1use thiserror::Error;
2
3#[derive(Debug, Error)]
4pub enum QVError {
5 #[error("Invalid magic bytes: expected QVLT")]
6 InvalidMagic,
7
8 #[error("Unsupported token version: {0:#06x}")]
9 UnsupportedVersion(u16),
10
11 #[error("Unknown suite ID: {0:#04x}")]
12 UnknownSuite(u8),
13
14 #[error("Token has expired (issued {issued_at}, ttl {ttl}s)")]
15 Expired { issued_at: u64, ttl: u32 },
16
17 #[error("Token not yet valid")]
18 NotYetValid,
19
20 #[error("Signature verification failed")]
21 SignatureInvalid,
22
23 #[error("Payload decryption failed")]
24 DecryptionFailed,
25
26 #[error("Buffer too short: need {need}, have {have}")]
27 BufferTooShort { need: usize, have: usize },
28
29 #[error("Mutation counter replay: token counter {token} <= chain counter {chain}")]
30 ReplayDetected { token: u64, chain: u64 },
31
32 #[error("Entropy certification failed: compression ratio {0:.3} indicates non-random data")]
33 LowEntropy(f64),
34
35 #[error("Nonce reuse detected")]
36 NonceReuse,
37
38 #[error("Key generation failed")]
39 KeyGenFailed,
40
41 #[error("Serialization error: {0}")]
42 SerializationError(String),
43
44 #[error("Claims field missing: {0}")]
45 MissingClaim(String),
46}
47
48pub type QVResult<T> = Result<T, QVError>;