2
* Heirloom mailx - a mail user agent derived from Berkeley Mail.
4
* Copyright (c) 2000-2005 Gunnar Ritter, Freiburg i. Br., Germany.
8
* <http://www.mozilla.org/projects/nspr/reference/html/prerr.html#26127>.
10
* The contents of this file are subject to the Mozilla Public License
11
* Version 1.1 (the "License"); you may not use this file except in
12
* compliance with the License. You may obtain a copy of the License
13
* at http://www.mozilla.org/MPL/
15
* Software distributed under the License is distributed on an "AS
16
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
17
* implied. See the License for the specific language governing
18
* rights and limitations under the License.
20
* The Original Code is the Netscape security libraries.
22
* The Initial Developer of the Original Code is Netscape
23
* Communications Corporation. Portions created by Netscape are
24
* Copyright (C) 1994-2000 Netscape Communications Corporation. All
30
/* "@(#)nsserr.c 1.3 (gritter) 3/4/06" */
43
snprintf(eb, sizeof eb, "Unknown error %d", ec);
46
case SSL_ERROR_EXPORT_ONLY_SERVER:
47
cp = "Unable to communicate securely. Peer does not support high-grade encryption";
49
case SSL_ERROR_US_ONLY_SERVER:
50
cp = "Unable to communicate securely. Peer requires high-grade encryption which is not supported";
52
case SSL_ERROR_NO_CYPHER_OVERLAP:
53
cp = "Cannot communicate securely with peer: no common encryption algorithm(s)";
55
case SSL_ERROR_NO_CERTIFICATE:
56
cp = "Unable to find the certificate or key necessary for authentication";
58
case SSL_ERROR_BAD_CERTIFICATE:
59
cp = "Unable to communicate securely with peer: peers's certificate was rejected";
61
case SSL_ERROR_BAD_CLIENT:
62
cp = "The server has encountered bad data from the client";
64
case SSL_ERROR_BAD_SERVER:
65
cp = "The client has encountered bad data from the server";
67
case SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE:
68
cp = "Unsupported certificate type";
70
case SSL_ERROR_UNSUPPORTED_VERSION:
71
cp = "Peer using unsupported version of security protocol";
73
case SSL_ERROR_WRONG_CERTIFICATE:
74
cp = "Client authentication failed: private key in key database does not correspond to public key in certificate database";
76
case SSL_ERROR_BAD_CERT_DOMAIN:
77
cp = "Unable to communicate securely with peer: requested domain name does not match the server's certificate";
79
case SSL_ERROR_POST_WARNING:
82
case SSL_ERROR_SSL2_DISABLED:
83
cp = "Peer only supports SSL version 2, which is locally disabled";
85
case SSL_ERROR_BAD_MAC_READ:
86
cp = "SSL received a record with an incorrect Message Authentication Code";
88
case SSL_ERROR_BAD_MAC_ALERT:
89
cp = "SSL peer reports incorrect Message Authentication Code";
91
case SSL_ERROR_BAD_CERT_ALERT:
92
cp = "SSL peer cannot verify your certificate";
94
case SSL_ERROR_REVOKED_CERT_ALERT:
95
cp = "SSL peer rejected your certificate as revoked";
97
case SSL_ERROR_EXPIRED_CERT_ALERT:
98
cp = "SSL peer rejected your certificate as expired";
100
case SSL_ERROR_SSL_DISABLED:
101
cp = "Cannot connect: SSL is disabled";
103
case SSL_ERROR_FORTEZZA_PQG:
104
cp = "Cannot connect: SSL peer is in another FORTEZZA domain";
106
case SSL_ERROR_UNKNOWN_CIPHER_SUITE:
107
cp = "An unknown SSL cipher suite has been requested";
109
case SSL_ERROR_NO_CIPHERS_SUPPORTED:
110
cp = "No cipher suites are present and enabled in this program";
112
case SSL_ERROR_BAD_BLOCK_PADDING:
113
