pulsar-client 1.15.0 → 1.16.0

package/.vscode/extensions.json

@@ -0,0 +1,7 @@
+{
+  "recommendations": [
+    "Orta.vscode-jest",
+    "firsttris.vscode-jest-runner"
+  ]
+}
+

package/.vscode/launch.json

@@ -0,0 +1,91 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Debug examples/consumer.js",
+      "program": "${workspaceFolder}/examples/consumer.js",
+      "cwd": "${workspaceFolder}",
+      "console": "integratedTerminal",
+      "skipFiles": [
+        "<node_internals>/**"
+      ]
+    },
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Debug consumer.js (pause on start)",
+      "program": "${workspaceFolder}/examples/consumer.js",
+      "cwd": "${workspaceFolder}",
+      "runtimeArgs": ["--inspect-brk"],
+      "console": "integratedTerminal",
+      "skipFiles": [
+        "<node_internals>/**"
+      ]
+    },
+    {
+      "type": "node",
+      "request": "attach",
+      "name": "Attach to Node (9229)",
+      "port": 9229,
+      "restart": false
+    },
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Debug examples/producer.js",
+      "program": "${workspaceFolder}/examples/producer.js",
+      "cwd": "${workspaceFolder}",
+      "console": "integratedTerminal",
+      "skipFiles": [
+        "<node_internals>/**"
+      ]
+    },
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Debug producer.js (pause on start, port 9230)",
+      "program": "${workspaceFolder}/examples/producer.js",
+      "cwd": "${workspaceFolder}",
+      "runtimeArgs": ["--inspect-brk=9230"],
+      "console": "integratedTerminal",
+      "skipFiles": [
+        "<node_internals>/**"
+      ]
+    },
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Debug Active File",
+      "program": "${file}",
+      "cwd": "${workspaceFolder}",
+      "console": "integratedTerminal",
+      "skipFiles": [
+        "<node_internals>/**"
+      ]
+    },
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Debug Active File (pause on start)",
+      "program": "${file}",
+      "cwd": "${workspaceFolder}",
+      "runtimeArgs": ["--inspect-brk"],
+      "console": "integratedTerminal",
+      "skipFiles": [
+        "<node_internals>/**"
+      ]
+    }
+  ],
+  "compounds": [
+    {
+      "name": "Debug Consumer + Producer",
+      "configurations": [
+        "Debug examples/consumer.js",
+        "Debug examples/producer.js"
+      ]
+    }
+  ]
+}

package/binding.gyp

@@ -21,9 +21,9 @@
   "targets": [
     {
       "target_name": "pulsar",
-      "cflags_cc": ["-std=gnu++11", "-fvisibility=hidden"],
+      "cflags_cc": ["-std=gnu++17", "-fvisibility=hidden"],
       "cflags!": ["-fno-exceptions"],
-      "cflags_cc!": ["-fno-exceptions", "-std=gnu++14", "-std=gnu++17"],
+      "cflags_cc!": ["-fno-exceptions"],
       "include_dirs": [
         "<!@(node -p \"require('node-addon-api').include\")",
       ],
@@ -41,7 +41,8 @@
         "src/ConsumerConfig.cc",
         "src/Reader.cc",
         "src/ReaderConfig.cc",
-        "src/ThreadSafeDeferred.cc"
+        "src/ThreadSafeDeferred.cc",
+        "src/CryptoKeyReader.cc"
       ],
       'conditions': [
         ['OS=="mac"', {
@@ -49,7 +50,7 @@
             'GCC_ENABLE_CPP_EXCEPTIONS': 'YES',
             'GCC_ENABLE_CPP_RTTI': 'YES',
             'MACOSX_DEPLOYMENT_TARGET': '11.0',
-            'CLANG_CXX_LANGUAGE_STANDARD': 'gnu++11',
+            'CLANG_CXX_LANGUAGE_STANDARD': 'gnu++17',
             'OTHER_CFLAGS': [
                 "-fPIC",
             ]

