tor_cert/err.rs
1//! Define error types for the tor-cert crate.
2//!
3//! Most of the encoding/decoding functions here return [`tor_bytes::Error`],
4//! but many of them (related to certificate-specific operations) do not.
5
6use thiserror::Error;
7
8/// An error related to checking or validating a certificate
9#[derive(Clone, Debug, Error, Eq, PartialEq)]
10#[non_exhaustive]
11pub enum CertError {
12 /// The key on a certificate was not as expected.
13 #[error("Key on certificate was not as expected")]
14 KeyMismatch,
15
16 /// We tried to get the signing key from a certificate that didn't include
17 /// one.
18 #[error("Missing signing key on certificate")]
19 MissingPubKey,
20
21 /// We tried to validate a signature, and found that it was wrong.
22 #[error("Signature on certificate was invalid")]
23 BadSignature,
24}
25
26/// An error related to signing or encoding a certificate
27#[cfg(feature = "encode")]
28#[derive(Clone, Debug, Error)]
29#[non_exhaustive]
30pub enum CertEncodeError {
31 /// This certificate contains the public key that it is supposed to
32 /// be signed by, and the provided signing private key isn't it.
33 #[error("Tried to sign with wrong key")]
34 KeyMismatch,
35
36 /// The certificate contains more than 255 extensions.
37 #[error("Too many extensions")]
38 TooManyExtensions,
39
40 /// Some extension had a length of over 2^16.
41 #[error("Extension too long")]
42 ExtensionTooLong,
43
44 /// A mandatory field was not provided.
45 #[error("Missing field {0:?}")]
46 MissingField(&'static str),
47
48 /// We encountered a problem when encoding the certificate: probably, that
49 /// some length field would have to be longer than its maximum. This is
50 /// probably a bug in the calling code.
51 #[error("Tried to generate a cert we couldn't encode.")]
52 Bytes(#[from] tor_bytes::EncodeError),
53}