cp = "SSL received a record with bad block padding";
115
case SSL_ERROR_RX_RECORD_TOO_LONG:
116
cp = "SSL received a record that exceeded the maximum permissible length";
118
case SSL_ERROR_TX_RECORD_TOO_LONG:
119
cp = "SSL attempted to send a record that exceeded the maximum permissible length";
121
case SSL_ERROR_CLOSE_NOTIFY_ALERT:
122
cp = "SSL peer has closed this connection";
124
case SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED:
125
cp = "SSL Server attempted to use domestic-grade public key with export cipher suite";
127
case SSL_ERROR_NO_SERVER_KEY_FOR_ALG:
128
cp = "Server has no key for the attempted key exchange algorithm";
130
case SSL_ERROR_TOKEN_INSERTION_REMOVAL:
131
cp = "PKCS #11 token was inserted or removed while operation was in progress";
133
case SSL_ERROR_TOKEN_SLOT_NOT_FOUND:
134
cp = "No PKCS#11 token could be found to do a required operation";
136
case SSL_ERROR_NO_COMPRESSION_OVERLAP:
137
cp = "Cannot communicate securely with peer: no common compression algorithm(s)";
139
case SSL_ERROR_HANDSHAKE_NOT_COMPLETED:
140
cp = "Cannot initiate another SSL handshake until current handshake is complete";
142
case SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE:
143
cp = "Received incorrect handshakes hash values from peer";
145
case SSL_ERROR_CERT_KEA_MISMATCH:
146
cp = "The certificate provided cannot be used with the selected key exchange algorithm";
148
case SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA:
149
cp = "No certificate authority is trusted for SSL client authentication";
151
case SSL_ERROR_SESSION_NOT_FOUND:
152
cp = "Client's SSL session ID not found in server's session cache";
154
case SSL_ERROR_RX_MALFORMED_HELLO_REQUEST:
155
cp = "SSL received a malformed Hello Request handshake message";
157
case SSL_ERROR_RX_MALFORMED_CLIENT_HELLO:
158
cp = "SSL received a malformed Client Hello handshake message";
160
case SSL_ERROR_RX_MALFORMED_SERVER_HELLO:
161
cp = "SSL received a malformed Server Hello handshake message";
163
case SSL_ERROR_RX_MALFORMED_CERTIFICATE:
164
cp = "SSL received a malformed Certificate handshake message";
166
case SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH:
167
cp = "SSL received a malformed Server Key Exchange handshake message";
169
case SSL_ERROR_RX_MALFORMED_CERT_REQUEST:
170
cp = "SSL received a malformed Certificate Request handshake message";
172
case SSL_ERROR_RX_MALFORMED_HELLO_DONE:
173
cp = "SSL received a malformed Server Hello Done handshake message";
175
case SSL_ERROR_RX_MALFORMED_CERT_VERIFY:
176
cp = "SSL received a malformed Certificate Verify handshake message";
178
case SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH:
179
cp = "SSL received a malformed Client Key Exchange handshake message";
181
case SSL_ERROR_RX_MALFORMED_FINISHED:
182
cp = "SSL received a malformed Finished handshake message";
184
case SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER:
185
cp = "SSL received a malformed Change Cipher Spec record";
187
case SSL_ERROR_RX_MALFORMED_ALERT:
188
cp = "SSL received a malformed Alert record";
190
case SSL_ERROR_RX_MALFORMED_HANDSHAKE:
191
cp = "SSL received a malformed Handshake record";
193
case SSL_ERROR_RX_MALFORMED_APPLICATION_DATA:
194
cp = "SSL received a malformed Application Data record";
196
case SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST:
197
cp = "SSL received an unexpected Hello Request handshake message";
199
case SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO:
200
cp = "SSL received an unexpected Client Hello handshake message";
202
case SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO:
203
cp = "SSL received an unexpected Server Hello handshake message";
205
case SSL_ERROR_RX_UNEXPECTED_CERTIFICATE:
206
cp = "SSL received an unexpected Certificate handshake message";
208
case SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH:
209
cp = "SSL received an unexpected Server Key Exchange handshake message";
211
case SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST:
212
cp = "SSL received an unexpected Certificate Request handshake message";
214
case SSL_ERROR_RX_UNEXPECTED_HELLO_DONE:
215
cp = "SSL received an unexpected Server Hello Done handshake message";
217
case SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY:
218
cp = "SSL received an unexpected Certificate Verify handshake message";
220
case SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH:
221
cp = "SSL received an unexpected Client Key Exchange handshake message";
223
case SSL_ERROR_RX_UNEXPECTED_FINISHED:
224
cp = "SSL received an unexpected Finished handshake message";
226
case SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER:
227
cp = "SSL received an unexpected Change Cipher Spec record";
229
case SSL_ERROR_RX_UNEXPECTED_ALERT:
230
cp = "SSL received an unexpected Alert record";
232
case SSL_ERROR_RX_UNEXPECTED_HANDSHAKE:
233
cp = "SSL received an unexpected Handshake record";
235
case SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA:
236
cp = "SSL received an unexpected Application Data record";
238
case SSL_ERROR_RX_UNKNOWN_RECORD_TYPE:
239
cp = "SSL received a record with an unknown content type";
241
case SSL_ERROR_RX_UNKNOWN_HANDSHAKE:
242
cp = "SSL received a handshake message with an unknown message type";
244
case SSL_ERROR_RX_UNKNOWN_ALERT:
245
cp = "SSL received an alert record with an unknown alert description";
247
case SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT:
248
cp = "SSL peer was not expecting a handshake message it received";
250
case SSL_ERROR_DECOMPRESSION_FAILURE_ALERT:
251
cp = "SSL peer was unable to successfully decompress an SSL record it received";
253
case SSL_ERROR_HANDSHAKE_FAILURE_ALERT:
254
cp = "SSL peer was unable to negotiate an acceptable set of security parameters";
256
case SSL_ERROR_ILLEGAL_PARAMETER_ALERT:
257
cp = "SSL peer rejected a handshake message for unacceptable content";
259
case SSL_ERROR_UNSUPPORTED_CERT_ALERT:
260
cp = "SSL peer does not support certificates of the type it received";
262
case SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT:
263
cp = "SSL peer had some unspecified issue with the certificate it received";
265
case SSL_ERROR_DECRYPTION_FAILED_ALERT:
266
cp = "Peer was unable to decrypt an SSL record it received";
268
case SSL_ERROR_RECORD_OVERFLOW_ALERT:
269
cp = "Peer received an SSL record that was longer than is permitted";
271
case SSL_ERROR_UNKNOWN_CA_ALERT:
272
cp = "Peer does not recognize and trust the CA that issued your certificate";
274
case SSL_ERROR_ACCESS_DENIED_ALERT:
275
cp = "Peer received a valid certificate, but access was denied";
277
case SSL_ERROR_DECODE_ERROR_ALERT:
278
cp = "Peer could not decode an SSL handshake message";
280
case SSL_ERROR_DECRYPT_ERROR_ALERT:
281
cp = "Peer reports failure of signature verification or key exchange";
283
case SSL_ERROR_EXPORT_RESTRICTION_ALERT:
284
