tor_keymgr/
err.rs

1//! An error type for the `tor-keymgr` crate.
2
3use tor_error::HasKind;
4
5use dyn_clone::DynClone;
6use tor_persist::slug::BadSlug;
7
8use std::error::Error as StdError;
9use std::fmt;
10use std::ops::Deref;
11use std::sync::Arc;
12
13use crate::raw::RawKeystoreEntry;
14use crate::{KeyPath, KeyPathError, KeystoreId};
15
16/// An Error type for this crate.
17#[derive(thiserror::Error, Debug, Clone)]
18#[non_exhaustive]
19pub enum Error {
20    /// Detected keustore corruption.
21    #[error("{0}")]
22    Corruption(#[from] KeystoreCorruptionError),
23
24    /// An opaque error returned by a [`Keystore`](crate::Keystore).
25    #[error("{0}")]
26    Keystore(#[from] Arc<dyn KeystoreError>),
27
28    /// An error returned when the [`KeyMgr`](crate::KeyMgr) is asked to generate a key that already exists.
29    ///
30    /// Note that because there is no locking of the keystore,
31    /// this situation is not reliably detected
32    /// in the presence of concurrent tasks trying to generate the same key.
33    ///
34    /// So this error is provided to help the human user,
35    /// but mustn't be relied on for correctness.
36    #[error("Key already exists")]
37    KeyAlreadyExists,
38
39    /// Error coming from the tor-key-forgecrate
40    #[error("{0}")]
41    KeyForge(#[from] tor_key_forge::Error),
42
43    /// An error caused by an invalid certificate.
44    #[error("{0}")]
45    InvalidCert(#[from] tor_key_forge::InvalidCertError),
46
47    /// An error returned when the [`KeyMgr`](crate::KeyMgr) is unable to
48    /// find a [`Keystore`](crate::Keystore) matching a given [`KeystoreId`]
49    /// in either its `primary_store` field or the `secondary_stores` collection.
50    #[error("Keystore {0} not found")]
51    KeystoreNotFound(KeystoreId),
52
53    /// An internal error.
54    #[error("Internal error")]
55    Bug(#[from] tor_error::Bug),
56}
57
58/// An error returned by a [`Keystore`](crate::Keystore).
59pub trait KeystoreError:
60    HasKind + StdError + DynClone + fmt::Debug + fmt::Display + Send + Sync + 'static
61{
62}
63
64impl HasKind for Error {
65    fn kind(&self) -> tor_error::ErrorKind {
66        use Error as E;
67        use tor_error::ErrorKind as EK;
68
69        match self {
70            E::Keystore(e) => e.kind(),
71            E::Corruption(_) => EK::KeystoreCorrupted,
72            E::KeyAlreadyExists => EK::BadApiUsage, // TODO: not strictly right
73            E::KeystoreNotFound(_) => EK::BadApiUsage, // TODO: not strictly right
74            E::KeyForge(_) => EK::BadApiUsage,
75            E::InvalidCert(_) => EK::BadApiUsage, // TODO: not strictly right
76            E::Bug(e) => e.kind(),
77        }
78    }
79}
80
81/// An error caused by a syntactically invalid [`ArtiPath`](crate::ArtiPath).
82///
83/// The `ArtiPath` is not in the legal syntax: it contains bad characters,
84/// or a syntactically invalid components.
85///
86/// (Does not include any errors arising from paths which are invalid
87/// *for the particular key*.)
88#[derive(thiserror::Error, Debug, Clone)]
89#[error("Invalid ArtiPath")]
90#[non_exhaustive]
91pub enum ArtiPathSyntaxError {
92    /// One of the path slugs was invalid.
93    #[error("{0}")]
94    Slug(#[from] BadSlug),
95
96    /// An internal error.
97    #[error("Internal error")]
98    Bug(#[from] tor_error::Bug),
99}
100
101/// An error caused by keystore corruption.
102#[derive(thiserror::Error, Debug, Clone)]
103#[error("Keystore corruption")]
104#[non_exhaustive]
105pub enum KeystoreCorruptionError {
106    /// A keystore contains a key that has an invalid [`KeyPath`].
107    #[error("{0}")]
108    KeyPath(#[from] KeyPathError),
109
110    /// A keystore contains an unrecognized [`KeyPath`].
111    #[error("Unrecognized key path {0}")]
112    Unrecognized(KeyPath),
113
114    /// Missing certificate for key.
