tor_keymgr/
err.rs

Help
1//! An error type for the `tor-keymgr` crate.
2
3use tor_basic_utils::PathExt;
4use tor_error::HasKind;
5
6use dyn_clone::DynClone;
7use tor_persist::slug::BadSlug;
8
9use std::error::Error as StdError;
10use std::fmt;
11use std::path::PathBuf;
12use std::sync::Arc;
13
14use crate::KeyPathError;
15
16/// An Error type for this crate.
17#[derive(thiserror::Error, Debug, Clone)]
18#[non_exhaustive]
19pub enum Error {
20    /// Detected keustore corruption.
21    #[error("{0}")]
22    Corruption(#[from] KeystoreCorruptionError),
23
24    /// An opaque error returned by a [`Keystore`](crate::Keystore).
25    #[error("{0}")]
26    Keystore(#[from] Arc<dyn KeystoreError>),
27
28    /// An error returned when the [`KeyMgr`](crate::KeyMgr) is asked to generate a key that already exists.
29    ///
30    /// Note that because there is no locking of the keystore,
31    /// this situation is not reliably detected
32    /// in the presence of concurrent tasks trying to generate the same key.
33    ///
34    /// So this error is provided to help the human user,
35    /// but mustn't be relied on for correctness.
36    #[error("Key already exists")]
37    KeyAlreadyExists,
38
39    /// Error coming from the tor-key-forgecrate
40    #[error("{0}")]
41    KeyForge(#[from] tor_key_forge::Error),
42
43    /// An error caused by an invalid certificate.
44    #[error("{0}")]
45    InvalidCert(#[from] tor_key_forge::InvalidCertError),
46
47    /// An internal error.
48    #[error("Internal error")]
49    Bug(#[from] tor_error::Bug),
50}
51
52/// An error returned by a [`Keystore`](crate::Keystore).
53pub trait KeystoreError:
54    HasKind + StdError + DynClone + fmt::Debug + fmt::Display + Send + Sync + 'static
55{
56}
57
58impl HasKind for Error {
59    fn kind(&self) -> tor_error::ErrorKind {
60        use tor_error::ErrorKind as EK;
61        use Error as E;
62
63        match self {
64            E::Keystore(e) => e.kind(),
65            E::Corruption(_) => EK::KeystoreCorrupted,
66            E::KeyAlreadyExists => EK::BadApiUsage, // TODO: not strictly right
67            E::KeyForge(_) => EK::BadApiUsage,
68            E::InvalidCert(_) => EK::BadApiUsage, // TODO: not strictly right
69            E::Bug(e) => e.kind(),
70        }
71    }
72}
73
74/// An error caused by a syntactically invalid [`ArtiPath`](crate::ArtiPath).
75///
76/// The `ArtiPath` is not in the legal syntax: it contains bad characters,
77/// or a syntactically invalid components.
78///
79/// (Does not include any errors arising from paths which are invalid
80/// *for the particular key*.)
81#[derive(thiserror::Error, Debug, Clone)]
82#[error("Invalid ArtiPath")]
83#[non_exhaustive]
84pub enum ArtiPathSyntaxError {
85    /// One of the path slugs was invalid.
86    #[error("{0}")]
87    Slug(#[from] BadSlug),
88
89    /// An internal error.
90    #[error("Internal error")]
91    Bug(#[from] tor_error::Bug),
92}
93
94/// An error caused by keystore corruption.
95#[derive(thiserror::Error, Debug, Clone)]
96#[error("Keystore corruption")]
97#[non_exhaustive]
98pub enum KeystoreCorruptionError {
99    /// A keystore contains a key that has an invalid [`KeyPath`](crate::KeyPath).
100    #[error("{0}")]
101    KeyPath(#[from] KeyPathError),
102
103    /// Missing certificate for key.
104    #[error("Missing certificate for key")]
105    MissingCertificate,
106
107    /// Missing the subject key of a certificate we own.
108    #[error("Subject key of certificate not found")]
109    MissingSubjectKey,
110
111    /// Missing signing key for certificate.
112    #[error("Missing signing key for certificate")]
113    MissingSigningKey,
114}
115
116/// An error that happens when we encounter an unknown key type.
