Only render info about insecure impls if we have them

rustpq · Oct 16, 2023 · b00207b · b00207b
1 parent cfe44a1
commit b00207b
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 7 deletions.
diff --git a/generate-implementations.py b/generate-implementations.py
@@ -135,6 +135,8 @@ def generate_pqcrypto_crate(implementations):
     target_dir = 'pqcrypto'
     shutil.rmtree(target_dir)
     os.makedirs(os.path.join(target_dir, 'src'))
+    any_insecure = any(kem.get('insecure') for (_name, kem) in implementations['kems'].items())
+    any_insecure |= any(sig.get('insecure') for (_name, sig) in implementations['signs'].items())
 
     render_template(
         target_dir, 'Cargo.toml', "pqcrypto/Cargo.toml.j2",
@@ -152,6 +154,7 @@ def generate_pqcrypto_crate(implementations):
         target_dir, 'README.md', 'pqcrypto/README.md.j2',
         kems=implementations['kems'],
         signs=implementations['signs'],
+        any_insecure=any_insecure,
     )
     shutil.copytree(
         "pqcrypto-template/pqcrypto/examples",

diff --git a/pqcrypto-template/pqcrypto/README.md.j2 b/pqcrypto-template/pqcrypto/README.md.j2
@@ -4,13 +4,15 @@ This project contains Post-Quantum cryptographic algorithms that participate in
 the [NIST PQC standardization effort][nistpqc]. It is currently a collection of
 wrappers around C implementations from the [PQClean][pqclean] project.
 
+{% if any_insecure %}
 ## Insecure algorithms
 
 This crate contains optional support for insecure algorithms. They can be enabled via the
 ``cryptographically-insecure`` flag.
 
 This crate also contains algorithms that have non-constant time implementations.
 Always check the relevant algorithms for their security details.
+{% endif %}
 
 ## Included algorithms
 

diff --git a/pqcrypto/README.md b/pqcrypto/README.md
@@ -4,13 +4,6 @@ This project contains Post-Quantum cryptographic algorithms that participate in
 the [NIST PQC standardization effort][nistpqc]. It is currently a collection of
 wrappers around C implementations from the [PQClean][pqclean] project.
 
-## Insecure algorithms
-
-This crate contains optional support for insecure algorithms. They can be enabled via the
-``cryptographically-insecure`` flag.
-
-This crate also contains algorithms that have non-constant time implementations.
-Always check the relevant algorithms for their security details.
 
 ## Included algorithms