signstar_config/nethsm/error.rs
1//! Error handling specific to interacting with a [`NetHsmBackend`].
2
3use nethsm::{KeyId, NamespaceId, Url, UserId};
4
5#[cfg(doc)]
6use crate::{
7 config::Config,
8 nethsm::{NetHsmAdminCredentials, NetHsmBackend},
9};
10
11/// An error that may occur when handling a NetHSM backend.
12#[derive(Debug, thiserror::Error)]
13pub enum Error {
14 /// The iteration of the [`NetHsmAdminCredentials`] and [`Config`] are not matching.
15 #[error(
16 "Iteration mismatch: Administrative credentials ({admin_creds}) vs. Signstar config ({signstar_config})"
17 )]
18 IterationMismatch {
19 /// The iteration of the [`NetHsmAdminCredentials`].
20 admin_creds: u32,
21 /// The iteration of the [`Config`].
22 signstar_config: u32,
23 },
24
25 /// A system-wide key misses a tag.
26 #[error("The system-wide key {key_id} misses the tag {tag}")]
27 KeyIsMissingTag {
28 /// The [`KeyId`] of the missing key.
29 key_id: KeyId,
30
31 /// The missing tag.
32 tag: String,
33 },
34
35 /// A system-wide key is missing.
36 #[error("The system-wide key {key_id} is missing")]
37 KeyMissing {
38 /// The [`KeyId`] of the missing key.
39 key_id: KeyId,
40 },
41
42 /// A key has an unexpected number of tags assigned to it.
43 #[error(
44 "The key {key_id} has an unexpected number of tags assigned to it ({number} instead of 1)"
45 )]
46 KeyUnexpectedNumberOfTags {
47 /// The [`KeyId`] of the key that has an unexpected number of tags.
48 key_id: KeyId,
49
50 /// The encountered number of tags.
51 number: usize,
52 },
53
54 /// A namespace admin is not in a namespace.
55 #[error("The NetHSM namespace administrator is not in a namespace: {user}")]
56 NamespaceAdminHasNoNamespace {
57 /// The [`UserId`] of the namespace administrator without a namespace.
58 user: UserId,
59 },
60
61 /// A namespace exists, but no N-Administrator is available for it.
62 #[error(
63 "There is no known N-Administrator available in the namespace {namespace} on the NetHSM backend at {url}"
64 )]
65 NamespaceHasNoAdmin {
66 /// The namespace for which no N-Administrator is available.
67 namespace: NamespaceId,
68
69 /// The URL of the NetHSM backend.
70 url: Url,
71 },
72
73 /// A namespaced key misses a tag.
74 #[error("The key {key_id} in namespace {namespace} misses the tag {tag}")]
75 NamespaceKeyMissesTag {
76 /// The [`KeyId`] of the missing key.
77 key_id: KeyId,
78
79 /// The namespace of the key that is missing a tag.
80 namespace: NamespaceId,
81
82 /// The missing tag.
83 tag: String,
84 },
85
86 /// A namespaced key is missing.
87 #[error("The key {key_id} in namespace {namespace} is missing")]
88 NamespaceKeyMissing {
89 /// The [`KeyId`] of the missing key.
90 key_id: KeyId,
91
92 /// The namespace of the key that is missing.
93 namespace: NamespaceId,
94 },
95
96 /// A namespace does not (yet) exist.
97 #[error("The is namespace {namespace} does not exist (yet)")]
98 NamespaceMissing {
99 /// The namespace that does not (yet) exist.
100 namespace: NamespaceId,
101 },
102
103 /// There is no User ID for an OpenPGP certificate that is supposed to be created.
104 #[error(
105 "The options for the OpenPGP certificate for key {key_id} in namespace {namespace} do not provide a User ID"
106 )]
107 NamespaceOpenPgpUserIdMissing {
108 /// The [`KeyId`] of the key for which the OpenPGP certificate should be created.
109 key_id: KeyId,
110
111 /// The namespace of the key for which the OpenPGP certificate should be created.
112 namespace: NamespaceId,
113 },
114
115 /// A namespaced non-administrative user misses a tag.
116 #[error("The non-administrative user {user} in namespace {namespace} misses the tag {tag}")]
117 NamespaceUserMissingTag {
118 /// The [`UserId`] of the user that misses `tag`.
119 user: UserId,
120
121 /// The namespace that user is in.
122 namespace: NamespaceId,
123
124 /// The missing tag.
125 tag: String,
126 },
127
128 /// A user is not in a specific namespace.
129 #[error("The user {user} is not the namespace {namespace}")]
130 NamespaceUserMissing {
131 /// The [`UserId`] of the user not in `namespace`.
132 user: UserId,
133
134 /// The [`NamespaceId`] of the namespace that `user` is not in.
135 namespace: NamespaceId,
136 },
137
138 /// A user is not in a namespace.
139 #[error("The user {user} is not in a namespace")]
140 NamespaceUserNoNamespace {
141 /// The [`UserId`] of the user without a namespace.
142 user: UserId,
143 },
144
145 /// A [`nethsm::UserError`] occurred.
146 #[error(transparent)]
147 NetHsmUser(#[from] nethsm::UserError),
148
149 /// There is no User ID for an OpenPGP certificate.
150 #[error("The OpenPGP certificate does not have a User ID associated with it")]
151 OpenPgpUserIdMissing {
152 /// The [`KeyId`] of the key for which the OpenPGP certificate should be created.
153 key_id: KeyId,
154 },
155
156 /// The passphrase for a system-wide non-administrative user is missing.
157 #[error("The passphrase for system-wide user {user} is missing")]
158 UserMissingPassphrase {
159 /// The [`UserId`] for which the passphrase is missing.
160 user: UserId,
161 },
162
163 /// A system-wide non-administrative user misses a tag.
164 #[error("The system-wide non-administrative user {user_id} misses the tag {tag}")]
165 UserMissingTag {
166 /// The [`UserId`] of the user that misses `tag`.
167 user_id: UserId,
168
169 /// The missing tag.
170 tag: String,
171 },
172
173 /// A system-wide non-administrative user is missing.
174 #[error("The system-wide non-administrative user {user_id} is missing")]
175 UserMissing {
176 /// The [`UserId`] of the missing user.
177 user_id: UserId,
178 },
179
180 /// A user has an unexpected number of tags assigned to it.
181 #[error(
182 "The Operator user {user_id} has an unexpected number of tags assigned to it ({number} instead of 0 or 1)"
183 )]
184 UserUnexpectedNumberOfTags {
185 /// The [`UserId`] of the user that has an unexpected number of tags assigned to it.
186 user_id: UserId,
187
188 /// The encountered number of tags.
189 number: usize,
190 },
191}