diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2023-04-26 15:20:22 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2023-04-26 15:55:53 +0200 |
commit | 0b4688e4a06b3077a6b93d0722f2fbfc1e989420 (patch) | |
tree | c1a44387f699a49c4a2fff7afd4856344f095d4b /openpgp/src/crypto/backend/botan/asymmetric.rs | |
parent | 83700d038e474ac9170938e0eb6c5ad2862b1c52 (diff) |
openpgp: Harmonize Key::encrypt, make pk_algo match exhaustive.
- This changes and harmonizes the behavior of Key::encrypt, notably
it also returns more specific errors when a signature algorithm is
used for encryption.
- It also makes the matches over the public key algorithms
exhaustive, so that when we add more algorithms in the future, we
will see where we need to implement them.
Diffstat (limited to 'openpgp/src/crypto/backend/botan/asymmetric.rs')
-rw-r--r-- | openpgp/src/crypto/backend/botan/asymmetric.rs | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/openpgp/src/crypto/backend/botan/asymmetric.rs b/openpgp/src/crypto/backend/botan/asymmetric.rs index 51ed2edc..0a3afbd1 100644 --- a/openpgp/src/crypto/backend/botan/asymmetric.rs +++ b/openpgp/src/crypto/backend/botan/asymmetric.rs @@ -247,9 +247,11 @@ impl<P: key::KeyParts, R: key::KeyRole> Key<P, R> { use crate::PublicKeyAlgorithm::*; #[allow(deprecated)] - match (self.pk_algo(), self.mpis()) { - (RSAEncryptSign, mpi::PublicKey::RSA { e, n }) | - (RSAEncrypt, mpi::PublicKey::RSA { e, n }) => { + match self.pk_algo() { + RSAEncryptSign | + RSAEncrypt => if let mpi::PublicKey::RSA { e, n } = + self.mpis() + { // The ciphertext has the length of the modulus. let ciphertext_len = n.value().len(); if data.len() + 11 > ciphertext_len { @@ -264,10 +266,15 @@ impl<P: key::KeyParts, R: key::KeyRole> Key<P, R> { Ok(mpi::Ciphertext::RSA { c: MPI::new(&esk), }) + } else { + Err(Error::MalformedPacket(format!( + "Expected RSA public key, got {:?}", self.mpis())).into()) }, - (ElGamalEncryptSign, mpi::PublicKey::ElGamal { p, g, y }) | - (ElGamalEncrypt, mpi::PublicKey::ElGamal { p, g, y }) => { + ElGamalEncryptSign | + ElGamalEncrypt => if let mpi::PublicKey::ElGamal { p, g, y } = + self.mpis() + { // OpenPGP encodes E and C separately, but our // cryptographic library concatenates them. let size = p.value().len(); @@ -288,14 +295,20 @@ impl<P: key::KeyParts, R: key::KeyRole> Key<P, R> { e: MPI::new(&esk[..size]), c: MPI::new(&esk[size..]), }) + } else { + Err(Error::MalformedPacket(format!( + "Expected ElGamal public key, got {:?}", self.mpis())).into()) }, - (ECDH, mpi::PublicKey::ECDH { .. }) => - crate::crypto::ecdh::encrypt(self.parts_as_public(), data), + ECDH => crate::crypto::ecdh::encrypt(self.parts_as_public(), data), - _ => return Err(Error::MalformedPacket(format!( - "unsupported combination of key {} and mpis {:?}.", - self.pk_algo(), self.mpis())).into()), + RSASign | DSA | ECDSA | EdDSA => + Err(Error::InvalidOperation( + format!("{} is not an encryption algorithm", self.pk_algo()) + ).into()), + + Private(_) | Unknown(_) => + Err(Error::UnsupportedPublicKeyAlgorithm(self.pk_algo()).into()), } } |