL,115,BAD_SRTP_MKI_VALUE
|
|
SSL,116,BAD_SRTP_PROTECTION_PROFILE_LIST
|
|
SSL,117,BAD_SSL_FILETYPE
|
|
SSL,118,BAD_WRITE_RETRY
|
|
SSL,119,BIO_NOT_SET
|
|
SSL,120,BN_LIB
|
|
SSL,121,BUFFER_TOO_SMALL
|
|
SSL,122,CA_DN_LENGTH_MISMATCH
|
|
SSL,123,CA_DN_TOO_LONG
|
|
SSL,124,CCS_RECEIVED_EARLY
|
|
SSL,125,CERTIFICATE_VERIFY_FAILED
|
|
SSL,126,CERT_CB_ERROR
|
|
SSL,127,CERT_LENGTH_MISMATCH
|
|
SSL,128,CHANNEL_ID_NOT_P256
|
|
SSL,129,CHANNEL_ID_SIGNATURE_INVALID
|
|
SSL,130,CIPHER_OR_HASH_UNAVAILABLE
|
|
SSL,131,CLIENTHELLO_PARSE_FAILED
|
|
SSL,132,CLIENTHELLO_TLSEXT
|
|
SSL,133,CONNECTION_REJECTED
|
|
SSL,134,CONNECTION_TYPE_NOT_SET
|
|
SSL,135,CUSTOM_EXTENSION_ERROR
|
|
SSL,136,DATA_LENGTH_TOO_LONG
|
|
SSL,137,DECODE_ERROR
|
|
SSL,138,DECRYPTION_FAILED
|
|
SSL,139,DECRYPTION_FAILED_OR_BAD_RECORD_MAC
|
|
SSL,140,DH_PUBLIC_VALUE_LENGTH_IS_WRONG
|
|
SSL,141,DH_P_TOO_LONG
|
|
SSL,142,DIGEST_CHECK_FAILED
|
|
SSL,143,DTLS_MESSAGE_TOO_BIG
|
|
SSL,144,ECC_CERT_NOT_FOR_SIGNING
|
|
SSL,145,EMS_STATE_INCONSISTENT
|
|
SSL,146,ENCRYPTED_LENGTH_TOO_LONG
|
|
SSL,147,ERROR_ADDING_EXTENSION
|
|
SSL,148,ERROR_IN_RECEIVED_CIPHER_LIST
|
|
SSL,149,ERROR_PARSING_EXTENSION
|
|
SSL,150,EXCESSIVE_MESSAGE_SIZE
|
|
SSL,151,EXTRA_DATA_IN_MESSAGE
|
|
SSL,152,FRAGMENT_MISMATCH
|
|
SSL,153,GOT_NEXT_PROTO_WITHOUT_EXTENSION
|
|
SSL,154,HANDSHAKE_FAILURE_ON_CLIENT_HELLO
|
|
SSL,155,HTTPS_PROXY_REQUEST
|
|
SSL,156,HTTP_REQUEST
|
|
SSL,157,INAPPROPRIATE_FALLBACK
|
|
SSL,158,INVALID_COMMAND
|
|
SSL,159,INVALID_MESSAGE
|
|
SSL,251,INVALID_OUTER_RECORD_TYPE
|
|
SSL,160,INVALID_SSL_SESSION
|
|
SSL,161,INVALID_TICKET_KEYS_LENGTH
|
|
SSL,162,LENGTH_MISMATCH
|
|
SSL,163,LIBRARY_HAS_NO_CIPHERS
|
|
SSL,164,MISSING_EXTENSION
|
|
SSL,165,MISSING_RSA_CERTIFICATE
|
|
SSL,166,MISSING_TMP_DH_KEY
|
|
SSL,167,MISSING_TMP_ECDH_KEY
|
|
SSL,168,MIXED_SPECIAL_OPERATOR_WITH_GROUPS
|
|
SSL,169,MTU_TOO_SMALL
|
|
SSL,170,NEGOTIATED_BOTH_NPN_AND_ALPN
|
|
SSL,171,NESTED_GROUP
|
|
SSL,172,NO_CERTIFICATES_RETURNED
|
|
SSL,173,NO_CERTIFICATE_ASSIGNED
|
|
SSL,174,NO_CERTIFICATE_SET
|
|
SSL,175,NO_CIPHERS_AVAILABLE
|
|
SSL,176,NO_CIPHERS_PASSED
