@@ -5,118 +5,166 @@ namespace Pcf.Sig;
55/// <summary>Discriminant identifying which kind of <see cref="PcfSigException"/> occurred.</summary>
66public enum PcfSigErrorKind
77{
8+ /// <summary>A Key Record did not begin with <c>"PCFKEY\0\0"</c>.</summary>
89 BadKeyMagic ,
10+ /// <summary>A Manifest did not begin with <c>"PCFSIG\0\0"</c>.</summary>
911 BadManifestMagic ,
12+ /// <summary>A record's profile major version is not implemented by this library.</summary>
1013 UnsupportedMajor ,
14+ /// <summary>A Key Record's <c>key_format_id</c> is unknown or reserved (0).</summary>
1115 UnknownKeyFormat ,
16+ /// <summary>A Key Record's <c>key_data_length</c> is zero.</summary>
1217 EmptyKeyData ,
18+ /// <summary>A Key Record's reserved bytes are non-zero in v1.0.</summary>
1319 NonZeroKeyReserved ,
20+ /// <summary><c>fingerprint</c> does not equal <c>SHA-256(key_data)</c>.</summary>
1421 FingerprintMismatch ,
22+ /// <summary>A Manifest's <c>sig_algo_id</c> is reserved (0) or unknown.</summary>
1523 UnknownSigAlgo ,
24+ /// <summary>A Manifest's <c>manifest_hash_algo_id</c> is not cryptographic.</summary>
1625 NonCryptoManifestHash ,
26+ /// <summary><c>manifest_hash_algo_id</c> does not match the binding required by <c>sig_algo_id</c>.</summary>
1727 HashAlgoBindingMismatch ,
28+ /// <summary><c>flags</c> carries bits not defined in v1.0.</summary>
1829 NonZeroFlags ,
30+ /// <summary><c>signed_count</c> is 0.</summary>
1931 EmptyManifest ,
32+ /// <summary><c>trailer_length</c> is non-zero (reserved in v1.0).</summary>
2033 NonZeroTrailer ,
34+ /// <summary>A SignedEntry's reserved span is non-zero.</summary>
2135 NonZeroEntryReserved ,
36+ /// <summary>A SignedEntry's <c>data_hash_algo_id</c> is not cryptographic (spec Section 9).</summary>
2237 NonCryptoEntryHash ,
38+ /// <summary>A SignedEntry references the PCF NIL UID.</summary>
2339 EntryNilUid ,
40+ /// <summary>A SignedEntry uses PCF reserved type <c>0x00000000</c>.</summary>
2441 EntryReservedType ,
42+ /// <summary>Two SignedEntry records share the same uid.</summary>
2543 DuplicateSignedUid ,
44+ /// <summary>A SignedEntry references the enclosing PCFSIG_SIG partition's own uid.</summary>
2645 SelfSignedEntry ,
46+ /// <summary>A truncation, short read, or length-field mismatch in the partition payload.</summary>
2747 MalformedSignaturePartition ,
48+ /// <summary>Length of <c>sig_bytes</c> does not match the algorithm's natural size.</summary>
2849 SignatureLengthMismatch ,
50+ /// <summary>The Writer was asked to sign a partition whose <c>data_hash_algo_id</c> is not cryptographic.</summary>
2951 NonCryptoTargetHash ,
52+ /// <summary>The Writer was asked to sign a partition that does not exist in the supplied container.</summary>
3053 TargetPartitionMissing ,
3154}
3255
3356/// <summary>All ways a PCF-SIG operation can fail.</summary>
3457public sealed class PcfSigException : Exception
3558{
59+ /// <summary>The kind of failure.</summary>
3660 public PcfSigErrorKind Kind { get ; }
3761
62+ /// <summary>Construct an exception of the given kind with the given message.</summary>
3863 public PcfSigException ( PcfSigErrorKind kind , string message )
