--- a/pvl/login/pubtkt.py	Mon Jan 13 03:23:33 2014 +0200
+++ b/pvl/login/pubtkt.py	Mon Jan 13 17:11:09 2014 +0200
@@ -18,21 +18,49 @@
     return datetime.datetime.utcfromtimestamp(unix)
 
 class Error (Exception) :
-    pass
+    def __init__ (self, error) :
+        self.error = error
 
 class ParseError (Error) :
-    pass
+    """
+        Unable to load PubTkt from cookie.
+    """
+
+    def __unicode__ (self) :
+        return u"Invalid login token: {self.error}".format(self=self)
 
 class VerifyError (Error) :
+    """
+        Unable to verify PubTkt.
+    """
+
     def __init__ (self, pubtkt, error) :
         self.pubtkt = pubtkt
         self.error = error
 
+    def __unicode__ (self) :
+        return u"Invalid login token signature: {self.error}".format(self=self)
+
 class ExpiredError (VerifyError) :
+    """
+        Verified PubTkt, but expired.
+    """
+
     def __init__ (self, pubtkt, now) :
         self.pubtkt = pubtkt
         self.now = now
 
+    def __unicode__ (self) :
+        return u"Login token has expired"
+
+class ServerError (Error) :
+    """
+        Invalid server request.
+    """
+    
+    def __unicode__ (self) :
+        return u"Login request is not valid: {self.error}".format(self=self)
+
 class ServerKeys (object) :
     @classmethod
     def config (cls, public_key, private_key) :
@@ -90,7 +118,11 @@
         else :
             raise ParseError("Missing signature")
         
-        sig = base64.b64decode(sig)
+        try :
+            sig = base64.b64decode(sig)
+        except (ValueError, TypeError) as ex :
+            raise ParseError("Invalid signature")
+
         hash = hashlib.sha1(data).digest()
 
         try :
@@ -98,9 +130,14 @@
         except ValueError as ex :
             raise ParseError(str(ex))
         
+        if 'uid' not in attrs or 'validuntil' not in attrs :
+            raise ParseError("Missing parameters in cookie (uid, validuntil)")
+
         try :
             return cls.build(**attrs), hash, sig
-        except (TypeError, ValueError) as ex :
+        except TypeError as ex :
+            raise ParseError("Invalid or missing parameters in cookie")
+        except ValueError as ex :
             raise ParseError(str(ex))
     
     @classmethod
@@ -121,10 +158,13 @@
         )
 
     @classmethod
-    def new (cls, uid, expiry, **opts) :
+    def new (cls, uid, valid, grace=None, **opts) :
         now = cls.now()
 
-        return cls(uid, now + expiry, **opts)
+        return cls(uid, now + valid,
+            graceperiod = now + grace if grace else None,
+            **opts
+        )
 
     def __init__ (self, uid, validuntil, cip=None, tokens=(), udata=None, graceperiod=None, bauth=None) :
         self.uid = uid
@@ -195,9 +235,13 @@
         else :
             return False
 
-    def renew (self, expiry) :
+    def renew (self, valid, grace=None) :
         if not self.valid() :
             raise ExpiredError(self, "Unable to renew expired pubtkt")
 
-        self.validuntil = self.now() + expiry
+        now = self.now()
 
+        self.validuntil = now + valid
+        self.graceperiod = now + grace if grace else None
+
+