Struct MemoryKeyManagementClient

Source

pub struct MemoryKeyManagementClient { /* private fields */ }

Expand description

In-memory KMS for testing. Not suitable for production use.

use iceberg::encryption::KeyManagementClient;
use iceberg::encryption::kms::MemoryKeyManagementClient;

let kms = MemoryKeyManagementClient::new();
kms.add_master_key("my-master-key")?;

let dek = vec![0u8; 16];
let wrapped = kms.wrap_key(&dek, "my-master-key").await?;
let unwrapped = kms.unwrap_key(&wrapped, "my-master-key").await?;
assert_eq!(dek.as_slice(), unwrapped.as_bytes());

Implementations§

Source §

impl MemoryKeyManagementClient

Source

pub fn new() -> Self

Creates a new in-memory KMS with 128-bit AES keys.

Source

pub fn with_master_key_size(master_key_size: AesKeySize) -> Self

Creates a new in-memory KMS with the specified master key size.

Source

pub fn add_master_key(&self, key_id: impl Into<String>) -> Result<()>

Adds a randomly generated master key with the given ID.

Source

pub fn add_master_key_bytes( &self, key_id: impl Into<String>, key_bytes: SensitiveBytes, ) -> Result<()>

Adds a master key with explicit key bytes.

Use this to seed the KMS with known key material, e.g. for cross-language integration tests where both Java and Rust must share the same master key bytes.

Source

pub fn key_count(&self) -> usize

Number of master keys stored.

Source

pub fn has_key(&self, key_id: &str) -> bool

Whether a master key with the given ID exists.

Trait Implementations§

Source §

impl Clone for MemoryKeyManagementClient

Source §

fn clone(&self) -> MemoryKeyManagementClient

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Source §

impl Debug for MemoryKeyManagementClient

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Source §

impl Default for MemoryKeyManagementClient

Source §

fn default() -> MemoryKeyManagementClient

Returns the “default value” for a type. Read more

Source §

impl KeyManagementClient for MemoryKeyManagementClient

Source §

fn wrap_key<'life0, 'life1, 'life2, 'async_trait>( &'life0 self, key: &'life1 [u8], wrapping_key_id: &'life2 str, ) -> Pin<Box<dyn Future<Output = Result<Vec<u8>>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait,

Wrap (encrypt) a key using a wrapping key managed by the KMS.

Source §

fn unwrap_key<'life0, 'life1, 'life2, 'async_trait>( &'life0 self, wrapped_key: &'life1 [u8], wrapping_key_id: &'life2 str, ) -> Pin<Box<dyn Future<Output = Result<SensitiveBytes>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait,

Unwrap (decrypt) a previously wrapped key.

Source §

fn supports_key_generation(&self) -> bool

Whether this KMS supports server-side key generation. Read more

Source §

fn generate_key<'life0, 'life1, 'async_trait>( &'life0 self, _wrapping_key_id: &'life1 str, ) -> Pin<Box<dyn Future<Output = Result<GeneratedKey>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait,

Generate a new key and wrap it atomically on the server side. Read more

Auto Trait Implementations§

§

impl UnwindSafe for MemoryKeyManagementClient

Blanket Implementations§

Source §

impl<T> Any for T
where T: 'static + ?Sized,

Source §

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

§

impl As for U

§

fn as_<T>(self) -> T
where T: CastFrom,

Casts self to type T. The semantics of numeric casting with the as operator are followed, so <T as As>::as_:: can be used in the same way as T as U for numeric conversions. Read more

§

impl<T> AsAny for T
where T: Any,

§

fn as_any(&self) -> &(dyn Any + 'static)

§

fn as_any_mut(&mut self) -> &mut (dyn Any + 'static)

§

fn type_name(&self) -> &'static str

Gets the type name of self

Source §

impl<T> Borrow<T> for T
where T: ?Sized,

Source §

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

Source §

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source §

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

Source §

impl<T> CloneToUninit for T
where T: Clone,

Source §

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

§

impl<T> Downcast for T
where T: AsAny + ?Sized,

§

fn is<T>(&self) -> bool
where T: AsAny,

Returns true if the boxed type is the same as T. Read more

§

fn downcast_ref<T>(&self) -> Option<&T>
where T: AsAny,

Forward to the method defined on the type Any.

§

fn downcast_mut<T>(&mut self) -> Option<&mut T>
where T: AsAny,

Forward to the method defined on the type Any.

Source §

impl<T> From<T> for T

Source §

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more

§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Source §

impl<T, U> Into for T
where U: From<T>,

Source §

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source §

impl<T> IntoEither for T

Source §

fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

§