Skip to main content

FieldEncryption

fraiseql_server::encryption

Struct FieldEncryption 

Source 
pub struct FieldEncryption { /* private fields */ }
Expand description

Cipher for field-level encryption using AES-256-GCM

Encrypts sensitive database fields with authenticated encryption. Each encryption uses a random nonce, preventing identical plaintexts from producing identical ciphertexts.

§Example

let cipher = FieldEncryption::new("encryption-key".as_bytes());
let encrypted = cipher.encrypt("user@example.com")?;
let decrypted = cipher.decrypt(&encrypted)?;
assert_eq!(decrypted, "user@example.com");

Implementations§

Source§

impl FieldEncryption

Source

pub fn new(key: &[u8]) -> Self

Create new field encryption cipher

§Arguments
  • key - Encryption key bytes (must be exactly 32 bytes for AES-256)
§Returns

FieldEncryption cipher ready for encrypt/decrypt operations

§Panics

If key length is not exactly 32 bytes

Source

pub fn encrypt(&self, plaintext: &str) -> Result<Vec<u8>, SecretsError>

Encrypt plaintext field using AES-256-GCM

Generates random 96-bit nonce, encrypts with authenticated encryption, and returns [nonce || ciphertext] format for decryption.

§Arguments
  • plaintext - Data to encrypt
§Returns

Encrypted data in format: [12-byte nonce][ciphertext + 16-byte tag]

§Errors

Returns EncryptionError if encryption fails

Source

pub fn decrypt(&self, encrypted: &[u8]) -> Result<String, SecretsError>

Decrypt encrypted field using AES-256-GCM

Expects data in format: [12-byte nonce][ciphertext + 16-byte tag] Extracts nonce, decrypts, and verifies authentication tag.

§Arguments
  • encrypted - Encrypted data from encrypt()
§Returns

Decrypted plaintext as String

§Errors

Returns EncryptionError if:

  • Data too short for nonce
  • Decryption fails (wrong key or corrupted data)
  • Plaintext is not valid UTF-8
Source

pub fn encrypt_with_context( &self, plaintext: &str, context: &str, ) -> Result<Vec<u8>, SecretsError>

Encrypt field with additional context for audit/security

Includes context (e.g., user_id, field_name) in authenticated data but not in ciphertext, providing audit trail without bloating storage.

§Arguments
  • plaintext - Data to encrypt
  • context - Additional authenticated data (e.g., “user:123:email”)
§Returns

Encrypted data in format: [12-byte nonce][ciphertext + 16-byte tag]

Source

pub fn decrypt_with_context( &self, encrypted: &[u8], context: &str, ) -> Result<String, SecretsError>

Decrypt field with additional context verification

Context must match the value used during encryption for verification to succeed.

§Arguments
  • encrypted - Encrypted data from encrypt_with_context()
  • context - Context that was used during encryption
§Returns

Decrypted plaintext as String

§Errors

Returns EncryptionError if context doesn’t match or decryption fails

Trait Implementations§

Source§

impl Clone for FieldEncryption

Source§

fn clone(&self) -> FieldEncryption

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for FieldEncryption

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> FromRef<T> for T
where T: Clone,

Source§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
Source§

impl<T> FromRef<T> for T
where T: Clone,

Source§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> IntoRequest<T> for T

Source§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> Allocation for T
where T: RefUnwindSafe + Send + Sync,