ring/error/key_rejected.rs
1// Copyright 2016-2024 Brian Smith.
2//
3// Permission to use, copy, modify, and/or distribute this software for any
4// purpose with or without fee is hereby granted, provided that the above
5// copyright notice and this permission notice appear in all copies.
6//
7// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14
15//! Error reporting.
16
17#[cfg(feature = "std")]
18extern crate std;
19
20/// An error parsing or validating a key.
21///
22/// The `Display` implementation will return a string that will help you better
23/// understand why a key was rejected change which errors are reported in which
24/// situations while minimizing the likelihood that any applications will be
25/// broken.
26///
27/// Here is an incomplete list of reasons a key may be unsupported:
28///
29/// * Invalid or Inconsistent Components: A component of the key has an invalid
30/// value, or the mathematical relationship between two (or more) components
31/// required for a valid key does not hold.
32///
33/// * The encoding of the key is invalid. Perhaps the key isn't in the correct
34/// format; e.g. it may be Base64 ("PEM") encoded, in which case the Base64
35/// encoding needs to be undone first.
36///
37/// * The encoding includes a versioning mechanism and that mechanism indicates
38/// that the key is encoded in a version of the encoding that isn't supported.
39/// This might happen for multi-prime RSA keys (keys with more than two
40/// private prime factors), which aren't supported, for example.
41///
42/// * Too small or too Large: One of the primary components of the key is too
43/// small or two large. Too-small keys are rejected for security reasons. Some
44/// unnecessarily large keys are rejected for performance reasons.
45///
46/// * Wrong algorithm: The key is not valid for the algorithm in which it was
47/// being used.
48///
49/// * Unexpected errors: Report this as a bug.
50#[derive(Copy, Clone, Debug)]
51pub struct KeyRejected(&'static str);
52
53impl KeyRejected {
54 pub(crate) fn inconsistent_components() -> Self {
55 Self("InconsistentComponents")
56 }
57
58 pub(crate) fn invalid_component() -> Self {
59 Self("InvalidComponent")
60 }
61
62 #[inline]
63 pub(crate) fn invalid_encoding() -> Self {
64 Self("InvalidEncoding")
65 }
66
67 // XXX: See the comment at the call site.
68 pub(crate) fn rng_failed() -> Self {
69 Self("RNG failed")
70 }
71
72 pub(crate) fn public_key_is_missing() -> Self {
73 Self("PublicKeyIsMissing")
74 }
75
76 #[cfg(feature = "alloc")]
77 pub(crate) fn too_small() -> Self {
78 Self("TooSmall")
79 }
80
81 #[cfg(feature = "alloc")]
82 pub(crate) fn too_large() -> Self {
83 Self("TooLarge")
84 }
85
86 pub(crate) fn version_not_supported() -> Self {
87 Self("VersionNotSupported")
88 }
89
90 pub(crate) fn wrong_algorithm() -> Self {
91 Self("WrongAlgorithm")
92 }
93
94 #[cfg(feature = "alloc")]
95 pub(crate) fn private_modulus_len_not_multiple_of_512_bits() -> Self {
96 Self("PrivateModulusLenNotMultipleOf512Bits")
97 }
98
99 pub(crate) fn unexpected_error() -> Self {
100 Self("UnexpectedError")
101 }
102}
103
104#[cfg(feature = "std")]
105impl std::error::Error for KeyRejected {}
106
107impl core::fmt::Display for KeyRejected {
108 fn fmt(&self, f: &mut core::fmt::Formatter) -> core::fmt::Result {
109 f.write_str(self.0)
110 }
111}