20{SEC_ERROR_IO,
"An I/O error occurred during security authorization."},
22{SEC_ERROR_LIBRARY_FAILURE,
"security library failure."},
24{SEC_ERROR_BAD_DATA,
"security library: received bad data."},
26{SEC_ERROR_OUTPUT_LEN,
"security library: output length error."},
28{SEC_ERROR_INPUT_LEN,
"security library has experienced an input length error."},
30{SEC_ERROR_INVALID_ARGS,
"security library: invalid arguments."},
32{SEC_ERROR_INVALID_ALGORITHM,
"security library: invalid algorithm."},
34{SEC_ERROR_INVALID_AVA,
"security library: invalid AVA."},
36{SEC_ERROR_INVALID_TIME,
"Improperly formatted time string."},
38{SEC_ERROR_BAD_DER,
"security library: improperly formatted DER-encoded message."},
40{SEC_ERROR_BAD_SIGNATURE,
"Peer's certificate has an invalid signature."},
42{SEC_ERROR_EXPIRED_CERTIFICATE,
"Peer's Certificate has expired."},
44{SEC_ERROR_REVOKED_CERTIFICATE,
"Peer's Certificate has been revoked."},
46{SEC_ERROR_UNKNOWN_ISSUER,
"Peer's Certificate issuer is not recognized."},
48{SEC_ERROR_BAD_KEY,
"Peer's public key is invalid."},
50{SEC_ERROR_BAD_PASSWORD,
"The security password entered is incorrect."},
52{SEC_ERROR_RETRY_PASSWORD,
"New password entered incorrectly. Please try again."},
54{SEC_ERROR_NO_NODELOCK,
"security library: no nodelock."},
56{SEC_ERROR_BAD_DATABASE,
"security library: bad database."},
58{SEC_ERROR_NO_MEMORY,
"security library: memory allocation failure."},
60{SEC_ERROR_UNTRUSTED_ISSUER,
"Peer's certificate issuer has been marked as not trusted by the user."},
62{SEC_ERROR_UNTRUSTED_CERT,
"Peer's certificate has been marked as not trusted by the user."},
64{SEC_ERROR_DUPLICATE_CERT,
"Certificate already exists in your database."},
66{SEC_ERROR_DUPLICATE_CERT_NAME,
"Downloaded certificate's name duplicates one already in your database."},
68{SEC_ERROR_ADDING_CERT,
"Error adding certificate to database."},
70{SEC_ERROR_FILING_KEY,
"Error refiling the key for this certificate."},
72{SEC_ERROR_NO_KEY,
"The private key for this certificate cannot be found in key database"},
74{SEC_ERROR_CERT_VALID,
"This certificate is valid."},
76{SEC_ERROR_CERT_NOT_VALID,
"This certificate is not valid."},
78{SEC_ERROR_CERT_NO_RESPONSE,
"Cert Library: No Response"},
80{SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE,
"The certificate issuer's certificate has expired. Check your system date and time."},
82{SEC_ERROR_CRL_EXPIRED,
"The CRL for the certificate's issuer has expired. Update it or check your system date and time."},
84{SEC_ERROR_CRL_BAD_SIGNATURE,
"The CRL for the certificate's issuer has an invalid signature."},
86{SEC_ERROR_CRL_INVALID,
"New CRL has an invalid format."},
88{SEC_ERROR_EXTENSION_VALUE_INVALID,
"Certificate extension value is invalid."},
90{SEC_ERROR_EXTENSION_NOT_FOUND,
"Certificate extension not found."},
92{SEC_ERROR_CA_CERT_INVALID,
"Issuer certificate is invalid."},
94{SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID,
"Certificate path length constraint is invalid."},
96{SEC_ERROR_CERT_USAGES_INVALID,
"Certificate usages field is invalid."},
98{SEC_INTERNAL_ONLY,
"**Internal ONLY module**"},
100{SEC_ERROR_INVALID_KEY,
"The key does not support the requested operation."},
102{SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION,
"Certificate contains unknown critical extension."},
104{SEC_ERROR_OLD_CRL,
"New CRL is not later than the current one."},
106{SEC_ERROR_NO_EMAIL_CERT,
"Not encrypted or signed: you do not yet have an email certificate."},
108{SEC_ERROR_NO_RECIPIENT_CERTS_QUERY,
"Not encrypted: you do not have certificates for each of the recipients."},
110{SEC_ERROR_NOT_A_RECIPIENT,
"Cannot decrypt: you are not a recipient, or matching certificate and \
111private key not found."},
113{SEC_ERROR_PKCS7_KEYALG_MISMATCH,
"Cannot decrypt: key encryption algorithm does not match your certificate."},
115{SEC_ERROR_PKCS7_BAD_SIGNATURE,
"Signature verification failed: no signer found, too many signers found, \
