Struct KeyEpochManager 

pub struct KeyEpochManager { /* private fields */ }

Manages encryption key epochs with lease-scoped lifecycle.

Each epoch generates a fresh key and records a MemRegionLocator describing where the key material lives in leased memory. When an epoch expires, its key becomes inaccessible — enforcing fail-closed semantics.

Implementations

impl KeyEpochManager

pub fn new(crypto: Box<dyn CryptoBackend>) -> Self

Create a new manager with the given crypto backend.

pub fn create_epoch( &mut self, now: u64, ttl_secs: u64, ) -> Result<EpochId, SecureStoreError>

Create a new key epoch that becomes the active epoch.

Generates a fresh key via the crypto backend and records a locator for the key material. Any previously active epoch is transitioned to EpochStatus::Rotating.

pub fn active_epoch(&self) -> Option<&EpochInfo>

Return the currently active epoch, if any.

pub fn rotate( &mut self, now: u64, new_ttl_secs: u64, ) -> Result<EpochId, SecureStoreError>

Rotate keys: create a new active epoch and mark the old one as Rotating.

The old epoch’s key remains accessible for decryption until expire_old is called.

pub fn renew_active( &mut self, duration_secs: u64, ) -> Result<u64, SecureStoreError>

Renew the active epoch by extending its expires_at.

Returns the new expires_at on success, or SecureStoreError::NoActiveEpoch if no epoch is active.

pub fn expire_old(&mut self, now: u64)

Expire epochs whose expires_at is at or before now.

Expired epochs have their keys zeroed and status set to EpochStatus::Expired. Subsequent calls to get_key for these epochs will fail closed.

pub fn get_key(&self, epoch_id: EpochId) -> Result<&[u8], SecureStoreError>

Retrieve the key material for a given epoch.

Fails closed if the epoch is expired, missing, or has zeroed key material.

pub fn get_epoch(&self, epoch_id: EpochId) -> Option<&EpochInfo>

Return the epoch info for a given epoch ID, if it exists.

pub fn epoch_count(&self) -> usize

Total number of epochs (active, rotating, and expired).