• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 //! X.509 errors
2 
3 use der_parser::error::BerError;
4 use nom::error::{ErrorKind, ParseError};
5 use nom::IResult;
6 
7 /// An error that can occur while converting an OID to a Nid.
8 #[derive(Debug, PartialEq)]
9 pub struct NidError;
10 
11 /// Holds the result of parsing functions (X.509)
12 ///
13 /// Note that this type is also a `Result`, so usual functions (`map`, `unwrap` etc.) are available.
14 pub type X509Result<'a, T> = IResult<&'a [u8], T, X509Error>;
15 
16 /// An error that can occur while parsing or validating a certificate.
17 #[derive(Clone, Debug, PartialEq, thiserror::Error)]
18 pub enum X509Error {
19     #[error("generic error")]
20     Generic,
21 
22     #[error("invalid version")]
23     InvalidVersion,
24     #[error("invalid serial")]
25     InvalidSerial,
26     #[error("invalid algorithm identifier")]
27     InvalidAlgorithmIdentifier,
28     #[error("invalid X.509 name")]
29     InvalidX509Name,
30     #[error("invalid date")]
31     InvalidDate,
32     #[error("invalid X.509 Subject Public Key Info")]
33     InvalidSPKI,
34     #[error("invalid X.509 Subject Unique ID")]
35     InvalidSubjectUID,
36     #[error("invalid X.509 Issuer Unique ID")]
37     InvalidIssuerUID,
38     #[error("invalid extensions")]
39     InvalidExtensions,
40     #[error("invalid attributes")]
41     InvalidAttributes,
42     #[error("duplicate extensions")]
43     DuplicateExtensions,
44     #[error("duplicate attributes")]
45     DuplicateAttributes,
46     #[error("invalid Signature DER Value")]
47     InvalidSignatureValue,
48     #[error("invalid TBS certificate")]
49     InvalidTbsCertificate,
50 
51     // error types from CRL
52     #[error("invalid User certificate")]
53     InvalidUserCertificate,
54 
55     /// Top-level certificate structure is invalid
56     #[error("invalid certificate")]
57     InvalidCertificate,
58 
59     #[error("signature verification error")]
60     SignatureVerificationError,
61     #[error("signature unsupported algorithm")]
62     SignatureUnsupportedAlgorithm,
63 
64     #[error("BER error: {0}")]
65     Der(#[from] BerError),
66     #[error("nom error: {0:?}")]
67     NomError(ErrorKind),
68 }
69 
70 impl From<X509Error> for nom::Err<X509Error> {
from(e: X509Error) -> nom::Err<X509Error>71     fn from(e: X509Error) -> nom::Err<X509Error> {
72         nom::Err::Error(e)
73     }
74 }
75 
76 impl From<ErrorKind> for X509Error {
from(e: ErrorKind) -> X509Error77     fn from(e: ErrorKind) -> X509Error {
78         X509Error::NomError(e)
79     }
80 }
81 
82 impl<I> ParseError<I> for X509Error {
from_error_kind(_input: I, kind: ErrorKind) -> Self83     fn from_error_kind(_input: I, kind: ErrorKind) -> Self {
84         X509Error::NomError(kind)
85     }
append(_input: I, kind: ErrorKind, _other: Self) -> Self86     fn append(_input: I, kind: ErrorKind, _other: Self) -> Self {
87         X509Error::NomError(kind)
88     }
89 }
90 
91 /// An error that can occur while parsing or validating a certificate.
92 #[derive(Debug, thiserror::Error)]
93 pub enum PEMError {
94     #[error("base64 decode error")]
95     Base64DecodeError,
96     #[error("incomplete PEM")]
97     IncompletePEM,
98     #[error("invalid header")]
99     InvalidHeader,
100     #[error("missing header")]
101     MissingHeader,
102 
103     #[error("IO error: {0}")]
104     IOError(#[from] std::io::Error),
105 }
106