2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 package org.apache.harmony.xnet.provider.jsse;
21 * This class encapsulates the functionality of Alert Protocol.
22 * Constant values are taken according to the TLS v1 specification
23 * (http://www.ietf.org/rfc/rfc2246.txt), p 7.2.
25 public class AlertProtocol {
27 // ------------------------ AlertLevel codes --------------------------
29 * Defines the severity of alert as warning
31 protected static final byte WARNING = 1;
33 * Defines the severity of alert as fatal
35 protected static final byte FATAL = 2;
37 // --------------------- AlertDescription codes -----------------------
39 * Defines the description code of the close_notify alert
41 protected static final byte CLOSE_NOTIFY = 0;
43 * Defines the description code of the unexpected_message alert
45 protected static final byte UNEXPECTED_MESSAGE = 10;
47 * Defines the description code of the bad_record_mac alert
49 protected static final byte BAD_RECORD_MAC = 20;
51 * Defines the description code of the decryption_failed alert
53 protected static final byte DECRYPTION_FAILED = 21;
55 * Defines the description code of the record_overflow alert
57 protected static final byte RECORD_OVERFLOW = 22;
59 * Defines the description code of the decompression_failure alert
61 protected static final byte DECOMPRESSION_FAILURE = 30;
63 * Defines the description code of the handshake_failure alert
65 protected static final byte HANDSHAKE_FAILURE = 40;
67 * Defines the description code of the bad_certificate alert
69 protected static final byte BAD_CERTIFICATE = 42;
71 * Defines the description code of the unsupported_certificate alert
73 protected static final byte UNSUPPORTED_CERTIFICATE = 43;
75 * Defines the description code of the certificate_revoked alert
77 protected static final byte CERTIFICATE_REVOKED = 44;
79 * Defines the description code of the certificate_expired alert
81 protected static final byte CERTIFICATE_EXPIRED = 45;
83 * Defines the description code of the certificate_unknown alert
85 protected static final byte CERTIFICATE_UNKNOWN = 46;
87 * Defines the description code of the illegal_parameter alert
89 protected static final byte ILLEGAL_PARAMETER = 47;
91 * Defines the description code of the unknown_ca alert
93 protected static final byte UNKNOWN_CA = 48;
95 * Defines the description code of the access_denied alert
97 protected static final byte ACCESS_DENIED = 49;
99 * Defines the description code of the decode_error alert
101 protected static final byte DECODE_ERROR = 50;
103 * Defines the description code of the decrypt_error alert
105 protected static final byte DECRYPT_ERROR = 51;
107 * Defines the description code of the export_restriction alert
109 protected static final byte EXPORT_RESTRICTION = 60;
111 * Defines the description code of the protocol_version alert
113 protected static final byte PROTOCOL_VERSION = 70;
115 * Defines the description code of the insufficient_security alert
117 protected static final byte INSUFFICIENT_SECURITY = 71;
119 * Defines the description code of the internal_error alert
121 protected static final byte INTERNAL_ERROR = 80;
123 * Defines the description code of the user_canceled alert
125 protected static final byte USER_CANCELED = 90;
127 * Defines the description code of the no_renegotiation alert
129 protected static final byte NO_RENEGOTIATION = 100;
130 // holds level and description codes
131 private final byte[] alert = new byte[2];
132 // record protocol to be used to wrap the alerts
133 private SSLRecordProtocol recordProtocol;
135 private Logger.Stream logger = Logger.getStream("alert");
138 * Creates the instance of AlertProtocol.
139 * Note that class is not ready to work without providing of
141 * @see #setRecordProtocol
143 protected AlertProtocol() {}
146 * Sets up the record protocol to be used by this allert protocol.
148 protected void setRecordProtocol(SSLRecordProtocol recordProtocol) {
149 this.recordProtocol = recordProtocol;
153 * Reports an alert to be sent/received by transport.
154 * This method is usually called during processing
155 * of the income TSL record: if it contains alert message from another
156 * peer, or if warning alert occured during the processing of the
157 * message and this warning should be sent to another peer.
158 * @param level: alert level code
159 * @param description: alert description code
162 protected void alert(byte level, byte description) {
163 if (logger != null) {
164 logger.println("Alert.alert: "+level+" "+description);
166 this.alert[0] = level;
167 this.alert[1] = description;
171 * Returns the description code of alert or -100 if there
174 protected byte getDescriptionCode() {
175 return (alert[0] != 0) ? alert[1] : -100;
179 * Resets the protocol to be in "no alert" state.
180 * This method shoud be called after processing of the reported alert.
182 protected void setProcessed() {
183 // free the info about alert
184 if (logger != null) {
185 logger.println("Alert.setProcessed");
191 * Checks if any alert has occured.
193 protected boolean hasAlert() {
194 return (alert[0] != 0);
198 * Checks if occured alert is fatal alert.
200 protected boolean isFatalAlert() {
201 return (alert[0] == 2);
205 * Returns the string representation of occured alert.
206 * If no alert has occured null is returned.
208 protected String getAlertDescription() {
211 return "close_notify";
212 case UNEXPECTED_MESSAGE:
213 return "unexpected_message";
215 return "bad_record_mac";
216 case DECRYPTION_FAILED:
217 return "decryption_failed";
218 case RECORD_OVERFLOW:
219 return "record_overflow";
220 case DECOMPRESSION_FAILURE:
221 return "decompression_failure";
222 case HANDSHAKE_FAILURE:
223 return "handshake_failure";
224 case BAD_CERTIFICATE:
225 return "bad_certificate";
226 case UNSUPPORTED_CERTIFICATE:
227 return "unsupported_certificate";
228 case CERTIFICATE_REVOKED:
229 return "certificate_revoked";
230 case CERTIFICATE_EXPIRED:
231 return "certificate_expired";
232 case CERTIFICATE_UNKNOWN:
233 return "certificate_unknown";
234 case ILLEGAL_PARAMETER:
235 return "illegal_parameter";
239 return "access_denied";
241 return "decode_error";
243 return "decrypt_error";
244 case EXPORT_RESTRICTION:
245 return "export_restriction";
246 case PROTOCOL_VERSION:
247 return "protocol_version";
248 case INSUFFICIENT_SECURITY:
249 return "insufficient_security";
251 return "internal_error";
253 return "user_canceled";
254 case NO_RENEGOTIATION:
255 return "no_renegotiation";
261 * Returns the record with reported alert message.
262 * The returned array of bytes is ready to be sent to another peer.
263 * Note, that this method does not automatically set the state of alert
264 * protocol in "no alert" state, so after wrapping the method setProcessed
267 protected byte[] wrap() {
268 byte[] res = recordProtocol.wrap(ContentType.ALERT, alert, 0, 2);
273 * Shutdown the protocol. It will be impossible to use the instance
274 * after the calling of this method.
276 protected void shutdown() {
279 recordProtocol = null;