Do not allow to read a header with a future revision

nuts-container/src/header.rs

@@ -67,6 +67,10 @@ pub enum HeaderError {
     #[error("invalid header revision, expected {0} but got {1}")]
     InvalidRevision(u32, u32),
 
+    /// Unknown header revision (from the future)
+    #[error("unknown header revision {0}")]
+    UnknownRevision(u32),
+
     /// Invalid header, could not validate magic
     #[error("invalid header")]
     InvalidHeader,

nuts-container/src/header/revision.rs

@@ -23,7 +23,7 @@
 #[cfg(test)]
 mod tests;
 
-use crate::buffer::{Buffer, BufferError, BufferMut};
+use crate::buffer::{Buffer, BufferMut};
 use crate::cipher::Cipher;
 use crate::header::HeaderError;
 use crate::kdf::Kdf;
@@ -104,7 +104,7 @@ impl Revision {
         match b {
             0 => Data::get_from_buffer(buf).map(Revision::Rev0),
             1 => Data::get_from_buffer(buf).map(Revision::Rev1),
-            _ => Err(BufferError::InvalidIndex("Revision".to_string(), b).into()),
+            _ => Err(HeaderError::UnknownRevision(b)),
         }
     }
 

nuts-container/src/header/revision/tests.rs

@@ -20,7 +20,6 @@
 // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 // IN THE SOFTWARE.
 
-use crate::buffer::BufferError;
 use crate::cipher::Cipher;
 use crate::header::revision::{Data, Revision};
 use crate::header::HeaderError;
@@ -79,9 +78,8 @@ fn de_inval_revision() {
     buf[10] = 2;
 
     let err = Revision::get_from_buffer(&mut &buf[..]).unwrap_err();
-    assert!(matches!(err, HeaderError::Buffer(ref cause)
-            if matches!(cause, BufferError::InvalidIndex(str, idx)
-                if str == "Revision" && *idx == 2)));
+
+    assert!(matches!(err, HeaderError::UnknownRevision(rev) if rev == 2));
 }
 
 #[test]