Implement std::error::Error for error types

src/verify_cert.rs

@@ -188,7 +188,7 @@ fn check_validity(input: &mut Reader, time: Timespec) -> Result<(), Error> {
     let not_after = try!(der::time_choice(input));
 
     if not_before > not_after {
-        return Err(Error::InvalidCertValidity);
+        return Err(Error::InvalidValidityPeriod);
     }
     if time < not_before {
         return Err(Error::CertNotValidYet);

src/webpki.rs

@@ -12,6 +12,9 @@
 // ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 // OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
+use std::error;
+use std::fmt;
+
 extern crate ring;
 extern crate time;
 
@@ -48,8 +51,8 @@ pub enum Error {
     EndEntityUsedAsCA,
     ExtensionValueInvalid,
     Fatal(FatalError),
-    InvalidCertValidity,
     InvalidReferenceName,
+    InvalidValidityPeriod,
     NameConstraintViolation,
     PathLenConstraintViolated,
     SignatureAlgorithmMismatch,
@@ -62,12 +65,64 @@ pub enum Error {
     UnsupportedSignatureAlgorithm,
 }
 
+impl fmt::Display for Error {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        use std::error::Error;
+        writeln!(f, "{}", self.description())
+    }
+}
+
+impl error::Error for Error {
+    fn description(&self) -> &str {
+        match *self {
+            Error::BadDER => "Certificate has improperly formatted DER-encoded message",
+            Error::BadDERTime => "Certificate's DER-encoded message contains an improperly formatted timestamp",
+            Error::BadSignature => "Certificate has an invalid signature",
+            Error::CAUsedAsEndEntity => "CA incorrectly used as an end entity",
+            Error::CertExpired => "Certificate is expired",
+            Error::CertNotValidForName => "Certificate does not match hostname",
+            Error::CertNotValidYet => "Certificate is not yet valid",
+            Error::EndEntityUsedAsCA => "End entity incorrectly used as a CA",
+            Error::ExtensionValueInvalid => "Certificate has an invalid value for extension",
+            Error::Fatal(ref fatal_error) => fatal_error.description(),
+            Error::InvalidReferenceName => "Certificate has an invalid reference name",
+            Error::InvalidValidityPeriod => "Certificate has an invalid validity period",
+            Error::NameConstraintViolation => "Certificate has a name constraint violation",
+            Error::PathLenConstraintViolated => "Certificate exceeds constraint for number of intermediate certificates",
+            Error::SignatureAlgorithmMismatch => "Encountered mismatched signature algorithms",
+            Error::RequiredEKUNotFound => "Certificate is missing an EKU, despite it being required",
+            Error::UnknownIssuer => "Certificate issuer is unknown",
+            Error::UnsupportedCertVersion => "Certificate has an unsupported version",
+            Error::UnsupportedCriticalExtension => "Certificate has an unsupported critical extension",
+            Error::UnsupportedEllipticCurve => "Certificate uses an unsupported elliptic curve",
+            Error::UnsupportedKeyAlgorithm => "Certificate uses an unsupported key algorithm",
+            Error::UnsupportedSignatureAlgorithm => "Certificate uses an unsupported signature algorithm",
+        }
+    }
+}
+
 #[derive(Clone, Copy, Debug, PartialEq)]
 pub enum FatalError {
     ImpossibleState,
     InvalidTrustAnchor,
 }
 
+impl fmt::Display for FatalError {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        use std::error::Error;
+        writeln!(f, "{}", self.description())
+    }
+}
+
+impl error::Error for FatalError {
+    fn description(&self) -> &str {
+        match *self {
+            FatalError::ImpossibleState => "Reading certificate results in an impossible state",
+            FatalError::InvalidTrustAnchor => "Certificate contains invalid trust anchor",
+        }
+    }
+}
+
 /// A trust anchor (a.k.a. root CA).
 ///
 /// Traditionally, certificate verification libraries have represented trust