simplify encryption parameters

avinassh · avinassh · commit ce853e671d2a · 2025-07-04T20:36:26.000+05:30
diff --git a/libsql/src/database.rs b/libsql/src/database.rs
@@ -710,7 +710,7 @@ impl Database {
                             connector.clone(),
                             None,
                             None,
-                            remote_encryption.clone()
+                            remote_encryption.clone(),
                         ),
                         read_your_writes: *read_your_writes,
                         context: db.sync_ctx.clone().unwrap(),
diff --git a/libsql/src/hrana/hyper.rs b/libsql/src/hrana/hyper.rs
@@ -70,7 +70,7 @@ impl HttpSender {
         if let Some(remote_encryption) = &self.remote_encryption {
             req_builder = req_builder.header(
                 "x-turso-encryption-key",
-                remote_encryption.key_16_bytes_base64_encoded.as_str(),
+                remote_encryption.key_32_bytes_base64_encoded.as_str(),
             );
         }
 
diff --git a/libsql/src/sync.rs b/libsql/src/sync.rs
@@ -121,11 +121,7 @@ struct PushFramesResult {
 #[derive(Debug, Clone)]
 pub struct EncryptionContext {
     /// The base64-encoded key for the encryption, sent on every request.
-    pub key_16_bytes_base64_encoded: String,
-    /// Whether the pushed frames are already encrypted.
-    pub push_is_encrypted: bool,
-    /// Whether to request the server to decrypt the pulled frames.
-    pub decrypt_pull: bool,
+    pub key_32_bytes_base64_encoded: String,
 }
 
 pub struct SyncContext {
@@ -318,13 +314,10 @@ impl SyncContext {
             }
 
             if let Some(remote_encryption) = &self.remote_encryption {
-                if remote_encryption.decrypt_pull {
-                    req = req.header("x-turso-decrypt-response", "true");
-                }
-                if remote_encryption.push_is_encrypted {
-                    req = req.header("x-turso-encrypted-request", "true");
-                }
-                req = req.header("x-turso-encryption-key", remote_encryption.key_16_bytes_base64_encoded.as_str());
+                req = req.header(
+                    "x-turso-encryption-key",
+                    remote_encryption.key_32_bytes_base64_encoded.as_str(),
+                );
             }
 
             let req = req.body(body.clone().into()).expect("valid body");
@@ -439,13 +432,10 @@ impl SyncContext {
             }
 
             if let Some(remote_encryption) = &self.remote_encryption {
-                if remote_encryption.decrypt_pull {
-                    req = req.header("x-turso-decrypt-response", "true");
-                }
-                if remote_encryption.push_is_encrypted {
-                    req = req.header("x-turso-encrypted-request", "true");
-                }
-                req = req.header("x-turso-encryption-key", remote_encryption.key_16_bytes_base64_encoded.as_str());
+                req = req.header(
+                    "x-turso-encryption-key",
+                    remote_encryption.key_32_bytes_base64_encoded.as_str(),
+                );
             }
 
             let req = req.body(Body::empty()).expect("valid request");
@@ -612,13 +602,10 @@ impl SyncContext {
         }
 
         if let Some(remote_encryption) = &self.remote_encryption {
-            if remote_encryption.decrypt_pull {
-                req = req.header("x-turso-decrypt-response", "true");
-            }
-            if remote_encryption.push_is_encrypted {
-                req = req.header("x-turso-encrypted-request", "true");
-            }
-            req = req.header("x-turso-encryption-key", remote_encryption.key_16_bytes_base64_encoded.as_str());
+            req = req.header(
+                "x-turso-encryption-key",
+                remote_encryption.key_32_bytes_base64_encoded.as_str(),
+            );
         }
 
         let req = req.body(Body::empty()).expect("valid request");
@@ -718,13 +705,10 @@ impl SyncContext {
         }
 
         if let Some(remote_encryption) = &self.remote_encryption {
-            if remote_encryption.decrypt_pull {
-                req = req.header("x-turso-decrypt-response", "true");
-            }
-            if remote_encryption.push_is_encrypted {
-                req = req.header("x-turso-encrypted-request", "true");
-            }
-            req = req.header("x-turso-encryption-key", remote_encryption.key_16_bytes_base64_encoded.as_str());
+            req = req.header(
+                "x-turso-encryption-key",
+                remote_encryption.key_32_bytes_base64_encoded.as_str(),
+            );
         }
 
         let req = req.body(Body::empty()).expect("valid request");

Original file line number	Diff line number	Diff line change
`@@ -70,7 +70,7 @@ impl HttpSender {`
`70`	`70`	`if let Some(remote_encryption) = &self.remote_encryption {`
`71`	`71`	`req_builder = req_builder.header(`
`72`	`72`	`"x-turso-encryption-key",`
`73`		`- remote_encryption.key_16_bytes_base64_encoded.as_str(),`
	`73`	`+ remote_encryption.key_32_bytes_base64_encoded.as_str(),`
`74`	`74`	`);`
`75`	`75`	`}`
`76`	`76`