From 259cad06f8d88db9ddfa85c2c188b5b0130cb393 Mon Sep 17 00:00:00 2001
From: rtkay123 <dev@kanjala.com>
Date: Wed, 30 Jul 2025 08:52:05 +0200
Subject: feat(auth): create keypair

---
 crates/auth-service/src/server/keys.rs | 38 ++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 crates/auth-service/src/server/keys.rs

(limited to 'crates/auth-service/src/server/keys.rs')

diff --git a/crates/auth-service/src/server/keys.rs b/crates/auth-service/src/server/keys.rs
new file mode 100644
index 0000000..5c9ee43
--- /dev/null
+++ b/crates/auth-service/src/server/keys.rs
@@ -0,0 +1,38 @@
+use rsa::{
+    pkcs8::{EncodePrivateKey, EncodePublicKey, LineEnding},
+    RsaPrivateKey,
+    RsaPublicKey,
+};
+
+use crate::error::AppError;
+
+/// A private/public key pair used for HTTP signatures
+#[derive(Debug, Clone)]
+pub struct Keypair {
+    /// Private key in PEM format
+    pub private_key: String,
+    /// Public key in PEM format
+    pub public_key: String,
+}
+
+impl Keypair {
+    /// Helper method to turn this into an openssl private key
+    #[cfg(test)]
+    pub(crate) fn private_key(&self) -> Result<RsaPrivateKey, anyhow::Error> {
+        use rsa::pkcs8::DecodePrivateKey;
+
+        Ok(RsaPrivateKey::from_pkcs8_pem(&self.private_key)?)
+    }
+}
+
+pub fn generate_actor_keypair() -> Result<Keypair, AppError> {
+    let mut rng = rand::thread_rng();
+    let rsa = RsaPrivateKey::new(&mut rng, 2048)?;
+    let pkey = RsaPublicKey::from(&rsa);
+    let public_key = pkey.to_public_key_pem(LineEnding::default())?;
+    let private_key = rsa.to_pkcs8_pem(LineEnding::default())?.to_string();
+    Ok(Keypair {
+        private_key,
+        public_key,
+    })
+}
-- 
cgit v1.2.3