1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318

// Copyright 2019 Contributors to the Parsec project.
// SPDX-License-Identifier: Apache-2.0
use log::{error, warn};
use num_derive::FromPrimitive;
use std::convert::TryFrom;
use std::error::Error as ErrorTrait;
use std::fmt;

/// C-like enum mapping response status options to their code.
///
/// See the [status
/// code](https://parallaxsecond.github.io/parsec-book/parsec_client/status_codes.html) page for a
/// broader description of these codes.
#[derive(Copy, Clone, Debug, PartialEq, FromPrimitive)]
#[repr(u16)]
pub enum ResponseStatus {
    /// Successful operation
    Success = 0,
    /// Requested provider ID does not match that of the backend
    WrongProviderID = 1,
    /// Requested content type is not supported by the backend
    ContentTypeNotSupported = 2,
    /// Requested accept type is not supported by the backend
    AcceptTypeNotSupported = 3,
    /// Requested version is not supported by the backend
    WireProtocolVersionNotSupported = 4,
    /// No provider registered for the requested provider ID
    ProviderNotRegistered = 5,
    /// No provider defined for requested provider ID
    ProviderDoesNotExist = 6,
    /// Failed to deserialize the body of the message
    DeserializingBodyFailed = 7,
    /// Failed to serialize the body of the message
    SerializingBodyFailed = 8,
    /// Requested operation is not defined
    OpcodeDoesNotExist = 9,
    /// Response size exceeds allowed limits
    ResponseTooLarge = 10,
    /// Authentication failed
    AuthenticationError = 11,
    /// Authenticator not supported
    AuthenticatorDoesNotExist = 12,
    /// Authenticator not supported
    AuthenticatorNotRegistered = 13,
    /// Internal error in the Key Info Manager
    KeyInfoManagerError = 14,
    /// Generic input/output error
    ConnectionError = 15,
    /// Invalid value for this data type
    InvalidEncoding = 16,
    /// Constant fields in header are invalid
    InvalidHeader = 17,
    /// The UUID vector needs to only contain 16 bytes
    WrongProviderUuid = 18,
    /// Request did not provide a required authentication
    NotAuthenticated = 19,
    /// Request length specified in the header is above defined limit
    BodySizeExceedsLimit = 20,
    /// An error occurred that does not correspond to any defined failure cause
    PsaErrorGenericError = 1132,
    /// The requested operation or a parameter is not supported by this implementation
    PsaErrorNotSupported = 1134,
    /// The requested action is denied by a policy
    PsaErrorNotPermitted = 1133,
    /// An output buffer is too small
    PsaErrorBufferTooSmall = 1138,
    /// Asking for an item that already exists
    PsaErrorAlreadyExists = 1139,
    /// Asking for an item that doesn't exist
    PsaErrorDoesNotExist = 1140,
    /// The requested action cannot be performed in the current state
    PsaErrorBadState = 1137,
    /// The parameters passed to the function are invalid
    PsaErrorInvalidArgument = 1135,
    /// There is not enough runtime memory
    PsaErrorInsufficientMemory = 1141,
    /// There is not enough persistent storage
    PsaErrorInsufficientStorage = 1142,
    /// There was a communication failure inside the implementation
    PsaErrorCommunicationFailure = 1145,
    /// There was a storage failure that may have led to data loss
    PsaErrorStorageFailure = 1146,
    /// Stored data has been corrupted
    PsaErrorDataCorrupt = 1152,
    /// Data read from storage is not valid for the implementation
    PsaErrorDataInvalid = 1153,
    /// A hardware failure was detected
    PsaErrorHardwareFailure = 1147,
    /// A tampering attempt was detected
    PsaErrorCorruptionDetected = 1151,
    /// There is not enough entropy to generate random data needed for the requested action
    PsaErrorInsufficientEntropy = 1148,
    /// The signature, MAC or hash is incorrect
    PsaErrorInvalidSignature = 1149,
    /// The decrypted padding is incorrect
    PsaErrorInvalidPadding = 1150,
    /// Insufficient data when attempting to read from a resource
    PsaErrorInsufficientData = 1143,
    /// The key handle is not valid
    PsaErrorInvalidHandle = 1136,
}

impl TryFrom<u16> for ResponseStatus {
    type Error = ResponseStatus;

