Skip to main content

affinidi_crypto/
key_type.rs

1//! Key type enumeration
2
3use std::fmt;
4
5use serde::{Deserialize, Serialize};
6use zeroize::Zeroize;
7
8use crate::CryptoError;
9
10/// Known cryptographic key types.
11///
12/// This enum is `#[non_exhaustive]`: new algorithms (hybrid schemes, future
13/// NIST standards, vendor-specific key types) will be added in minor
14/// releases without breaking match-all arms.
15///
16/// No `Default` impl is provided on purpose: a key without a known
17/// algorithm is a programming error in this crate, not a sensible
18/// default state. `KeyType::Unknown` exists for parsing paths that
19/// receive an unrecognised curve or codec identifier.
20#[derive(Debug, Clone, Copy, Deserialize, Serialize, PartialEq, Eq, Zeroize)]
21#[non_exhaustive]
22pub enum KeyType {
23    Ed25519,
24    X25519,
25    P256,
26    P384,
27    P521,
28    Secp256k1,
29    /// BLS12-381 G2 public key — the verification key of a BBS+ issuer
30    /// (`bbs-2023` Data-Integrity cryptosuite). A 96-byte compressed G2 point,
31    /// multicodec `0xeb`.
32    Bls12381G2,
33    /// ML-DSA-44 (FIPS 204) — post-quantum signature scheme.
34    #[cfg(feature = "ml-dsa")]
35    MlDsa44,
36    /// ML-DSA-65 (FIPS 204) — post-quantum signature scheme.
37    #[cfg(feature = "ml-dsa")]
38    MlDsa65,
39    /// ML-DSA-87 (FIPS 204) — post-quantum signature scheme.
40    #[cfg(feature = "ml-dsa")]
41    MlDsa87,
42    /// SLH-DSA-SHA2-128s (FIPS 205) — stateless hash-based post-quantum signature.
43    #[cfg(feature = "slh-dsa")]
44    SlhDsaSha2_128s,
45    /// Unrecognised or unsupported key type. Produced by parsing paths
46    /// on unknown curve identifiers; should never be constructed directly.
47    Unknown,
48}
49
50impl TryFrom<&str> for KeyType {
51    type Error = CryptoError;
52
53    fn try_from(value: &str) -> Result<Self, Self::Error> {
54        match value {
55            "Ed25519" => Ok(KeyType::Ed25519),
56            "X25519" => Ok(KeyType::X25519),
57            "P-256" => Ok(KeyType::P256),
58            "P-384" => Ok(KeyType::P384),
59            "P-521" => Ok(KeyType::P521),
60            "secp256k1" => Ok(KeyType::Secp256k1),
61            "Bls12381G2" => Ok(KeyType::Bls12381G2),
62            #[cfg(feature = "ml-dsa")]
63            "ML-DSA-44" => Ok(KeyType::MlDsa44),
64            #[cfg(feature = "ml-dsa")]
65            "ML-DSA-65" => Ok(KeyType::MlDsa65),
66            #[cfg(feature = "ml-dsa")]
67            "ML-DSA-87" => Ok(KeyType::MlDsa87),
68            #[cfg(feature = "slh-dsa")]
69            "SLH-DSA-SHA2-128s" => Ok(KeyType::SlhDsaSha2_128s),
70            _ => Err(CryptoError::UnsupportedKeyType(value.to_string())),
71        }
72    }
73}
74
75impl fmt::Display for KeyType {
76    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
77        match self {
78            KeyType::Ed25519 => write!(f, "Ed25519"),
79            KeyType::X25519 => write!(f, "X25519"),
80            KeyType::P256 => write!(f, "P-256"),
81            KeyType::P384 => write!(f, "P-384"),
82            KeyType::P521 => write!(f, "P-521"),
83            KeyType::Secp256k1 => write!(f, "secp256k1"),
84            KeyType::Bls12381G2 => write!(f, "Bls12381G2"),
85            #[cfg(feature = "ml-dsa")]
86            KeyType::MlDsa44 => write!(f, "ML-DSA-44"),
87            #[cfg(feature = "ml-dsa")]
88            KeyType::MlDsa65 => write!(f, "ML-DSA-65"),
89            #[cfg(feature = "ml-dsa")]
90            KeyType::MlDsa87 => write!(f, "ML-DSA-87"),
91            #[cfg(feature = "slh-dsa")]
92            KeyType::SlhDsaSha2_128s => write!(f, "SLH-DSA-SHA2-128s"),
93            KeyType::Unknown => write!(f, "Unknown"),
94        }
95    }
96}