lers 0.4.0

An async, user-friendly Let's Encrypt/ACMEv2 library written in Rust
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156

use crate::api::responses;
use reqwest::header::ToStrError;
use std::{
    error::Error as StdError,
    fmt::{Display, Formatter},
};

pub(crate) type Result<T, E = Error> = std::result::Result<T, E>;

/// Possible errors that could occur
#[derive(Debug)]
pub enum Error {
    /// Error occurred in the server
    Server(responses::Error),
    /// Error occurred while processing the request
    Reqwest(reqwest::Error),
    /// Failed serializing the request
    Serialization(serde_json::Error),
    /// The `Location` header was missing from the response
    MissingHeader(&'static str),
    /// The header contained invalid data
    InvalidHeader(&'static str, ToStrError),
    /// The account's status is not set to `Valid`
    InvalidAccount(responses::AccountStatus),
    /// The certificate must have at least one identifier associated with it
    MissingIdentifiers,
    /// No solver could be found for any of the proposed challenge types
    MissingSolver,
    /// The solver encountered an error while presenting or cleaning up the challenge.
    SolverFailure(Box<dyn StdError + Send + Sync + 'static>),
    /// The solver was configured incorrectly
    InvalidSolverConfiguration {
        /// The solver's name
        name: &'static str,
        /// The error propagated from the solver
        error: Box<dyn StdError + Send + Sync + 'static>,
    },
    /// The maximum attempts while polling a resource was exceeded
    MaxAttemptsExceeded,
    /// The challenge for the identifier could not be validated
    ChallengeFailed(responses::Identifier, responses::ChallengeType),
    /// An error occurred within OpenSSL
    OpenSSL(openssl::error::ErrorStack),
    /// The order is invalid due to an error or authorization failure
    OrderFailed(responses::Error),
    /// The certificate cannot be downloaded due to the order state
    CannotDownloadCertificate,
    /// The provided key type is not supported
    UnsupportedKeyType,
    /// The provided ECDSA curve is not supported
    UnsupportedECDSACurve,
    /// The provided external account binding HMAC is not Base64 URL-encoded without padding
    InvalidExternalAccountBindingHMAC(base64::DecodeError),
}

impl Display for Error {
    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        match self {
            Self::Server(_) => write!(f, "an error occurred in the server"),
            Self::Reqwest(_) => write!(f, "an error occurred while processing the request"),
            Self::Serialization(_) => write!(f, "an error occurred while serializing the request"),
            Self::MissingHeader(name) => write!(f, "the `{name}` header was missing"),
            Self::InvalidHeader(name, _) => {
                write!(f, "the value of the `{name}` header was invalid")
            }
            Self::InvalidAccount(status) => {
                write!(f, "expected Valid account, got {status:?} account")
            }
            Self::MissingIdentifiers => write!(
                f,
                "the certificate must have at least one identifier associated with it"
            ),
            Self::MissingSolver => write!(
                f,
                "no solver could be found for the proposed challenge types"
            ),
            Self::SolverFailure(e) => write!(
                f,
                "the solver failed while presenting or cleaning up the challenge: {e}"
            ),
            Self::InvalidSolverConfiguration { name, error } => {
                write!(f, "invalid configuration for solver {name:?}: {error}")
            }
            Self::MaxAttemptsExceeded => write!(
                f,
                "the maximum attempts while polling a resource was exceeded"
            ),
            Self::ChallengeFailed(identifier, type_) => write!(
                f,
                "the {type_:?} challenge could not be validated for {identifier:?}"
            ),
            Self::OpenSSL(e) => write!(f, "openssl error: {e}"),
            Self::OrderFailed(e) => write!(
                f,
                "the order is invalid due to an error or authorization failure: {} ({})",
                e.type_.description(),
                e.type_.code()
            ),
            Self::CannotDownloadCertificate => {
                write!(f, "cannot download the certificate due to the order status")
            }
            Self::UnsupportedKeyType => write!(f, "the provided key type is unsupported"),
            Self::UnsupportedECDSACurve => write!(f, "the provided ecdsa curve is unsupported"),
            Self::InvalidExternalAccountBindingHMAC(_) => write!(f, "the provided external account binding HMAC is not Base64 URL-encoded without padding"),
        }
    }
}

impl StdError for Error {
    fn source(&self) -> Option<&(dyn StdError + 'static)> {
        match self {
            Self::Server(_) => None,
            Self::Reqwest(e) => Some(e),
            Self::Serialization(e) => Some(e),
            Self::MissingHeader(_) => None,
            Self::InvalidHeader(_, e) => Some(e),
            Self::InvalidAccount(_) => None,
            Self::MissingIdentifiers => None,
            Self::MissingSolver => None,
            Self::SolverFailure(e) => Some(e.as_ref()),
            Self::InvalidSolverConfiguration { error, .. } => Some(error.as_ref()),
            Self::MaxAttemptsExceeded => None,
            Self::ChallengeFailed(_, _) => None,
            Self::OpenSSL(e) => Some(e),
            Self::OrderFailed(_) => None,
            Self::CannotDownloadCertificate => None,
            Self::UnsupportedKeyType => None,
            Self::UnsupportedECDSACurve => None,
            Self::InvalidExternalAccountBindingHMAC(e) => Some(e),
        }
    }
}

impl From<reqwest::Error> for Error {
    fn from(err: reqwest::Error) -> Self {
        Self::Reqwest(err)
    }
}

impl From<serde_json::Error> for Error {
    fn from(err: serde_json::Error) -> Self {
        Self::Serialization(err)
    }
}

impl From<openssl::error::ErrorStack> for Error {
    fn from(err: openssl::error::ErrorStack) -> Self {
        Self::OpenSSL(err)
    }
}

impl From<base64::DecodeError> for Error {
    fn from(err: base64::DecodeError) -> Self {
        Self::InvalidExternalAccountBindingHMAC(err)
    }
}