p11_error.cpp

Go to the documentation of this file.

/*
* PKCS #11 Error Information
* (C) 2025 Jack Lloyd
* (C) 2025 Fabian Albert - Rohde & Schwarz Cybersecurity GmbH
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
 
#include <botan/p11.h>
#include <botan/internal/fmt.h>
 
namespace Botan::PKCS11 {
 
namespace {
std::string to_string(ReturnValue return_val) {
   switch(return_val) {
      case ReturnValue::OK:
         return "function executed successfully";
      case ReturnValue::Cancel:
         return "function aborted by application";
      case ReturnValue::HostMemory:
         return "insufficient memory to perform function";
      case ReturnValue::SlotIdInvalid:
         return "invalid slot id";
      case ReturnValue::GeneralError:
         return "unrecoverable error occurred";
      case ReturnValue::FunctionFailed:
         return "function failed without detailed information";
      case ReturnValue::ArgumentsBad:
         return "invalid arguments supplied";
      case ReturnValue::NoEvent:
         return "no new slot events";
      case ReturnValue::NeedToCreateThreads:
         return "library needs to create threads";
      case ReturnValue::CantLock:
         return "requested locking not available";
      case ReturnValue::AttributeReadOnly:
         return "attribute cannot be modified";
      case ReturnValue::AttributeSensitive:
         return "attribute is sensitive and cannot be revealed";
      case ReturnValue::AttributeTypeInvalid:
         return "invalid attribute type";
      case ReturnValue::AttributeValueInvalid:
         return "invalid attribute value";
      case ReturnValue::ActionProhibited:
         return "action not allowed by policy";
      case ReturnValue::DataInvalid:
         return "invalid plaintext input data";
      case ReturnValue::DataLenRange:
         return "plaintext data length out of range";
      case ReturnValue::DeviceError:
         return "problem with token or slot";
      case ReturnValue::DeviceMemory:
         return "insufficient token memory";
      case ReturnValue::DeviceRemoved:
         return "token removed during function execution";
      case ReturnValue::EncryptedDataInvalid:
         return "invalid ciphertext input";
      case ReturnValue::EncryptedDataLenRange:
         return "ciphertext length out of range";
      case ReturnValue::AeadDecryptFailed:
         return "AEAD decrypt failed";
      case ReturnValue::FunctionCanceled:
         return "function canceled mid-execution";
      case ReturnValue::FunctionNotParallel:
         return "no function executing in parallel";
      case ReturnValue::FunctionNotSupported:
         return "function not supported";
      case ReturnValue::KeyHandleInvalid:
         return "invalid key handle";
      case ReturnValue::KeySizeRange:
         return "key size out of range";
      case ReturnValue::KeyTypeInconsistent:
         return "key type inconsistent with mechanism";
      case ReturnValue::KeyNotNeeded:
         return "extraneous key supplied";
      case ReturnValue::KeyChanged:
         return "key changed";
      case ReturnValue::KeyNeeded:
         return "key needed to restore session state";
      case ReturnValue::KeyIndigestible:
         return "key cannot be digested";
      case ReturnValue::KeyFunctionNotPermitted:
         return "key use not permitted";
      case ReturnValue::KeyNotWrappable:
         return "key cannot be wrapped";
      case ReturnValue::KeyUnextractable:
         return "key cannot be extracted";
      case ReturnValue::MechanismInvalid:
         return "invalid mechanism specified";
      case ReturnValue::MechanismParamInvalid:
         return "invalid mechanism parameters";
      case ReturnValue::ObjectHandleInvalid:
         return "invalid object handle";
      case ReturnValue::OperationActive:
         return "conflicting active operation";
      case ReturnValue::OperationNotInitialized:
         return "operation not initialized";
      case ReturnValue::PinIncorrect:
         return "incorrect PIN";
      case ReturnValue::PinInvalid:
         return "invalid PIN characters";
      case ReturnValue::PinLenRange:
         return "PIN length out of range";
      case ReturnValue::PinExpired:
         return "PIN expired";
      case ReturnValue::PinLocked:
         return "PIN locked due to failed attempts";
      case ReturnValue::SessionClosed:
         return "session closed during function execution";
      case ReturnValue::SessionCount:
         return "too many sessions open";
      case ReturnValue::SessionHandleInvalid:
         return "invalid session handle";
      case ReturnValue::SessionParallelNotSupported:
         return "parallel sessions not supported";
      case ReturnValue::SessionReadOnly:
         return "read-only session";
      case ReturnValue::SessionExists:
         return "session already open";
      case ReturnValue::SessionReadOnlyExists:
