feat(rust): add dt parameter to encryption response#11
Merged
Conversation
This change makes it so the `cast_as` value from the encryption configuration is returned as the `dt` parameter in all encryption responses. The data type parameter makes it so encrypted data can be type casted without requiring access to the original configuration. This will allow the `cipherstash/protectphp` library to have automatic data type casting when decrypting data with this library. The `strum` crate was added for `CastAs` enum string serialization instead of relying on `serde` because it provides better performance for this use case. Rather than using `serde` to serialize the entire enum to JSON just to extract the string representation for a single parameter, `strum`'s dedicated `Display` derive macro allows direct string conversion with clean `snake_case` formatting while maintaining separate control over JSON serialization.
This change removes unnecessary invariant violation checks for `identifiers` and `cast_types` array access in `encrypt_bulk_inner`. Since these vectors are constructed in parallel from the same input using `fold`, they are guaranteed to have identical lengths. The loop bounds use the same length value, making these error checks redundant. The code now uses direct indexing (`&identifiers[index]` and `&cast_types[index]`) instead of `.get().ok_or_else()` patterns, improving readability and performance while maintaining the same safety guarantees through the construction logic.
This change refactors the tests for the `Encrypted` enum to provide more focused and valuable test coverage. Replaces the complex roundtrip serialization test with two JSON format tests that validate the structure and field mapping. The new tests verify specific JSON field names, values, and structure for both `Ciphertext` and `SteVec` variants. This approach tests the actual FFI contract rather than just basic serde functionality, improving test maintainability and relevance.
calvinbrewer
approved these changes
Jul 1, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This change makes it so the
cast_asvalue from the encryption configuration is returned as thedtparameter in all encryption responses. The data type parameter makes it so encrypted data can be type casted without requiring access to the original configuration. This will allow the cipherstash/protectphp library to have automatic data type detection during encryption (with optional overrides) and data type casting during decryption when using this library, for example:The
strumcrate was added forCastAsenum string serialization instead of relying onserdebecause it provides better performance for this use case. Rather than usingserdeto serialize the entire enum to JSON just to extract the string representation for a single parameter,strum's dedicatedDisplayderive macro allows direct string conversion withsnake_caseformatting while maintaining separate control over JSON serialization.