cipherstash_client::zerokms::key_provider

Trait KeyProvider

pub trait KeyProvider:
    Send
    + Sync
    + 'static {
    // Required method
    fn client_key(
        &self,
    ) -> impl Future<Output = Result<ClientKey, KeyProviderError>> + Send;
}

Expand description

A source of ClientKey credentials for ZeroKMS.

Implementations must be Send + Sync + 'static so they can be stored in the builder and used across async contexts.

§Example

use cipherstash_client::zerokms::{KeyProvider, KeyProviderError, ClientKey, StaticKeyProvider};
use uuid::Uuid;

let client_key = ClientKey::from_hex_v1(
    Uuid::nil(),
    // ... hex-encoded key material
).unwrap();

let provider = StaticKeyProvider::new(client_key);
let key = provider.client_key().await?;

Required Methods§

fn client_key( &self, ) -> impl Future<Output = Result<ClientKey, KeyProviderError>> + Send

Load a ClientKey from this provider.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementations on Foreign Types§

§

impl KeyProvider for ProfileStore

Available on non-WebAssembly only.

§

async fn client_key(&self) -> Result<ClientKey, KeyProviderError>

§

impl<T: KeyProvider> KeyProvider for Option<T>

Wraps an Option<T> as a KeyProvider.

Some(provider) delegates to the inner provider.
None returns KeyProviderError::NotConfigured, which makes it compose naturally with FallbackKeyProvider — a None primary triggers the fallback.

§Example

use cipherstash_client::zerokms::{
    FallbackKeyProvider, StaticKeyProvider, KeyProvider, ClientKey,
};
use uuid::Uuid;

// None means "no explicit key" — falls through to the profile store
let explicit_key: Option<StaticKeyProvider> = None;
let provider = FallbackKeyProvider::new(
    explicit_key,
    StaticKeyProvider::new(fallback_key),
);
let key = provider.client_key().await.unwrap();

§