1 use thiserror::Error; 2 3 use rcgen::RcgenError; 4 use std::io; 5 use std::string::FromUtf8Error; 6 use tokio::sync::mpsc::error::SendError as MpscSendError; 7 use util::KeyingMaterialExporterError; 8 9 pub type Result<T> = std::result::Result<T, Error>; 10 11 #[derive(Debug, Error, PartialEq)] 12 #[non_exhaustive] 13 pub enum Error { 14 #[error("conn is closed")] 15 ErrConnClosed, 16 #[error("read/write timeout")] 17 ErrDeadlineExceeded, 18 #[error("buffer is too small")] 19 ErrBufferTooSmall, 20 #[error("context is not supported for export_keying_material")] 21 ErrContextUnsupported, 22 #[error("packet is too short")] 23 ErrDtlspacketInvalidLength, 24 #[error("handshake is in progress")] 25 ErrHandshakeInProgress, 26 #[error("invalid content type")] 27 ErrInvalidContentType, 28 #[error("invalid mac")] 29 ErrInvalidMac, 30 #[error("packet length and declared length do not match")] 31 ErrInvalidPacketLength, 32 #[error("export_keying_material can not be used with a reserved label")] 33 ErrReservedExportKeyingMaterial, 34 #[error("client sent certificate verify but we have no certificate to verify")] 35 ErrCertificateVerifyNoCertificate, 36 #[error("client+server do not support any shared cipher suites")] 37 ErrCipherSuiteNoIntersection, 38 #[error("server hello can not be created without a cipher suite")] 39 ErrCipherSuiteUnset, 40 #[error("client sent certificate but did not verify it")] 41 ErrClientCertificateNotVerified, 42 #[error("server required client verification, but got none")] 43 ErrClientCertificateRequired, 44 #[error("server responded with SRTP Profile we do not support")] 45 ErrClientNoMatchingSrtpProfile, 46 #[error("client required Extended Master Secret extension, but server does not support it")] 47 ErrClientRequiredButNoServerEms, 48 #[error("server hello can not be created without a compression method")] 49 ErrCompressionMethodUnset, 50 #[error("client+server cookie does not match")] 51 ErrCookieMismatch, 52 #[error("cookie must not be longer then 255 bytes")] 53 ErrCookieTooLong, 54 #[error("PSK Identity Hint provided but PSK is nil")] 55 ErrIdentityNoPsk, 56 #[error("no certificate provided")] 57 ErrInvalidCertificate, 58 #[error("cipher spec invalid")] 59 ErrInvalidCipherSpec, 60 #[error("invalid or unknown cipher suite")] 61 ErrInvalidCipherSuite, 62 #[error("unable to determine if ClientKeyExchange is a public key or PSK Identity")] 63 ErrInvalidClientKeyExchange, 64 #[error("invalid or unknown compression method")] 65 ErrInvalidCompressionMethod, 66 #[error("ECDSA signature contained zero or negative values")] 67 ErrInvalidEcdsasignature, 68 #[error("invalid or unknown elliptic curve type")] 69 ErrInvalidEllipticCurveType, 70 #[error("invalid extension type")] 71 ErrInvalidExtensionType, 72 #[error("invalid hash algorithm")] 73 ErrInvalidHashAlgorithm, 74 #[error("invalid named curve")] 75 ErrInvalidNamedCurve, 76 #[error("invalid private key type")] 77 ErrInvalidPrivateKey, 78 #[error("named curve and private key type does not match")] 79 ErrNamedCurveAndPrivateKeyMismatch, 80 #[error("invalid server name format")] 81 ErrInvalidSniFormat, 82 #[error("invalid signature algorithm")] 83 ErrInvalidSignatureAlgorithm, 84 #[error("expected and actual key signature do not match")] 85 ErrKeySignatureMismatch, 86 #[error("Conn can not be created with a nil nextConn")] 87 ErrNilNextConn, 88 #[error("connection can not be created, no CipherSuites satisfy this Config")] 89 ErrNoAvailableCipherSuites, 90 #[error("connection can not be created, no SignatureScheme satisfy this Config")] 91 ErrNoAvailableSignatureSchemes, 92 #[error("no certificates configured")] 93 ErrNoCertificates, 94 #[error("no config provided")] 95 ErrNoConfigProvided, 96 #[error("client requested zero or more elliptic curves that are not supported by the server")] 97 ErrNoSupportedEllipticCurves, 98 #[error("unsupported protocol version")] 99 ErrUnsupportedProtocolVersion, 100 #[error("Certificate and PSK provided")] 101 ErrPskAndCertificate, 102 #[error("PSK and PSK Identity Hint must both be set for client")] 103 ErrPskAndIdentityMustBeSetForClient, 104 #[error("SRTP support was requested but server did not respond with use_srtp extension")] 105 ErrRequestedButNoSrtpExtension, 106 #[error("Certificate is mandatory for server")] 107 ErrServerMustHaveCertificate, 108 #[error("client requested SRTP but we have no matching profiles")] 109 ErrServerNoMatchingSrtpProfile, 110 #[error( 111 "server requires the Extended Master Secret extension, but the client does not support it" 112 )] 113 ErrServerRequiredButNoClientEms, 114 #[error("expected and actual verify data does not match")] 115 ErrVerifyDataMismatch, 116 #[error("handshake message unset, unable to marshal")] 117 ErrHandshakeMessageUnset, 118 #[error("invalid flight number")] 119 ErrInvalidFlight, 120 #[error("unable to generate key signature, unimplemented")] 121 ErrKeySignatureGenerateUnimplemented, 122 #[error("unable to verify key signature, unimplemented")] 123 ErrKeySignatureVerifyUnimplemented, 124 #[error("data length and declared length do not match")] 125 ErrLengthMismatch, 126 #[error("buffer not long enough to contain nonce")] 127 ErrNotEnoughRoomForNonce, 128 #[error("feature has not been implemented yet")] 129 ErrNotImplemented, 130 #[error("sequence number overflow")] 131 ErrSequenceNumberOverflow, 132 #[error("unable to marshal fragmented handshakes")] 133 ErrUnableToMarshalFragmented, 134 #[error("invalid state machine transition")] 135 ErrInvalidFsmTransition, 136 #[error("ApplicationData with epoch of 0")] 137 ErrApplicationDataEpochZero, 138 #[error("unhandled contentType")] 139 ErrUnhandledContextType, 140 #[error("context canceled")] 141 ErrContextCanceled, 142 #[error("empty fragment")] 143 ErrEmptyFragment, 144 #[error("Alert is Fatal or Close Notify")] 145 ErrAlertFatalOrClose, 146 147 #[error( 148 "Fragment buffer overflow. New size {new_size} is greater than specified max {max_size}" 149 )] 150 ErrFragmentBufferOverflow { new_size: usize, max_size: usize }, 151 152 #[error("{0}")] 153 Io(#[source] IoError), 154 #[error("{0}")] 155 Util(#[from] util::Error), 156 #[error("utf8: {0}")] 157 Utf8(#[from] FromUtf8Error), 158 #[error("{0}")] 159 Sec1(#[source] sec1::Error), 160 #[error("{0}")] 161 P256(#[source] P256Error), 162 #[error("{0}")] 163 RcGen(#[from] RcgenError), 164 #[error("mpsc send: {0}")] 165 MpscSend(String), 166 #[error("keying material: {0}")] 167 KeyingMaterial(#[from] KeyingMaterialExporterError), 168 169 /// Error parsing a given PEM string. 170 #[error("invalid PEM: {0}")] 171 InvalidPEM(String), 172 173 #[allow(non_camel_case_types)] 174 #[error("{0}")] 175 Other(String), 176 } 177 178 #[derive(Debug, Error)] 179 #[error("io error: {0}")] 180 pub struct IoError(#[from] pub io::Error); 181 182 // Workaround for wanting PartialEq for io::Error. 183 impl PartialEq for IoError { eq(&self, other: &Self) -> bool184 fn eq(&self, other: &Self) -> bool { 185 self.0.kind() == other.0.kind() 186 } 187 } 188 189 impl From<io::Error> for Error { from(e: io::Error) -> Self190 fn from(e: io::Error) -> Self { 191 Error::Io(IoError(e)) 192 } 193 } 194 195 impl From<sec1::Error> for Error { from(e: sec1::Error) -> Self196 fn from(e: sec1::Error) -> Self { 197 Error::Sec1(e) 198 } 199 } 200 201 #[derive(Debug, Error)] 202 #[error("{0}")] 203 pub struct P256Error(#[source] p256::elliptic_curve::Error); 204 205 impl PartialEq for P256Error { eq(&self, _: &Self) -> bool206 fn eq(&self, _: &Self) -> bool { 207 false 208 } 209 } 210 211 impl From<p256::elliptic_curve::Error> for Error { from(e: p256::elliptic_curve::Error) -> Self212 fn from(e: p256::elliptic_curve::Error) -> Self { 213 Error::P256(P256Error(e)) 214 } 215 } 216 217 impl From<block_modes::InvalidKeyIvLength> for Error { from(e: block_modes::InvalidKeyIvLength) -> Self218 fn from(e: block_modes::InvalidKeyIvLength) -> Self { 219 Error::Other(e.to_string()) 220 } 221 } 222 impl From<block_modes::BlockModeError> for Error { from(e: block_modes::BlockModeError) -> Self223 fn from(e: block_modes::BlockModeError) -> Self { 224 Error::Other(e.to_string()) 225 } 226 } 227 228 // Because Tokio SendError is parameterized, we sadly lose the backtrace. 229 impl<T> From<MpscSendError<T>> for Error { from(e: MpscSendError<T>) -> Self230 fn from(e: MpscSendError<T>) -> Self { 231 Error::MpscSend(e.to_string()) 232 } 233 } 234