claw/src/security/mod.rs

mod hmac;
mod mac_policy;

pub use hmac::{derive_session_key, sign_command};
pub use mac_policy::MacPolicy;

use thiserror::Error;

#[derive(Debug, Error)]
pub enum SecurityError {
    #[error("invalid hmac seed: {0}")]
    InvalidSeed(String),
    #[error("action is not allowed: {0}")]
    ActionNotAllowed(String),
    #[error("domain is not allowed: {0}")]
    DomainNotAllowed(String),
    #[error("invalid local dashboard request: {0}")]
    InvalidLocalDashboard(String),
    #[error("invalid rules: {0}")]
    InvalidRules(String),
    #[error("hmac error: {0}")]
    Hmac(String),
    #[error(transparent)]
    Io(#[from] std::io::Error),
    #[error(transparent)]
    Json(#[from] serde_json::Error),
    #[error(transparent)]
    Hex(#[from] hex::FromHexError),
}