pub fn tls_key_type_matches_length(
tls_key_type: TlsKeyType,
length: Option<u32>,
) -> Result<(), Error>Expand description
Ensures that a TlsKeyType is compatible with an optional key length
§Errors
Returns an Error::Key if
tls_key_typeis one ofTlsKeyType::Curve25519,TlsKeyType::EcP224,TlsKeyType::EcP256,TlsKeyType::EcP384orTlsKeyType::EcP521andlengthisSome.tls_key_typeisTlsKeyType::RsaandlengthisNone.tls_key_typeisTlsKeyType::Rsaandlengthis notSomevalue equal to or greater than [MIN_RSA_BIT_LENGTH].
§Examples
use nethsm::{TlsKeyType, tls_key_type_matches_length};
tls_key_type_matches_length(TlsKeyType::Curve25519, None)?;
tls_key_type_matches_length(TlsKeyType::EcP224, None)?;
tls_key_type_matches_length(TlsKeyType::Rsa, Some(2048))?;
// this fails because elliptic curve keys have their length set intrinsically
assert!(tls_key_type_matches_length(TlsKeyType::Curve25519, Some(2048)).is_err());
// this fails because a bit length of 1024 is unsafe to use for RSA keys
assert!(tls_key_type_matches_length(TlsKeyType::Rsa, Some(1024)).is_err());