heddle-crypto 0.3.1

An AI-native version control system
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97

// SPDX-License-Identifier: Apache-2.0
//! Error types for cryptographic signing.

use std::path::PathBuf;

/// Error type for signer operations.
#[derive(Debug)]
pub enum SignerError {
    UnsupportedAlgorithm(String),
    UnknownKeyFormat,
    InvalidKey(String),
    InvalidSignature(String),
    InvalidPublicKey(String),
    Io(std::io::Error),
    Pem(String),
    Ed25519(String),
    Rsa(String),
    P256(String),
    Pkcs8(String),
    KeyNotFound(PathBuf),
    InsecureKeyPermissions { path: PathBuf, mode: u32 },
    VerificationFailed,
}

impl std::fmt::Display for SignerError {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        match self {
            SignerError::UnsupportedAlgorithm(algo) => {
                write!(f, "unsupported signature algorithm: {}", algo)
            }
            SignerError::UnknownKeyFormat => write!(f, "unknown or unsupported key format"),
            SignerError::InvalidKey(msg) => write!(f, "invalid key: {}", msg),
            SignerError::InvalidSignature(msg) => write!(f, "invalid signature: {}", msg),
            SignerError::InvalidPublicKey(msg) => write!(f, "invalid public key: {}", msg),
            SignerError::Io(e) => write!(f, "I/O error: {}", e),
            SignerError::Pem(msg) => write!(f, "PEM error: {}", msg),
            SignerError::Ed25519(msg) => write!(f, "Ed25519 error: {}", msg),
            SignerError::Rsa(msg) => write!(f, "RSA error: {}", msg),
            SignerError::P256(msg) => write!(f, "P256 error: {}", msg),
            SignerError::Pkcs8(msg) => write!(f, "PKCS8 error: {}", msg),
            SignerError::KeyNotFound(path) => write!(f, "key file not found: {}", path.display()),
            SignerError::InsecureKeyPermissions { path, mode } => write!(
                f,
                "private key file {} is group/world-accessible (mode {mode:04o}, required 0600 \
                 or stricter); fix with: chmod 600 {}",
                path.display(),
                path.display()
            ),
            SignerError::VerificationFailed => write!(f, "signature verification failed"),
        }
    }
}

impl std::error::Error for SignerError {
    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
        match self {
            SignerError::Io(e) => Some(e),
            _ => None,
        }
    }
}

impl From<std::io::Error> for SignerError {
    fn from(e: std::io::Error) -> Self {
        SignerError::Io(e)
    }
}

impl From<ed25519_dalek::SignatureError> for SignerError {
    fn from(e: ed25519_dalek::SignatureError) -> Self {
        SignerError::Ed25519(e.to_string())
    }
}

impl From<rsa::Error> for SignerError {
    fn from(e: rsa::Error) -> Self {
        SignerError::Rsa(e.to_string())
    }
}

impl From<pkcs8::Error> for SignerError {
    fn from(e: pkcs8::Error) -> Self {
        SignerError::Pkcs8(e.to_string())
    }
}

impl From<pkcs8::spki::Error> for SignerError {
    fn from(e: pkcs8::spki::Error) -> Self {
        SignerError::Pkcs8(e.to_string())
    }
}

impl From<sec1::Error> for SignerError {
    fn from(e: sec1::Error) -> Self {
        SignerError::Pem(e.to_string())
    }
}