openpgp: Adjust for SymmetricAlgorithm support diff. across backends

5 files changed, 65 insertions, 7 deletions

diff --git a/openpgp/src/crypto/aead.rs b/openpgp/src/crypto/aead.rs
index 5858aacb..68595d96 100644
--- a/openpgp/src/crypto/aead.rs
+++ b/openpgp/src/crypto/aead.rs
@@ -775,7 +775,9 @@ mod tests {
                          SymmetricAlgorithm::Twofish,
                          SymmetricAlgorithm::Camellia128,
                          SymmetricAlgorithm::Camellia192,
-                         SymmetricAlgorithm::Camellia256].iter() {
+                         SymmetricAlgorithm::Camellia256]
+                         .iter()
+                         .filter(|algo| algo.is_supported()) {
             for aead in [AEADAlgorithm::EAX].iter() {
                 let version = 1;
                 let chunk_size = 64;
diff --git a/openpgp/src/crypto/backend/cng/symmetric.rs b/openpgp/src/crypto/backend/cng/symmetric.rs
index 2d3382a0..a4a140eb 100644
--- a/openpgp/src/crypto/backend/cng/symmetric.rs
+++ b/openpgp/src/crypto/backend/cng/symmetric.rs
@@ -160,8 +160,33 @@ impl TryFrom<SymmetricAlgorithm> for (cng::SymmetricAlgorithmId, usize) {
 }
 
 impl SymmetricAlgorithm {
-    /// Length of a key for this algorithm in bytes.  Fails if Sequoia
-    /// does not support this algorithm.
+    /// Returns whether this algorithm is supported by the crypto backend.
+    ///
+    /// All backends support all the AES variants.
+    ///
+    /// # Examples
+    ///
+    /// ```rust
+    /// use sequoia_openpgp as openpgp;
+    /// use openpgp::types::SymmetricAlgorithm;
+    ///
+    /// assert!(SymmetricAlgorithm::AES256.is_supported());
+    /// assert!(SymmetricAlgorithm::TripleDES.is_supported());
+    ///
+    /// assert!(!SymmetricAlgorithm::IDEA.is_supported());
+    /// assert!(!SymmetricAlgorithm::Unencrypted.is_supported());
+    /// assert!(!SymmetricAlgorithm::Private(101).is_supported());
+    /// ```
+    pub fn is_supported(&self) -> bool {
+        use self::SymmetricAlgorithm::*;
+        match self {
+            AES128 | AES192 | AES256 | TripleDES => true,
+            _ => false,
+        }
+    }
+
+    /// Length of a key for this algorithm in bytes.  Fails if the crypto
+    /// backend does not support this algorithm.
     pub fn key_size(self) -> Result<usize> {
         Ok(match self {
             SymmetricAlgorithm::TripleDES => 24,
@@ -172,8 +197,8 @@ impl SymmetricAlgorithm {
         })
     }
 
-    /// Length of a block for this algorithm in bytes.  Fails if
-    /// Sequoia does not support this algorithm.
+    /// Length of a block for this algorithm in bytes.  Fails if the crypto
+    /// backend does not support this algorithm.
     pub fn block_size(self) -> Result<usize> {
         Ok(match self {
             SymmetricAlgorithm::TripleDES => 8,
diff --git a/openpgp/src/crypto/backend/nettle/symmetric.rs b/openpgp/src/crypto/backend/nettle/symmetric.rs
index 9611701d..4883a5a1 100644
--- a/openpgp/src/crypto/backend/nettle/symmetric.rs
+++ b/openpgp/src/crypto/backend/nettle/symmetric.rs
@@ -33,6 +33,35 @@ impl<T: nettle::mode::Mode> Mode for T {
 }
 
 impl SymmetricAlgorithm {
+    /// Returns whether this algorithm is supported by the crypto backend.
+    ///
+    /// All backends support all the AES variants.
+    ///
+    /// # Examples
+    ///
+    /// ```rust
+    /// use sequoia_openpgp as openpgp;
+    /// use openpgp::types::SymmetricAlgorithm;
+    ///
+    /// assert!(SymmetricAlgorithm::AES256.is_supported());
+    /// assert!(SymmetricAlgorithm::TripleDES.is_supported());
+    ///
+    /// assert!(!SymmetricAlgorithm::IDEA.is_supported());
+    /// assert!(!SymmetricAlgorithm::Unencrypted.is_supported());
+    /// assert!(!SymmetricAlgorithm::Private(101).is_supported());
+    /// ```
+    pub fn is_supported(&self) -> bool {
+        use self::SymmetricAlgorithm::*;
+        match &self {
+            TripleDES | CAST5 | Blowfish | AES128 | AES192 | AES256 | Twofish
+                | Camellia128 | Camellia192 | Camellia256
+                => true,
+            Unencrypted | IDEA | Private(_) | Unknown(_)
+                => false,
+            __Nonexhaustive => unreachable!(),
+        }
+    }
+
     /// Length of a key for this algorithm in bytes.  Fails if Sequoia
     /// does not support this algorithm.
     pub fn key_size(self) -> Result<usize> {
diff --git a/openpgp/src/crypto/s2k.rs b/openpgp/src/crypto/s2k.rs
index 1210aa8b..62e8c9a3 100644
--- a/openpgp/src/crypto/s2k.rs
+++ b/openpgp/src/crypto/s2k.rs
@@ -455,7 +455,7 @@ mod tests {
             },
         ];
 
-        for test in tests.iter() {
+        for test in tests.iter().filter(|t| t.cipher_algo.is_supported()) {
             let path = crate::tests::message(&format!("s2k/{}", test.filename));
             let pp = PacketParser::from_bytes(path).unwrap().unwrap();
             if let Packet::SKESK(SKESK::V4(ref skesk)) = pp.packet {
diff --git a/openpgp/src/crypto/symmetric.rs b/openpgp/src/crypto/symmetric.rs
index 81d4a61d..67d64480 100644
--- a/openpgp/src/crypto/symmetric.rs
+++ b/openpgp/src/crypto/symmetric.rs
@@ -559,7 +559,9 @@ mod tests {
                      SymmetricAlgorithm::Twofish,
                      SymmetricAlgorithm::Camellia128,
                      SymmetricAlgorithm::Camellia192,
-                     SymmetricAlgorithm::Camellia256].iter() {
+                     SymmetricAlgorithm::Camellia256]
+                     .iter()
+                     .filter(|x| x.is_supported()) {
             let mut key = vec![0; algo.key_size().unwrap()];
             crate::crypto::random(&mut key);