--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/networksecurity/ipsec/ipsec6/include/ipsecerr.h Tue Jan 26 15:23:49 2010 +0200
@@ -0,0 +1,139 @@
+// Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+// All rights reserved.
+// This component and the accompanying materials are made available
+// under the terms of "Eclipse Public License v1.0"
+// which accompanies this distribution, and is available
+// at the URL "http://www.eclipse.org/legal/epl-v10.html".
+//
+// Initial Contributors:
+// Nokia Corporation - initial contribution.
+//
+// Contributors:
+//
+// Description:
+// ipsecerr.h - reason codes for IPSEC problems
+// Define and document the IPSEC error codes.
+//
+
+
+
+/**
+ @file ipsecerr.h
+ @publishedPartner
+ @released
+*/
+#ifndef __IPSECERR_H__
+#define __IPSECERR_H__
+
+
+enum TIpsecReasonCode
+ {
+ EIpsec_Ok,
+ EIpsec_RMBUF = -5228, //< -5228 RMBUF operation failed unexcpectedly
+ //
+ // AH and ESP
+ //
+ EIpsec_CorruptPacketIn, //< -5227 Truncated or corrupt packet or header (in)
+ EIpsec_CorruptPacketOut, //< -5226 Corrupt packet after IPSEC operations
+ EIpsec_EspInboundSA, //< -5225 The inbound SA for ESP does not exist
+ EIpsec_EspAuthentication, //< -5224 Authentication check failed in ESP
+ EIpsec_EspAuthAlg, //< -5223 Required auth algorithm for ESP not available/installed
+ EIpsec_EspEncrAlg, //< -5222 Required encrypt algorithm for ESP not available/installed
+ EIpsec_AhAuthAlg, //< -5221 Required auth algorithm for AH not available/installed
+ EIpsec_AhInboundSA, //< -5220 The inbound SA for AH does not exist
+ EIpsec_AhIcvLength, //< -5219 ICV length in packet does not match algorithm
+ EIpsec_AhAuthentication, //< -5218 Authentication check failed in AH
+ EIpsec_PacketLength, //< -5217 Invalid lenght of the packet
+ EIpsec_DataAlignment, //< -5216 Data not aligned by block size
+ EIpsec_EspPadByte, //< -5215 The ESP pad byte content is invalid (probably wrong key)
+ EIpsec_EspPadLength, //< -5214 The ESP pad length is corrupt (probably wrong key)
+ EIpsec_ReplayDuplicate, //< -5213 Duplicate packet (replay window test)
+
+ //
+ // SECPOL
+ //
+ EIpsec_OutboundNotFound, //< -5212 Outbound SA does not exist, ACQUIRE started
+ EIpsec_OutboundPending, //< -5211 Outbooud SA does not exits, ACQUIRE pending
+ EIpsec_NoSelectorMatch, //< -5210 None of the policy selectors matched
+ EIpsec_MaxTransforms, //< -5209 Incoming packet exceed configured max limit of transforms
+ EIpsec_TooFewTransforms, //< -5208 Incoming packet has less transforms than policy requires
+ EIpsec_TunnelMismatch, //< -5207 Tunnelmode does not match the policy
+ EIpsec_MismatchedSA, //< -5206 Applied SA does not match the policy
+ EIpsec_UnrequiredSA, //< -5205 Applied SA where policy has none
+ EIpsec_TooManyTransforms, //< -5204 Incoming packet had more transforms than policy requires
+ EIpsec_NoBundle, //< -5203 Incoming packet had transforms, but policy doesn't require any
+
+ //
+ // IPv6 additions
+ //
+ EIpsec_AhRMBufSplit, //< -5202 Inbound AH processing failed (Memory?)
+ EIpsec_AhPacketTooLong, //< -5201 Outbound packet would exeed 2**16-1 with AH
+ EIpsec_AhSequenceWrap, //< -5200 Outbound sequence # wrapped around for this SA
+ EIpsec_EspSequenceWrap, //< -5199 Outbound sequence # wrapped around for this SA
+ EIpsec_EspBadCipherBlockSize, //< -5198 Configuration error, cipher block size must be < 256
+
+ EIpsec_AcquireFailed, //< -5197 Acquiring SA failed (no SA available or negotiated)
+ //
+ // Detail reasons for SA not matching the SA spec in the policy
+ // (replace one EIpsec_MismatchedSA with multiple detail errors)
+ //
+ EIpsec_MismatchedDestination, //< -5196 SA destination does not match (internal error?)
