core_crypto/e2e_identity/
error.rs

1//! End to end identity errors
2
3// We allow missing documentation in the error module because the types are generally self-descriptive.
4#![allow(missing_docs)]
5
6use crate::prelude::MlsCredentialType;
7use core_crypto_keystore::CryptoKeystoreError;
8
9pub type Result<T, E = Error> = core::result::Result<T, E>;
10
11#[derive(Debug, thiserror::Error)]
12pub enum Error {
13    #[error("Incorrect usage of this API")]
14    ImplementationError,
15    #[error("Not yet supported")]
16    NotYetSupported,
17    #[error("Expected a MLS client with credential type {0:?} but none found")]
18    MissingExistingClient(MlsCredentialType),
19    #[error("Enrollment methods are called out of order: {0}")]
20    OutOfOrderEnrollment(&'static str),
21    #[error("Invalid OIDC RefreshToken supplied")]
22    InvalidRefreshToken,
23    #[error(
24        "We already have an ACME Root Trust Anchor registered. Cannot proceed but this is usually indicative of double registration and can be ignored"
25    )]
26    TrustAnchorAlreadyRegistered,
27    #[error("The encountered ClientId does not match Wire's definition")]
28    InvalidClientId,
29    #[error("This function accepts a list of IDs as a parameter, but that list was empty")]
30    EmptyInputIdList,
31    #[error("PKI Environment must be set before calling this function")]
32    PkiEnvironmentUnset,
33    #[error("An error occurred while trying to persist the RefreshToken in the keystore")]
34    KeyStoreError(#[from] CryptoKeystoreError),
35    #[error(transparent)]
36    IdentityError(#[from] wire_e2e_identity::prelude::E2eIdentityError),
37    #[error(transparent)]
38    X509Error(#[from] wire_e2e_identity::prelude::x509::RustyX509CheckError),
39    #[error(transparent)]
40    UrlError(#[from] url::ParseError),
41    #[error(transparent)]
42    JsonError(#[from] serde_json::Error),
43    #[error(transparent)]
44    X509CertDerError(#[from] x509_cert::der::Error),
45    #[error("Serializing key package for TLS")]
46    TlsSerializingKeyPackage(#[from] tls_codec::Error),
47    #[error("{context}: {upstream}")]
48    CertificateValidation {
49        context: &'static str,
50        // We the programmer know that this error type comes from the `certval` crate,
51        // but that is not in scope at this point and doesn't implement `std::error::Error`,
52        // so ¯\_(ツ)_/¯
53        upstream: String,
54    },
55    #[error(transparent)]
56    Mls(#[from] crate::MlsError),
57    #[error(transparent)]
58    Keystore(#[from] crate::KeystoreError),
59    #[error("{0}")]
60    Leaf(#[from] crate::LeafError),
61    #[error(transparent)]
62    Recursive(#[from] crate::RecursiveError),
63}
64
65impl Error {
66    pub(crate) fn certificate_validation<E>(context: &'static str) -> impl FnOnce(E) -> Self
67    where
68        E: std::fmt::Debug,
69    {
70        move |source| Self::CertificateValidation {
71            context,
72            upstream: format!("{source:?}"),
73        }
74    }
75}