cp = "Peer reports negotiation not in compliance with export regulations";
286
case SSL_ERROR_PROTOCOL_VERSION_ALERT:
287
cp = "Peer reports incompatible or unsupported protocol version";
289
case SSL_ERROR_INSUFFICIENT_SECURITY_ALERT:
290
cp = "Server requires ciphers more secure than those supported by client";
292
case SSL_ERROR_INTERNAL_ERROR_ALERT:
293
cp = "Peer reports it experienced an internal error";
295
case SSL_ERROR_USER_CANCELED_ALERT:
296
cp = "Peer user canceled handshake";
298
case SSL_ERROR_NO_RENEGOTIATION_ALERT:
299
cp = "Peer does not permit renegotiation of SSL security parameters";
301
case SSL_ERROR_GENERATE_RANDOM_FAILURE:
302
cp = "SSL experienced a failure of its random number generator";
304
case SSL_ERROR_SIGN_HASHES_FAILURE:
305
cp = "Unable to digitally sign data required to verify your certificate";
307
case SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE:
308
cp = "SSL was unable to extract the public key from the peer's certificate";
310
case SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE:
311
cp = "Unspecified failure while processing SSL Server Key Exchange handshake";
313
case SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE:
314
cp = "Unspecified failure while processing SSL Client Key Exchange handshake";
316
case SSL_ERROR_ENCRYPTION_FAILURE:
317
cp = "Bulk data encryption algorithm failed in selected cipher suite";
319
case SSL_ERROR_DECRYPTION_FAILURE:
320
cp = "Bulk data decryption algorithm failed in selected cipher suite";
322
case SSL_ERROR_MD5_DIGEST_FAILURE:
323
cp = "MD5 digest function failed";
325
case SSL_ERROR_SHA_DIGEST_FAILURE:
326
cp = "SHA-1 digest function failed";
328
case SSL_ERROR_MAC_COMPUTATION_FAILURE:
329
cp = "Message Authentication Code computation failed";
331
case SSL_ERROR_SYM_KEY_CONTEXT_FAILURE:
332
cp = "Failure to create Symmetric Key context";
334
case SSL_ERROR_SYM_KEY_UNWRAP_FAILURE:
335
cp = "Failure to unwrap the Symmetric key in Client Key Exchange message";
337
case SSL_ERROR_IV_PARAM_FAILURE:
338
cp = "PKCS11 code failed to translate an IV into a param";
340
case SSL_ERROR_INIT_CIPHER_SUITE_FAILURE:
341
cp = "Failed to initialize the selected cipher suite";
343
case SSL_ERROR_SOCKET_WRITE_FAILURE:
344
cp = "Attempt to write encrypted data to underlying socket failed";
346
case SSL_ERROR_SESSION_KEY_GEN_FAILURE:
347
cp = "Failed to generate session keys for SSL session";
350
cp = "An I/O error occurred during authentication";
352
case SEC_ERROR_LIBRARY_FAILURE:
353
cp = "Security library failure";
355
case SEC_ERROR_BAD_DATA:
356
cp = "Security library: received bad data";
358
case SEC_ERROR_OUTPUT_LEN:
359
cp = "Security library: output length error";
361
case SEC_ERROR_INPUT_LEN:
362
cp = "Security library: input length error";
364
case SEC_ERROR_INVALID_ARGS:
365
cp = "Security library: invalid arguments";
367
case SEC_ERROR_INVALID_ALGORITHM:
368
cp = "Security library: invalid algorithm";
370
case SEC_ERROR_INVALID_AVA:
371
cp = "Security library: invalid AVA";
373
case SEC_ERROR_INVALID_TIME:
374
cp = "Security library: invalid time";
376
case SEC_ERROR_BAD_DER:
377
cp = "Security library: improperly formatted DER-encoded message";
379
case SEC_ERROR_BAD_SIGNATURE:
380
cp = "Peer's certificate has an invalid signature";
382
case SEC_ERROR_EXPIRED_CERTIFICATE:
383
cp = "Peer's certificate has expired";
385
case SEC_ERROR_REVOKED_CERTIFICATE:
386
cp = "Peer's certificate has been revoked";
