Skip to main content

09_public_key/
09_public_key.rs

1use localauthentication::prelude::*;
2use std::time::{SystemTime, UNIX_EPOCH};
3
4fn unique_identifier(prefix: &str) -> String {
5    let now = SystemTime::now()
6        .duration_since(UNIX_EPOCH)
7        .unwrap_or_default()
8        .as_nanos();
9    format!("dev.doomfish.localauthentication.{prefix}.{now}")
10}
11
12fn main() -> Result<(), Box<dyn std::error::Error>> {
13    let store = LARightStore::shared()?;
14    let right = LARight::new()?;
15    let identifier = unique_identifier("public-key");
16
17    match store.save_right(&right, &identifier) {
18        Ok(persisted) => {
19            let public_key = persisted.public_key()?;
20            let sign = SecKeyAlgorithm::ecdsa_signature_message_x962_sha256();
21            let encrypt =
22                SecKeyAlgorithm::ecies_encryption_cofactor_variable_iv_x963_sha256_aes_gcm();
23
24            println!("public key bytes: {}", public_key.export_bytes()?.len());
25            println!("can verify: {}", public_key.can_verify_using(&sign)?);
26            println!("can encrypt: {}", public_key.can_encrypt_using(&encrypt)?);
27            println!(
28                "private key can sign: {}",
29                persisted.key()?.can_sign_using(&sign)?
30            );
31            store.remove_right(&persisted)?;
32        }
33        Err(error) => {
34            println!("public-key APIs need entitlements on many systems: {error}");
35        }
36    }
37
38    println!("✅ public-key smoke OK");
39    Ok(())
40}