Skip to main content

atlas_rs/
error.rs

1//! Error types for aTLS verification.
2
3use thiserror::Error;
4
5/// Errors that can occur during aTLS verification.
6#[derive(Debug, Error)]
7pub enum AtlsVerificationError {
8    /// I/O error during communication.
9    #[error("I/O error: {0}")]
10    Io(String),
11
12    /// Quote verification failed.
13    #[error("quote verification failed: {0}")]
14    Quote(String),
15
16    /// Bootchain measurement mismatch.
17    #[error("bootchain mismatch: {field} expected {expected}, got {actual}")]
18    BootchainMismatch {
19        field: String,
20        expected: String,
21        actual: String,
22    },
23
24    /// RTMR measurement mismatch.
25    #[error("RTMR{index} mismatch: expected {expected}, got {actual}")]
26    RtmrMismatch {
27        index: u8,
28        expected: String,
29        actual: String,
30    },
31
32    /// Certificate not found in event log.
33    #[error("certificate not in event log")]
34    CertificateNotInEventLog,
35
36    /// Event log parsing failed.
37    #[error("failed to parse event log: {0}")]
38    EventLogParse(String),
39
40    /// TEE type mismatch.
41    #[error("TEE type mismatch: {0}")]
42    TeeTypeMismatch(String),
43
44    /// App compose hash mismatch.
45    #[error("app compose hash mismatch: expected {expected}, got {actual}")]
46    AppComposeHashMismatch { expected: String, actual: String },
47
48    /// OS image hash mismatch.
49    #[error("OS image hash mismatch: expected {expected}, got {actual:?}")]
50    OsImageHashMismatch {
51        expected: String,
52        actual: Option<String>,
53    },
54
55    /// TCB status not in allowed list.
56    #[error("TCB status {status} not allowed (allowed: {allowed:?})")]
57    TcbStatusNotAllowed { status: String, allowed: Vec<String> },
58
59    /// Report data mismatch - potential replay attack.
60    #[error("report data mismatch: expected {expected}, got {actual}. Possible replay/relay attack.")]
61    ReportDataMismatch { expected: String, actual: String },
62
63    /// Configuration error.
64    #[error("configuration error: {0}")]
65    Configuration(String),
66
67    /// TLS handshake failed.
68    #[error("TLS handshake failed: {0}")]
69    TlsHandshake(String),
70
71    /// Invalid server name.
72    #[error("invalid server name: {0}")]
73    InvalidServerName(String),
74
75    /// Missing server certificate after TLS handshake.
76    #[error("missing server certificate")]
77    MissingCertificate,
78
79    /// Other errors.
80    #[error("{0}")]
81    Other(#[from] anyhow::Error),
82}