1 files changed, 34 insertions, 0 deletions

diff --git a/src/mailman_pgp/utils/config.py b/src/mailman_pgp/utils/config.py
index 3296379..6b45d05 100644
--- a/src/mailman_pgp/utils/config.py
+++ b/src/mailman_pgp/utils/config.py
@@ -19,6 +19,7 @@
 import pathlib
 
 from mailman.utilities.string import expand
+from pgpy.constants import EllipticCurveOID, PubKeyAlgorithm
 
 from mailman_pgp.config import mm_config
 
@@ -29,3 +30,36 @@ def expandable_str(value):
 
 def expandable_path(value):
     return pathlib.Path(expandable_str(value))
+
+
+def key_spec(value):
+    KEYPAIR_TYPE_MAP = {
+        'RSA': PubKeyAlgorithm.RSAEncryptOrSign,
+        'DSA': PubKeyAlgorithm.DSA,
+        'ECDSA': PubKeyAlgorithm.ECDSA,
+        'ECDH': PubKeyAlgorithm.ECDH
+    }
+    ECC_OID_MAP = {
+        'nistp256': EllipticCurveOID.NIST_P256,
+        'nistp384': EllipticCurveOID.NIST_P384,
+        'nistp521': EllipticCurveOID.NIST_P521,
+        'brainpoolP256r1': EllipticCurveOID.Brainpool_P256,
+        'brainpoolP384r1': EllipticCurveOID.Brainpool_P384,
+        'brainpoolP512r1': EllipticCurveOID.Brainpool_P512,
+        'secp256k1': EllipticCurveOID.SECP256K1
+    }
+    key_type, key_length = value.split(':')
+    key_type = key_type.upper()
+    key_length = key_length.lower()
+
+    if key_type not in KEYPAIR_TYPE_MAP:
+        raise ValueError('Invalid key type: {}.'.format(key_type))
+
+    out_type = KEYPAIR_TYPE_MAP[key_type]
+    if key_type in ('ECDSA', 'ECDH'):
+        if key_length not in ECC_OID_MAP:
+            raise ValueError('Invalid key length: {}.'.format(key_length))
+        out_length = ECC_OID_MAP[key_length]
+    else:
+        out_length = int(key_length)
+    return (out_type, out_length)