Improved error reporting.

Author: wolfmcnally

Cargo.toml

@@ -13,7 +13,11 @@ documentation = "https://docs.rs/sskr"
 
 [dependencies]
 bc-rand = "0.1.0"
-bc-shamir = "0.2.0"
+
+bc-shamir = { path = "../bc-shamir-rust" }
+# bc-shamir = "0.2.0"
+
+thiserror = "1.0.48"
 
 [dev-dependencies]
 hex-literal = "0.4.1"

src/encoding.rs

@@ -1,6 +1,6 @@
 use bc_rand::RandomNumberGenerator;
 use bc_shamir::{split_secret, recover_secret};
-use crate::{Error, METADATA_SIZE_BYTES, Secret, Spec, share::SSKRShare};
+use crate::{SSKRError, METADATA_SIZE_BYTES, Secret, Spec, share::SSKRShare};
 
 /// Generates SSKR shares for the given `Spec` and `Secret`.
 ///
@@ -11,7 +11,7 @@ use crate::{Error, METADATA_SIZE_BYTES, Secret, Spec, share::SSKRShare};
 pub fn sskr_generate(
     spec: &Spec,
     master_secret: &Secret
-) -> Result<Vec<Vec<Vec<u8>>>, Error> {
+) -> Result<Vec<Vec<Vec<u8>>>, SSKRError> {
     let mut rng = bc_rand::SecureRandomNumberGenerator;
     sskr_generate_using(spec, master_secret, &mut rng)
 }
@@ -29,7 +29,7 @@ pub fn sskr_generate_using(
     spec: &Spec,
     master_secret: &Secret,
     random_generator: &mut impl RandomNumberGenerator
-) -> Result<Vec<Vec<Vec<u8>>>, Error> {
+) -> Result<Vec<Vec<Vec<u8>>>, SSKRError> {
     let groups_shares = generate_shares(spec, master_secret, random_generator)?;
 
     let result: Vec<Vec<Vec<u8>>> = groups_shares.iter().map (|group| {
@@ -49,7 +49,7 @@ pub fn sskr_generate_using(
 ///
 /// Returns an error if the shares do not meet the necessary quorum of groups
 /// and member shares within each group.
-pub fn sskr_combine<T>(shares: &[T]) -> Result<Secret, Error>
+pub fn sskr_combine<T>(shares: &[T]) -> Result<Secret, SSKRError>
 where
     T: AsRef<[u8]>
 {
@@ -97,24 +97,24 @@ fn serialize_share(share: &SSKRShare) -> Vec<u8> {
     result
 }
 
-fn deserialize_share(source: &[u8]) -> Result<SSKRShare, Error> {
+fn deserialize_share(source: &[u8]) -> Result<SSKRShare, SSKRError> {
     if source.len() < METADATA_SIZE_BYTES {
-        return Err(Error::ShareLengthInvalid);
+        return Err(SSKRError::ShareLengthInvalid);
     }
 
     let group_threshold = ((source[2] >> 4) + 1) as usize;
     let group_count = ((source[2] & 0xf) + 1) as usize;
 
     if group_threshold > group_count {
-        return Err(Error::GroupThresholdInvalid);
+        return Err(SSKRError::GroupThresholdInvalid);
     }
 
     let identifier = ((source[0] as u16) << 8) | source[1] as u16;
     let group_index = (source[3] >> 4) as usize;
     let member_threshold = ((source[3] & 0xf) + 1) as usize;
     let reserved = source[4] >> 4;
     if reserved != 0 {
-        return Err(Error::ShareReservedBitsInvalid);
+        return Err(SSKRError::ShareReservedBitsInvalid);
     }
     let member_index = (source[4] & 0xf) as usize;
     let value = Secret::new(&source[METADATA_SIZE_BYTES..])?;
@@ -134,20 +134,20 @@ fn generate_shares(
     spec: &Spec,
     master_secret: &Secret,
     random_generator: &mut impl RandomNumberGenerator
-) -> Result<Vec<Vec<SSKRShare>>, Error> {
+) -> Result<Vec<Vec<SSKRShare>>, SSKRError> {
     // assign a random identifier
     let mut identifier = [0u8; 2];
     random_generator.fill_random_data(&mut identifier);
     let identifier: u16 = ((identifier[0] as u16) << 8) | identifier[1] as u16;
 
     let mut groups_shares: Vec<Vec<SSKRShare>> = Vec::with_capacity(spec.group_count());
 