    fn try_from(value: u16) -> Result<Self> {
        num::FromPrimitive::from_u16(value).ok_or_else(|| {
            error!(
                "Value {} does not correspond to a valid ResponseStatus.",
                value
            );
            ResponseStatus::InvalidEncoding
        })
    }
}

impl fmt::Display for ResponseStatus {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            ResponseStatus::Success => write!(f, "successful operation"),
            ResponseStatus::WrongProviderID => write!(
                f,
                "requested provider ID does not match that of the backend"
            ),
            ResponseStatus::ContentTypeNotSupported => {
                write!(f, "requested content type is not supported by the backend")
            }
            ResponseStatus::AcceptTypeNotSupported => {
                write!(f, "requested accept type is not supported by the backend")
            }
            ResponseStatus::WireProtocolVersionNotSupported => {
                write!(f, "requested version is not supported by the backend")
            }
            ResponseStatus::ProviderNotRegistered => {
                write!(f, "no provider registered for the requested provider ID")
            }
            ResponseStatus::ProviderDoesNotExist => {
                write!(f, "no provider defined for requested provider ID")
            }
            ResponseStatus::DeserializingBodyFailed => {
                write!(f, "failed to deserialize the body of the message")
            }
            ResponseStatus::SerializingBodyFailed => {
                write!(f, "failed to serialize the body of the message")
            }
            ResponseStatus::OpcodeDoesNotExist => write!(f, "requested operation is not defined"),
            ResponseStatus::ResponseTooLarge => write!(f, "response size exceeds allowed limits"),
            ResponseStatus::AuthenticationError => {
                write!(f, "authentication failed")
            }
            ResponseStatus::AuthenticatorDoesNotExist => {
                write!(f, "authenticator not supported")
            }
            ResponseStatus::AuthenticatorNotRegistered => {
                write!(f, "authenticator not supported")
            }
            ResponseStatus::KeyInfoManagerError => {
                write!(f, "internal error in the Key Info Manager")
            }
            ResponseStatus::ConnectionError => {
                write!(f, "generic input/output error")
            }
            ResponseStatus::InvalidEncoding => {
                write!(f, "invalid value for this data type")
            }
            ResponseStatus::InvalidHeader => {
                write!(f, "constant fields in header are invalid")
            }
            ResponseStatus::WrongProviderUuid => {
                write!(f, "the UUID vector needs to only contain 16 bytes")
            }
            ResponseStatus::NotAuthenticated => {
                write!(f, "request did not provide a required authentication")
            }
            ResponseStatus::BodySizeExceedsLimit => {
                write!(f, "request length specified in the header is above defined limit")
            }
            ResponseStatus::PsaErrorGenericError => {
                write!(f, "an error occurred that does not correspond to any defined failure cause")
            }
            ResponseStatus::PsaErrorNotPermitted => {
                write!(f, "the requested action is denied by a policy")
            }
            ResponseStatus::PsaErrorNotSupported => {
                write!(f, "the requested operation or a parameter is not supported by this implementation")
            }
            ResponseStatus::PsaErrorInvalidArgument => {
                write!(f, "the parameters passed to the function are invalid")
            }
            ResponseStatus::PsaErrorInvalidHandle => {
                write!(f, "the key handle is not valid")
            }
            ResponseStatus::PsaErrorBadState => {
                write!(f, "the requested action cannot be performed in the current state")
            }
            ResponseStatus::PsaErrorBufferTooSmall => {
                write!(f, "an output buffer is too small")
            }
            ResponseStatus::PsaErrorAlreadyExists => {
                write!(f, "asking for an item that already exists")
            }
            ResponseStatus::PsaErrorDoesNotExist => {
                write!(f, "asking for an item that doesn't exist")
            }
            ResponseStatus::PsaErrorInsufficientMemory => {
                write!(f, "there is not enough runtime memory")
            }
            ResponseStatus::PsaErrorInsufficientStorage => {
                write!(f, "there is not enough persistent storage")
            }
            ResponseStatus::PsaErrorInsufficientData => {
                write!(f, "insufficient data when attempting to read from a resource")
            }
            ResponseStatus::PsaErrorCommunicationFailure => {
                write!(f, "there was a communication failure inside the implementation")
            }
            ResponseStatus::PsaErrorStorageFailure => {
                write!(f, "there was a storage failure that may have led to data loss")
            }
            ResponseStatus::PsaErrorDataCorrupt => {
                write!(f, "stored data has been corrupted")
            }
            ResponseStatus::PsaErrorDataInvalid => {
                write!(f, "data read from storage is not valid for the implementation")
            }
            ResponseStatus::PsaErrorHardwareFailure => {
                write!(f, "a hardware failure was detected")
            }
            ResponseStatus::PsaErrorCorruptionDetected => {
                write!(f, "a tampering attempt was detected")
            }
            ResponseStatus::PsaErrorInsufficientEntropy => {
                write!(f, "there is not enough entropy to generate random data needed for the requested action")
            }
            ResponseStatus::PsaErrorInvalidSignature => {
                write!(f, "the signature, MAC or hash is incorrect")
            }
            ResponseStatus::PsaErrorInvalidPadding => {
                write!(f, "the decrypted padding is incorrect")
            }
        }
    }
}

