identity_credential/validator/sd_jwt/
error.rs

1// Copyright 2020-2023 IOTA Stiftung
2// SPDX-License-Identifier: Apache-2.0
3
4use std::borrow::Cow;
5use std::fmt::Display;
6
7use crate::validator::JwtValidationError;
8
9/// An error indicating that an unexpected value was found.
10#[derive(Debug)]
11pub struct UnexpectedValue {
12  /// The optional expected value.
13  pub expected: Option<Cow<'static, str>>,
14  /// The actual value that was found.
15  pub found: Box<str>,
16}
17
18impl Display for UnexpectedValue {
19  fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
20    if let Some(expected) = &self.expected {
21      write!(f, "expected \"{expected}\", but found \"{}\"", self.found)
22    } else {
23      write!(f, "unexpected \"{}\"", self.found)
24    }
25  }
26}
27
28impl std::error::Error for UnexpectedValue {}
29
30/// An error associated with validating KB-JWT.
31#[derive(Debug, thiserror::Error, strum::IntoStaticStr)]
32#[non_exhaustive]
33pub enum KeyBindingJwtError {
34  /// Invalid key binding JWT.
35  #[error("KB-JWT is invalid")]
36  JwtValidationError(
37    #[source]
38    #[from]
39    JwtValidationError,
40  ),
41
42  /// Deserialization failed.
43  #[error("Deserialization error")]
44  DeserializationError(#[source] Box<dyn std::error::Error + Send + Sync>),
45
46  /// Error from `sd_jwt_payload`.
47  #[error(transparent)]
48  SdJwtError(#[from] sd_jwt::Error),
49
50  /// The SD-JWT contains a 'cnf' value that cannot be processed.
51  /// Valid values are [`Kid`](sd_jwt::RequiredKeyBinding::Kid) and
52  /// [`Jwk`](sd_jwt::RequiredKeyBinding::Jwk).
53  #[error("unsupported 'cnf' value")]
54  UnsupportedCnfMethod,
55
56  /// Invalid hash value.
57  #[error("invalid KB-JWT 'sd_hash' value")]
58  InvalidDigest(#[source] UnexpectedValue),
59
60  /// Invalid nonce value.
61  #[error("invalid KB-JWT 'nonce' value")]
62  InvalidNonce(#[source] UnexpectedValue),
63
64  /// Invalid `aud` value.
65  #[error("invalid KB-JWT 'aud' value")]
66  AudienceMismatch(#[source] UnexpectedValue),
67
68  /// Issuance date validation error.
69  #[error("invalid KB-JWT 'iat' value, {0}")]
70  IssuanceDate(String),
71
72  /// SD-JWT does not contain a key binding JWT.
73  #[error("SD-JWT token requires a KB-JWT, but none was found")]
74  MissingKeyBindingJwt,
75
76  /// Header value `typ` is invalid.
77  #[error("invalid KB-JWT header 'typ' value")]
78  InvalidHeaderTypValue(#[source] UnexpectedValue),
79}