use core::fmt;
#[derive(Debug)]
#[non_exhaustive]
pub enum DecryptError {
MalformedMetadataFrame(&'static str),
MalformedBodyFrame(&'static str),
UnsupportedFormatVersion {
header_byte: u8,
},
UnsupportedSuite {
suite_id: u8,
},
UnknownKeyEpoch {
key_epoch: u8,
},
SuiteMismatch {
expected: u8,
actual: u8,
},
AeadVerificationFailed,
}
impl fmt::Display for DecryptError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
Self::MalformedMetadataFrame(reason) => {
write!(f, "malformed AAD `MetadataFrame`: {reason}")
}
Self::MalformedBodyFrame(reason) => {
write!(f, "malformed AAD `BodyFrame`: {reason}")
}
Self::UnsupportedFormatVersion { header_byte } => write!(
f,
"unsupported AAD format version (HeaderByte=0x{header_byte:02X}, \
expected high nibble 0b0001)"
),
Self::UnsupportedSuite { suite_id } => write!(
f,
"unsupported AEAD suite (SuiteID=0x{suite_id:02X}, not in v1 registry)"
),
Self::UnknownKeyEpoch { key_epoch } => write!(
f,
"unknown KeyEpoch 0x{key_epoch:02X} (not present in caller's key chain)"
),
Self::SuiteMismatch { expected, actual } => write!(
f,
"AEAD suite mismatch (expected 0x{expected:02X}, found 0x{actual:02X} on disk)"
),
Self::AeadVerificationFailed => {
f.write_str("AEAD tag verification failed (corruption, tampering, or wrong key)")
}
}
}
}
#[cfg(feature = "std")]
impl std::error::Error for DecryptError {}
#[cfg(test)]
mod tests;