116or improper or corrupted data."},
118{SEC_ERROR_UNSUPPORTED_KEYALG,
"Unsupported or unknown key algorithm."},
120{SEC_ERROR_DECRYPTION_DISALLOWED,
"Cannot decrypt: encrypted using a disallowed algorithm or key size."},
124{XP_SEC_FORTEZZA_BAD_CARD,
"Fortezza card has not been properly initialized. \
125Please remove it and return it to your issuer."},
127{XP_SEC_FORTEZZA_NO_CARD,
"No Fortezza cards Found"},
129{XP_SEC_FORTEZZA_NONE_SELECTED,
"No Fortezza card selected"},
131{XP_SEC_FORTEZZA_MORE_INFO,
"Please select a personality to get more info on"},
133{XP_SEC_FORTEZZA_PERSON_NOT_FOUND,
"Personality not found"},
135{XP_SEC_FORTEZZA_NO_MORE_INFO,
"No more information on that Personality"},
137{XP_SEC_FORTEZZA_BAD_PIN,
"Invalid Pin"},
139{XP_SEC_FORTEZZA_PERSON_ERROR,
"Couldn't initialize Fortezza personalities."},
142{SEC_ERROR_NO_KRL,
"No KRL for this site's certificate has been found."},
144{SEC_ERROR_KRL_EXPIRED,
"The KRL for this site's certificate has expired."},
146{SEC_ERROR_KRL_BAD_SIGNATURE,
"The KRL for this site's certificate has an invalid signature."},
148{SEC_ERROR_REVOKED_KEY,
"The key for this site's certificate has been revoked."},
150{SEC_ERROR_KRL_INVALID,
"New KRL has an invalid format."},
152{SEC_ERROR_NEED_RANDOM,
"security library: need random data."},
154{SEC_ERROR_NO_MODULE,
"security library: no security module can perform the requested operation."},
156{SEC_ERROR_NO_TOKEN,
"The security card or token does not exist, needs to be initialized, or has been removed."},
158{SEC_ERROR_READ_ONLY,
"security library: read-only database."},
160{SEC_ERROR_NO_SLOT_SELECTED,
"No slot or token was selected."},
162{SEC_ERROR_CERT_NICKNAME_COLLISION,
"A certificate with the same nickname already exists."},
164{SEC_ERROR_KEY_NICKNAME_COLLISION,
"A key with the same nickname already exists."},
166{SEC_ERROR_SAFE_NOT_CREATED,
"error while creating safe object"},
168{SEC_ERROR_BAGGAGE_NOT_CREATED,
"error while creating baggage object"},
170{XP_JAVA_REMOVE_PRINCIPAL_ERROR,
"Couldn't remove the principal"},
172{XP_JAVA_DELETE_PRIVILEGE_ERROR,
"Couldn't delete the privilege"},
174{XP_JAVA_CERT_NOT_EXISTS_ERROR,
"This principal doesn't have a certificate"},
176{SEC_ERROR_BAD_EXPORT_ALGORITHM,
"Required algorithm is not allowed."},
178{SEC_ERROR_EXPORTING_CERTIFICATES,
"Error attempting to export certificates."},
180{SEC_ERROR_IMPORTING_CERTIFICATES,
"Error attempting to import certificates."},
182{SEC_ERROR_PKCS12_DECODING_PFX,
"Unable to import. Decoding error. File not valid."},
184{SEC_ERROR_PKCS12_INVALID_MAC,
"Unable to import. Invalid MAC. Incorrect password or corrupt file."},
186{SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM,
"Unable to import. MAC algorithm not supported."},
188{SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,
"Unable to import. Only password integrity and privacy modes supported."},
190{SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE,
"Unable to import. File structure is corrupt."},
192{SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM,
"Unable to import. Encryption algorithm not supported."},
194{SEC_ERROR_PKCS12_UNSUPPORTED_VERSION,
"Unable to import. File version not supported."},
196{SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,
"Unable to import. Incorrect privacy password."},
198{SEC_ERROR_PKCS12_CERT_COLLISION,
"Unable to import. Same nickname already exists in database."},
200{SEC_ERROR_USER_CANCELLED,
"The user pressed cancel."},
202{SEC_ERROR_PKCS12_DUPLICATE_DATA,
"Not imported, already in database."},
204{SEC_ERROR_MESSAGE_SEND_ABORTED,
"Message not sent."},
206{SEC_ERROR_INADEQUATE_KEY_USAGE,
"Certificate key usage inadequate for attempted operation."},
208{SEC_ERROR_INADEQUATE_CERT_TYPE,
"Certificate type not approved for application."},
210{SEC_ERROR_CERT_ADDR_MISMATCH,
"Address in signing certificate does not match address in message headers."},
212{SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY,
