trelent-hyok 0.1.12

A Rust library implementing Hold Your Own Key (HYOK) encryption patterns with support for multiple cloud providers
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

//! Scope-based DEK management.
//!
//! This module provides functionality for managing Data Encryption Keys (DEKs)
//! within specific scopes. Scopes can represent:
//!
//! - Application contexts
//! - Data categories
//! - Security boundaries
//! - Organizational units
//!
//! Scoping helps organize keys and enforce access control boundaries.

/// A trait for types that can be associated with a specific scope.
///
/// This trait enables scope-based key management by allowing types to
/// declare their operational scope. This can be used for:
///
/// - Key isolation
/// - Access control
/// - Audit logging
/// - Key rotation policies
///
/// # Example
/// ```no_run
/// use hyokashi::WithScope;
///
/// struct UserData {
///     user_id: String,
///     department: String,
/// }
///
/// impl WithScope for UserData {
///     fn get_scope(&self) -> String {
///         format!("user/{}/dept/{}", self.user_id, self.department)
///     }
/// }
/// ```
pub trait WithScope {
    /// Returns the scope identifier for this instance.
    ///
    /// The scope should be:
    /// - Unique within its context
    /// - Consistent for the same logical scope
    /// - Suitable for use as a key identifier
    fn get_scope(&self) -> String;
}