388
case SEC_ERROR_UNKNOWN_ISSUER:
389
cp = "Peer's certificate issuer is not recognized";
391
case SEC_ERROR_BAD_KEY:
392
cp = "Peer's public key is invalid";
394
case SEC_ERROR_BAD_PASSWORD:
395
cp = "The password entered is incorrect";
397
case SEC_ERROR_RETRY_PASSWORD:
398
cp = "New password entered incorrectly";
400
case SEC_ERROR_NO_NODELOCK:
401
cp = "Security library: no nodelock";
403
case SEC_ERROR_BAD_DATABASE:
404
cp = "Security library: bad database";
406
case SEC_ERROR_NO_MEMORY:
407
cp = "Security library: memory allocation failure";
409
case SEC_ERROR_UNTRUSTED_ISSUER:
410
cp = "Peer's certificate issuer has been marked as not trusted by the";
412
case SEC_ERROR_UNTRUSTED_CERT:
413
cp = "Peer's certificate has been marked as not trusted by the user";
415
case SEC_ERROR_DUPLICATE_CERT:
416
cp = "Certificate already exists in your database";
418
case SEC_ERROR_DUPLICATE_CERT_NAME:
419
cp = "Downloaded certificate's name duplicates one already in your";
421
case SEC_ERROR_ADDING_CERT:
422
cp = "Error adding certificate to database";
424
case SEC_ERROR_FILING_KEY:
425
cp = "Error refiling the key for this certificate";
427
case SEC_ERROR_NO_KEY:
428
cp = "The private key for this certificate cannot be found in key";
430
case SEC_ERROR_CERT_VALID:
431
cp = "This certificate is valid";
433
case SEC_ERROR_CERT_NOT_VALID:
434
cp = "This certificate is not valid";
436
case SEC_ERROR_CERT_NO_RESPONSE:
437
cp = "Certificate library: no response";
439
case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
440
cp = "The certificate issuer's certificate has expired";
442
case SEC_ERROR_CRL_EXPIRED:
443
cp = "The CRL for the certificate's issuer has expired";
445
case SEC_ERROR_CRL_BAD_SIGNATURE:
446
cp = "The CRL for the certificate's issuer has an invalid signature";
448
case SEC_ERROR_CRL_INVALID:
449
cp = "New CRL has an invalid format";
451
case SEC_ERROR_EXTENSION_VALUE_INVALID:
452
cp = "Certificate extension value is invalid";
454
case SEC_ERROR_EXTENSION_NOT_FOUND:
455
cp = "Certificate extension not found";
457
case SEC_ERROR_CA_CERT_INVALID:
458
cp = "Issuer certificate is invalid";
460
case SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID:
461
cp = "Certificate path length constraint is invalid";
463
case SEC_ERROR_CERT_USAGES_INVALID:
464
cp = "Certificate usages field is invalid";
466
case SEC_INTERNAL_ONLY:
467
cp = "Internal-only module";
469
case SEC_ERROR_INVALID_KEY:
470
cp = "The key does not support the requested operation";
472
case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
473
cp = "Certificate contains unknown critical extension";
475
case SEC_ERROR_OLD_CRL:
476
cp = "New CRL is not later than the current one";
478
case SEC_ERROR_NO_EMAIL_CERT:
479
cp = "Not encrypted or signed: you do not yet have an email certificate";
481
case SEC_ERROR_NO_RECIPIENT_CERTS_QUERY:
482
cp = "Not encrypted: you do not have certificates for each of the";
484
case SEC_ERROR_NOT_A_RECIPIENT:
485
cp = "Cannot decrypt: you are not a recipient, or matching certificate";
487
case SEC_ERROR_PKCS7_KEYALG_MISMATCH:
488
cp = "Cannot decrypt: key encryption algorithm does not match your";
490
case SEC_ERROR_PKCS7_BAD_SIGNATURE:
491
cp = "Signature verification failed: no signer found, too many signers";
493
case SEC_ERROR_UNSUPPORTED_KEYALG:
494
cp = "Unsupported or unknown key algorithm";
496
case SEC_ERROR_DECRYPTION_DISALLOWED:
497