         return "read-only session already exists";
      case ReturnValue::SessionReadWriteSoExists:
         return "read/write SO session exists";
      case ReturnValue::SignatureInvalid:
         return "invalid signature";
      case ReturnValue::SignatureLenRange:
         return "invalid signature length";
      case ReturnValue::TemplateIncomplete:
         return "incomplete template";
      case ReturnValue::TemplateInconsistent:
         return "conflicting template attributes";
      case ReturnValue::TokenNotPresent:
         return "token not present in slot";
      case ReturnValue::TokenNotRecognized:
         return "token not recognized";
      case ReturnValue::TokenWriteProtected:
         return "token is write-protected";
      case ReturnValue::UnwrappingKeyHandleInvalid:
         return "invalid unwrapping key handle";
      case ReturnValue::UnwrappingKeySizeRange:
         return "unwrapping key size out of range";
      case ReturnValue::UnwrappingKeyTypeInconsistent:
         return "unwrapping key type inconsistent";
      case ReturnValue::UserAlreadyLoggedIn:
         return "user already logged in";
      case ReturnValue::UserNotLoggedIn:
         return "user not logged in";
      case ReturnValue::UserPinNotInitialized:
         return "user PIN not initialized";
      case ReturnValue::UserTypeInvalid:
         return "invalid user type";
      case ReturnValue::UserAnotherAlreadyLoggedIn:
         return "another user already logged in";
      case ReturnValue::UserTooManyTypes:
         return "too many distinct users logged in";
      case ReturnValue::WrappedKeyInvalid:
         return "invalid wrapped key";
      case ReturnValue::WrappedKeyLenRange:
         return "wrapped key length out of range";
      case ReturnValue::WrappingKeyHandleInvalid:
         return "invalid wrapping key handle";
      case ReturnValue::WrappingKeySizeRange:
         return "wrapping key size out of range";
      case ReturnValue::WrappingKeyTypeInconsistent:
         return "wrapping key type inconsistent";
      case ReturnValue::RandomSeedNotSupported:
         return "RNG does not accept seeding";
      case ReturnValue::RandomNoRng:
         return "no random number generator";
      case ReturnValue::DomainParamsInvalid:
         return "invalid domain parameters";
      case ReturnValue::CurveNotSupported:
         return "curve not supported by token";
      case ReturnValue::BufferTooSmall:
         return "output buffer too small";
      case ReturnValue::SavedStateInvalid:
         return "invalid saved state";
      case ReturnValue::InformationSensitive:
         return "information is sensitive";
      case ReturnValue::StateUnsaveable:
         return "state cannot be saved";
      case ReturnValue::CryptokiNotInitialized:
         return "library not initialized";
      case ReturnValue::CryptokiAlreadyInitialized:
         return "library already initialized";
      case ReturnValue::MutexBad:
         return "bad mutex object";
      case ReturnValue::MutexNotLocked:
         return "mutex not locked";
      case ReturnValue::NewPinMode:
         return "new PIN mode";
      case ReturnValue::NextOtp:
         return "next OTP";
      case ReturnValue::ExceededMaxIterations:
         return "exceeded max iterations";
      case ReturnValue::FipsSelfTestFailed:
         return "FIPS self-test failed";
      case ReturnValue::LibraryLoadFailed:
         return "failed to load dependent library";
      case ReturnValue::PinTooWeak:
         return "PIN too weak";
      case ReturnValue::PublicKeyInvalid:
         return "invalid public key";
      case ReturnValue::FunctionRejected:
         return "signature request rejected by user";
      case ReturnValue::TokenResourceExceeded:
         return "token resource exceeded";
      case ReturnValue::OperationCancelFailed:
         return "operation cancel failed";
      case ReturnValue::KeyExhausted:
         return "key exhausted";
      case ReturnValue::Pending:
         return "operation running asynchronously";
      case ReturnValue::SessionAsyncNotSupported:
         return "async operations not supported";
      case ReturnValue::SeedRandomRequired:
         return "RNG needs seeding";
      case ReturnValue::OperationNotValidated:
         return "operation violates token validation policies";
      case ReturnValue::TokenNotInitialized:
         return "token needs initialization";
      case ReturnValue::ParameterSetNotSupported:
         return "parameter set not supported";
      case ReturnValue::VendorDefined:
         return "vendor defined error";
   }
   return "unknown error";
}
}  // namespace
 
PKCS11_ReturnError::PKCS11_ReturnError(ReturnValue return_val) :
      PKCS11_Error(Botan::fmt("{} ({})", static_cast<uint32_t>(return_val), to_string(return_val))),
      m_return_val(return_val) {}
 
}  // namespace Botan::PKCS11