-    let group_secrets = split_secret(spec.group_threshold(), spec.group_count(), master_secret.data(), random_generator).map_err(Error::ShamirError)?;
+    let group_secrets = split_secret(spec.group_threshold(), spec.group_count(), master_secret.data(), random_generator).map_err(SSKRError::ShamirError)?;
 
     for (group_index, group) in spec.groups().iter().enumerate() {
         let group_secret = &group_secrets[group_index];
         let member_secrets = split_secret(group.member_threshold(), group.member_count(), group_secret, random_generator)
-            .map_err(Error::ShamirError)?
+            .map_err(SSKRError::ShamirError)?
             .into_iter().map(Secret::new)
             .collect::<Result<Vec<Secret>, _>>()?;
         let member_sskr_shares: Vec<SSKRShare> = member_secrets.into_iter().enumerate().map(|(member_index, member_secret)| {
@@ -188,13 +188,13 @@ impl Group {
     }
 }
 
-fn combine_shares(shares: &[SSKRShare]) -> Result<Secret, Error> {
+fn combine_shares(shares: &[SSKRShare]) -> Result<Secret, SSKRError> {
     let mut identifier = 0;
     let mut group_threshold = 0;
     let mut group_count = 0;
 
     if shares.is_empty() {
-        return Err(Error::SharesEmpty);
+        return Err(SSKRError::SharesEmpty);
     }
 
     let mut next_group = 0;
@@ -215,7 +215,7 @@ fn combine_shares(shares: &[SSKRShare]) -> Result<Secret, Error> {
                 share.group_count() != group_count ||
                 share.value().len() != secret_len
             {
-                return Err(Error::ShareSetInvalid);
+                return Err(SSKRError::ShareSetInvalid);
             }
         }
 
@@ -225,11 +225,11 @@ fn combine_shares(shares: &[SSKRShare]) -> Result<Secret, Error> {
             if share.group_index() == group.group_index {
                 group_found = true;
                 if share.member_threshold() != group.member_threshold {
-                    return Err(Error::MemberThresholdInvalid);
+                    return Err(SSKRError::MemberThresholdInvalid);
                 }
                 for k in 0..group.count {
                     if share.member_index() == group.member_indexes[k] {
-                        return Err(Error::DuplicateMemberIndex);
+                        return Err(SSKRError::DuplicateMemberIndex);
                     }
                 }
                 group.member_indexes.push(share.member_index());
@@ -247,7 +247,7 @@ fn combine_shares(shares: &[SSKRShare]) -> Result<Secret, Error> {
     }
 
     if next_group < group_threshold {
-        return Err(Error::NotEnoughGroups);
+        return Err(SSKRError::NotEnoughGroups);
     }
 
     // here, all of the shares are unpacked into member groups. Now we go through each
@@ -257,12 +257,12 @@ fn combine_shares(shares: &[SSKRShare]) -> Result<Secret, Error> {
     let mut master_shares = Vec::with_capacity(16);
 
     for group in groups {
-        let group_secret = recover_secret(&group.member_indexes, &group.member_shares).map_err(Error::ShamirError)?;
+        let group_secret = recover_secret(&group.member_indexes, &group.member_shares)?;
         master_indexes.push(group.group_index);
         master_shares.push(group_secret);
     }
 
-    let master_secret = recover_secret(&master_indexes, &master_shares).map_err(Error::ShamirError)?;
+    let master_secret = recover_secret(&master_indexes, &master_shares)?;
     let master_secret = Secret::new(master_secret)?;
 
     Ok(master_secret)

src/error.rs

@@ -1,69 +1,53 @@
+use thiserror::Error;
+
 /// Errors that can occur when using the SSKR library.
-#[derive(Debug)]
-pub enum Error {
-    /// When combining shares, the provided shares contained a duplicate member index.
+#[derive(Debug, Error)]
+pub enum SSKRError {
+    #[error("When combining shares, the provided shares contained a duplicate member index")]
     DuplicateMemberIndex,
 
-    /// When creating a split spec, the group count is invalid.
+    #[error("When creating a split spec, the group count is invalid")]
     GroupCountInvalid,
 
-    /// When creating a split spec, the group threshold is invalid.
+    #[error("SSKR group threshold is invalid")]
     GroupThresholdInvalid,
 
-    /// When creating a group spec, the member count is invalid.
+    #[error("SSKR member count is invalid")]
     MemberCountInvalid,
 
-    /// When creating a group spec, the member threshold is invalid.
+    #[error("SSKR member threshold is invalid")]
     MemberThresholdInvalid,
 
-    /// When combining shares, the provided shares did not contain enough groups.
+    #[error("SSKR shares did not contain enough groups")]
     NotEnoughGroups,
 
-    /// When creating a secret, the secret is not of even length.
+    #[error("SSKR secret is not of even length")]
     SecretLengthNotEven,
 
-    /// When creating a secret, the secret is too long.
+    #[error("SSKR secret is too long")]
     SecretTooLong,
 
-    /// When creating a secret, the secret is too short.
+    #[error("SSKR secret is too short")]
     SecretTooShort,
 
-    /// When combining shares, the provided shares did not contain enough serialized bytes.
+    #[error("SSKR shares did not contain enough serialized bytes")]
     ShareLengthInvalid,
 
-    /// When combining shares, the provided shares contained invalid reserved bits.
+    #[error("SSKR shares contained invalid reserved bits")]
     ShareReservedBitsInvalid,
 
-    /// When combining shares, the provided shares were empty.
+    #[error("SSKR shares were empty")]
     SharesEmpty,
 
-    /// When combining shares, the provided shares were invalid.
+    #[error("SSKR shares were invalid")]
     ShareSetInvalid,
 
-    /// An error returned from the `bc-shamir` crate.
+    #[error("SSKR Shamir error: {0}")]
     ShamirError(bc_shamir::Error),
 }
 
-impl std::fmt::Display for Error {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        let s = match *self {
-            Error::DuplicateMemberIndex => "Duplicate member index".to_string(),
-            Error::GroupCountInvalid => "Invalid group count".to_string(),
-            Error::GroupThresholdInvalid => "Invalid group threshold".to_string(),
-            Error::MemberCountInvalid => "Not enough shares".to_string(),
-            Error::MemberThresholdInvalid => "Invalid member threshold".to_string(),
-            Error::NotEnoughGroups => "Not enough groups".to_string(),
-            Error::SecretLengthNotEven => "Secret is not of even length".to_string(),
-            Error::SecretTooLong => "Secret is too long".to_string(),
-            Error::SecretTooShort => "Secret is too short".to_string(),
-            Error::ShareLengthInvalid => "Not enough serialized bytes".to_string(),
-            Error::ShareReservedBitsInvalid => "Invalid reserved bits".to_string(),
-            Error::SharesEmpty => "Empty share set".to_string(),
-            Error::ShareSetInvalid => "Invalid share set".to_string(),
-            Error::ShamirError(ref e) => format!("{}", e),
-        };
-        f.write_str(&s)
+impl From<bc_shamir::Error> for SSKRError {
+    fn from(err: bc_shamir::Error) -> Self {
+        SSKRError::ShamirError(err)
     }
 }
-
-impl std::error::Error for Error {}

src/lib.rs

@@ -83,7 +83,7 @@ mod spec;
 pub use spec::{Spec, GroupSpec};
 
 mod error;
-pub use error::Error;
+pub use error::SSKRError;
 
 #[cfg(test)]
 mod tests {

src/secret.rs

@@ -1,4 +1,4 @@
-use crate::{Error, MIN_SECRET_LEN, MAX_SECRET_LEN};
+use crate::{SSKRError, MIN_SECRET_LEN, MAX_SECRET_LEN};
 
 /// A secret to be split into shares.
 #[derive(Clone, Debug, Eq, PartialEq)]
@@ -15,20 +15,20 @@ impl Secret {
     ///
     /// Returns an error if the length of the secret is less than `MIN_SECRET_LEN`, greater than `MAX_SECRET_LEN`,
     /// or not even.
-    pub fn new<T>(data: T) -> Result<Self, Error>
+    pub fn new<T>(data: T) -> Result<Self, SSKRError>
     where
         T: AsRef<[u8]>,
     {
         let data = data.as_ref();
         let len = data.len();
         if len < MIN_SECRET_LEN {
-            return Err(Error::SecretTooShort);
+            return Err(SSKRError::SecretTooShort);
         }
         if len > MAX_SECRET_LEN {
-            return Err(Error::SecretTooLong);
+            return Err(SSKRError::SecretTooLong);
         }
         if len & 1 != 0 {
-            return Err(Error::SecretLengthNotEven);
+            return Err(SSKRError::SecretLengthNotEven);
         }
         Ok(Self(data.to_vec()))
     }

src/spec.rs

@@ -1,6 +1,6 @@
 use bc_shamir::MAX_SHARE_COUNT;
 
-use crate::Error;
+use crate::SSKRError;
 
 /// A specification for an SSKR split.
 #[derive(Debug, PartialEq)]
@@ -24,15 +24,15 @@ impl Spec {
     /// Returns an error if the group threshold is zero, if the group threshold
     /// is greater than the number of groups, or if the number of groups is
     /// greater than the maximum share count.
-    pub fn new(group_threshold: usize, groups: Vec<GroupSpec>) -> Result<Self, Error> {
+    pub fn new(group_threshold: usize, groups: Vec<GroupSpec>) -> Result<Self, SSKRError> {
         if group_threshold == 0 {
-            return Err(Error::GroupThresholdInvalid);
+            return Err(SSKRError::GroupThresholdInvalid);
         }
         if group_threshold > groups.len() {
-            return Err(Error::GroupThresholdInvalid);
+            return Err(SSKRError::GroupThresholdInvalid);
         }
         if groups.len() > MAX_SHARE_COUNT {
-            return Err(Error::GroupCountInvalid);
+            return Err(SSKRError::GroupCountInvalid);
         }
         Ok(Self {
             group_threshold,
@@ -83,15 +83,15 @@ impl GroupSpec {
     /// Returns an error if the member count is zero, if the member count is
     /// greater than the maximum share count, or if the member threshold is
     /// greater than the member count.
-    pub fn new(member_threshold: usize, member_count: usize) -> Result<Self, Error> {
+    pub fn new(member_threshold: usize, member_count: usize) -> Result<Self, SSKRError> {
         if member_count == 0 {
-            return Err(Error::MemberCountInvalid);
+            return Err(SSKRError::MemberCountInvalid);
         }
         if member_count > MAX_SHARE_COUNT {
-            return Err(Error::MemberCountInvalid);
+            return Err(SSKRError::MemberCountInvalid);
         }
         if member_threshold > member_count {
-            return Err(Error::MemberThresholdInvalid);
+            return Err(SSKRError::MemberThresholdInvalid);
         }
         Ok(Self { member_threshold, member_count })
     }