|
|
SSL,177,NO_CIPHER_MATCH
|
|
SSL,253,NO_COMMON_SIGNATURE_ALGORITHMS
|
|
SSL,178,NO_COMPRESSION_SPECIFIED
|
|
SSL,179,NO_METHOD_SPECIFIED
|
|
SSL,180,NO_P256_SUPPORT
|
|
SSL,181,NO_PRIVATE_KEY_ASSIGNED
|
|
SSL,182,NO_RENEGOTIATION
|
|
SSL,183,NO_REQUIRED_DIGEST
|
|
SSL,184,NO_SHARED_CIPHER
|
|
SSL,185,NULL_SSL_CTX
|
|
SSL,186,NULL_SSL_METHOD_PASSED
|
|
SSL,187,OLD_SESSION_CIPHER_NOT_RETURNED
|
|
SSL,188,OLD_SESSION_VERSION_NOT_RETURNED
|
|
SSL,189,OUTPUT_ALIASES_INPUT
|
|
SSL,190,PARSE_TLSEXT
|
|
SSL,191,PATH_TOO_LONG
|
|
SSL,192,PEER_DID_NOT_RETURN_A_CERTIFICATE
|
|
SSL,193,PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE
|
|
SSL,194,PROTOCOL_IS_SHUTDOWN
|
|
SSL,195,PSK_IDENTITY_NOT_FOUND
|
|
SSL,196,PSK_NO_CLIENT_CB
|
|
SSL,197,PSK_NO_SERVER_CB
|
|
SSL,198,READ_TIMEOUT_EXPIRED
|
|
SSL,199,RECORD_LENGTH_MISMATCH
|
|
SSL,200,RECORD_TOO_LARGE
|
|
SSL,201,RENEGOTIATION_ENCODING_ERR
|
|
SSL,202,RENEGOTIATION_MISMATCH
|
|
SSL,203,REQUIRED_CIPHER_MISSING
|
|
SSL,204,RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION
|
|
SSL,205,RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION
|
|
SSL,206,SCSV_RECEIVED_WHEN_RENEGOTIATING
|
|
SSL,207,SERVERHELLO_TLSEXT
|
|
SSL,208,SESSION_ID_CONTEXT_UNINITIALIZED
|
|
SSL,209,SESSION_MAY_NOT_BE_CREATED
|
|
SSL,250,SHUTDOWN_WHILE_IN_INIT
|
|
SSL,210,SIGNATURE_ALGORITHMS_EXTENSION_SENT_BY_SERVER
|
|
SSL,211,SRTP_COULD_NOT_ALLOCATE_PROFILES
|
|
SSL,212,SRTP_UNKNOWN_PROTECTION_PROFILE
|
|
SSL,213,SSL3_EXT_INVALID_SERVERNAME
|
|
SSL,1042,SSLV3_ALERT_BAD_CERTIFICATE
|
|
SSL,1020,SSLV3_ALERT_BAD_RECORD_MAC
|
|
SSL,1045,SSLV3_ALERT_CERTIFICATE_EXPIRED
|
|
SSL,1044,SSLV3_ALERT_CERTIFICATE_REVOKED
|
|
SSL,1046,SSLV3_ALERT_CERTIFICATE_UNKNOWN
|
|
SSL,1000,SSLV3_ALERT_CLOSE_NOTIFY
|
|
SSL,1030,SSLV3_ALERT_DECOMPRESSION_FAILURE
|
|
SSL,1040,SSLV3_ALERT_HANDSHAKE_FAILURE
|
|
SSL,1047,SSLV3_ALERT_ILLEGAL_PARAMETER
|
|
SSL,1041,SSLV3_ALERT_NO_CERTIFICATE
|
|
SSL,1010,SSLV3_ALERT_UNEXPECTED_MESSAGE
|
|
SSL,1043,SSLV3_ALERT_UNSUPPORTED_CERTIFICATE
|
|
SSL,214,SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION
|
|
