Signet Forge 0.1.1
C++20 Parquet library with AI-native extensions
 DEMO
Loading...
Searching...
No Matches
Public Member Functions | Public Attributes | List of all members
signet::forge::crypto::EncryptedWriterOptions Struct Reference

High-level encryption options for ParquetWriter. More...

#include <pme_facade.hpp>

Public Member Functions

void classify (const std::string &column_name, ColumnClassification cls)
 Classify a column for encryption.
 
EncryptionConfig build_config (const KeyHandle &master_key) const
 Build the low-level EncryptionConfig from this facade.
 

Public Attributes

EncryptionAlgorithm algorithm = EncryptionAlgorithm::AES_GCM_CTR_V1
 Algorithm: GCM for both footer and columns (default), or GCM footer + CTR columns.
 
bool encrypt_footer = true
 Whether to encrypt the footer (true) or sign it with HMAC (false).
 
std::string aad_prefix = "signet-forge-pme"
 AAD prefix — typically a file URI or tenant identifier.
 
std::unordered_map< std::string, ColumnClassificationcolumn_classes
 Column classifications.
 

Detailed Description

High-level encryption options for ParquetWriter.

Wraps EncryptionConfig construction behind a safe API. The caller classifies columns and provides a KeyHandle; the facade derives per-column DEKs via HKDF and constructs the full EncryptionConfig.

Definition at line 183 of file pme_facade.hpp.

Member Function Documentation

◆ build_config()

EncryptionConfig signet::forge::crypto::EncryptedWriterOptions::build_config ( const KeyHandle master_key) const
inline

Build the low-level EncryptionConfig from this facade.

Derives per-column keys from the master key via HKDF-SHA256.

Parameters
master_keyOpaque handle holding the FMK (File Master Key).
Returns
EncryptionConfig ready for ParquetWriter.

Definition at line 207 of file pme_facade.hpp.

◆ classify()

void signet::forge::crypto::EncryptedWriterOptions::classify ( const std::string &  column_name,
ColumnClassification  cls 
)
inline

Classify a column for encryption.

Definition at line 198 of file pme_facade.hpp.

Member Data Documentation

◆ aad_prefix

std::string signet::forge::crypto::EncryptedWriterOptions::aad_prefix = "signet-forge-pme"

AAD prefix — typically a file URI or tenant identifier.

Definition at line 191 of file pme_facade.hpp.

◆ algorithm

EncryptionAlgorithm signet::forge::crypto::EncryptedWriterOptions::algorithm = EncryptionAlgorithm::AES_GCM_CTR_V1

Algorithm: GCM for both footer and columns (default), or GCM footer + CTR columns.

Definition at line 185 of file pme_facade.hpp.

◆ column_classes

std::unordered_map<std::string, ColumnClassification> signet::forge::crypto::EncryptedWriterOptions::column_classes

Column classifications.

Only FINANCIAL, PII, HEALTH, RESTRICTED columns are encrypted. REFERENCE columns are written in plaintext.

Definition at line 195 of file pme_facade.hpp.

◆ encrypt_footer

bool signet::forge::crypto::EncryptedWriterOptions::encrypt_footer = true

Whether to encrypt the footer (true) or sign it with HMAC (false).

Definition at line 188 of file pme_facade.hpp.

The documentation for this struct was generated from the following file: