sentinel_crypto/
error.rs

1/// Comprehensive error type for all sentinel-crypto operations.
2/// This enum wraps all possible errors that can occur during cryptographic operations,
3/// providing a unified error handling interface. We use thiserror for ergonomic error
4/// handling while ensuring all sensitive information is properly abstracted.
5///
6/// Design choice: Single error enum prevents error type proliferation and allows
7/// for consistent error handling across the entire crypto crate. All errors are
8/// wrapped to avoid leaking implementation details. Sub-enums (HashError, SignatureError,
9/// KeyError) provide specific categorization while maintaining a flat top-level API.
10///
11/// Security consideration: Error messages are designed to not leak sensitive information
12/// about keys, signatures, or internal state. All cryptographic failures are abstracted
13/// to prevent side-channel attacks or information disclosure.
14#[derive(thiserror::Error, Debug)]
15pub enum CryptoError {
16    /// Errors related to hashing operations
17    #[error("Hashing error: {0}")]
18    Hashing(#[from] HashError),
19
20    /// Errors related to signature operations
21    #[error("Signature error: {0}")]
22    Signature(#[from] SignatureError),
23
24    /// Errors related to key management
25    #[error("Key management error: {0}")]
26    KeyManagement(#[from] KeyError),
27
28    /// Errors related to key derivation operations
29    #[error("Key derivation error: {0}")]
30    KeyDerivation(#[from] KeyDerivationError),
31
32    /// Errors related to encryption operations
33    #[error("Encryption error")]
34    Encryption,
35
36    /// Errors related to decryption operations
37    #[error("Decryption error")]
38    Decryption,
39
40    /// JSON serialization/deserialization errors
41    #[error("JSON error: {0}")]
42    Json(#[from] serde_json::Error),
43
44    /// Hex decoding errors
45    #[error("Hex decoding error: {0}")]
46    Hex(#[from] hex::FromHexError),
47
48    /// Invalid signature length
49    #[error("Invalid signature length")]
50    InvalidSignatureLength,
51
52    /// Invalid key length
53    #[error("Invalid key length")]
54    InvalidKeyLength,
55
56    /// Verification failed
57    #[error("Verification failed")]
58    VerificationFailed,
59
60    /// Global config already set
61    #[error("Global config already set")]
62    ConfigAlreadySet,
63}
64
65/// Specific errors for hashing operations
66#[derive(thiserror::Error, Debug)]
67pub enum HashError {
68    /// JSON serialization failed during hashing
69    #[error("JSON serialization failed: {0}")]
70    Serialization(#[from] serde_json::Error),
71}
72
73/// Specific errors for signature operations
74#[derive(thiserror::Error, Debug)]
75pub enum SignatureError {
76    /// Signature creation failed
77    #[error("Signature creation failed")]
78    SigningFailed,
79
80    /// Signature verification failed
81    #[error("Signature verification failed")]
82    VerificationFailed,
83
84    /// Invalid signature format
85    #[error("Invalid signature format")]
86    InvalidFormat,
87}
88
89/// Specific errors for key management operations
90#[derive(thiserror::Error, Debug)]
91pub enum KeyError {
92    /// Key generation failed
93    #[error("Key generation failed")]
94    GenerationFailed,
95
96    /// Key import failed
97    #[error("Key import failed: {0}")]
98    ImportFailed(String),
99
100    /// Key export failed
101    #[error("Key export failed")]
102    ExportFailed,
103}
104
105/// Specific errors for key derivation operations
106#[derive(thiserror::Error, Debug)]
107pub enum KeyDerivationError {
108    /// Key derivation failed
109    #[error("Key derivation failed")]
110    DerivationFailed,
111
112    /// Invalid parameters for key derivation
113    #[error("Invalid key derivation parameters")]
114    InvalidParameters,
115}