SSL,215,SSL_HANDSHAKE_FAILURE
|
|
SSL,216,SSL_SESSION_ID_CONTEXT_TOO_LONG
|
|
SSL,1049,TLSV1_ALERT_ACCESS_DENIED
|
|
SSL,1050,TLSV1_ALERT_DECODE_ERROR
|
|
SSL,1021,TLSV1_ALERT_DECRYPTION_FAILED
|
|
SSL,1051,TLSV1_ALERT_DECRYPT_ERROR
|
|
SSL,1060,TLSV1_ALERT_EXPORT_RESTRICTION
|
|
SSL,1086,TLSV1_ALERT_INAPPROPRIATE_FALLBACK
|
|
SSL,1071,TLSV1_ALERT_INSUFFICIENT_SECURITY
|
|
SSL,1080,TLSV1_ALERT_INTERNAL_ERROR
|
|
SSL,1100,TLSV1_ALERT_NO_RENEGOTIATION
|
|
SSL,1070,TLSV1_ALERT_PROTOCOL_VERSION
|
|
SSL,1022,TLSV1_ALERT_RECORD_OVERFLOW
|
|
SSL,1048,TLSV1_ALERT_UNKNOWN_CA
|
|
SSL,1090,TLSV1_ALERT_USER_CANCELLED
|
|
SSL,1114,TLSV1_BAD_CERTIFICATE_HASH_VALUE
|
|
SSL,1113,TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE
|
|
SSL,1111,TLSV1_CERTIFICATE_UNOBTAINABLE
|
|
SSL,1112,TLSV1_UNRECOGNIZED_NAME
|
|
SSL,1110,TLSV1_UNSUPPORTED_EXTENSION
|
|
SSL,217,TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST
|
|
SSL,218,TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG
|
|
SSL,219,TOO_MANY_EMPTY_FRAGMENTS
|
|
SSL,220,TOO_MANY_WARNING_ALERTS
|
|
SSL,221,UNABLE_TO_FIND_ECDH_PARAMETERS
|
|
SSL,222,UNEXPECTED_EXTENSION
|
|
SSL,223,UNEXPECTED_MESSAGE
|
|
SSL,224,UNEXPECTED_OPERATOR_IN_GROUP
|
|
SSL,225,UNEXPECTED_RECORD
|
|
SSL,226,UNINITIALIZED
|
|
SSL,227,UNKNOWN_ALERT_TYPE
|
|
SSL,228,UNKNOWN_CERTIFICATE_TYPE
|
|
SSL,229,UNKNOWN_CIPHER_RETURNED
|
|
SSL,230,UNKNOWN_CIPHER_TYPE
|
|
SSL,231,UNKNOWN_DIGEST
|
|
SSL,232,UNKNOWN_KEY_EXCHANGE_TYPE
|
|
SSL,233,UNKNOWN_PROTOCOL
|
|
SSL,234,UNKNOWN_SSL_VERSION
|
|
SSL,235,UNKNOWN_STATE
|
|
SSL,236,UNSAFE_LEGACY_RENEGOTIATION_DISABLED
|
|
SSL,237,UNSUPPORTED_CIPHER
|
|
SSL,238,UNSUPPORTED_COMPRESSION_ALGORITHM
|
|
SSL,239,UNSUPPORTED_ELLIPTIC_CURVE
|
|
SSL,240,UNSUPPORTED_PROTOCOL
|
|
SSL,252,UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY
|
|
SSL,241,WRONG_CERTIFICATE_TYPE
|
|
SSL,242,WRONG_CIPHER_RETURNED
|
|
SSL,243,WRONG_CURVE
|
|
SSL,244,WRONG_MESSAGE_TYPE
|
|
SSL,245,WRONG_SIGNATURE_TYPE
|
|
SSL,246,WRONG_SSL_VERSION
|
|
SSL,247,WRONG_VERSION_NUMBER
|
|
SSL,248,X509_LIB
|
|
SSL,249,X509_VERIFICATION_SETUP_PROBLEMS
|