]>
Commit | Line | Data |
---|---|---|
5a61e580 VK |
1 | /* |
2 | * libZRTP SDK library, implements the ZRTP secure VoIP protocol. | |
3 | * Copyright (c) 2006-2009 Philip R. Zimmermann. All rights reserved. | |
4 | * Contact: http://philzimmermann.com | |
5 | * For licensing and other legal details, see the file zrtp_legal.c. | |
6 | * | |
7 | * Viktor Krykun <v.krikun at zfoneproject.com> | |
8 | */ | |
9 | ||
10 | ||
11 | /** | |
12 | * \file zrtp_error.h | |
13 | * \brief libzrtp errors definitions | |
14 | */ | |
15 | ||
16 | #ifndef __ZRTP_ERROR_H__ | |
17 | #define __ZRTP_ERROR_H__ | |
18 | ||
19 | #include "zrtp_config.h" | |
20 | ||
21 | /** | |
22 | * \defgroup zrtp_errors Libzrtp Error Definitions | |
23 | * | |
24 | * In this section the ZRTP protocol error codes and the library internal errors are defined. | |
25 | * | |
26 | * When ZRTP Protocl error detected, zrtp_callback_event_t#on_zrtp_security_event is called and | |
27 | * zrtp_session_info_t#last_error contains error code. | |
28 | * \{ | |
29 | */ | |
30 | ||
31 | /** | |
32 | * \brief Define protocol error codes according to ZRTP RFC sec. 5.9 | |
33 | */ | |
34 | typedef enum zrtp_protocol_error_t | |
35 | { | |
36 | zrtp_error_unknown = 0, | |
37 | zrtp_error_timeout = 1, | |
38 | ||
39 | zrtp_error_invalid_packet = 0x10, /** Malformed packet (CRC OK, but wrong structure) */ | |
40 | zrtp_error_software = 0x20, /** Critical software error */ | |
41 | zrtp_error_version = 0x30, /** Unsupported ZRTP version */ | |
42 | zrtp_error_hello_mistmatch = 0x40, /** Hello components mismatch */ | |
43 | ||
44 | zrtp_error_hash_unsp = 0x51, /** Hash type not supported */ | |
45 | zrtp_error_cipher_unsp = 0x52, /** Cipher type not supported */ | |
46 | zrtp_error_pktype_unsp = 0x53, /** Public key exchange not supported */ | |
47 | zrtp_error_auth_unsp = 0x54, /** SRTP auth. tag not supported */ | |
48 | zrtp_error_sas_unsp = 0x55, /** SAS scheme not supported */ | |
49 | zrtp_error_no_secret = 0x56, /** No shared secret available, Preshared mode required */ | |
50 | ||
51 | zrtp_error_possible_mitm1 = 0x61, /** DH Error: bad pvi or pvr ( == 1, 0, or p-1) */ | |
52 | zrtp_error_possible_mitm2 = 0x62, /** DH Error: hvi != hashed data */ | |
53 | zrtp_error_possible_mitm3 = 0x63, /** Received relayed SAS from untrusted MiTM */ | |
54 | ||
55 | zrtp_error_auth_decrypt = 0x70, /** Auth. Error: Bad Confirm pkt HMAC */ | |
56 | zrtp_error_nonse_reuse = 0x80, /** Nonce reuse */ | |
57 | zrtp_error_equal_zid = 0x90, /** Equal ZIDs in Hello */ | |
58 | zrtp_error_service_unavail = 0xA0, /** Service unavailable */ | |
59 | zrtp_error_goclear_unsp = 0x100,/** GoClear packet received, but not allowed */ | |
60 | ||
61 | zrtp_error_wrong_zid = 0x202, /** ZID received in new Hello doesn't equal to ZID from the previous stream */ | |
62 | zrtp_error_wrong_meshmac = 0x203, /** Message HMAC doesn't match with pre-received one */ | |
63 | zrtp_error_count | |
64 | } zrtp_protocol_error_t; | |
65 | ||
66 | /** | |
67 | * \brief libzrtp functions statuses. | |
68 | * | |
69 | * Note that the value of zrtp_status_ok is equal to zero. This can simplify error checking | |
70 | * somewhat. | |
71 | */ | |
72 | typedef enum zrtp_status_t | |
73 | { | |
74 | zrtp_status_ok = 0, /** OK status */ | |
75 | zrtp_status_fail = 1, /** General, unspecified failure */ | |
