Lines
68.42 %
Functions
75 %
Branches
100 %
//! An error type for the `tor-keymgr` crate.
use tor_error::HasKind;
use dyn_clone::DynClone;
use tor_persist::slug::BadSlug;
use std::error::Error as StdError;
use std::fmt;
use std::sync::Arc;
use crate::raw::RawEntryId;
use crate::{KeyPath, KeyPathError, KeystoreId};
/// An Error type for this crate.
#[derive(thiserror::Error, Debug, Clone)]
#[non_exhaustive]
pub enum Error {
/// Detected keustore corruption.
#[error("{0}")]
Corruption(#[from] KeystoreCorruptionError),
/// An opaque error returned by a [`Keystore`](crate::Keystore).
Keystore(#[from] Arc<dyn KeystoreError>),
/// An error returned when the [`KeyMgr`](crate::KeyMgr) is asked to generate a key that already exists.
///
/// Note that because there is no locking of the keystore,
/// this situation is not reliably detected
/// in the presence of concurrent tasks trying to generate the same key.
/// So this error is provided to help the human user,
/// but mustn't be relied on for correctness.
#[error("Key already exists")]
KeyAlreadyExists,
/// Error coming from the tor-key-forgecrate
KeyForge(#[from] tor_key_forge::Error),
/// An error caused by an invalid certificate.
InvalidCert(#[from] tor_key_forge::InvalidCertError),
/// An error returned when the [`KeyMgr`](crate::KeyMgr) is unable to
/// find a [`Keystore`](crate::Keystore) matching a given [`KeystoreId`]
/// in either its `primary_store` field or the `secondary_stores` collection.
#[error("Keystore {0} not found")]
KeystoreNotFound(KeystoreId),
/// An internal error.
#[error("Internal error")]
Bug(#[from] tor_error::Bug),
}
/// An error returned by a [`Keystore`](crate::Keystore).
pub trait KeystoreError:
HasKind + StdError + DynClone + fmt::Debug + fmt::Display + Send + Sync + 'static
{
impl HasKind for Error {
fn kind(&self) -> tor_error::ErrorKind {
use Error as E;
use tor_error::ErrorKind as EK;
match self {
E::Keystore(e) => e.kind(),
E::Corruption(_) => EK::KeystoreCorrupted,
E::KeyAlreadyExists => EK::BadApiUsage, // TODO: not strictly right
E::KeystoreNotFound(_) => EK::BadApiUsage, // TODO: not strictly right
E::KeyForge(_) => EK::BadApiUsage,
E::InvalidCert(_) => EK::BadApiUsage, // TODO: not strictly right
E::Bug(e) => e.kind(),
/// An error caused by a syntactically invalid [`ArtiPath`](crate::ArtiPath).
/// The `ArtiPath` is not in the legal syntax: it contains bad characters,
/// or a syntactically invalid components.
/// (Does not include any errors arising from paths which are invalid
/// *for the particular key*.)
#[error("Invalid ArtiPath")]
pub enum ArtiPathSyntaxError {
/// One of the path slugs was invalid.
Slug(#[from] BadSlug),
/// An error caused by keystore corruption.
#[error("Keystore corruption")]
pub enum KeystoreCorruptionError {
/// A keystore contains a key that has an invalid [`KeyPath`].
KeyPath(#[from] KeyPathError),
/// A keystore contains an unrecognized [`KeyPath`].
#[error("Unrecognized key path {0}")]
Unrecognized(KeyPath),
/// Missing certificate for key.
#[error("Missing certificate for key")]
MissingCertificate,
/// Missing the subject key of a certificate we own.
#[error("Subject key of certificate not found")]
MissingSubjectKey,
/// Missing signing key for certificate.
#[error("Missing signing key for certificate")]
MissingSigningKey,
/// An error that happens when we encounter an unknown key type.
#[derive(thiserror::Error, PartialEq, Eq, Debug, Clone)]
#[error("unknown key type: arti_extension={arti_extension}")]
pub struct UnknownKeyTypeError {
/// The extension used for keys of this type in an Arti keystore.
pub(crate) arti_extension: String,
/// An unrecognized keystore entry.
#[derive(Clone, Debug, amplify::Getters, thiserror::Error)]
#[error("Unrecognized keystore entry")]
pub struct UnrecognizedEntryError {
/// An identifier of the entry that caused the error.
entry: UnrecognizedEntry,
/// The underlying error that occurred.
// TODO: This should be an `Error` specific for the situation.
//
// [`KeystoreError`] is a provvisory solution that presents
// some issues, for example:
// * not all variants of `KeystoreError` are relevant
// * redundancy with some other Error types like
// [`MalformedServiceKeyError::NotAKey`](crate::keystore::ctor::err::MalformedServiceKeyError)
// * [`Keystore::list`](crate::Keystore) returns
// `StdResult<Vec<StdResult<(KeyPath, KeystoreItemType), UnrecognizedEntryError>>, KeystoreError>`,
// `KeystoreError` presents itself twice at 2 different levels, there is ambiguity
#[source]
error: Arc<dyn KeystoreError>,
impl UnrecognizedEntryError {
/// Create a new instance of `KeystoreListError` given an `UnrecognizedEntry`
/// and an `Arc<dyn KeystoreError>`.
pub(crate) fn new(entry: UnrecognizedEntry, error: Arc<dyn KeystoreError>) -> Self {
Self { entry, error }
/// The opaque identifier of an unrecognized key inside a [`Keystore`](crate::Keystore).
#[derive(Debug, Clone, PartialEq, amplify::Getters)]
pub struct UnrecognizedEntry {
/// The [`RawEntryId`] of the key, an identifier used in `arti raw` operations.
#[cfg_attr(not(feature = "onion-service-cli-extra"), getter(skip))]
raw_id: RawEntryId,
/// The [`KeystoreId`] of the keystore where the entry was found.
keystore_id: KeystoreId,
impl UnrecognizedEntry {
/// Create a new [`UnrecognizedEntry`] from a raw identifier.
pub(crate) fn new(raw_id: RawEntryId, keystore_id: KeystoreId) -> Self {
Self {
raw_id,
keystore_id,
#[cfg(test)]
mod tests {
// @@ begin test lint list maintained by maint/add_warning @@
#![allow(clippy::bool_assert_comparison)]
#![allow(clippy::clone_on_copy)]
#![allow(clippy::dbg_macro)]
#![allow(clippy::mixed_attributes_style)]
#![allow(clippy::print_stderr)]
#![allow(clippy::print_stdout)]
#![allow(clippy::single_char_pattern)]
#![allow(clippy::unwrap_used)]
#![allow(clippy::unchecked_time_subtraction)]
#![allow(clippy::useless_vec)]
#![allow(clippy::needless_pass_by_value)]
#![allow(clippy::string_slice)] // See arti#2571
//! <!-- @@ end test lint list maintained by maint/add_warning @@ -->
use super::*;
use tor_error::ErrorKind;
#[derive(Debug, Copy, Clone, PartialEq, thiserror::Error)]
#[error("The source of a test error")]
struct TestErrorSource;
#[derive(Debug, Clone, thiserror::Error)]
#[error("A test error")]
struct TestError(#[from] TestErrorSource);
impl KeystoreError for TestError {}
impl HasKind for TestError {
fn kind(&self) -> ErrorKind {
ErrorKind::Other
#[test]
fn error_source() {
let e: Error = (Arc::new(TestError(TestErrorSource)) as Arc<dyn KeystoreError>).into();
assert_eq!(
e.source().unwrap().to_string(),
TestError(TestErrorSource).to_string()
);