pub fn key_type_matches_mechanisms(
key_type: KeyType,
mechanisms: &[KeyMechanism],
) -> Result<(), Error>Expand description
Ensures that a KeyType is compatible with a list of KeyMechanisms
§Errors
Returns an Error::Key if any of the KeyMechanisms is incompatible
with the KeyType
§Examples
use nethsm::{KeyMechanism, KeyType, key_type_matches_mechanisms};
key_type_matches_mechanisms(KeyType::Curve25519, &[KeyMechanism::EdDsaSignature])?;
key_type_matches_mechanisms(KeyType::EcP224, &[KeyMechanism::EcdsaSignature])?;
key_type_matches_mechanisms(
KeyType::Rsa,
&[
KeyMechanism::RsaDecryptionPkcs1,
KeyMechanism::RsaSignaturePkcs1,
],
)?;
key_type_matches_mechanisms(
KeyType::Generic,
&[
KeyMechanism::AesDecryptionCbc,
KeyMechanism::AesEncryptionCbc,
],
)?;
// this fails because Curve25519 is not compatible with the Elliptic Curve Digital Signature Algorithm (ECDSA),
// but instead requires the use of the Edwards-curve Digital Signature Algorithm (EdDSA)
assert!(
key_type_matches_mechanisms(KeyType::Curve25519, &[KeyMechanism::EcdsaSignature]).is_err()
);
// this fails because RSA key mechanisms are not compatible with block ciphers
assert!(key_type_matches_mechanisms(
KeyType::Generic,
&[
KeyMechanism::RsaDecryptionPkcs1,
KeyMechanism::RsaSignaturePkcs1,
]
)
.is_err());
// this fails because RSA keys do not support Curve25519's Edwards-curve Digital Signature Algorithm (EdDSA)
assert!(key_type_matches_mechanisms(
KeyType::Rsa,
&[
KeyMechanism::AesDecryptionCbc,
KeyMechanism::AesEncryptionCbc,
KeyMechanism::EcdsaSignature
]
)
.is_err());