gemstone_utils.types¶
Shared types for field encryption and wrapped key material.
- class gemstone_utils.types.KeyContext(keyid, key, alg=<factory>)[source]¶
Bases:
objectActive data key context for field encryption.
- Variables:
- Parameters:
- class gemstone_utils.types.KeyRecord(keyid, alg, encrypted_key, params=<factory>)[source]¶
Bases:
objectEncrypted key material and metadata for wrap/unwrap operations.
Applications construct instances from their own storage layer.
paramsmatches the JSON params segment in the encrypted-field wire format.- Variables:
keyid (str | None) – Logical DEK id (canonical UUID string), or
Nonefor a KEK-check (canary) blob that is not a DEK.alg (str) – Symmetric wrap algorithm id.
encrypted_key (bytes) – Ciphertext blob (algorithm-specific layout).
params (Dict[str, Any]) – Per-algorithm parameters persisted alongside the blob.
- Parameters: