[Question] Extending ICryptographicMaterialsCache support beyond AwsKmsHierarchicalKeyringΒ #2110
Description
Hello @lucasmcdonald3 π
We're currently preparing to migrate to AWS Encryption SDK V3, primarily to leverage support for RSA public key encryption via RawRsaKeyring β a feature not available in V2, where MasterKeyProvider requires private key access as well.
However, we're hitting a challenge around caching. In V2, caching is enabled through CachingCryptoMaterialsManager, which requires a CryptoMaterialsManager as the backing implementation. Unfortunately, DefaultCryptoMaterialsManager only supports MasterKeyProvider, not IKeyring, which is the interface for RawRsaKeyring. Meanwhile, in V3, as far as I know, caching is only supported for AwsKmsHierarchicalKeyring.
This creates a gap β there's currently no native way to enable caching for keyring-based encryption, even though RawRsaKeyring is ideal for public-only scenarios like event producers.
Question: Are there any plans to introduce first-class support for caching with keyrings β either by extending ICryptographicMaterialsCache support beyond AwsKmsHierarchicalKeyring, or through another mechanism?
In the short term, we're okay proceeding without caching, but knowing whether this is on the roadmap would help us assess the long-term impact or explore alternative approaches.
Thanks again for all the great work on this SDK! π