Trait KeyRing 

pub trait KeyRing: Send + Sync {
    // Required methods
    fn catalog_codec(&self) -> &dyn PageCodec;
    fn collection_codec(
        &self,
        collection: CollectionId,
    ) -> Result<Box<dyn PageCodec>, CoreError>;
    fn provision_collection(
        &self,
        collection: CollectionId,
    ) -> Result<(), CoreError>;
    fn shred_collection(
        &self,
        collection: CollectionId,
    ) -> Result<(), CoreError>;
}

Supplies the page codecs the storage engine seals data with, and manages the per-collection key lifecycle that crypto-shredding relies on.

Implementations are shared for the lifetime of a Store, so they must be Send + Sync.

Required Methods

fn catalog_codec(&self) -> &dyn PageCodec

The codec for engine-wide structures: the manifest and the write-ahead log.

fn collection_codec( &self, collection: CollectionId, ) -> Result<Box<dyn PageCodec>, CoreError>

The codec for one collection’s segments and index artifacts.

Errors

Fails if the collection’s key material is unavailable — for an envelope key-ring that means it was crypto-shredded, so the data is intentionally unrecoverable.

fn provision_collection( &self, collection: CollectionId, ) -> Result<(), CoreError>

Provision key material for a new collection. Idempotent, and a no-op for key-rings without per-collection keys.

Errors

Fails if key material cannot be generated or persisted.

fn shred_collection(&self, collection: CollectionId) -> Result<(), CoreError>

Crypto-shred a collection: destroy its key material so its sealed data can never be decrypted again. A no-op for key-rings without per-collection keys, where reclaiming the files is the only erasure.

Errors

Fails if the key material cannot be destroyed.

Dyn Compatibility

This trait is dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementors

impl KeyRing for SingleCodecKeyRing