#!/usr/bin/env swift

import Foundation 
import CryptoKit 

let se = SecureEnclave.isAvailable;
print("Supports SE: \(se)");

var error: Unmanaged<CFError>? = nil;
guard
let accessCtrl = SecAccessControlCreateWithFlags(
    nil,
    kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
    [.privateKeyUsage, .biometryCurrentSet],
    &error
) else {
        throw error!.takeRetainedValue() as Swift.Error;
}

var privateKeyReference = try CryptoKit.SecureEnclave.MLKEM768.PrivateKey.init(
    accessControl: accessCtrl
);

print("Private key reference: \(privateKeyReference)");
print();
print("Private key reference - dataRepresentation: \(privateKeyReference.dataRepresentation.base64EncodedString())");
print();
print("Private key reference - publicKey: \(privateKeyReference.publicKey.rawRepresentation.base64EncodedString())");

let encapsulationResult = try privateKeyReference.publicKey.encapsulate();
print();
print("Encapsulated: \(encapsulationResult.encapsulated.base64EncodedString())");
print();
let sharedSecretData = encapsulationResult.sharedSecret.withUnsafeBytes { Data($0) }

print("SharedSecret: \(sharedSecretData.base64EncodedString())");


let sharedSecret2 = try privateKeyReference.decapsulate(encapsulationResult.encapsulated);
let sharedSecretData2 = sharedSecret2.withUnsafeBytes { Data($0) }

print("SharedSecret2: \(sharedSecretData2.base64EncodedString())");