pub trait MetadataCodec: Send + Sync {
// Required methods
fn unseal(&self, ctx: &ReplicaCtx<'_>, vmk: &[u8]) -> VckResult<Unsealed>;
fn seal(
&self,
header: &JvckHeader,
secrets: &JvckSecrets,
encrypted_offset: u64,
state: VolumeState,
salt: &[u8; 16],
vmk: &[u8],
out: &mut [u8; 512],
) -> VckResult<()>;
// Provided method
fn read_offset(&self, ctx: &ReplicaCtx<'_>, vmk: &[u8]) -> VckResult<u64> { ... }
}Expand description
Seals/unseals the EncryptedMetadata blob of a JVCK Metadata block.
unseal/seal MUST round-trip. The plaintext header fields are written /
parsed by the store + JvckHeader; a codec owns only the 128-byte
encrypted payload (FVEK + offset + state) and its authentication.
Required Methods§
Sourcefn unseal(&self, ctx: &ReplicaCtx<'_>, vmk: &[u8]) -> VckResult<Unsealed>
fn unseal(&self, ctx: &ReplicaCtx<'_>, vmk: &[u8]) -> VckResult<Unsealed>
Authenticate + decrypt the EncryptedMetadata of ctx’s replica. A wrong
vmk (or a replica that does not belong to this codec) must error so the
reader can try the next replica.
Sourcefn seal(
&self,
header: &JvckHeader,
secrets: &JvckSecrets,
encrypted_offset: u64,
state: VolumeState,
salt: &[u8; 16],
vmk: &[u8],
out: &mut [u8; 512],
) -> VckResult<()>
fn seal( &self, header: &JvckHeader, secrets: &JvckSecrets, encrypted_offset: u64, state: VolumeState, salt: &[u8; 16], vmk: &[u8], out: &mut [u8; 512], ) -> VckResult<()>
Serialize header + the sensitive secrets/encrypted_offset/state
into a 512-byte out block (encrypting the inner payload, computing
auth). salt is the per-write random salt.
Provided Methods§
Sourcefn read_offset(&self, ctx: &ReplicaCtx<'_>, vmk: &[u8]) -> VckResult<u64>
fn read_offset(&self, ctx: &ReplicaCtx<'_>, vmk: &[u8]) -> VckResult<u64>
Read only encrypted_offset (recovery scan) without retaining the FVEK.
Default: unseal then drop the secrets.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".