15. Error Handling
This section defines standard error codes and error-handling requirements for the PALISADE protocol.
15.1 Error Message Format
When an error response is transmitted, it uses the following structure:
ErrorResponse =
error_code (2 bytes)
details_len (2 bytes)
details (details_len bytes)Where:
error_codeis a 16-bit unsigned integer identifying the error condition.detailsis an OPTIONAL human-readable description.- All multi-byte fields are encoded in big-endian byte order.
The details field is intended for diagnostics only and MUST NOT contain sensitive information.
15.2 Error Code Ranges
Error codes are divided into the following ranges:
| Range | Category |
|---|---|
0x0000 | No error |
0x0100–0x01FF | Handshake errors |
0x0200–0x02FF | Session errors |
0x0300–0x03FF | Data plane errors |
0x0400–0x04FF | Resumption errors |
0x0500–0x05FF | Migration errors |
0x0600–0x06FF | Control frame errors |
0xFF00–0xFFFF | Generic errors |
15.3 Defined Error Codes
15.3.1 Handshake Errors (0x0100–0x01FF)
| Code | Name | Description | Fatal |
|---|---|---|---|
0x0100 | ErrorInvalidVersion | Unsupported protocol version | Yes |
0x0101 | ErrorUnsupportedKEM | No mutually supported KEM | Yes |
0x0102 | ErrorUnsupportedSignature | No mutually supported signature | Yes |
0x0103 | ErrorUnsupportedAEAD | No mutually supported AEAD | Yes |
0x0104 | ErrorInvalidClientHello | Malformed ClientHello | Yes |
0x0105 | ErrorInvalidServerHello | Malformed ServerHello | Yes |
0x0106 | ErrorSignatureVerifyFailed | Signature verification failed | Yes |
0x0107 | ErrorCertificateInvalid | Invalid or unacceptable certificate | Yes |
0x0108 | ErrorKEMDecapFailed | KEM decapsulation failed | Yes |
15.3.2 Session Errors (0x0200–0x02FF)
| Code | Name | Description | Fatal |
|---|---|---|---|
0x0200 | ErrorSessionNotFound | Session not found | No |
0x0201 | ErrorSessionExpired | Session expired | Yes |
0x0202 | ErrorSessionLimitExceeded | Session limit exceeded | No |
15.3.3 Data Plane Errors (0x0300–0x03FF)
| Code | Name | Description | Fatal |
|---|---|---|---|
0x0300 | ErrorAEADDecryptFailed | AEAD authentication failed | No |
0x0301 | ErrorInvalidEpoch | Packet epoch invalid | No |
0x0302 | ErrorSequenceExhausted | Sequence space exhausted | Yes |
0x0303 | ErrorReplayDetected | Replayed packet detected | No |
0x0304 | ErrorTimestampInvalid | Timestamp invalid | No |
0x0305 | ErrorPacketTooLarge | Packet exceeds size limits | No |
15.3.4 Resumption Errors (0x0400–0x04FF)
| Code | Name | Description | Fatal |
|---|---|---|---|
0x0400 | ErrorTicketInvalid | Ticket invalid | Yes |
0x0401 | ErrorTicketExpired | Ticket expired | Yes |
0x0402 | ErrorTicketAlreadyUsed | Ticket replay detected | Yes |
0x0403 | ErrorEarlyDataRejected | Early data rejected | No |
15.3.5 Migration Errors (0x0500–0x05FF)
| Code | Name | Description | Fatal |
|---|---|---|---|
0x0500 | ErrorMigrationFailed | Migration failed | No |
0x0501 | ErrorMigrationEpochMismatch | Epoch mismatch | No |
0x0502 | ErrorMigrationStaleTimestamp | Timestamp too old | No |
0x0503 | ErrorInvalidMigrationReason | Invalid reason code | No |
0x0504 | ErrorMigrationNonceReused | Migration replay detected | No |
0x0505 | ErrorMigrationRateLimitExceeded | Migration rate limit exceeded | No |
0x0506 | ErrorMigrationInProgress | Migration already in progress | No |
15.3.6 Control Frame Errors (0x0600–0x06FF)
| Code | Name | Description | Fatal |
|---|---|---|---|
0x0600 | ErrorInvalidControlFrame | Malformed control frame | No |
0x0601 | ErrorUnknownControlType | Unknown control type | No |
15.3.7 Generic Errors (0xFF00–0xFFFF)
| Code | Name | Description | Fatal |
|---|---|---|---|
0xFF00 | ErrorInternalError | Internal error | Yes |
0xFF01 | ErrorResourceExhausted | Resource exhaustion | No |
15.4 Fatal vs. Non-Fatal Errors
Errors are classified as fatal or non-fatal.
Fatal Errors
When a fatal error occurs, the endpoint MUST:
- Abort the current session or handshake.
- Securely erase all derived secrets.
- Cease further packet processing.
- Require a new handshake to resume communication.
An error response MAY be sent if doing so does not introduce additional risk.
Non-Fatal Errors
When a non-fatal error occurs, the endpoint:
- MAY continue processing subsequent packets.
- MUST NOT alter cryptographic session state unless explicitly required.
15.5 Error Transmission Rules
Error responses:
- MUST be encrypted if session keys are established.
- MAY be sent in cleartext only during the handshake, before keys are available.
- MUST NOT be retransmitted automatically.
- Endpoints MUST be robust to missing or dropped error responses.
15.6 Error Disclosure Policy
Error responses MUST NOT:
- Reveal cryptographic secrets.
- Reveal internal state, counters, or memory addresses.
- Enable oracle attacks through distinguishable behavior.
Implementations SHOULD minimize externally visible differences between error conditions.
15.7 Security Properties
The error framework ensures:
- Fail-closed behavior on cryptographic errors
- Resistance to oracle attacks
- Bounded information disclosure
- Clear separation between protocol and implementation policy
PALISADE Protocol Specification Draft 00
INFORMATIONAL