3964 : base ( message )
4065 {
4166 Kind = kind ;
4267 }
4368
69+ /// <summary>Construct a <see cref="PcfSigErrorKind.BadKeyMagic"/> exception.</summary>
4470 public static PcfSigException BadKeyMagic ( ) =>
4571 new ( PcfSigErrorKind . BadKeyMagic , "bad PCFSIG_KEY magic" ) ;
4672
73+ /// <summary>Construct a <see cref="PcfSigErrorKind.BadManifestMagic"/> exception.</summary>
4774 public static PcfSigException BadManifestMagic ( ) =>
4875 new ( PcfSigErrorKind . BadManifestMagic , "bad PCFSIG_SIG manifest magic" ) ;
4976
77+ /// <summary>Construct an <see cref="PcfSigErrorKind.UnsupportedMajor"/> exception.</summary>
5078 public static PcfSigException UnsupportedMajor ( int v ) =>
5179 new ( PcfSigErrorKind . UnsupportedMajor , $ "unsupported PCF-SIG major version { v } ") ;
5280
81+ /// <summary>Construct an <see cref="PcfSigErrorKind.UnknownKeyFormat"/> exception.</summary>
5382 public static PcfSigException UnknownKeyFormat ( int id ) =>
5483 new ( PcfSigErrorKind . UnknownKeyFormat , $ "unknown key_format_id { id } ") ;
5584
85+ /// <summary>Construct an <see cref="PcfSigErrorKind.EmptyKeyData"/> exception.</summary>
5686 public static PcfSigException EmptyKeyData ( ) =>
5787 new ( PcfSigErrorKind . EmptyKeyData , "key_data_length is zero" ) ;
5888
89+ /// <summary>Construct a <see cref="PcfSigErrorKind.NonZeroKeyReserved"/> exception.</summary>
5990 public static PcfSigException NonZeroKeyReserved ( ) =>
6091 new ( PcfSigErrorKind . NonZeroKeyReserved , "key record reserved bytes are non-zero" ) ;
6192
93+ /// <summary>Construct a <see cref="PcfSigErrorKind.FingerprintMismatch"/> exception.</summary>
6294 public static PcfSigException FingerprintMismatch ( ) =>
6395 new ( PcfSigErrorKind . FingerprintMismatch ,
6496 "stored key fingerprint does not match SHA-256(key_data)" ) ;
6597
98+ /// <summary>Construct an <see cref="PcfSigErrorKind.UnknownSigAlgo"/> exception.</summary>
6699 public static PcfSigException UnknownSigAlgo ( int id ) =>
67100 new ( PcfSigErrorKind . UnknownSigAlgo , $ "unknown or reserved sig_algo_id { id } ") ;
68101
102+ /// <summary>Construct a <see cref="PcfSigErrorKind.NonCryptoManifestHash"/> exception.</summary>
69103 public static PcfSigException NonCryptoManifestHash ( int id ) =>
70104 new ( PcfSigErrorKind . NonCryptoManifestHash ,
71105 $ "manifest_hash_algo_id { id } is not cryptographic") ;
72106
107+ /// <summary>Construct a <see cref="PcfSigErrorKind.HashAlgoBindingMismatch"/> exception.</summary>
73108 public static PcfSigException HashAlgoBindingMismatch ( ) =>
74109 new ( PcfSigErrorKind . HashAlgoBindingMismatch ,
75110 "manifest_hash_algo_id does not match the binding required by sig_algo_id" ) ;
76111
112+ /// <summary>Construct a <see cref="PcfSigErrorKind.NonZeroFlags"/> exception.</summary>
77113 public static PcfSigException NonZeroFlags ( ) =>
78114 new ( PcfSigErrorKind . NonZeroFlags , "manifest flags are non-zero in v1.0" ) ;
79115
116+ /// <summary>Construct an <see cref="PcfSigErrorKind.EmptyManifest"/> exception.</summary>
80117 public static PcfSigException EmptyManifest ( ) =>
