pub struct CekCache { /* private fields */ }Expand description
Thread-safe cache for decrypted Column Encryption Keys.
The cache stores decrypted CEKs and pre-computed AEAD encryptors to avoid repeated RSA decryption and key derivation operations.
§Cache Key
Entries are keyed by: (database_id, cek_id, cek_version)
§Expiration
Entries expire after a configurable TTL (default: 2 hours). Expired entries are lazily removed on access.
Implementations§
Source§impl CekCache
impl CekCache
Sourcepub fn get(&self, key: &CekCacheKey) -> Option<Arc<AeadEncryptor>>
pub fn get(&self, key: &CekCacheKey) -> Option<Arc<AeadEncryptor>>
Get a cached encryptor for a CEK.
Returns None if the entry doesn’t exist or has expired.
Sourcepub fn insert(
&self,
key: CekCacheKey,
cek: Vec<u8>,
) -> Result<Arc<AeadEncryptor>, EncryptionError>
pub fn insert( &self, key: CekCacheKey, cek: Vec<u8>, ) -> Result<Arc<AeadEncryptor>, EncryptionError>
Sourcepub async fn get_or_insert<F, Fut>(
&self,
key: CekCacheKey,
get_cek: F,
) -> Result<Arc<AeadEncryptor>, EncryptionError>
pub async fn get_or_insert<F, Fut>( &self, key: CekCacheKey, get_cek: F, ) -> Result<Arc<AeadEncryptor>, EncryptionError>
Get or insert a CEK.
If the CEK is cached, returns the cached encryptor. Otherwise, calls the provided function to get the CEK and caches it.
§Arguments
key- The cache keyget_cek- Function to get the CEK if not cached
Sourcepub fn remove(&self, key: &CekCacheKey) -> bool
pub fn remove(&self, key: &CekCacheKey) -> bool
Remove a CEK from the cache.
Call this when a CEK is rotated or invalidated.
Sourcepub fn cleanup_expired(&self)
pub fn cleanup_expired(&self)
Clear all expired entries from the cache.
Trait Implementations§
Auto Trait Implementations§
impl !Freeze for CekCache
impl !RefUnwindSafe for CekCache
impl Send for CekCache
impl Sync for CekCache
impl Unpin for CekCache
impl UnsafeUnpin for CekCache
impl UnwindSafe for CekCache
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more