openpgp: Make cipher algorithm configurable in streaming Encryptor.

  - Fixes #208.

4 files changed, 20 insertions, 15 deletions

diff --git a/openpgp/examples/encrypt-for.rs b/openpgp/examples/encrypt-for.rs
index 51f5a981..3fd1217c 100644
--- a/openpgp/examples/encrypt-for.rs
+++ b/openpgp/examples/encrypt-for.rs
@@ -49,7 +49,8 @@ fn main() {
     let encryptor = Encryptor::new(message,
                                    &[], // No symmetric encryption.
                                    &recipients,
-                                   mode)
+                                   mode,
+                                   None)
         .expect("Failed to create encryptor");
     let mut literal_writer = LiteralWriter::new(encryptor, DataFormat::Binary,
                                                 None, None)
diff --git a/openpgp/examples/generate-encrypt-decrypt.rs b/openpgp/examples/generate-encrypt-decrypt.rs
index 3fb00103..369e82ba 100644
--- a/openpgp/examples/generate-encrypt-decrypt.rs
+++ b/openpgp/examples/generate-encrypt-decrypt.rs
@@ -46,7 +46,8 @@ fn encrypt(sink: &mut Write, plaintext: &str, recipient: &openpgp::TPK)
     let encryptor = Encryptor::new(message,
                                    &[], // No symmetric encryption.
                                    &[recipient],
-                                   EncryptionMode::ForTransport)?;
+                                   EncryptionMode::ForTransport,
+                                   None)?;
 
     // Emit a literal data packet.
     let mut literal_writer = LiteralWriter::new(
diff --git a/openpgp/src/autocrypt.rs b/openpgp/src/autocrypt.rs
index 8279897b..0faa1df7 100644
--- a/openpgp/src/autocrypt.rs
+++ b/openpgp/src/autocrypt.rs
@@ -407,7 +407,8 @@ impl AutocryptSetupMessage {
         let w = Encryptor::new(m,
                                &[ self.passcode.as_ref().unwrap() ],
                                &[],
-                               EncryptionMode::ForTransport)?;
+                               EncryptionMode::ForTransport,
+                               None)?;
 
         let mut w = LiteralWriter::new(w, DataFormat::Binary,
                                        /* filename*/ None, /* date */ None)?;
diff --git a/openpgp/src/serialize/stream.rs b/openpgp/src/serialize/stream.rs
index 6c303054..d06c1222 100644
--- a/openpgp/src/serialize/stream.rs
+++ b/openpgp/src/serialize/stream.rs
@@ -839,8 +839,8 @@ impl<'a> Encryptor<'a> {
     /// which will be encrypted using the given passwords, and all
     /// encryption-capable subkeys of the given TPKs.
     ///
-    /// The stream is encrypted using AES256, regardless of any key
-    /// preferences.
+    /// Unless otherwise specified, the stream is encrypted using
+    /// AES256.  Key preferences of the recipients are not honored.
     ///
     /// # Example
     ///
@@ -897,8 +897,7 @@ impl<'a> Encryptor<'a> {
     /// let message = Message::new(&mut o);
     /// let encryptor = Encryptor::new(message,
     ///                                &[&"совершенно секретно".into()],
-    ///                                &[&tpk],
-    ///                                EncryptionMode::AtRest)
+    ///                                &[&tpk], EncryptionMode::AtRest, None)
     ///     .expect("Failed to create encryptor");
     /// let mut w = LiteralWriter::new(encryptor, DataFormat::Text, None, None)?;
     /// w.write_all(b"Hello world.")?;
@@ -906,10 +905,13 @@ impl<'a> Encryptor<'a> {
     /// # Ok(())
     /// # }
     /// ```
-    pub fn new(mut inner: writer::Stack<'a, Cookie>,
-               passwords: &[&Password], tpks: &[&TPK],
-               encryption_mode: EncryptionMode)
-               -> Result<writer::Stack<'a, Cookie>> {
+    pub fn new<C>(mut inner: writer::Stack<'a, Cookie>,
+                  passwords: &[&Password], tpks: &[&TPK],
+                  encryption_mode: EncryptionMode,
+                  cipher_algo: C)
+                  -> Result<writer::Stack<'a, Cookie>>
+        where C: Into<Option<SymmetricAlgorithm>>
+    {
         if tpks.len() + passwords.len() == 0 {
             return Err(Error::InvalidArgument(
                 "Neither recipient keys nor passwords given".into()).into());
@@ -940,10 +942,10 @@ impl<'a> Encryptor<'a> {
         };
 
         let level = inner.as_ref().cookie_ref().level + 1;
-        let algo = SymmetricAlgorithm::AES256;
+        let algo = cipher_algo.into().unwrap_or(SymmetricAlgorithm::AES256);
 
         // Generate a session key.
-        let sk = SessionKey::new(&mut rng, algo.key_size().unwrap());
+        let sk = SessionKey::new(&mut rng, algo.key_size()?);
 
         // Write the PKESK packet(s).
         for tpk in tpks {
@@ -1052,7 +1054,7 @@ impl<'a> Encryptor<'a> {
             }));
 
             // Write the initialization vector, and the quick-check bytes.
-            let mut iv = vec![0; algo.block_size().unwrap()];
+            let mut iv = vec![0; algo.block_size()?];
             rng.random(&mut iv);
             encryptor.write_all(&iv)?;
             encryptor.write_all(&iv[iv.len() - 2..])?;
@@ -1407,7 +1409,7 @@ mod test {
             let m = Message::new(&mut o);
             let encryptor = Encryptor::new(
                 m, &passwords.iter().collect::<Vec<&Password>>(),
-                &[], EncryptionMode::ForTransport)
+                &[], EncryptionMode::ForTransport, None)
                 .unwrap();
             let mut literal = LiteralWriter::new(encryptor, DataFormat::Binary,
                                                  None, None)