nebula/cert/errors.go

package cert

import (
	"errors"
	"fmt"
)

var (
	ErrBadFormat                  = errors.New("bad wire format")
	ErrRootExpired                = errors.New("root certificate is expired")
	ErrExpired                    = errors.New("certificate is expired")
	ErrNotCA                      = errors.New("certificate is not a CA")
	ErrNotSelfSigned              = errors.New("certificate is not self-signed")
	ErrBlockListed                = errors.New("certificate is in the block list")
	ErrFingerprintMismatch        = errors.New("certificate fingerprint did not match")
	ErrSignatureMismatch          = errors.New("certificate signature did not match")
	ErrInvalidPublicKey           = errors.New("invalid public key")
	ErrInvalidPrivateKey          = errors.New("invalid private key")
	ErrPublicPrivateCurveMismatch = errors.New("public key does not match private key curve")
	ErrPublicPrivateKeyMismatch   = errors.New("public key and private key are not a pair")
	ErrPrivateKeyEncrypted        = errors.New("private key must be decrypted")
	ErrCaNotFound                 = errors.New("could not find ca for the certificate")
	ErrUnknownVersion             = errors.New("certificate version unrecognized")

	ErrInvalidPEMBlock                   = errors.New("input did not contain a valid PEM encoded block")
	ErrInvalidPEMCertificateBanner       = errors.New("bytes did not contain a proper certificate banner")
	ErrInvalidPEMX25519PublicKeyBanner   = errors.New("bytes did not contain a proper X25519 public key banner")
	ErrInvalidPEMX25519PrivateKeyBanner  = errors.New("bytes did not contain a proper X25519 private key banner")
	ErrInvalidPEMEd25519PublicKeyBanner  = errors.New("bytes did not contain a proper Ed25519 public key banner")
	ErrInvalidPEMEd25519PrivateKeyBanner = errors.New("bytes did not contain a proper Ed25519 private key banner")

	ErrNoPeerStaticKey = errors.New("no peer static key was present")
	ErrNoPayload       = errors.New("provided payload was empty")

	ErrMissingDetails  = errors.New("certificate did not contain details")
	ErrEmptySignature  = errors.New("empty signature")
	ErrEmptyRawDetails = errors.New("empty rawDetails not allowed")
)

type ErrInvalidCertificateProperties struct {
	str string
}

func NewErrInvalidCertificateProperties(format string, a ...any) error {
	return &ErrInvalidCertificateProperties{fmt.Sprintf(format, a...)}
}

func (e *ErrInvalidCertificateProperties) Error() string {
	return e.str
}
Allow setup of a CA pool from bytes that contain expired certs (#599) Co-authored-by: Nate Brown <nbrown.us@gmail.com> 2021-12-10 14:24:56 +11:00			`package cert`

Always disconnect block listed hosts (#858) 2023-05-04 16:09:42 -05:00			`import (`
			`"errors"`
V2 certificate format (#1216) Co-authored-by: Nate Brown <nbrown.us@gmail.com> Co-authored-by: Jack Doan <jackdoan@rivian.com> Co-authored-by: brad-defined <77982333+brad-defined@users.noreply.github.com> Co-authored-by: Jack Doan <me@jackdoan.com> 2025-03-06 11:28:26 -06:00			`"fmt"`
Always disconnect block listed hosts (#858) 2023-05-04 16:09:42 -05:00			`)`
Allow setup of a CA pool from bytes that contain expired certs (#599) Co-authored-by: Nate Brown <nbrown.us@gmail.com> 2021-12-10 14:24:56 +11:00
			`var (`
V2 certificate format (#1216) Co-authored-by: Nate Brown <nbrown.us@gmail.com> Co-authored-by: Jack Doan <jackdoan@rivian.com> Co-authored-by: brad-defined <77982333+brad-defined@users.noreply.github.com> Co-authored-by: Jack Doan <me@jackdoan.com> 2025-03-06 11:28:26 -06:00			`ErrBadFormat = errors.New("bad wire format")`
			`ErrRootExpired = errors.New("root certificate is expired")`
			`ErrExpired = errors.New("certificate is expired")`
			`ErrNotCA = errors.New("certificate is not a CA")`
			`ErrNotSelfSigned = errors.New("certificate is not self-signed")`
			`ErrBlockListed = errors.New("certificate is in the block list")`
			`ErrFingerprintMismatch = errors.New("certificate fingerprint did not match")`
			`ErrSignatureMismatch = errors.New("certificate signature did not match")`
			`ErrInvalidPublicKey = errors.New("invalid public key")`
			`ErrInvalidPrivateKey = errors.New("invalid private key")`
			`ErrPublicPrivateCurveMismatch = errors.New("public key does not match private key curve")`
			`ErrPublicPrivateKeyMismatch = errors.New("public key and private key are not a pair")`
			`ErrPrivateKeyEncrypted = errors.New("private key must be decrypted")`
			`ErrCaNotFound = errors.New("could not find ca for the certificate")`
cert-v2 chores (#1466) 2025-09-05 15:08:22 -05:00			`ErrUnknownVersion = errors.New("certificate version unrecognized")`
Cert interface (#1212) 2024-10-10 18:00:22 -05:00
			`ErrInvalidPEMBlock = errors.New("input did not contain a valid PEM encoded block")`
			`ErrInvalidPEMCertificateBanner = errors.New("bytes did not contain a proper certificate banner")`
			`ErrInvalidPEMX25519PublicKeyBanner = errors.New("bytes did not contain a proper X25519 public key banner")`
			`ErrInvalidPEMX25519PrivateKeyBanner = errors.New("bytes did not contain a proper X25519 private key banner")`
			`ErrInvalidPEMEd25519PublicKeyBanner = errors.New("bytes did not contain a proper Ed25519 public key banner")`
			`ErrInvalidPEMEd25519PrivateKeyBanner = errors.New("bytes did not contain a proper Ed25519 private key banner")`
V2 certificate format (#1216) Co-authored-by: Nate Brown <nbrown.us@gmail.com> Co-authored-by: Jack Doan <jackdoan@rivian.com> Co-authored-by: brad-defined <77982333+brad-defined@users.noreply.github.com> Co-authored-by: Jack Doan <me@jackdoan.com> 2025-03-06 11:28:26 -06:00
			`ErrNoPeerStaticKey = errors.New("no peer static key was present")`
			`ErrNoPayload = errors.New("provided payload was empty")`

			`ErrMissingDetails = errors.New("certificate did not contain details")`
			`ErrEmptySignature = errors.New("empty signature")`
			`ErrEmptyRawDetails = errors.New("empty rawDetails not allowed")`
Allow setup of a CA pool from bytes that contain expired certs (#599) Co-authored-by: Nate Brown <nbrown.us@gmail.com> 2021-12-10 14:24:56 +11:00			`)`
V2 certificate format (#1216) Co-authored-by: Nate Brown <nbrown.us@gmail.com> Co-authored-by: Jack Doan <jackdoan@rivian.com> Co-authored-by: brad-defined <77982333+brad-defined@users.noreply.github.com> Co-authored-by: Jack Doan <me@jackdoan.com> 2025-03-06 11:28:26 -06:00
			`type ErrInvalidCertificateProperties struct {`
			`str string`
			`}`

			`func NewErrInvalidCertificateProperties(format string, a ...any) error {`
			`return &ErrInvalidCertificateProperties{fmt.Sprintf(format, a...)}`
			`}`

			`func (e *ErrInvalidCertificateProperties) Error() string {`
			`return e.str`
			`}`