1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
use Snafu;
use crateError;
/// Errors that could occur during AEAD decryption.
///
/// The variants are load-bearing control flow between decryptor layers:
/// [`NoMatchingKey`](Self::NoMatchingKey) drives the refresh-and-retry loop
/// in [`RetryingDecryptor`](super::RetryingDecryptor) and candidate dispatch
/// in [`MultiKeyDecryptor`](super::MultiKeyDecryptor) — the cipher analogue
/// of [`VerifyError`](crate::crypto::verifier::VerifyError). Only its
/// `Other` source is the concrete [`Error`].
/// Errors that could occur during AEAD unsealing.
///
/// Used as the source of [`ErrorKind::Crypto`](crate::error::ErrorKind::Crypto)
/// errors — cipher implementations construct these to describe *why* an
/// unseal failed without expanding the kind-level vocabulary.
///
/// This covers only failures the framing layer itself detects. An
/// authentication-tag mismatch is raised by the inner
/// [`AeadDecryptor`](super::AeadDecryptor) and flows through as
/// [`DecryptError::Other`], not as an `UnsealError`.