To determine the key type of an encrypted secret, currently I am reading the file's header.
If you open an encrypted file in a text editor it will clearly show -> ssh-rsa ..., -> scrypt ..., etc on the second line.

Is this the proper way of determining a secret's key type (reading the raw header of the secret, and checking it) or is there a function within the spec/library to do this for me?

Or is it instead advised that I should enforce a specific key type for secrets in my projects?

This issue overlaps with #56.