1use std::io;
2use std::string::FromUtf8Error;
3
4use thiserror::Error;
5use tokio::sync::mpsc::error::SendError as MpscSendError;
6use util::KeyingMaterialExporterError;
7
8pub type Result<T> = std::result::Result<T, Error>;
9
10#[derive(Debug, Error, PartialEq)]
11#[non_exhaustive]
12pub enum Error {
13 #[error("conn is closed")]
14 ErrConnClosed,
15 #[error("read/write timeout")]
16 ErrDeadlineExceeded,
17 #[error("buffer is too small")]
18 ErrBufferTooSmall,
19 #[error("context is not supported for export_keying_material")]
20 ErrContextUnsupported,
21 #[error("packet is too short")]
22 ErrDtlspacketInvalidLength,
23 #[error("handshake is in progress")]
24 ErrHandshakeInProgress,
25 #[error("invalid content type")]
26 ErrInvalidContentType,
27 #[error("invalid mac")]
28 ErrInvalidMac,
29 #[error("packet length and declared length do not match")]
30 ErrInvalidPacketLength,
31 #[error("export_keying_material can not be used with a reserved label")]
32 ErrReservedExportKeyingMaterial,
33 #[error("client sent certificate verify but we have no certificate to verify")]
34 ErrCertificateVerifyNoCertificate,
35 #[error("client+server do not support any shared cipher suites")]
36 ErrCipherSuiteNoIntersection,
37 #[error("server hello can not be created without a cipher suite")]
38 ErrCipherSuiteUnset,
39 #[error("client sent certificate but did not verify it")]
40 ErrClientCertificateNotVerified,
41 #[error("server required client verification, but got none")]
42 ErrClientCertificateRequired,
43 #[error("server responded with SRTP Profile we do not support")]
44 ErrClientNoMatchingSrtpProfile,
45 #[error("client required Extended Master Secret extension, but server does not support it")]
46 ErrClientRequiredButNoServerEms,
47 #[error("server hello can not be created without a compression method")]
48 ErrCompressionMethodUnset,
49 #[error("client+server cookie does not match")]
50 ErrCookieMismatch,
51 #[error("cookie must not be longer then 255 bytes")]
52 ErrCookieTooLong,
53 #[error("PSK Identity Hint provided but PSK is nil")]
54 ErrIdentityNoPsk,
55 #[error("no certificate provided")]
56 ErrInvalidCertificate,
57 #[error("cipher spec invalid")]
58 ErrInvalidCipherSpec,
59 #[error("invalid or unknown cipher suite")]
60 ErrInvalidCipherSuite,
61 #[error("unable to determine if ClientKeyExchange is a public key or PSK Identity")]
62 ErrInvalidClientKeyExchange,
63 #[error("invalid or unknown compression method")]
64 ErrInvalidCompressionMethod,
65 #[error("ECDSA signature contained zero or negative values")]
66 ErrInvalidEcdsasignature,
67 #[error("invalid or unknown elliptic curve type")]
68 ErrInvalidEllipticCurveType,
69 #[error("invalid extension type")]
70 ErrInvalidExtensionType,
71 #[error("invalid hash algorithm")]
72 ErrInvalidHashAlgorithm,
73 #[error("invalid named curve")]
74 ErrInvalidNamedCurve,
75 #[error("invalid private key type")]
76 ErrInvalidPrivateKey,
77 #[error("named curve and private key type does not match")]
78 ErrNamedCurveAndPrivateKeyMismatch,
79 #[error("invalid server name format")]
80 ErrInvalidSniFormat,
81 #[error("invalid signature algorithm")]
82 ErrInvalidSignatureAlgorithm,
83 #[error("expected and actual key signature do not match")]
84 ErrKeySignatureMismatch,
85 #[error("Conn can not be created with a nil nextConn")]
86 ErrNilNextConn,
87 #[error("connection can not be created, no CipherSuites satisfy this Config")]
88 ErrNoAvailableCipherSuites,
89 #[error("connection can not be created, no SignatureScheme satisfy this Config")]
90 ErrNoAvailableSignatureSchemes,
91 #[error("no certificates configured")]
92 ErrNoCertificates,
93 #[error("no config provided")]
94 ErrNoConfigProvided,
95 #[error("client requested zero or more elliptic curves that are not supported by the server")]
96 ErrNoSupportedEllipticCurves,