+ EIpsec_MismatchedType, //< -5195 SA Type (AH/ESP) does not match
+ EIpsec_MismatchedPFS, //< -5194 PFS bit is not same
+ EIpsec_MismatchedAuthAlg, //< -5193 Auth algorithm doesn't match
+ EIpsec_MismatchedEncryptAlg, //< -5192 Encrypt algorithm doesn't match
+ EIpsec_MismatchReplayWindow, //< -5191 ReplayWindow length is shorter than required
+ EIpsec_MismatchSource, //< -5190 source address does not match
+ EIpsec_MismatchProxy, //< -5189 proxy address does not match
+ EIpsec_MismatchSourcePort, //< -5188 source port does not match
+ EIpsec_MismatchDestinationPort, //< -5187 destination port does not match
+ EIpsec_MismatchProtocol, //< -5186 protocol does not match
+ EIpsec_MismatchSourceIdentity, //< -5185 source identity does not match
+ EIpsec_MismatchDestinationIdentity,//< -5184 destination identity does not match
+ //
+ // PFKEY and SAD specific errors
+ //
+ EIpsec_BadCipherKey, //< -5183 Key in SA is too short (for the algorithm) or is weak
+ EIpsec_UnknownCipherNumber, //< -5182 Attempting to use algorithm number that is not known
+ EIpsec_UnknownDigestNumber, //< -5181 Attempting to use algorithm number that is not known
+ EIpsec_UnavailableCipher, //< -5180 No installed library implements the cipher
+ EIpsec_UnavailableDigest, //< -5179 No installed library implements the digest
+ //
+ // Policy Parsing Error codes
+ //
+ EIpsec_PolicyUnknownEncrypt, //< -5178 algorithm not defined in algorithm map
+ EIpsec_PolicyUnknownAuth, //< -5177 algorithm not defined in algorithm map
+ EIpsec_PolicyIdentityDefined, //< -5176 identify already defined
+ EIpsec_PolicyInvalidIdentity, //< -5175 invalid identity syntax
+ EIpsec_PolicyUnknownSpec, //< -5174 unknown policy specification keyword
+ EIpsec_PolicyNumberExpected, //< -5173 number value expected
+ EIpsec_PolicyCloseBraceExpected,//< -5172 closing brace expected
+ EIpsec_PolicyNoType, //< -5171 SA type (AH or ESP) omitted from specification
+ EIpsec_PolicyTooManyTypes, //< -5170 Type can be specified only once for specification
+ EIpsec_PolicyNoAuthAlgorithm, //< -5169 AH specification must include authentication algorithm
+ EIpsec_PolicyNoEncryptAlgorithm,//< -5168 ESP specification must include encryptionb algorithm
+ EIpsec_PolicySpecName, //< -5167 SA specification name missing or invalid
+ EIpsec_PolicySyntaxError, //< -5166 Generic delimiter error in specification
+ EIpsec_PolicySpecNotFound, //< -5165 SA specification is not defined before reference in selector
+ EIpsec_PolicyLeftParen, //< -5164 Left parenthesis expected
+ EIpsec_PolicyRightParen, //< -5163 Right parenthesis expected
+ EIpsec_PolicyInvalidIpAddress, //< -5162 Invalid IP address
+ EIpsec_PolicyIpAddressExpected, //< -5161 Expected IP address here
+ EIpsec_PolicyIpMaskExpected, //< -5160 Expected IP address (as mask) here
+ EIpsec_PolicyInboundOutbound, //< -5159 Only one of the 'inbound' or 'outbound' is allowed
+ EIpsec_PolicyUnknownSelector, //< -5158 unknown selector keyword
+ //
+ // Temporary place for new errors
+ //
+ EIpsec_IcmpError, //< -5157 An ICMP error report containing AH or ESP
+ EIpsec_LostSA, //< -5156 An SA has been lost between Apply and Verify, expired? (for SECPOL)
+ EIpsec_NoInnerSource, //< -5155 Cannot find inner-src for outbound packet when tunneling (for SECPOL)
+ //
+ // Special code for NAT Traversal
+ //
+ EIpsec_NotANATTPacket, //< -5154 UDP packet is NOT a NAT Taversal packet
+ //
+ EIpsec_FragmentMismatch //< -5153 IPSEC on fragment is not same as before, packet dropped
+ };
+
+#endif