diff options
Diffstat (limited to 'openpgp')
-rw-r--r-- | openpgp/NEWS | 1 | ||||
-rw-r--r-- | openpgp/src/cert/builder.rs | 54 |
2 files changed, 55 insertions, 0 deletions
diff --git a/openpgp/NEWS b/openpgp/NEWS index 9fc36a9c..2bec0b11 100644 --- a/openpgp/NEWS +++ b/openpgp/NEWS @@ -4,6 +4,7 @@ * Changes in 1.4.0 ** New functionality + - CipherSuite::is_supported - Preferences::policy_uri - TSK::eq - ValidAmalgamation::revocation_keys diff --git a/openpgp/src/cert/builder.rs b/openpgp/src/cert/builder.rs index 7f8812f7..eee275eb 100644 --- a/openpgp/src/cert/builder.rs +++ b/openpgp/src/cert/builder.rs @@ -78,6 +78,60 @@ impl Default for CipherSuite { } impl CipherSuite { + /// Returns whether the currently selected cryptographic backend + /// supports the encryption and signing algorithms that the cipher + /// suite selects. + pub fn is_supported(&self) -> Result<()> { + use crate::types::{Curve, PublicKeyAlgorithm}; + use CipherSuite::*; + + macro_rules! check_pk { + ($pk: expr) => { + if ! $pk.is_supported() { + return Err(Error::UnsupportedPublicKeyAlgorithm($pk) + .into()); + } + } + } + + macro_rules! check_curve { + ($curve: expr) => { + if ! $curve.is_supported() { + return Err(Error::UnsupportedEllipticCurve($curve) + .into()); + } + } + } + + match self { + Cv25519 => { + check_pk!(PublicKeyAlgorithm::EdDSA); + check_curve!(Curve::Ed25519); + check_pk!(PublicKeyAlgorithm::ECDH); + check_curve!(Curve::Cv25519); + }, + RSA2k | RSA3k | RSA4k => { + check_pk!(PublicKeyAlgorithm::RSAEncryptSign); + }, + P256 => { + check_pk!(PublicKeyAlgorithm::ECDSA); + check_curve!(Curve::NistP256); + check_pk!(PublicKeyAlgorithm::ECDH); + }, + P384 => { + check_pk!(PublicKeyAlgorithm::ECDSA); + check_curve!(Curve::NistP384); + check_pk!(PublicKeyAlgorithm::ECDH); + }, + P521 => { + check_pk!(PublicKeyAlgorithm::ECDSA); + check_curve!(Curve::NistP521); + check_pk!(PublicKeyAlgorithm::ECDH); + }, + } + Ok(()) + } + fn generate_key<K, R>(self, flags: K) -> Result<Key<key::SecretParts, R>> where R: key::KeyRole, |