97 #[error("unsupported protocol version")]
98 ErrUnsupportedProtocolVersion,
99 #[error("Certificate and PSK provided")]
100 ErrPskAndCertificate,
101 #[error("PSK and PSK Identity Hint must both be set for client")]
102 ErrPskAndIdentityMustBeSetForClient,
103 #[error("SRTP support was requested but server did not respond with use_srtp extension")]
104 ErrRequestedButNoSrtpExtension,
105 #[error("Certificate is mandatory for server")]
106 ErrServerMustHaveCertificate,
107 #[error("client requested SRTP but we have no matching profiles")]
108 ErrServerNoMatchingSrtpProfile,
109 #[error(
110 "server requires the Extended Master Secret extension, but the client does not support it"
111 )]
112 ErrServerRequiredButNoClientEms,
113 #[error("expected and actual verify data does not match")]
114 ErrVerifyDataMismatch,
115 #[error("handshake message unset, unable to marshal")]
116 ErrHandshakeMessageUnset,
117 #[error("invalid flight number")]
118 ErrInvalidFlight,
119 #[error("unable to generate key signature, unimplemented")]
120 ErrKeySignatureGenerateUnimplemented,
121 #[error("unable to verify key signature, unimplemented")]
122 ErrKeySignatureVerifyUnimplemented,
123 #[error("data length and declared length do not match")]
124 ErrLengthMismatch,
125 #[error("buffer not long enough to contain nonce")]
126 ErrNotEnoughRoomForNonce,
127 #[error("feature has not been implemented yet")]
128 ErrNotImplemented,
129 #[error("sequence number overflow")]
130 ErrSequenceNumberOverflow,
131 #[error("unable to marshal fragmented handshakes")]
132 ErrUnableToMarshalFragmented,
133 #[error("invalid state machine transition")]
134 ErrInvalidFsmTransition,
135 #[error("ApplicationData with epoch of 0")]
136 ErrApplicationDataEpochZero,
137 #[error("unhandled contentType")]
138 ErrUnhandledContextType,
139 #[error("context canceled")]
140 ErrContextCanceled,
141 #[error("empty fragment")]
142 ErrEmptyFragment,
143 #[error("Alert is Fatal or Close Notify")]
144 ErrAlertFatalOrClose,
145
146 #[error(
147 "Fragment buffer overflow. New size {new_size} is greater than specified max {max_size}"
148 )]
149 ErrFragmentBufferOverflow { new_size: usize, max_size: usize },
150
151 #[error("{0}")]
152 Io(#[source] IoError),
153 #[error("{0}")]
154 Util(#[from] util::Error),
155 #[error("utf8: {0}")]
156 Utf8(#[from] FromUtf8Error),
157 #[error("{0}")]
158 Sec1(#[source] sec1::Error),
159 #[error("{0}")]
160 Aes(#[from] aes::cipher::InvalidLength),
161 #[error("{0}")]
162 P256(#[source] P256Error),
163 #[error("{0}")]
164 RcGen(#[from] rcgen::Error),
165 #[error("mpsc send: {0}")]
166 MpscSend(String),
167 #[error("keying material: {0}")]
168 KeyingMaterial(#[from] KeyingMaterialExporterError),
169
170 #[error("invalid PEM: {0}")]
172 InvalidPEM(String),
173
174 #[allow(non_camel_case_types)]
175 #[error("{0}")]
176 Other(String),
177}
178
179#[derive(Debug, Error)]
180#[error("io error: {0}")]
181pub struct IoError(#[from] pub io::Error);
182
183impl PartialEq for IoError {
185 fn eq(&self, other: &Self) -> bool {
186 self.0.kind() == other.0.kind()
187 }
188}
189
190impl From<io::Error> for Error {
191 fn from(e: io::Error) -> Self {
192 Error::Io(IoError(e))
193 }
194}
195
196impl From<sec1::Error> for Error {
197 fn from(e: sec1::Error) -> Self {
198 Error::Sec1(e)
199 }
200}
201
202#[derive(Debug, Error)]
203#[error("{0}")]
204pub struct P256Error(#[source] p256::elliptic_curve::Error);
205
206impl PartialEq for P256Error {
207 fn eq(&self, _: &Self) -> bool {
208 false
209 }
210}
211
212impl From<p256::elliptic_curve::Error> for Error {
213 fn from(e: p256::elliptic_curve::Error) -> Self {
214 Error::P256(P256Error(e))
215 }
216}
217
218impl<T> From<MpscSendError<T>> for Error {
220 fn from(e: MpscSendError<T>) -> Self {
221 Error::MpscSend(e.to_string())
222 }
223}