cp = "Cannot decrypt: encrypted using a disallowed algorithm or key size";
500
case XP_EC_FORTEZZA_BAD_CARD:
501
cp = "FORTEZZA card has not been properly initialized";
503
case XP_EC_FORTEZZA_NO_CARD:
504
cp = "No FORTEZZA cards found";
506
case XP_EC_FORTEZZA_NONE_SELECTED:
507
cp = "No FORTEZZA card selected";
509
case XP_EC_FORTEZZA_MORE_INFO:
510
cp = "Please select a personality to get more info on";
512
case XP_EC_FORTEZZA_PERSON_NOT_FOUND:
513
cp = "Personality not found";
515
case XP_EC_FORTEZZA_NO_MORE_INFO:
516
cp = "No more information on that personality";
518
case XP_EC_FORTEZZA_BAD_PIN:
521
case XP_EC_FORTEZZA_PERSON_ERROR:
522
cp = "Couldn't initialize FORTEZZA personalities";
525
case SEC_ERROR_NO_KRL:
526
cp = "No KRL for this site's certificate has been found";
528
case SEC_ERROR_KRL_EXPIRED:
529
cp = "The KRL for this site's certificate has expired";
531
case SEC_ERROR_KRL_BAD_SIGNATURE:
532
cp = "The KRL for this site's certificate has an invalid signature";
534
case SEC_ERROR_REVOKED_KEY:
535
cp = "The key for this site's certificate has been revoked";
537
case SEC_ERROR_KRL_INVALID:
538
cp = "New KRL has an invalid format";
540
case SEC_ERROR_NEED_RANDOM:
541
cp = "Security library: need random data";
543
case SEC_ERROR_NO_MODULE:
544
cp = "Security library: no security module can perform the requested";
546
case SEC_ERROR_NO_TOKEN:
547
cp = "The security card or token does not exist, needs to be";
549
case SEC_ERROR_READ_ONLY:
550
cp = "Security library: read-only database";
552
case SEC_ERROR_NO_SLOT_SELECTED:
553
cp = "No slot or token was selected";
555
case SEC_ERROR_CERT_NICKNAME_COLLISION:
556
cp = "A certificate with the same nickname already exists";
558
case SEC_ERROR_KEY_NICKNAME_COLLISION:
559
cp = "A key with the same nickname already exists";
561
case SEC_ERROR_SAFE_NOT_CREATED:
562
cp = "Error while creating safe object";
564
case SEC_ERROR_BAGGAGE_NOT_CREATED:
565
cp = "Error while creating baggage object";
568
case XP_AVA_REMOVE_PRINCIPAL_ERROR:
569
cp = "Couldn't remove the principal";
571
case XP_AVA_DELETE_PRIVILEGE_ERROR:
572
cp = "Couldn't delete the privilege";
574
case XP_AVA_CERT_NOT_EXISTS_ERROR:
575
cp = "This principal doesn't have a certificate";
578
case SEC_ERROR_BAD_EXPORT_ALGORITHM:
579
cp = "Required algorithm is not allowed";
581
case SEC_ERROR_EXPORTING_CERTIFICATES:
582
cp = "Error attempting to export certificates";
584
case SEC_ERROR_IMPORTING_CERTIFICATES:
585
cp = "Error attempting to import certificates";
587
case SEC_ERROR_PKCS12_DECODING_PFX:
588
cp = "Unable to import. Decoding error. File not valid";
590
case SEC_ERROR_PKCS12_INVALID_MAC:
591
cp = "Unable to import. Invalid MAC. Incorrect password or corrupt file";
593
case SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM:
594
cp = "Unable to import. MAC algorithm not supported";
596
case SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE:
597
cp = "Unable to import. Only password integrity and privacy modes";
599
case SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE:
600
cp = "Unable to import. File structure is corrupt";
602
case SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM:
603
cp = "Unable to import. Encryption algorithm not supported";
605
case SEC_ERROR_PKCS12_UNSUPPORTED_VERSION:
606
cp = "Unable to import. File version not supported";
608
case SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT:
609
cp = "Unable to import. Incorrect privacy password";