117#[derive(thiserror::Error, PartialEq, Eq, Debug, Clone)]
118#[error("unknown key type: arti_extension={arti_extension}")]
119pub struct UnknownKeyTypeError {
120    /// The extension used for keys of this type in an Arti keystore.
121    pub(crate) arti_extension: String,
122}
123
124/// An unrecognized keystore entry.
125#[derive(Clone, Debug, amplify::Getters, thiserror::Error)]
126#[error("Unrecognized keystore entry {}", entry)]
127pub struct UnrecognizedEntryError {
128    /// An identifier of the entry that caused the error.
129    entry: UnrecognizedEntryId,
130    /// The underlying error that occurred.
131    // TODO: This should be an `Error` specific for the situation.
132    //
133    // [`KeystoreError`] is a provvisory solution that presents
134    // some issues, for example:
135    //
136    // * not all variants of `KeystoreError` are relevant
137    // * redundancy with some other Error types like
138    // [`MalformedServiceKeyError::NotAKey`](crate::keystore::ctor::err::MalformedServiceKeyError)
139    // * [`Keystore::list`](crate::Keystore) returns
140    // `StdResult<Vec<StdResult<(KeyPath, KeystoreItemType), UnrecognizedEntryError>>, KeystoreError>`,
141    // `KeystoreError` presents itself twice at 2 different levels, there is abiguity
142    #[source]
143    error: Arc<dyn KeystoreError>,
144}
145
146impl UnrecognizedEntryError {
147    /// Create a new instance of `KeystoreListError` given an `UnrecognizedEntryId`
148    /// and an `Arc<dyn KeystoreError>`.
149    pub fn new(entry: UnrecognizedEntryId, error: Arc<dyn KeystoreError>) -> Self {
150        Self { entry, error }
151    }
152}
153
154/// The identifier of an unrecognized key inside a [`Keystore`](crate::Keystore).
155///
156/// The exact type of the identifier depends on the backing storage of the keystore
157/// (for example, an on-disk keystore will identify its entries by [`Path`](UnrecognizedEntryId::Path)).
158#[non_exhaustive]
159#[derive(Debug, Clone, PartialEq, derive_more::Display)]
160pub enum UnrecognizedEntryId {
161    /// An entry identified by path inside an on-disk keystore.
162    // NOTE: this will only be used by on-disk keystores like
163    // [`ArtiNativeKeystore`](crate::ArtiNativeKeystore)
164    #[display("{}", _0.display_lossy())]
165    Path(PathBuf),
166    // TODO: when/if we add support for non on-disk keystores,
167    // new variants will be added
168}
169
170#[cfg(test)]
171mod tests {
172    // @@ begin test lint list maintained by maint/add_warning @@
173    #![allow(clippy::bool_assert_comparison)]
174    #![allow(clippy::clone_on_copy)]
175    #![allow(clippy::dbg_macro)]
176    #![allow(clippy::mixed_attributes_style)]
177    #![allow(clippy::print_stderr)]
178    #![allow(clippy::print_stdout)]
179    #![allow(clippy::single_char_pattern)]
180    #![allow(clippy::unwrap_used)]
181    #![allow(clippy::unchecked_duration_subtraction)]
182    #![allow(clippy::useless_vec)]
183    #![allow(clippy::needless_pass_by_value)]
184    //! <!-- @@ end test lint list maintained by maint/add_warning @@ -->
185    use super::*;
186    use tor_error::ErrorKind;
187
188    #[derive(Debug, Copy, Clone, PartialEq, thiserror::Error)]
189    #[error("The source of a test error")]
190    struct TestErrorSource;
191
192    #[derive(Debug, Clone, thiserror::Error)]
193    #[error("A test error")]
194    struct TestError(#[from] TestErrorSource);
195
196    impl KeystoreError for TestError {}
197
198    impl HasKind for TestError {
199        fn kind(&self) -> ErrorKind {
200            ErrorKind::Other
201        }
202    }
203
204    #[test]
205    fn error_source() {
206        let e: Error = (Arc::new(TestError(TestErrorSource)) as Arc<dyn KeystoreError>).into();
207
208        assert_eq!(
209            e.source().unwrap().to_string(),
210            TestError(TestErrorSource).to_string()
211        );
212    }
213}
tor_keymgr/err.rs

tor_keymgr/
err.rs