115    #[error("Missing certificate for key")]
116    MissingCertificate,
117
118    /// Missing the subject key of a certificate we own.
119    #[error("Subject key of certificate not found")]
120    MissingSubjectKey,
121
122    /// Missing signing key for certificate.
123    #[error("Missing signing key for certificate")]
124    MissingSigningKey,
125}
126
127/// An error that happens when we encounter an unknown key type.
128#[derive(thiserror::Error, PartialEq, Eq, Debug, Clone)]
129#[error("unknown key type: arti_extension={arti_extension}")]
130pub struct UnknownKeyTypeError {
131    /// The extension used for keys of this type in an Arti keystore.
132    pub(crate) arti_extension: String,
133}
134
135/// An unrecognized keystore entry.
136#[derive(Clone, Debug, amplify::Getters, thiserror::Error)]
137#[error("Unrecognized keystore entry")]
138pub struct UnrecognizedEntryError {
139    /// An identifier of the entry that caused the error.
140    entry: UnrecognizedEntry,
141    /// The underlying error that occurred.
142    // TODO: This should be an `Error` specific for the situation.
143    //
144    // [`KeystoreError`] is a provvisory solution that presents
145    // some issues, for example:
146    //
147    // * not all variants of `KeystoreError` are relevant
148    // * redundancy with some other Error types like
149    // [`MalformedServiceKeyError::NotAKey`](crate::keystore::ctor::err::MalformedServiceKeyError)
150    // * [`Keystore::list`](crate::Keystore) returns
151    // `StdResult<Vec<StdResult<(KeyPath, KeystoreItemType), UnrecognizedEntryError>>, KeystoreError>`,
152    // `KeystoreError` presents itself twice at 2 different levels, there is ambiguity
153    #[source]
154    error: Arc<dyn KeystoreError>,
155}
156
157impl UnrecognizedEntryError {
158    /// Create a new instance of `KeystoreListError` given an `UnrecognizedEntry`
159    /// and an `Arc<dyn KeystoreError>`.
160    pub(crate) fn new(entry: UnrecognizedEntry, error: Arc<dyn KeystoreError>) -> Self {
161        Self { entry, error }
162    }
163}
164
165/// The opaque identifier of an unrecognized key inside a [`Keystore`](crate::Keystore).
166#[derive(Debug, Clone, PartialEq, derive_more::From, derive_more::Into)]
167pub struct UnrecognizedEntry(RawKeystoreEntry);
168
169#[cfg(feature = "onion-service-cli-extra")]
170impl Deref for UnrecognizedEntry {
171    type Target = RawKeystoreEntry;
172    fn deref(&self) -> &Self::Target {
173        &self.0
174    }
175}
176
177#[cfg(test)]
178mod tests {
179    // @@ begin test lint list maintained by maint/add_warning @@
180    #![allow(clippy::bool_assert_comparison)]
181    #![allow(clippy::clone_on_copy)]
182    #![allow(clippy::dbg_macro)]
183    #![allow(clippy::mixed_attributes_style)]
184    #![allow(clippy::print_stderr)]
185    #![allow(clippy::print_stdout)]
186    #![allow(clippy::single_char_pattern)]
187    #![allow(clippy::unwrap_used)]
188    #![allow(clippy::unchecked_time_subtraction)]
189    #![allow(clippy::useless_vec)]
190    #![allow(clippy::needless_pass_by_value)]
191    //! <!-- @@ end test lint list maintained by maint/add_warning @@ -->
192    use super::*;
193    use tor_error::ErrorKind;
194
195    #[derive(Debug, Copy, Clone, PartialEq, thiserror::Error)]
196    #[error("The source of a test error")]
197    struct TestErrorSource;
198
199    #[derive(Debug, Clone, thiserror::Error)]
200    #[error("A test error")]
201    struct TestError(#[from] TestErrorSource);
202
203    impl KeystoreError for TestError {}
204
205    impl HasKind for TestError {
206        fn kind(&self) -> ErrorKind {
207            ErrorKind::Other
208        }
209    }
210
211    #[test]
212    fn error_source() {
213        let e: Error = (Arc::new(TestError(TestErrorSource)) as Arc<dyn KeystoreError>).into();
214
215        assert_eq!(
216            e.source().unwrap().to_string(),
217            TestError(TestErrorSource).to_string()
218        );
219    }
220}