"Unable to import. Error attempting to import private key."},
214{SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN,
"Unable to import. Error attempting to import certificate chain."},
216{SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME,
"Unable to export. Unable to locate certificate or key by nickname."},
218{SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY,
"Unable to export. Private Key could not be located and exported."},
220{SEC_ERROR_PKCS12_UNABLE_TO_WRITE,
"Unable to export. Unable to write the export file."},
222{SEC_ERROR_PKCS12_UNABLE_TO_READ,
"Unable to import. Unable to read the import file."},
224{SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED,
"Unable to export. Key database corrupt or deleted."},
226{SEC_ERROR_KEYGEN_FAIL,
"Unable to generate public/private key pair."},
228{SEC_ERROR_INVALID_PASSWORD,
"Password entered is invalid. Please pick a different one."},
230{SEC_ERROR_RETRY_OLD_PASSWORD,
"Old password entered incorrectly. Please try again."},
232{SEC_ERROR_BAD_NICKNAME,
"Certificate nickname already in use."},
234{SEC_ERROR_NOT_FORTEZZA_ISSUER,
"Peer FORTEZZA chain has a non-FORTEZZA Certificate."},
236{SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY,
"A sensitive key cannot be moved to the slot where it is needed."},
238{SEC_ERROR_JS_INVALID_MODULE_NAME,
"Invalid module name."},
240{SEC_ERROR_JS_INVALID_DLL,
"Invalid module path/filename"},
242{SEC_ERROR_JS_ADD_MOD_FAILURE,
"Unable to add module"},
244{SEC_ERROR_JS_DEL_MOD_FAILURE,
"Unable to delete module"},
246{SEC_ERROR_OLD_KRL,
"New KRL is not later than the current one."},
248{SEC_ERROR_CKL_CONFLICT,
"New CKL has different issuer than current CKL. Delete current CKL."},
250{SEC_ERROR_CERT_NOT_IN_NAME_SPACE,
"The Certifying Authority for this certificate is not permitted to issue a \
251certificate with this name."},
253{SEC_ERROR_KRL_NOT_YET_VALID,
"The key revocation list for this certificate is not yet valid."},
255{SEC_ERROR_CRL_NOT_YET_VALID,
"The certificate revocation list for this certificate is not yet valid."},
257{SEC_ERROR_UNKNOWN_CERT,
"The requested certificate could not be found."},
259{SEC_ERROR_UNKNOWN_SIGNER,
"The signer's certificate could not be found."},
261{SEC_ERROR_CERT_BAD_ACCESS_LOCATION,
"The location for the certificate status server has invalid format."},
263{SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE,
"The OCSP response cannot be fully decoded; it is of an unknown type."},
265{SEC_ERROR_OCSP_BAD_HTTP_RESPONSE,
"The OCSP server returned unexpected/invalid HTTP data."},
267{SEC_ERROR_OCSP_MALFORMED_REQUEST,
"The OCSP server found the request to be corrupted or improperly formed."},
269{SEC_ERROR_OCSP_SERVER_ERROR,
"The OCSP server experienced an internal error."},
271{SEC_ERROR_OCSP_TRY_SERVER_LATER,
"The OCSP server suggests trying again later."},
273{SEC_ERROR_OCSP_REQUEST_NEEDS_SIG,
"The OCSP server requires a signature on this request."},
275{SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST,
"The OCSP server has refused this request as unauthorized."},
277{SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS,
"The OCSP server returned an unrecognizable status."},
279{SEC_ERROR_OCSP_UNKNOWN_CERT,
"The OCSP server has no status for the certificate."},
281{SEC_ERROR_OCSP_NOT_ENABLED,
"You must enable OCSP before performing this operation."},
283{SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER,
"You must set the OCSP default responder before performing this operation."},
285{SEC_ERROR_OCSP_MALFORMED_RESPONSE,
"The response from the OCSP server was corrupted or improperly formed."},
287{SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE,
"The signer of the OCSP response is not authorized to give status for \
290{SEC_ERROR_OCSP_FUTURE_RESPONSE,
"The OCSP response is not yet valid (contains a date in the future},."},
292{SEC_ERROR_OCSP_OLD_RESPONSE,
"The OCSP response contains out-of-date information."},
294{SEC_ERROR_DIGEST_NOT_FOUND,