76 | zrtp_status_bad_param = 2, /** Wrong, unsupported parameter */ | |
77 | zrtp_status_alloc_fail = 3, /** Fail allocate memory */ | |
78 | zrtp_status_auth_fail = 4, /** SRTP authentication failure */ | |
79 | zrtp_status_cipher_fail = 5, /** Cipher failure on RTP encrypt/decrypt */ | |
80 | zrtp_status_algo_fail = 6, /** General Crypto Algorithm failure */ | |
81 | zrtp_status_key_expired = 7, /** SRTP can't use key any longer */ | |
82 | zrtp_status_buffer_size = 8, /** Input buffer too small */ | |
83 | zrtp_status_drop = 9, /** Packet process DROP status */ | |
84 | zrtp_status_open_fail = 10, /** Failed to open file/device */ | |
85 | zrtp_status_read_fail = 11, /** Unable to read data from the file/stream */ | |
86 | zrtp_status_write_fail = 12, /** Unable to write to the file/stream */ | |
87 | zrtp_status_old_pkt = 13, /** SRTP packet is out of sliding window */ | |
88 | zrtp_status_rp_fail = 14, /** RTP replay protection failed */ | |
89 | zrtp_status_zrp_fail = 15, /** ZRTP replay protection failed */ | |
90 | zrtp_status_crc_fail = 16, /** ZRTP packet CRC is wrong */ | |
91 | zrtp_status_rng_fail = 17, /** Can't generate random value */ | |
92 | zrtp_status_wrong_state = 18, /** Illegal operation in current state */ | |
93 | zrtp_status_attack = 19, /** Attack detected */ | |
94 | zrtp_status_notavailable = 20, /** Function is not available in current configuration */ | |
95 | zrtp_status_count = 21 | |
96 | } zrtp_status_t; | |
97 | ||
98 | /** \} */ | |
99 | ||
100 | /** \manonly */ | |
101 | ||
102 | #define ZRTP_MIM2_WARNING_STR \ | |
103 | "Possible Man-In-The-Middle-Attack! Switching to state Error\n"\ | |
104 | "because a packet arrived that was ZRTP_DHPART2, but contained\n"\ | |
105 | "a g^y that didn't match the previous ZRTP_COMMIT.\n" | |
106 | ||
107 | #define ZRTP_MITM1_WARNING_STR "DH validating failed. (pvi is 1 or p-1), aborted\n" | |
108 | ||
109 | #define ZRTP_VERIFIED_INIT_WARNING_STR \ | |
110 | "Falling back to cleartext because a packet arrived that was\n"\ | |
111 | "ZRTP_CONFIRM1, but which couldn't be verified - the sender must have a different\n"\ | |
112 | "shared secret than we have.\n" | |
113 | ||
114 | #define ZRTP_VERIFIED_RESP_WARNING_STR \ | |
115 | "Falling back to cleartext because a packet arrived that was ZRTP_CONFIRM2,\n"\ | |
116 | " but which couldn't be verified - the sender must have a different shared secret than we have.\n" | |
117 | ||
118 | #define ZRTP_EQUAL_ZID_WARNING_STR \ | |
119 | "Received a ZRTP_HELLO packet with the same ZRTP ID that we have.\n"\ | |
120 | " This is likely due to a bug in the software. Ignoring the ZRTP_HELLO\n"\ | |
121 | " packet, therefore this call cannot be encrypted.\n" | |
122 | ||
123 | #define ZRTP_UNSUPPORTED_COMP_WARNING_STR \ | |
124 | " Received ZRTP_HELLO packet with an algorithms field which had a\n"\ | |
125 | " list of hashes that didn't include any of our supported hashes. Ignoring\n"\ | |
126 | " the ZRTP_HELLO packet, therefore this call cannot be encrypted.\n" | |
127 | ||
128 | #define ZRTP_NOT_UNIQUE_NONCE_WARNING_STR \ | |
129 | " Received COMMIT with hash value already used in another stream within this ZRTP session\n" | |
130 | ||
131 | #define ZRTP_RELAYED_SAS_FROM_NONMITM_STR \ | |
132 | " Received SAS Relaying message from endpoint which haven't introduced as MiTM.\n" | |
133 | ||
134 | /** \endmanonly */ | |
135 | ||
136 | #endif /* __ZRTP_ERROR_H__ */ |