impl ErrorTrait for ResponseStatus {}

/// Conversion from a std::io::Error to a ResponseStatus
///
/// It allows to easily return a ResponseStatus in case of error when using functions from the
/// standard library.
impl From<std::io::Error> for ResponseStatus {
    fn from(err: std::io::Error) -> Self {
        warn!(
            "Conversion from {} to ResponseStatus::ConnectionError.",
            err
        );
        ResponseStatus::ConnectionError
    }
}

impl From<bincode::Error> for ResponseStatus {
    fn from(err: bincode::Error) -> Self {
        warn!(
            "Conversion from {} to ResponseStatus::InvalidEncoding.",
            err
        );
        ResponseStatus::InvalidEncoding
    }
}

impl From<std::num::TryFromIntError> for ResponseStatus {
    fn from(err: std::num::TryFromIntError) -> Self {
        warn!(
            "Conversion from {} to ResponseStatus::InvalidEncoding.",
            err
        );
        ResponseStatus::InvalidEncoding
    }
}

impl From<std::convert::Infallible> for ResponseStatus {
    fn from(_err: std::convert::Infallible) -> Self {
        unreachable!();
    }
}

use psa_crypto::types::status::Error;

impl From<Error> for ResponseStatus {
    fn from(err: Error) -> ResponseStatus {
        match err {
            Error::GenericError => ResponseStatus::PsaErrorGenericError,
            Error::NotSupported => ResponseStatus::PsaErrorNotSupported,
            Error::NotPermitted => ResponseStatus::PsaErrorNotPermitted,
            Error::BufferTooSmall => ResponseStatus::PsaErrorBufferTooSmall,
            Error::AlreadyExists => ResponseStatus::PsaErrorAlreadyExists,
            Error::DoesNotExist => ResponseStatus::PsaErrorDoesNotExist,
            Error::BadState => ResponseStatus::PsaErrorBadState,
            Error::InvalidArgument => ResponseStatus::PsaErrorInvalidArgument,
            Error::InsufficientMemory => ResponseStatus::PsaErrorInsufficientMemory,
            Error::InsufficientStorage => ResponseStatus::PsaErrorInsufficientStorage,
            Error::CommunicationFailure => ResponseStatus::PsaErrorCommunicationFailure,
            Error::StorageFailure => ResponseStatus::PsaErrorStorageFailure,
            Error::DataCorrupt => ResponseStatus::PsaErrorDataCorrupt,
            Error::DataInvalid => ResponseStatus::PsaErrorDataInvalid,
            Error::HardwareFailure => ResponseStatus::PsaErrorHardwareFailure,
            Error::CorruptionDetected => ResponseStatus::PsaErrorCorruptionDetected,
            Error::InsufficientEntropy => ResponseStatus::PsaErrorInsufficientEntropy,
            Error::InvalidSignature => ResponseStatus::PsaErrorInvalidSignature,
            Error::InvalidPadding => ResponseStatus::PsaErrorInvalidPadding,
            Error::InsufficientData => ResponseStatus::PsaErrorInsufficientData,
            Error::InvalidHandle => ResponseStatus::PsaErrorInvalidHandle,
        }
    }
}

/// A Result type with the Err variant set as a ResponseStatus
pub type Result<T> = std::result::Result<T, ResponseStatus>;