611
case SEC_ERROR_PKCS12_CERT_COLLISION:
612
cp = "Unable to import. Same nickname already exists in database";
614
case SEC_ERROR_USER_CANCELLED:
615
cp = "The user clicked cancel";
617
case SEC_ERROR_PKCS12_DUPLICATE_DATA:
618
cp = "Not imported, already in database";
620
case SEC_ERROR_MESSAGE_SEND_ABORTED:
621
cp = "Message not sent";
623
case SEC_ERROR_INADEQUATE_KEY_USAGE:
624
cp = "Certificate key usage inadequate for attempted operation";
626
case SEC_ERROR_INADEQUATE_CERT_TYPE:
627
cp = "Certificate type not approved for application";
629
case SEC_ERROR_CERT_ADDR_MISMATCH:
630
cp = "Address in signing certificate does not match address in message";
632
case SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY:
633
cp = "Unable to import. Error attempting to import private key";
635
case SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN:
636
cp = "Unable to import. Error attempting to import certificate chain";
638
case SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME:
639
cp = "Unable to export. Unable to locate certificate or key by nickname";
641
case SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY:
642
cp = "Unable to export. Private key could not be located and exported";
644
case SEC_ERROR_PKCS12_UNABLE_TO_WRITE:
645
cp = "Unable to export. Unable to write the export file";
647
case SEC_ERROR_PKCS12_UNABLE_TO_READ:
648
cp = "Unable to import. Unable to read the import file";
650
case SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED:
651
cp = "Unable to export. Key database corrupt or deleted";
653
case SEC_ERROR_KEYGEN_FAIL:
654
cp = "Unable to generate public-private key pair";
656
case SEC_ERROR_INVALID_PASSWORD:
657
cp = "Password entered is invalid";
659
case SEC_ERROR_RETRY_OLD_PASSWORD:
660
cp = "Old password entered incorrectly";
662
case SEC_ERROR_BAD_NICKNAME:
663
cp = "Certificate nickname already in use";
665
case SEC_ERROR_NOT_FORTEZZA_ISSUER:
666
cp = "Peer FORTEZZA chain has a non-FORTEZZA Certificate";
668
case SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY:
669
cp = "A sensitive key cannot be moved to the slot where it is needed";
671
case SEC_ERROR_JS_INVALID_MODULE_NAME:
672
cp = "Invalid module name";
674
case SEC_ERROR_JS_INVALID_DLL:
675
cp = "Invalid module path/filename";
677
case SEC_ERROR_JS_ADD_MOD_FAILURE:
678
cp = "Unable to add module";
680
case SEC_ERROR_JS_DEL_MOD_FAILURE:
681
cp = "Unable to delete module";
683
case SEC_ERROR_OLD_KRL:
684
cp = "New KRL is not later than the current one";
686
case SEC_ERROR_CKL_CONFLICT:
687
cp = "New CKL has different issuer than current CKL";
689
case SEC_ERROR_CERT_NOT_IN_NAME_SPACE:
690
cp = "Certificate issuer is not permitted to issue a certificate with";
692
case SEC_ERROR_KRL_NOT_YET_VALID:
693
cp = "The key revocation list for this certificate is not yet valid";
695
case SEC_ERROR_CRL_NOT_YET_VALID:
696
cp = "The certificate revocation list for this certificate is not yet valid";
698
case SEC_ERROR_UNKNOWN_CERT:
699
cp = "The requested certificate could not be found";
701
case SEC_ERROR_UNKNOWN_SIGNER:
702
cp = "The signer's certificate could not be found";
704
case SEC_ERROR_CERT_BAD_ACCESS_LOCATION:
705
cp = "The location for the certificate status server has invalid format";
707
case SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE:
708
cp = "The OCSP response cannot be fully decoded; it is of an unknown type";
710
case SEC_ERROR_OCSP_BAD_HTTP_RESPONSE:
