Skip to main content

herolib_crypt/httpsig/
error.rs

1use thiserror::Error;
2
3/// Errors that can occur during HTTP signature operations.
4#[derive(Debug, Error)]
5pub enum HttpSigError {
6    /// A required HTTP header is missing.
7    #[error("Missing required header: {0}")]
8    MissingHeader(String),
9
10    /// The signature format is invalid or malformed.
11    #[error("Invalid signature format: {0}")]
12    InvalidSignature(String),
13
14    /// Signature verification failed (signature does not match).
15    #[error("Signature verification failed")]
16    VerificationFailed,
17
18    /// The Content-Digest header does not match the computed digest.
19    #[error("Content-Digest mismatch")]
20    DigestMismatch,
21
22    /// The signature timestamp is outside the acceptable tolerance window.
23    #[error("Timestamp out of tolerance: created={created}, now={now}, tolerance={tolerance}s")]
24    TimestampOutOfBounds {
25        created: u64,
26        now: u64,
27        tolerance: u64,
28    },
29
30    /// The requested key ID was not found.
31    #[error("Key not found: {0}")]
32    KeyNotFound(String),
33
34    /// The signature algorithm is not supported.
35    #[error("Unsupported algorithm: {0}")]
36    UnsupportedAlgorithm(String),
37
38    /// Failed to parse a signature header or component.
39    #[error("Parse error: {0}")]
40    ParseError(String),
41
42    /// Missing authority in URI
43    #[error("Missing authority in URI")]
44    MissingAuthority,
45
46    /// Invalid header value
47    #[error("Invalid header value: {0}")]
48    InvalidHeader(String),
49
50    /// A required signature component is missing.
51    #[error("Missing required component: {0}")]
52    MissingComponent(String),
53
54    /// Invalid base64 encoding.
55    #[error("Invalid base64: {0}")]
56    InvalidBase64(#[from] base64::DecodeError),
57
58    /// Invalid hex encoding.
59    #[error("Invalid hex: {0}")]
60    InvalidHex(#[from] hex::FromHexError),
61
62    /// Cryptographic key error from keys module.
63    #[error("Key error: {0}")]
64    KeyError(#[from] crate::keys::KeyError),
65
66    /// No verifier key configured (need either default key or key getter).
67    #[error("No key configured for verification")]
68    NoKeyConfigured,
69
70    /// Invalid signature label.
71    #[error("Invalid signature label: {0}")]
72    InvalidLabel(String),
73}