1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

//! error types
//!
#[derive(Clone, Debug, PartialEq)]
pub enum Token {
    InternalError,
    /// error deserializing or verifying the token
    Format(Format),
    /// the authority block must have the index 0
    InvalidAuthorityIndex(u32),
    /// the block index does not match its position
    InvalidBlockIndex(InvalidBlockIndex),
    /// multiple blocks declare the same symbols
    SymbolTableOverlap,
    /// the symbol table is missing either "authority" or "ambient"
    MissingSymbols,
    /// tried to append a block to a sealed token
    Sealed,
    /// caveat validation failed
    FailedLogic(Logic),
    /// Datalog parsing error
    ParseError,
}

#[derive(Clone, Debug, PartialEq)]
pub struct InvalidBlockIndex {
    pub expected: u32,
    pub found: u32,
}

#[derive(Clone, Debug, PartialEq)]
pub enum Format {
    /// failed verifying the signature
    Signature(Signature),
    /// failed verifying the signature of a sealed token
    SealedSignature,
    /// the token does not provide intermediate public keys
    EmptyKeys,
    /// the root public key was not recognized
    UnknownPublicKey,
    /// could not deserialize the wrapper object
    DeserializationError(String),
    /// could not serialize the wrapper object
    SerializationError(String),
    /// could not deserialize the block
    BlockDeserializationError(String),
    /// could not serialize the block
    BlockSerializationError(String),
}

#[derive(Clone, Debug, PartialEq)]
pub enum Signature {
    /// could not parse the signature elements
    InvalidFormat,
    /// the signature did not match
    InvalidSignature,
}

#[derive(Clone, Debug, PartialEq)]
pub enum Logic {
    /// a fact of the authority block did not have the authority tag
    InvalidAuthorityFact(String),
    /// a fact provided or generated by the verifier did not have the ambient tag
    InvalidAmbientFact(String),
    /// a fact provided or generated by a block had the authority or ambient tag
    InvalidBlockFact(u32, String),
    /// a rule provided by a block is generating facts with the authority or ambient tag
    InvalidBlockRule(u32, String),
    /// list of caveats that failed validation
    FailedCaveats(Vec<FailedCaveat>),
}

#[derive(Clone, Debug, PartialEq)]
pub enum FailedCaveat {
    /// a caveat failed in a block
    Block(FailedBlockCaveat),
    /// a caveat provided by the verifier failed
    Verifier(FailedVerifierCaveat),
}

#[derive(Clone, Debug, PartialEq)]
pub struct FailedBlockCaveat {
    pub block_id: u32,
    pub caveat_id: u32,
    /// pretty print of the rule that failed
    pub rule: String,
}

#[derive(Clone, Debug, PartialEq)]
pub struct FailedVerifierCaveat {
    pub caveat_id: u32,
    /// pretty print of the rule that failed
    pub rule: String,
}