Struct ScopedCipher
pub struct ScopedCipher<C> { /* private fields */ }Expand description
A Scoped Cipher is one which has been initialized for a specific keyset. It can be used only to encrypt and decrypt data for that keyset.
§Lifetime
Initialise once per process and hold an Arc<ScopedCipher<_>> for the
process lifetime. Recreating a ScopedCipher on a periodic schedule
(e.g. “refresh every N rows” in a bulk-ingest loop) is an anti-pattern:
ScopedCiphercarries no TTL of its own — it’s a thin wrapper around the keyset’s index key plus anArcto the underlying ZeroKMS client. The “scope” refers to the keyset binding, not a session lifetime.- Auth tokens used by the underlying client auto-refresh through
stack_auth::AutoRefresh— preemptively, 90 s before expiry, with in-flight refreshes shared across concurrent callers via a mutex. RecreatingScopedCipherdoesn’t trigger or improve this; it only discards the cached token and forces an immediate re-auth. - Recreating the cipher discards the warm
reqwest::Clientconnection pool. The next call after re-init pays a cold-start tax (DNS + TCP + TLS handshake) that can blow past the request timeout under variable network conditions.
If you’re working around symptoms that look like session expiry, check
the actual error chain — auth errors surface as
zerokms::Error::Auth, not as
ZeroKMS error 'Unexpected error'. The latter is almost always a
transport-level timeout (SendRequest) that periodic re-init makes
worse, not better.
See the “Tuning for bulk ingest” section on
ZeroKMSBuilder for the timeout /
pool / batch knobs that do help long-running encrypt loops.
Implementations§
§impl<C> ScopedCipher<C>
impl<C> ScopedCipher<C>
pub async fn init_default(
client: Arc<ZeroKMSWithClientKey<C>>,
) -> Result<Self, Error>
pub async fn init_default( client: Arc<ZeroKMSWithClientKey<C>>, ) -> Result<Self, Error>
Initialize a new ScopedCipher for the default keyset_id.
pub async fn init(
client: Arc<ZeroKMSWithClientKey<C>>,
keyset_id: Option<IdentifiedBy>,
) -> Result<Self, Error>
pub async fn init( client: Arc<ZeroKMSWithClientKey<C>>, keyset_id: Option<IdentifiedBy>, ) -> Result<Self, Error>
Initialize a new ScopedCipher for the given keyset_id. If the keyset_id is None, the ScopedCipher will be initialized with the default keyset_id for the client.
pub fn mac<const N: usize>(&self, value: &str, prefix: Option<&str>) -> [u8; N]
pub fn mac<const N: usize>(&self, value: &str, prefix: Option<&str>) -> [u8; N]
This value is used for term index keys and “encrypted” partition / sort keys
pub fn compound_index<I>(
&self,
index: I,
plaintext: ComposablePlaintext,
info: String,
) -> Result<IndexTerm, EncryptionError>where
I: ComposableIndex + Send,
pub fn compound_query<I>(
&self,
index: I,
input: ComposablePlaintext,
info: String,
) -> Result<IndexTerm, EncryptionError>where
I: ComposableIndex + Send,
pub async fn encrypt(
&self,
payloads: impl IntoIterator<Item = EncryptPayload<'_>>,
) -> Result<Vec<EncryptedRecord>, Error>
pub async fn encrypt( &self, payloads: impl IntoIterator<Item = EncryptPayload<'_>>, ) -> Result<Vec<EncryptedRecord>, Error>
Encrypt a stream of EncryptPayload and return them as an EncryptedRecord.
This function wraps the ZeroKMSWithClientKey::encrypt function but with the keyset_id set.
pub async fn decrypt<'a, D>(
&self,
payloads: impl IntoIterator<Item = D>,
opts: &DecryptOptions<'a>,
) -> Result<Vec<Vec<u8>>, Error>
pub async fn decrypt<'a, D>( &self, payloads: impl IntoIterator<Item = D>, opts: &DecryptOptions<'a>, ) -> Result<Vec<Vec<u8>>, Error>
Decrypt a stream of encrypted values (of type D where D: Decryptable) and return the raw decrypted binary
blob.
pub async fn decrypt_fallible<'a, D>( &self, payloads: impl IntoIterator<Item = D>, opts: &DecryptOptions<'a>, ) -> Result<Vec<Result<Vec<u8>, RecordDecryptError>>, Error>
pub fn index_key(&self) -> &IndexKey
pub fn keyset_id(&self) -> Uuid
Trait Implementations§
§impl<C> Debug for ScopedCipher<C>
impl<C> Debug for ScopedCipher<C>
§impl<C> Drop for ScopedCipher<C>
impl<C> Drop for ScopedCipher<C>
§impl<C> Zeroize for ScopedCipher<C>
impl<C> Zeroize for ScopedCipher<C>
Auto Trait Implementations§
impl<C> !RefUnwindSafe for ScopedCipher<C>
impl<C> !UnwindSafe for ScopedCipher<C>
impl<C> Freeze for ScopedCipher<C>
impl<C> Send for ScopedCipher<C>
impl<C> Sync for ScopedCipher<C>
impl<C> Unpin for ScopedCipher<C>
impl<C> UnsafeUnpin for ScopedCipher<C>
Blanket Implementations§
impl<T> AuthStrategyBounds for T
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more