1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

// Copyright 2020-2023 IOTA Stiftung
// SPDX-License-Identifier: Apache-2.0

use crate::validator::JwtValidationError;

/// An error associated with validating KB-JWT.
#[derive(Debug, thiserror::Error, strum::IntoStaticStr)]
#[non_exhaustive]
pub enum KeyBindingJwtError {
  /// Invalid key binding JWT.
  #[error("KB-JWT is invalid")]
  JwtValidationError(#[from] JwtValidationError),

  /// Deserialization failed.
  #[error("Deserialization error")]
  DeserializationError(String),

  /// Error from `sd_jwt_payload`.
  #[error("SdJwt Error {0}")]
  SdJwtError(#[from] sd_jwt_payload::Error),

  /// Invalid hash value.
  #[error("the `_sd_hash` value of the KB-JWT does not match the derived value from the provided SD-JWT")]
  InvalidDigest,

  /// Invalid nonce value.
  #[error("provided nonce does not match the KB-JWT nonce claim")]
  InvalidNonce,

  /// Invalid `aud` value.
  #[error("provided audiance value does not match the KB-JWT `aud` claim")]
  AudianceMismatch,

  /// Issuance date validation error.
  #[error("KB-JWT `iat` value is invalid, {0}")]
  IssuanceDate(String),

  /// SD-JWT does not contain a key binding JWT.
  #[error("the provided SD-JWT does not include a KB-JWT")]
  MissingKeyBindingJwt,

  /// Header value `typ` is invalid.
  #[error("header `typ` value is missing or not equal to `kb+jwt`")]
  InvalidHeaderTypValue,
}