Skip to main content

EntryEncryptor

amaters_cluster::encryption

Struct EntryEncryptor 

Source 
pub struct EntryEncryptor { /* private fields */ }
Expand description

Encrypts and decrypts Raft log entry payloads using AES-256-GCM.

The AES key and nonce for each entry are deterministically derived from the master key and the entry index via HKDF-SHA256, ensuring unique key material per entry without the need for a random nonce.

Internally backed by an Arc<RwLock<KeyManager>> so that key rotation is supported transparently. EntryEncryptor::new wraps a single key in a 1-version KeyManager; EntryEncryptor::with_key_manager takes a shared KeyManager for the rotation-aware path.

Implementations§

Source§

impl EntryEncryptor

Source

pub fn new(key: LogEncryptionKey) -> Self

Create a new EntryEncryptor backed by a single fixed key.

Convenience constructor: wraps key in a one-version KeyManager internally. Equivalent to EntryEncryptor::with_key_manager(Arc::new(RwLock::new(KeyManager::new(key, 1)))).

Source

pub fn with_key_manager(keys: Arc<RwLock<KeyManager>>) -> Self

Create an EntryEncryptor backed by a shared, rotation-aware KeyManager.

Both encryption and decryption read through the manager. Encryption always uses the manager’s current key (and tags the resulting payload with that version); decryption looks up the version stored in the payload.

Source

pub fn key_manager(&self) -> &Arc<RwLock<KeyManager>>

Borrow the inner KeyManager handle for callers that want to drive rotation directly.

Source

pub fn encrypt( &self, entry_index: u64, plaintext: &[u8], ) -> RaftResult<EncryptedPayload>

Encrypt plaintext associated with entry_index using the current key version.

The returned EncryptedPayload contains the GCM ciphertext (with auth tag), the nonce that was used, and the KeyVersion of the master key.

§Errors

Returns RaftError::StorageError on any cryptographic failure.

Source

pub fn decrypt( &self, entry_index: u64, payload: &EncryptedPayload, ) -> RaftResult<Vec<u8>>

Decrypt payload associated with entry_index.

The AES key is re-derived from the master key whose version is recorded in payload.key_version (looked up in the KeyManager). The nonce stored in the payload is used for decryption.

§Errors

Returns RaftError::StorageError when the recorded key version has been pruned from the KeyManager history, when key derivation fails, or when GCM authentication fails (including tampered ciphertext).

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<A, B, T> HttpServerConnExec<A, B> for T
where B: Body,