tor_cert/err.rs
1//! Define error types for the tor-cert crate.
2//!
3//! Most of the encoding/decoding functions here return [`tor_bytes::Error`],
4//! but many of them (related to certificate-specific operations) do not.
5
6use thiserror::Error;
7
8/// An error related to checking or validating a certificate
9#[derive(Clone, Debug, Error, Eq, PartialEq)]
10#[non_exhaustive]
11pub enum CertError {
12 /// The key on a certificate was not as expected.
13 #[error("Key on certificate was not as expected")]
14 KeyMismatch,
15
16 /// We tried to get the signing key from a certificate that didn't include
17 /// one.
18 #[error("Missing signing key on certificate")]
19 MissingPubKey,
20
21 /// We tried to validate a signature, and found that it was wrong.
22 #[error("Signature on certificate was invalid")]
23 BadSignature,
24}
25
26/// An error related to signing or encoding a certificate
27#[cfg(feature = "encode")]
28#[cfg_attr(docsrs, doc(cfg(feature = "encode")))]
29#[derive(Clone, Debug, Error)]
30#[non_exhaustive]
31pub enum CertEncodeError {
32 /// This certificate contains the public key that it is supposed to
33 /// be signed by, and the provided signing private key isn't it.
34 #[error("Tried to sign with wrong key")]
35 KeyMismatch,
36
37 /// The certificate contains more than 255 extensions.
38 #[error("Too many extensions")]
39 TooManyExtensions,
40
41 /// Some extension had a length of over 2^16.
42 #[error("Extension too long")]
43 ExtensionTooLong,
44
45 /// A mandatory field was not provided.
46 #[error("Missing field {0:?}")]
47 MissingField(&'static str),
48
49 /// We encountered a problem when encoding the certificate: probably, that
50 /// some length field would have to be longer than its maximum. This is
51 /// probably a bug in the calling code.
52 #[error("Tried to generate a cert we couldn't encode.")]
53 Bytes(#[from] tor_bytes::EncodeError),
54}