signstar_crypto/key/
error.rs

1//! Error handling
2
3use crate::key::base::{KeyMechanism, KeyType, MIN_RSA_BIT_LENGTH, SignatureType};
4
5/// An error that can occur when dealing with keys.
6#[derive(Debug, thiserror::Error)]
7pub enum Error {
8    /// Importing from PKCS#8 DER or PEM failed
9    #[error("PKCS#8 error: {0}")]
10    Pkcs8(#[from] rsa::pkcs8::Error),
11
12    /// No primes found when importing an RSA key
13    #[error("No primes found")]
14    NoPrimes,
15
16    /// The [`KeyType`] is not supported
17    #[error("The {0} key type is not supported")]
18    UnsupportedKeyType(KeyType),
19
20    /// An input buffer is too long when trying to pad it.
21    #[error(
22        "The input buffer is {buffer_len} bytes long, but should be padded to only {pad_len} bytes in length."
23    )]
24    PaddingInputTooLong {
25        /// The length of the input buffer.
26        buffer_len: usize,
27        /// The length of the buffer the input should be padded to.
28        pad_len: usize,
29    },
30
31    /// The key mechanisms provided for a key type are not valid
32    #[error(
33        "The key type {key_type} does not support the following key mechanisms: {invalid_mechanisms:?}"
34    )]
35    InvalidKeyMechanism {
36        /// The key type not supporting specific mechanisms.
37        key_type: KeyType,
38        /// The list of invalid key mechanisms.
39        invalid_mechanisms: Vec<KeyMechanism>,
40    },
41
42    /// Elliptic curve keys do not support providing a length
43    #[error("Elliptic curve key ({key_type}) does not support setting length")]
44    KeyLengthUnsupported {
45        /// The key type that does not support setting length.
46        key_type: KeyType,
47    },
48
49    /// Key type requires setting a length
50    #[error("Generating a key of type {key_type} requires setting a length")]
51    KeyLengthRequired {
52        /// The key type that requires a length.
53        key_type: KeyType,
54    },
55
56    /// AES key is generated with unsupported key length (not 128, 192 or 256)
57    #[error(
58        "AES only defines key lengths of 128, 192 and 256. A key length of {key_length} is unsupported!"
59    )]
60    InvalidKeyLengthAes {
61        /// The invalid key length.
62        key_length: u32,
63    },
64
65    /// RSA key is generated with unsafe key length (smaller than 2048)
66    #[error(
67        "RSA keys shorter than {MIN_RSA_BIT_LENGTH} are not supported. A key length of {key_length} is unsafe!"
68    )]
69    InvalidKeyLengthRsa {
70        /// The invalid key length.
71        key_length: u32,
72    },
73
74    /// The signature type provided for a key type is not valid
75    #[error("The key type {key_type} is not compatible with signature type: {signature_type}")]
76    InvalidKeyTypeForSignatureType {
77        /// The key type.
78        key_type: KeyType,
79        /// The signature type that is invalid for the use with `key_type`.
80        signature_type: SignatureType,
81    },
82
83    /// The key mechanisms provided for a signature type are not valid
84    #[error(
85        "The key mechanism {required_key_mechanism} must be used with signature type {signature_type}"
86    )]
87    InvalidKeyMechanismsForSignatureType {
88        /// The invalid key mechanism.
89        required_key_mechanism: KeyMechanism,
90        /// The signature type matching the key mechanism.
91        signature_type: SignatureType,
92    },
93
94    /// A signing key setup is not compatible with raw cryptographic signing
95    #[error(
96        "The key type {key_type}, key mechanisms {key_mechanisms:?} and signature type {signature_type} are incompatible with raw cryptographic signing"
97    )]
98    InvalidRawSigningKeySetup {
99        /// The key type incompatible with raw cryptographic signing.
100        key_type: KeyType,
101        /// The list of key mechanisms incompatible with raw cryptographic signing.
102        key_mechanisms: Vec<KeyMechanism>,
103        /// The signature type incompatible with raw cryptographic signing.
104        signature_type: SignatureType,
105    },
106
107    /// A signing key setup is not compatible with OpenPGP signing
108    #[error(
109        "The key type {key_type}, key mechanisms {key_mechanisms:?} and signature type {signature_type} are incompatible with OpenPGP signing"
110    )]
111    InvalidOpenPgpSigningKeySetup {
112        /// The key type incompatible with OpenPGP signing.
113        key_type: KeyType,
114        /// The list of key mechanisms incompatible with OpenPGP signing.
115        key_mechanisms: Vec<KeyMechanism>,
116        /// The signature type incompatible with OpenPGP signing.
117        signature_type: SignatureType,
118    },
119}