Function key_type_matches_length

pub fn key_type_matches_length(
    key_type: KeyType,
    length: Option<u32>,
) -> Result<(), Error>

Expand description

Ensures that a KeyType is compatible with an optional key length

§Errors

Returns an error if

key_type is one of KeyType::Curve25519, KeyType::EcP256, KeyType::EcP384 or KeyType::EcP521 and length is Some.
key_type is KeyType::Generic or KeyType::Rsa and length is None.
key_type is KeyType::Generic and length is not Some value of 128, 192 or 256.
key_type is KeyType::Rsa and length is not Some value equal to or greater than [MIN_RSA_BIT_LENGTH].

§Examples

use signstar_crypto::key::{KeyType, key_type_matches_length};

key_type_matches_length(KeyType::Curve25519, None)?;
key_type_matches_length(KeyType::EcP256, None)?;
key_type_matches_length(KeyType::Rsa, Some(2048))?;
key_type_matches_length(KeyType::Generic, Some(256))?;

// this fails because elliptic curve keys have their length set intrinsically
assert!(key_type_matches_length(KeyType::Curve25519, Some(2048)).is_err());
// this fails because a bit length of 2048 is not defined for AES block ciphers
assert!(key_type_matches_length(KeyType::Generic, Some(2048)).is_err());
// this fails because a bit length of 1024 is unsafe to use for RSA keys
assert!(key_type_matches_length(KeyType::Rsa, Some(1024)).is_err());

key_type_matches_length

Function key_type_matches_length Copy item path

§Errors

§Examples

Function key_type_matches_length