Signet Forge 0.1.1
C++20 Parquet library with AI-native extensions
 DEMO
Loading...
Searching...
No Matches
Public Member Functions | Public Attributes | List of all members
signet::forge::crypto::EncryptedReaderOptions Struct Reference

High-level decryption options for ParquetReader. More...

#include <pme_facade.hpp>

Public Member Functions

void classify (const std::string &column_name, ColumnClassification cls)
 Classify a column (must match writer classification for correct HKDF).
 
void authorise (const std::string &column_name)
 Authorise a column for reading.
 
bool is_authorised (const std::string &column_name) const
 Check if a column is authorised for this reader.
 
EncryptionConfig build_config (const KeyHandle &master_key) const
 Build the low-level EncryptionConfig for decryption.
 

Public Attributes

EncryptionAlgorithm algorithm = EncryptionAlgorithm::AES_GCM_CTR_V1
 Algorithm must match the writer's algorithm.
 
bool encrypted_footer = true
 Whether the footer was encrypted (must match writer).
 
std::string aad_prefix = "signet-forge-pme"
 AAD prefix (must match writer).
 
std::unordered_map< std::string, ColumnClassificationcolumn_classes
 Column classifications (must match writer for correct key derivation).
 
std::vector< std::string > authorised_columns
 Authorised columns for this reader.
 

Detailed Description

High-level decryption options for ParquetReader.

The reader presents a KeyHandle and an optional set of authorised columns. Columns not in the authorised set are denied — the reader cannot decrypt them even if the key would derive the correct DEK.

Definition at line 253 of file pme_facade.hpp.

Member Function Documentation

◆ authorise()

void signet::forge::crypto::EncryptedReaderOptions::authorise ( const std::string &  column_name)
inline

Authorise a column for reading.

Definition at line 277 of file pme_facade.hpp.

◆ build_config()

EncryptionConfig signet::forge::crypto::EncryptedReaderOptions::build_config ( const KeyHandle master_key) const
inline

Build the low-level EncryptionConfig for decryption.

Only derives keys for authorised columns.

Definition at line 292 of file pme_facade.hpp.

◆ classify()

void signet::forge::crypto::EncryptedReaderOptions::classify ( const std::string &  column_name,
ColumnClassification  cls 
)
inline

Classify a column (must match writer classification for correct HKDF).

Definition at line 272 of file pme_facade.hpp.

◆ is_authorised()

bool signet::forge::crypto::EncryptedReaderOptions::is_authorised ( const std::string &  column_name) const
inline

Check if a column is authorised for this reader.

Definition at line 282 of file pme_facade.hpp.

Member Data Documentation

◆ aad_prefix

std::string signet::forge::crypto::EncryptedReaderOptions::aad_prefix = "signet-forge-pme"

AAD prefix (must match writer).

Definition at line 261 of file pme_facade.hpp.

◆ algorithm

EncryptionAlgorithm signet::forge::crypto::EncryptedReaderOptions::algorithm = EncryptionAlgorithm::AES_GCM_CTR_V1

Algorithm must match the writer's algorithm.

Definition at line 255 of file pme_facade.hpp.

◆ authorised_columns

std::vector<std::string> signet::forge::crypto::EncryptedReaderOptions::authorised_columns

Authorised columns for this reader.

If empty, all columns are authorised (full access). If non-empty, only listed columns can be decrypted — others return an error on read.

Definition at line 269 of file pme_facade.hpp.

◆ column_classes

std::unordered_map<std::string, ColumnClassification> signet::forge::crypto::EncryptedReaderOptions::column_classes

Column classifications (must match writer for correct key derivation).

Definition at line 264 of file pme_facade.hpp.

◆ encrypted_footer

bool signet::forge::crypto::EncryptedReaderOptions::encrypted_footer = true

Whether the footer was encrypted (must match writer).

Definition at line 258 of file pme_facade.hpp.

The documentation for this struct was generated from the following file: