src/pqc_enclave_sdk/errors.py
| 1 | """Exception hierarchy for pqc-enclave-sdk.""" |
| 2 | |
| 3 | from __future__ import annotations |
| 4 | |
| 5 | |
| 6 | class EnclaveSDKError(Exception): |
| 7 | """Base exception for all pqc-enclave-sdk errors.""" |
| 8 | |
| 9 | |
| 10 | class UnknownArtifactError(EnclaveSDKError): |
| 11 | """Named or id-addressed artifact does not exist in the enclave vault.""" |
| 12 | |
| 13 | |
| 14 | class EnclaveLockedError(EnclaveSDKError): |
| 15 | """Operation requires an unlocked enclave vault; call unlock() first.""" |
| 16 | |
| 17 | |
| 18 | class DecryptionError(EnclaveSDKError): |
| 19 | """AES-GCM decryption failed - likely tampered ciphertext or wrong key.""" |
| 20 | |
| 21 | |
| 22 | class BackendError(EnclaveSDKError): |
| 23 | """Underlying platform backend (iOS / Android / QSEE) refused or failed.""" |
| 24 | |
| 25 | |
| 26 | class AttestationError(EnclaveSDKError): |
| 27 | """Device attestation signature is invalid or malformed.""" |
| 28 | |
| 29 | |
| 30 | class PolicyViolationError(EnclaveSDKError): |
| 31 | """Caller bundle / biometric / rate-limit policy rejected the request.""" |
| 32 | |