core_policy/
error.rs

1//! Error types for mesh-policy-core
2
3use alloc::string::String;
4use core::fmt;
5
6/// Result type alias for policy operations
7pub type Result<T> = core::result::Result<T, PolicyError>;
8
9/// Errors that can occur in policy operations
10#[derive(Debug)]
11pub enum PolicyError {
12    /// Policy not found
13    PolicyNotFound(String),
14
15    /// Invalid policy rule
16    InvalidRule(String),
17
18    /// Permission denied
19    PermissionDenied {
20        /// Peer ID that was denied
21        peer_id: String,
22        /// Reason for denial
23        reason: String,
24    },
25
26    /// Invalid peer ID
27    InvalidPeerId(String),
28
29    /// Serialization error
30    SerializationError(String),
31
32    /// TOML parsing error (requires `toml` feature)
33    #[cfg(feature = "toml")]
34    TomlError(toml::de::Error),
35
36    /// IO error
37    // IoError removed for no_std
38
39    // ===== DoS Prevention Errors (T20 mitigation) =====
40
41    /// Policy exceeds maximum allowed rules (DoS prevention - T20)
42    TooManyRules {
43        /// Maximum allowed rules
44        max: usize,
45        /// Attempted number of rules
46        attempted: usize,
47    },
48
49    /// Resource pattern exceeds maximum length (DoS prevention - T20)
50    PatternTooLong {
51        /// Maximum allowed length
52        max: usize,
53        /// Actual pattern length
54        length: usize,
55    },
56
57    /// Policy name exceeds maximum length (DoS prevention - T20)
58    NameTooLong {
59        /// Maximum allowed length
60        max: usize,
61        /// Actual name length
62        length: usize,
63    },
64
65    // ===== ABAC Expression Errors =====
66    /// Context expression is too deeply nested (stack overflow prevention)
67    ExpressionTooDeep {
68        /// Maximum allowed depth
69        max: usize,
70    },
71
72    /// Context expression string is too long (DoS prevention)
73    ExpressionTooLong {
74        /// Maximum allowed length
75        max: usize,
76        /// Actual expression length
77        length: usize,
78    },
79
80    /// Invalid expression syntax
81    InvalidExpression(String),
82
83    /// System time error (clock went backwards or unavailable)
84    // TimeError removed for no_std
85
86    /// Internal error
87    InternalError(String),
88}
89
90impl fmt::Display for PolicyError {
91    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
92        match self {
93            Self::PolicyNotFound(msg) => write!(f, "Policy not found: {}", msg),
94            Self::InvalidRule(msg) => write!(f, "Invalid policy rule: {}", msg),
95            Self::PermissionDenied { peer_id, reason } => {
96                write!(f, "Permission denied for peer {}: {}", peer_id, reason)
97            }
98            Self::InvalidPeerId(msg) => write!(f, "Invalid peer ID: {}", msg),
99            Self::SerializationError(msg) => write!(f, "Serialization error: {}", msg),
100            #[cfg(feature = "toml")]
101            Self::TomlError(e) => write!(f, "TOML parsing error: {}", e),
102            Self::TooManyRules { max, attempted } => write!(
103                f,
104                "Policy exceeds maximum {} rules (attempted: {})",
105                max, attempted
106            ),
107            Self::PatternTooLong { max, length } => write!(
108                f,
109                "Resource pattern exceeds maximum {} characters (length: {})",
110                max, length
111            ),
112            Self::NameTooLong { max, length } => write!(
113                f,
114                "Policy name exceeds maximum {} characters (length: {})",
115                max, length
116            ),
117            Self::ExpressionTooDeep { max } => write!(
118                f,
119                "Context expression exceeds maximum depth of {} (prevents stack overflow)",
120                max
121            ),
122            Self::ExpressionTooLong { max, length } => write!(
123                f,
124                "Context expression exceeds maximum {} characters (length: {})",
125                max, length
126            ),
127            Self::InvalidExpression(msg) => write!(f, "Invalid context expression: {}", msg),
128            Self::InternalError(msg) => write!(f, "Internal error: {}", msg),
129        }
130    }
131}
132
133#[cfg(feature = "toml")]
134impl From<toml::de::Error> for PolicyError {
135    fn from(err: toml::de::Error) -> Self {
136        Self::TomlError(err)
137    }
138}
139
140impl core::error::Error for PolicyError {}
core_policy/error.rs

core_policy/
error.rs
