formats icon indicating copy to clipboard operation
formats copied to clipboard

cms builders: how can I surface signing errors?

Open RickyDaMa opened this issue 6 months ago • 0 comments

I'm not sure how I'm supposed to access the underlying error when it gets dropped on line 415:

https://github.com/RustCrypto/formats/blob/cfacd3efed49b28f38e69612221b8af5f33a5cbf/cms/src/builder.rs#L400-L419

For my use case, I'm signing remotely using Google KMS, and so there are numerous failure conditions (e.g. web request failed, couldn't deserialize response body, checksum didn't match), but any useful information I put into my errors in my Signer::try_sign impl get dropped by the map_err above

I understand the concerns about leaking secrets and hence the design of signature::Error - no issues there, but even if I'm wanting to provide useful secretless errors I can't because they get swallowed in internal library code

Thus I'd like to understand why the API was designed like this, and if potentially this could be changed in the future. Naturally this limitation can be worked around one way or another, but it's cumbersome to do so

RickyDaMa avatar Aug 07 '25 10:08 RickyDaMa