signstar_crypto/signer/error.rs
1//! Contains [`Error`] enum for the low-level signer interface.
2
3use pgp::{
4 crypto::hash::HashAlgorithm,
5 types::{Fingerprint, PublicParams},
6};
7
8use crate::key::base::SignatureType;
9
10/// An error that may occur when working with OpenPGP data.
11#[derive(Debug, thiserror::Error)]
12pub enum Error {
13 /// Certificate for the key has not been initialized
14 #[error("There is no OpenPGP certificate for the key")]
15 OpenPpgCertificateMissing,
16
17 /// Elliptic curve error
18 #[error("Elliptic curve error: {0}")]
19 EllipticCurve(#[from] p256::elliptic_curve::Error),
20
21 /// Public key data is invalid.
22 #[error("Public key data is invalid because {context}")]
23 InvalidPublicKeyData {
24 /// The context in which the error occurred.
25 ///
26 /// This is meant to complete the sentence "Public key data is invalid because ".
27 context: String,
28 },
29
30 /// An OpenPGP error occurred.
31 #[error("OpenPGP error: {0}")]
32 Pgp(#[from] pgp::errors::Error),
33
34 /// An OpenPGP Transferable Secret Key (TSK) is passphrase protected.
35 #[error(
36 "The OpenPGP Transferable Secret Key (TSK) with fingerprint {fingerprint} is passphrase protected"
37 )]
38 OpenPgpTskIsPassphraseProtected {
39 /// The OpenPGP fingerprint of the TSK.
40 fingerprint: Fingerprint,
41 },
42
43 /// An OpenPGP Transferable Secret Key (TSK) contains multiple component keys.
44 #[error(
45 "The OpenPGP Transferable Secret Key (TSK) with fingerprint {fingerprint} contains multiple component keys, which is not supported"
46 )]
47 OpenPgpTskContainsMultipleComponentKeys {
48 /// The OpenPGP fingerprint of the TSK.
49 fingerprint: Fingerprint,
50 },
51
52 /// An invalid signature is encountered.
53 #[error("Invalid signature {signature_type} encountered while {context}")]
54 InvalidSignature {
55 /// The context in which an invalid signature has been detected.
56 ///
57 /// This is meant to complete the sentence "Invalid signature encountered
58 /// while ".
59 context: &'static str,
60
61 /// Signature type encountered when this error occurred.
62 signature_type: SignatureType,
63 },
64
65 /// An unsupported hash algorithm is requested.
66 #[error("Unsupported hash algorithm requested. Expected {expected}, but got {actual}")]
67 UnsupportedHashAlgorithm {
68 /// The hash algorithm that has been used.
69 actual: HashAlgorithm,
70
71 /// The hash algorithm that is supported.
72 expected: HashAlgorithm,
73 },
74
75 /// An unsupported signature algorithm is requested.
76 #[error("Unsupported signature algorithm requested: {0}")]
77 UnsupportedSignatureAlgorithm(SignatureType),
78
79 /// The key format used is unsupported
80 #[error("Unsupported key format {public_params:?} encountered while {context}")]
81 UnsupportedKeyFormat {
82 /// The context in which an unsupported key format has been detected.
83 ///
84 /// This is meant to complete the sentence "Unsupported key format encountered
85 /// while ".
86 context: &'static str,
87
88 /// The unsupported public key parameters.
89 public_params: Box<PublicParams>,
90 },
91
92 /// A [`crate::key::Error`] error.
93 #[error(transparent)]
94 SignstarCryptoKey(#[from] crate::key::Error),
95
96 /// An HSM operation error.
97 #[error("HSM operation failed while {context}:\n{source}")]
98 Hsm {
99 /// The context in which an HSM error occurred.
100 ///
101 /// This is meant to complete the sentence "HSM operation failed
102 /// while ".
103 context: &'static str,
104 /// The source error.
105 source: Box<dyn std::error::Error + 'static + Send + Sync>,
106 },
107
108 /// An error that may occur when working with OpenPGP data.
109 #[error(transparent)]
110 OpenPgp(#[from] crate::openpgp::Error),
111}