81118 new ( PcfSigErrorKind . EmptyManifest , "manifest signed_count is 0" ) ;
82119
120+ /// <summary>Construct a <see cref="PcfSigErrorKind.NonZeroTrailer"/> exception.</summary>
83121 public static PcfSigException NonZeroTrailer ( ) =>
84122 new ( PcfSigErrorKind . NonZeroTrailer , "trailer_length is non-zero in v1.0" ) ;
85123
124+ /// <summary>Construct a <see cref="PcfSigErrorKind.NonZeroEntryReserved"/> exception.</summary>
86125 public static PcfSigException NonZeroEntryReserved ( ) =>
87126 new ( PcfSigErrorKind . NonZeroEntryReserved ,
88127 "SignedEntry reserved span contains non-zero bytes" ) ;
89128
129+ /// <summary>Construct a <see cref="PcfSigErrorKind.NonCryptoEntryHash"/> exception.</summary>
90130 public static PcfSigException NonCryptoEntryHash ( int id ) =>
91131 new ( PcfSigErrorKind . NonCryptoEntryHash ,
92132 $ "SignedEntry data_hash_algo_id { id } is not cryptographic") ;
93133
134+ /// <summary>Construct an <see cref="PcfSigErrorKind.EntryNilUid"/> exception.</summary>
94135 public static PcfSigException EntryNilUid ( ) =>
95136 new ( PcfSigErrorKind . EntryNilUid , "SignedEntry uses the NIL UID" ) ;
96137
138+ /// <summary>Construct an <see cref="PcfSigErrorKind.EntryReservedType"/> exception.</summary>
97139 public static PcfSigException EntryReservedType ( ) =>
98140 new ( PcfSigErrorKind . EntryReservedType ,
99141 "SignedEntry uses PCF reserved type 0x00000000" ) ;
100142
143+ /// <summary>Construct a <see cref="PcfSigErrorKind.DuplicateSignedUid"/> exception.</summary>
101144 public static PcfSigException DuplicateSignedUid ( ) =>
102145 new ( PcfSigErrorKind . DuplicateSignedUid , "duplicate uid in manifest" ) ;
103146
147+ /// <summary>Construct a <see cref="PcfSigErrorKind.SelfSignedEntry"/> exception.</summary>
104148 public static PcfSigException SelfSignedEntry ( ) =>
105149 new ( PcfSigErrorKind . SelfSignedEntry ,
106150 "SignedEntry references the PCFSIG_SIG partition itself" ) ;
107151
152+ /// <summary>Construct a <see cref="PcfSigErrorKind.MalformedSignaturePartition"/> exception.</summary>
108153 public static PcfSigException MalformedSignaturePartition ( ) =>
109154 new ( PcfSigErrorKind . MalformedSignaturePartition ,
110155 "PCFSIG_SIG partition layout is malformed" ) ;
111156
157+ /// <summary>Construct a <see cref="PcfSigErrorKind.SignatureLengthMismatch"/> exception.</summary>
112158 public static PcfSigException SignatureLengthMismatch ( ) =>
113159 new ( PcfSigErrorKind . SignatureLengthMismatch ,
114160 "sig_bytes length does not match the algorithm" ) ;
115161
162+ /// <summary>Construct a <see cref="PcfSigErrorKind.NonCryptoTargetHash"/> exception.</summary>
116163 public static PcfSigException NonCryptoTargetHash ( ) =>
117164 new ( PcfSigErrorKind . NonCryptoTargetHash ,
118165 "cannot sign a partition whose data_hash_algo_id is not cryptographic" ) ;
119166
167+ /// <summary>Construct a <see cref="PcfSigErrorKind.TargetPartitionMissing"/> exception.</summary>
120168 public static PcfSigException TargetPartitionMissing ( ) =>
121169 new ( PcfSigErrorKind . TargetPartitionMissing ,
122170 "partition to sign is not present in the container" ) ;
0 commit comments