openmls 0.8.1

A Rust implementation of the Messaging Layer Security (MLS) protocol, as defined in RFC 9420.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

//! Key schedule errors.

use openmls_traits::types::CryptoError;
use thiserror::Error;

use crate::{
    error::LibraryError,
    schedule::psk::{PskType, ResumptionPskUsage},
};

/// PSK secret error
#[derive(Error, Debug, PartialEq, Clone)]
pub enum PskError {
    /// See [`LibraryError`] for more details.
    #[error(transparent)]
    LibraryError(#[from] LibraryError),
    /// More than 2^16 PSKs were provided.
    #[error("More than 2^16 PSKs were provided.")]
    TooManyKeys,
    /// The PSK could not be found in the store.
    #[error("The PSK could not be found in the store.")]
    KeyNotFound,
    /// Failed to write PSK into storage.
    #[error("Failed to write PSK storage.")]
    Storage,
    /// Type mismatch.
    #[error("Type mismatch. Expected {allowed:?}, got {got:?}.")]
    TypeMismatch {
        /// Allowed PSK types.
        allowed: Vec<PskType>,
        /// Got PSK type.
        got: PskType,
    },
    /// Usage mismatch.
    #[error("Usage mismatch. Expected either of `{allowed:?}`, got `{got:?}`.")]
    UsageMismatch {
        /// Allowed PSK types.
        allowed: Vec<ResumptionPskUsage>,
        /// Got PSK type.
        got: ResumptionPskUsage,
    },
    /// Usage conflict.
    #[error("Usage conflict. First found `{first:?}`, now additionally found `{second:?}`.")]
    UsageConflict {
        /// First found PSK type.
        first: ResumptionPskUsage,
        /// Second found PSK type.
        second: ResumptionPskUsage,
    },
    /// Usage duplicate.
    #[error("Usage duplicate. Found two resumption PSKs with usage `{usage:?}`.")]
    UsageDuplicate {
        /// Resumption usage found in duplicate.
        usage: ResumptionPskUsage,
    },
    /// Nonce length mismatch.
    #[error("Nonce length mismatch. Expected either of `{expected:?}`, got `{got:?}`.")]
    NonceLengthMismatch {
        /// Expected nonce length.
        expected: usize,
        /// Got nonce length.
        got: usize,
    },
}

// === Crate ===

/// Key schedule state error
#[derive(Error, Debug, PartialEq, Clone)]
pub(crate) enum ErrorState {
    /// Expected to be in initial state.
    #[error("Expected to be in initial state.")]
    Init,
    /// Expected to be in epoch state.
    #[error("Expected to be in epoch state.")]
    Context,
}

/// Key schedule error
#[derive(Error, Debug, PartialEq, Clone)]
pub(crate) enum KeyScheduleError {
    /// See [`LibraryError`] for more details.
    #[error(transparent)]
    LibraryError(#[from] LibraryError),
    /// See [`ErrorState`] for more details.
    #[error(transparent)]
    InvalidState(#[from] ErrorState),
    /// See [`CryptoError`] for more details.
    #[error(transparent)]
    CryptoError(#[from] CryptoError),
}

#[cfg(any(feature = "test-utils", test))]
/// KeySchedule test vector error
#[derive(Error, Debug, PartialEq, Eq, Clone)]
pub enum KsTestVectorError {
    /// The computed joiner secret doesn't match the one in the test vector.
    #[error("The computed joiner secret doesn't match the one in the test vector.")]
    JoinerSecretMismatch,
    /// The computed welcome secret doesn't match the one in the test vector.
    #[error("The computed welcome secret doesn't match the one in the test vector.")]
    WelcomeSecretMismatch,
    /// The computed init secret doesn't match the one in the test vector.
    #[error("The computed init secret doesn't match the one in the test vector.")]
    InitSecretMismatch,
    /// The group context doesn't match the one in the test vector.
    #[error("The group context doesn't match the one in the test vector.")]
    GroupContextMismatch,
    /// The computed sender data secret doesn't match the one in the test vector.
    #[error("The computed sender data secret doesn't match the one in the test vector.")]
    SenderDataSecretMismatch,
    /// The computed encryption secret doesn't match the one in the test vector.
    #[error("The computed encryption secret doesn't match the one in the test vector.")]
    EncryptionSecretMismatch,
    /// The computed exporter secret doesn't match the one in the test vector.
    #[error("The computed exporter secret doesn't match the one in the test vector.")]
    ExporterSecretMismatch,
    /// The computed epoch authenticator doesn't match the one in the test vector.
    #[error("The computed epoch authenticator doesn't match the one in the test vector.")]
    EpochAuthenticatorMismatch,
    /// The computed external secret doesn't match the one in the test vector.
    #[error("The computed external secret doesn't match the one in the test vector.")]
    ExternalSecretMismatch,
    /// The computed confirmation key doesn't match the one in the test vector.
    #[error("The computed confirmation key doesn't match the one in the test vector.")]
    ConfirmationKeyMismatch,
    /// The computed membership key doesn't match the one in the test vector.
    #[error("The computed membership key doesn't match the one in the test vector.")]
    MembershipKeyMismatch,
    /// The computed resumption psk doesn't match the one in the test vector.
    #[error("The computed resumption psk doesn't match the one in the test vector.")]
    ResumptionPskMismatch,
    /// The computed external public key doesn't match the one in the test vector.
    #[error("The computed external public key doesn't match the one in the test vector.")]
    ExternalPubMismatch,
    /// The computed exporter secret doesn't match the on ein the test vector.
    #[error("The computed exporter secret doesn't match the on ein the test vector.")]
    ExporterMismatch,
}