"The CMS or PKCS #7 Digest was not found in signed message."},
296{SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE,
"The CMS or PKCS #7 Message type is unsupported."},
298{SEC_ERROR_MODULE_STUCK,
"PKCS #11 module could not be removed because it is still in use."},
300{SEC_ERROR_BAD_TEMPLATE,
"Could not decode ASN.1 data. Specified template was invalid."},
302{SEC_ERROR_CRL_NOT_FOUND,
"No matching CRL was found."},
304{SEC_ERROR_REUSED_ISSUER_AND_SERIAL,
"You are attempting to import a cert with the same issuer/serial as \
305an existing cert, but that is not the same cert."},
307{SEC_ERROR_BUSY,
"NSS could not shutdown. Objects are still in use."},
309{SEC_ERROR_EXTRA_INPUT,
"DER-encoded message contained extra unused data."},
311{SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE,
"Unsupported elliptic curve."},
313{SEC_ERROR_UNSUPPORTED_EC_POINT_FORM,
"Unsupported elliptic curve point form."},
315{SEC_ERROR_UNRECOGNIZED_OID,
"Unrecognized Object Identifier."},
317{SEC_ERROR_OCSP_INVALID_SIGNING_CERT,
"Invalid OCSP signing certificate in OCSP response."},
319{SEC_ERROR_REVOKED_CERTIFICATE_CRL,
"Certificate is revoked in issuer's certificate revocation list."},
321{SEC_ERROR_REVOKED_CERTIFICATE_OCSP,
"Issuer's OCSP responder reports certificate is revoked."},
323{SEC_ERROR_CRL_INVALID_VERSION,
"Issuer's Certificate Revocation List has an unknown version number."},
325{SEC_ERROR_CRL_V1_CRITICAL_EXTENSION,
"Issuer's V1 Certificate Revocation List has a critical extension."},
327{SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION,
"Issuer's V2 Certificate Revocation List has an unknown critical extension."},
329{SEC_ERROR_UNKNOWN_OBJECT_TYPE,
"Unknown object type specified."},
331{SEC_ERROR_INCOMPATIBLE_PKCS11,
"PKCS #11 driver violates the spec in an incompatible way."},
333{SEC_ERROR_NO_EVENT,
"No new slot event is available at this time."},
335{SEC_ERROR_CRL_ALREADY_EXISTS,
"CRL already exists."},
337{SEC_ERROR_NOT_INITIALIZED,
"NSS is not initialized."},
339{SEC_ERROR_TOKEN_NOT_LOGGED_IN,
"The operation failed because the PKCS#11 token is not logged in."},
341{SEC_ERROR_OCSP_RESPONDER_CERT_INVALID,
"Configured OCSP responder's certificate is invalid."},
343{SEC_ERROR_OCSP_BAD_SIGNATURE,
"OCSP response has an invalid signature."},
345{SEC_ERROR_OUT_OF_SEARCH_LIMITS,
"Cert validation search is out of search limits"},
347{SEC_ERROR_INVALID_POLICY_MAPPING,
"Policy mapping contains anypolicy"},
349{SEC_ERROR_POLICY_VALIDATION_FAILED,
"Cert chain fails policy validation"},
351{SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE,
"Unknown location type in cert AIA extension"},
353{SEC_ERROR_BAD_HTTP_RESPONSE,
"Server returned bad HTTP response"},
355{SEC_ERROR_BAD_LDAP_RESPONSE,
"Server returned bad LDAP response"},
357{SEC_ERROR_FAILED_TO_ENCODE_DATA,
"Failed to encode data with ASN1 encoder"},
359{SEC_ERROR_BAD_INFO_ACCESS_LOCATION,
"Bad information access location in cert extension"},
361{SEC_ERROR_LIBPKIX_INTERNAL,
"Libpkix internal error occurred during cert validation."},
363#if ( NSS_VMAJOR > 3 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR > 12 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH > 2 )
368{SEC_ERROR_PKCS11_GENERAL_ERROR,
"A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred."},
370{SEC_ERROR_PKCS11_FUNCTION_FAILED,
"A PKCS #11 module returned CKR_FUNCTION_FAILED, indicating that the requested function could not be performed. Trying the same operation again might succeed."},
372{SEC_ERROR_PKCS11_DEVICE_ERROR,
"A PKCS #11 module returned CKR_DEVICE_ERROR, indicating that a problem has occurred with the token or slot."},
376#if ( NSS_VMAJOR > 3 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR > 12 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH > 3 )
379{SEC_ERROR_BAD_INFO_ACCESS_METHOD,
"Unknown information access method in certificate extension."},
381{SEC_ERROR_CRL_IMPORT_FAILED,
"Error attempting to import a CRL."},