Skip to main content

auths_core/
lib.rs

1#![deny(
2    clippy::print_stdout,
3    clippy::print_stderr,
4    clippy::exit,
5    clippy::dbg_macro
6)]
7#![deny(clippy::disallowed_methods)]
8#![deny(clippy::unwrap_used)]
9#![deny(clippy::expect_used)]
10#![deny(rustdoc::broken_intra_doc_links)]
11#![warn(clippy::too_many_lines, clippy::cognitive_complexity)]
12#![warn(missing_docs)]
13//! # auths-core
14//!
15//! Core cryptographic primitives and secure key storage for Auths.
16//!
17//! This crate provides:
18//! - **Secure key storage** via platform keychains (macOS, Windows, Linux)
19//! - **Signing operations** through the [`signing::SecureSigner`] trait
20//! - **Passphrase handling** with [`signing::PassphraseProvider`] abstraction
21//! - **Error types** for all failure modes
22//!
23//! ## Quick Start
24//!
25//! ```rust,ignore
26//! use auths_core::storage::keychain::get_platform_keychain;
27//! use auths_core::signing::{StorageSigner, SecureSigner};
28//!
29//! // Get the platform-appropriate keychain
30//! let keychain = get_platform_keychain()?;
31//! let signer = StorageSigner::new(keychain);
32//!
33//! // Sign with a stored key
34//! let signature = signer.sign_with_alias("my-key", &provider, b"message")?;
35//! ```
36//!
37//! ## Feature Flags
38//!
39//! - `keychain-linux-secretservice` — Enable Linux Secret Service backend
40//! - `keychain-windows` — Enable Windows Credential Manager backend
41//! - `keychain-file-fallback` — Enable encrypted file storage fallback
42//! - `crypto-secp256k1` — Enable secp256k1/BIP340 for Nostr
43//! - `test-utils` — Export test utilities (e.g., in-memory keychain for testing)
44//!
45//! ## Platform Support
46//!
47//! | Platform | Keychain | Feature Required |
48//! |----------|----------|-----------------|
49//! | macOS/iOS | Keychain Services | (default) |
50//! | Linux | Secret Service | `keychain-linux-secretservice` |
51//! | Windows | Credential Manager | `keychain-windows` |
52//! | Any | Encrypted file | `keychain-file-fallback` |
53
54pub mod agent;
55pub mod api;
56pub mod config;
57pub mod crypto;
58pub mod error;
59pub mod keri_did;
60pub mod pairing;
61pub mod paths;
62pub mod policy;
63pub mod ports;
64pub mod proto;
65pub mod server;
66pub mod signing;
67pub mod storage;
68#[cfg(any(test, feature = "test-utils"))]
69#[allow(clippy::unwrap_used, clippy::expect_used)]
70pub mod testing;
71pub mod trust;
72pub mod utils;
73pub mod witness;
74
75pub use agent::{AgentCore, AgentHandle, AgentSession};
76// IMPORTANT: These agent client functions use Unix domain sockets and are only
77// available on Unix. Do NOT remove this #[cfg(unix)] — it will break Windows CI.
78#[cfg(unix)]
79pub use agent::{
80    AgentStatus, add_identity, agent_sign, check_agent_status, list_identities,
81    remove_all_identities,
82};
83pub use crypto::{EncryptionAlgorithm, SignerKey};
84pub use error::{AgentError, AuthsErrorInfo};
85pub use signing::{KeychainPassphraseProvider, PrefilledPassphraseProvider};