Skip to main content

EntryEncryptor

amaters_cluster::encryption

Struct EntryEncryptor 

Source 
pub struct EntryEncryptor { /* private fields */ }
Expand description

Encrypts and decrypts Raft log entry payloads using AES-256-GCM.

The AES key and nonce for each entry are deterministically derived from the master key and the entry index via HKDF-SHA256, ensuring unique key material per entry without the need for a random nonce.

Internally backed by an Arc<RwLock<KeyManager>> so that key rotation is supported transparently. EntryEncryptor::new wraps a single key in a 1-version KeyManager; EntryEncryptor::with_key_manager takes a shared KeyManager for the rotation-aware path.

Implementations§

Source§

impl EntryEncryptor

Source

pub fn new(key: LogEncryptionKey) -> Self

Create a new EntryEncryptor backed by a single fixed key.

Convenience constructor: wraps key in a one-version KeyManager internally. Equivalent to EntryEncryptor::with_key_manager(Arc::new(RwLock::new(KeyManager::new(key, 1)))).

Source

pub fn with_key_manager(keys: Arc<RwLock<KeyManager>>) -> Self

Create an EntryEncryptor backed by a shared, rotation-aware KeyManager.

Both encryption and decryption read through the manager. Encryption always uses the manager’s current key (and tags the resulting payload with that version); decryption looks up the version stored in the payload.

Source

pub fn key_manager(&self) -> &Arc<RwLock<KeyManager>>

Borrow the inner KeyManager handle for callers that want to drive rotation directly.

Source

pub fn encrypt( &self, entry_index: u64, plaintext: &[u8], ) -> RaftResult<EncryptedPayload>

Encrypt plaintext associated with entry_index using the current key version.

The returned EncryptedPayload contains the GCM ciphertext (with auth tag), the nonce that was used, and the KeyVersion of the master key.

§Errors

Returns RaftError::StorageError on any cryptographic failure.

Source

pub fn decrypt( &self, entry_index: u64, payload: &EncryptedPayload, ) -> RaftResult<Vec<u8>>

Decrypt payload associated with entry_index.

The AES key is re-derived from the master key whose version is recorded in payload.key_version (looked up in the KeyManager). The nonce stored in the payload is used for decryption.

§Errors

Returns RaftError::StorageError when the recorded key version has been pruned from the KeyManager history, when key derivation fails, or when GCM authentication fails (including tampered ciphertext).

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> ArchivePointee for T

Source§

type ArchivedMetadata = ()

The archived version of the pointer metadata for this type.
Source§

fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata, ) -> <T as Pointee>::Metadata

Converts some archived metadata to the pointer metadata for itself.
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<Input, Output> CastInto<Output> for Input
where Output: CastFrom<Input>,

Source§

fn cast_into(self) -> Output

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<A, B, T> HttpServerConnExec<A, B> for T
where B: Body,

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> LayoutRaw for T

Source§

fn layout_raw(_: <T as Pointee>::Metadata) -> Result<Layout, LayoutError>

Returns the layout of the type.
Source§

impl<T, N1, N2> Niching<NichedOption<T, N1>> for N2
where T: SharedNiching<N1, N2>, N1: Niching<T>, N2: Niching<T>,

Source§

unsafe fn is_niched(niched: *const NichedOption<T, N1>) -> bool

Returns whether the given value has been niched. Read more
Source§

fn resolve_niched(out: Place<NichedOption<T, N1>>)

Writes data to out indicating that a T is niched.
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Pointee for T

Source§

type Metadata = ()

The metadata type for pointers and references to this type.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more