711
cp = "The OCSP server returned unexpected/invalid HTTP data";
713
case SEC_ERROR_OCSP_MALFORMED_REQUEST:
714
cp = "The OCSP server found the request to be corrupted or improperly formed";
716
case SEC_ERROR_OCSP_SERVER_ERROR:
717
cp = "The OCSP server experienced an internal error";
719
case SEC_ERROR_OCSP_TRY_SERVER_LATER:
720
cp = "The OCSP server suggests trying again later";
722
case SEC_ERROR_OCSP_REQUEST_NEEDS_SIG:
723
cp = "The OCSP server requires a signature on this request";
725
case SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST:
726
cp = "The OCSP server has refused this request as unauthorized";
728
case SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS:
729
cp = "The OCSP server returned an unrecognizable status";
731
case SEC_ERROR_OCSP_UNKNOWN_CERT:
732
cp = "The OCSP server has no status for the certificate";
734
case SEC_ERROR_OCSP_NOT_ENABLED:
735
cp = "You must enable OCSP before performing this operation";
737
case SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER:
738
cp = "You must set the OCSP default responder before performing this operation";
740
case SEC_ERROR_OCSP_MALFORMED_RESPONSE:
741
cp = "The response from the OCSP server was corrupted or improperly formed";
743
case SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE:
744
cp = "The signer of the OCSP response is not authorized to give status for this certificate";
746
case SEC_ERROR_OCSP_FUTURE_RESPONSE:
747
cp = "The OCSP response is not yet valid (contains a date in the future)";
749
case SEC_ERROR_OCSP_OLD_RESPONSE:
750
cp = "The OCSP response contains out-of-date information";
752
case SEC_ERROR_DIGEST_NOT_FOUND:
753
cp = "The CMS or PKCS #7 Digest was not found in signed message";
755
case SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE:
756
cp = "The CMS or PKCS #7 Message type is unsupported";
758
case SEC_ERROR_MODULE_STUCK:
759
cp = "PKCS #11 module could not be removed because it is still in use";
761
case SEC_ERROR_BAD_TEMPLATE:
762
cp = "Could not decode ASN.1 data. Specified template was invalid";
764
case SEC_ERROR_CRL_NOT_FOUND:
765
cp = "No matching CRL was found";
767
case SEC_ERROR_REUSED_ISSUER_AND_SERIAL:
768
cp = "You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert";
771
cp = "NSS could not shutdown. Objects are still in use";
773
case SEC_ERROR_EXTRA_INPUT:
774
cp = "DER-encoded message contained extra usused data";
776
case SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE:
777
cp = "Unsupported elliptic curve";
779
case SEC_ERROR_UNSUPPORTED_EC_POINT_FORM:
780
cp = "Unsupported elliptic curve point form";
782
case SEC_ERROR_UNRECOGNIZED_OID:
783
cp = "Unrecognized Object IDentifier";
785
case SEC_ERROR_OCSP_INVALID_SIGNING_CERT:
786
cp = "Invalid OCSP signing certificate in OCSP response";
789
case SEC_ERROR_REVOKED_CERTIFICATE_CRL:
790
cp = "Certificate is revoked in issuer's certificate revocation list";
792
case SEC_ERROR_REVOKED_CERTIFICATE_OCSP:
793
cp = "Issuer's OCSP responder reports certificate is revoked";
795
case SEC_ERROR_CRL_INVALID_VERSION:
796
cp = "Issuer's Certificate Revocation List has an unknown version number";
798
case SEC_ERROR_CRL_V1_CRITICAL_EXTENSION:
799
cp = "Issuer's V1 Certificate Revocation List has a critical extension";
801
case SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION:
802
cp = "Issuer's V2 Certificate Revocation List has an unknown critical extension";