core_crypto/mls/session/
error.rs

1//! MLS errors
2
3// We allow missing documentation in the error module because the types are generally self-descriptive.
4#![allow(missing_docs)]
5
6pub(crate) type Result<T, E = Error> = core::result::Result<T, E>;
7
8#[derive(Debug, thiserror::Error)]
9pub enum Error {
10    #[error("Supplied user id was not valid")]
11    InvalidUserId,
12    #[error("X509 certificate bundle set was empty")]
13    NoX509CertificateBundle,
14    #[error("Tried to insert an already existing CredentialBundle")]
15    CredentialBundleConflict,
16    #[error("A MLS operation was requested but MLS hasn't been initialized on this instance")]
17    MlsNotInitialized,
18    #[error("A Credential of type {0:?} was not found locally which is very likely an implementation error")]
19    CredentialNotFound(crate::prelude::MlsCredentialType),
20    #[error("supplied signature scheme was not valid")]
21    InvalidSignatureScheme,
22    /// The keystore has no knowledge of such client; this shouldn't happen as Client::init is failsafe (find-else-create)
23    #[error("The provided client signature has not been found in the keystore")]
24    ClientSignatureNotFound,
25    /// Client was unexpectedly ready.
26    ///
27    /// This indicates an invalid calling pattern.
28    #[error("Client was unexpectedly ready")]
29    UnexpectedlyReady,
30    #[error("The keystore already contains a stored identity. Cannot create a new one!")]
31    IdentityAlreadyPresent,
32    #[error(
33        r#"The externally-generated client ID initialization cannot continue - there's no provisional keypair in-store!
34
35        Have you called `CoreCrypto::generate_raw_keypair` ?"#
36    )]
37    NoProvisionalIdentityFound,
38    /// This error occurs when during the MLS external client generation, we end up with more than one client identity in store.
39    ///
40    /// This is usually not possible, unless there's some kind of concurrency issue
41    /// on the consumer (creating an ext-gen client AND a normal one at the same time for instance)
42    #[error(
43        "Somehow CoreCrypto holds more than one MLS identity. Something might've gone very wrong with this client!"
44    )]
45    TooManyIdentitiesPresent,
46    #[error("The supplied credential does not match the id or signature schemes provided")]
47    WrongCredential,
48    #[error("An EpochObserver has already been registered; reregistration is not possible")]
49    EpochObserverAlreadyExists,
50    #[error("Serializing {item} for TLS")]
51    TlsSerialize {
52        item: &'static str,
53        #[source]
54        source: tls_codec::Error,
55    },
56    #[error("Deserializing {item} for TLS")]
57    TlsDeserialize {
58        item: &'static str,
59        #[source]
60        source: tls_codec::Error,
61    },
62    #[error(transparent)]
63    Mls(#[from] crate::MlsError),
64    #[error(transparent)]
65    Keystore(#[from] crate::KeystoreError),
66    #[error("{0}")]
67    Leaf(#[from] crate::LeafError),
68    #[error(transparent)]
69    Recursive(#[from] crate::RecursiveError),
70}
71
72impl Error {
73    pub fn tls_serialize(item: &'static str) -> impl FnOnce(tls_codec::Error) -> Self {
74        move |source| Self::TlsSerialize { item, source }
75    }
76
77    pub fn tls_deserialize(item: &'static str) -> impl FnOnce(tls_codec::Error) -> Self {
78        move |source| Self::TlsDeserialize { item, source }
79    }
80}