package/index.d.ts

@@ -27,6 +27,8 @@ export interface ClientConfig {
   concurrentLookupRequest?: number;
   useTls?: boolean;
   tlsTrustCertsFilePath?: string;
+  tlsCertificateFilePath?: string;
+  tlsPrivateKeyFilePath?: string;
   tlsValidateHostname?: boolean;
   tlsAllowInsecureConnection?: boolean;
   statsIntervalInSeconds?: number;
@@ -63,6 +65,8 @@ export interface ProducerConfig {
   properties?: { [key: string]: string };
   publicKeyPath?: string;
   encryptionKey?: string;
+  encryptionKeys?: string[];
+  cryptoKeyReader?: CryptoKeyReader;
   cryptoFailureAction?: ProducerCryptoFailureAction;
   chunkingEnabled?: boolean;
   schema?: SchemaInfo;
@@ -97,6 +101,7 @@ export interface ConsumerConfig {
   listener?: (message: Message, consumer: Consumer) => void;
   readCompacted?: boolean;
   privateKeyPath?: string;
+  cryptoKeyReader?: CryptoKeyReader;
   cryptoFailureAction?: ConsumerCryptoFailureAction;
   maxPendingChunkedMessage?: number;
   autoAckOldestChunkedMessageOnQueueFull?: number;
@@ -168,6 +173,8 @@ export class Message {
   getRedeliveryCount(): number;
   getPartitionKey(): string;
   getOrderingKey(): string;
+  getProducerName(): string;
+  getEncryptionContext(): EncryptionContext | null;
 }
 
 export class MessageId {
@@ -195,6 +202,22 @@ export interface TopicMetadata {
  */
 export type MessageRouter = (message: Message, topicMetadata: TopicMetadata) => number;
 
+export interface EncryptionKey {
+  key: string;
+  value: Buffer;
+  metadata: { [key: string]: string };
+}
+
+export interface EncryptionContext {
+  keys: EncryptionKey[];
+  param: Buffer;
+  algorithm: string;
+  compressionType: CompressionType;
+  uncompressedMessageSize: number;
+  batchSize: number;
+  isDecryptionFailed: boolean;
+}
+
 export interface SchemaInfo {
   schemaType: SchemaType;
   name?: string;
@@ -282,6 +305,16 @@ export class AuthenticationBasic {
   });
 }
 
+export interface EncryptionKeyInfo {
+  key: Buffer;
+  metadata: { [key: string]: string };
+}
+
+export class CryptoKeyReader {
+  getPublicKey(keyName: string, metadata: { [key: string]: string }): EncryptionKeyInfo;
+  getPrivateKey(keyName: string, metadata: { [key: string]: string }): EncryptionKeyInfo;
+}
+
 export enum LogLevel {
   DEBUG = 0,
   INFO = 1,
@@ -300,6 +333,7 @@ export type HashingScheme =
   'JavaStringHash';
 
 export type CompressionType =
+  'None' |
   'Zlib' |
   'LZ4' |
   'ZSTD' |

package/index.js

@@ -37,6 +37,7 @@ const Pulsar = {
   Client,
   Message: PulsarBinding.Message,
   MessageId: PulsarBinding.MessageId,
+  CryptoKeyReader: PulsarBinding.CryptoKeyReader,
   AuthenticationTls,
   AuthenticationAthenz,
   AuthenticationToken,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pulsar-client",
-  "version": "1.15.0",
+  "version": "1.16.0",
   "description": "Pulsar Node.js client",
   "main": "index.js",
   "types": "index.d.ts",

package/pulsar-client-cpp.txt

@@ -1,2 +1,2 @@
-CPP_CLIENT_BASE_URL=https://archive.apache.org/dist/pulsar/pulsar-client-cpp-3.7.0
-CPP_CLIENT_VERSION=3.7.0
+CPP_CLIENT_BASE_URL=https://archive.apache.org/dist/pulsar/pulsar-client-cpp-4.0.0
+CPP_CLIENT_VERSION=4.0.0

package/src/Client.cc

@@ -39,6 +39,8 @@ static const std::string CFG_USE_TLS = "useTls";
 static const std::string CFG_TLS_TRUST_CERT = "tlsTrustCertsFilePath";
 static const std::string CFG_TLS_VALIDATE_HOSTNAME = "tlsValidateHostname";
 static const std::string CFG_TLS_ALLOW_INSECURE = "tlsAllowInsecureConnection";
+static const std::string CFG_TLS_CERT_FILE = "tlsCertificateFilePath";
+static const std::string CFG_TLS_PRIVATE_KEY_FILE = "tlsPrivateKeyFilePath";
 static const std::string CFG_STATS_INTERVAL = "statsIntervalInSeconds";
 static const std::string CFG_LOG = "log";
 static const std::string CFG_LOG_LEVEL = "logLevel";
@@ -196,6 +198,18 @@ Client::Client(const Napi::CallbackInfo &info) : Napi::ObjectWrap<Client>(info)
                                                               tlsTrustCertsFilePath.Utf8Value().c_str());
   }
 
+  if (clientConfig.Has(CFG_TLS_CERT_FILE) && clientConfig.Get(CFG_TLS_CERT_FILE).IsString()) {
+    Napi::String tlsCertFilePath = clientConfig.Get(CFG_TLS_CERT_FILE).ToString();
+    pulsar_client_configuration_set_tls_certificate_file_path(cClientConfig.get(),
+                                                              tlsCertFilePath.Utf8Value().c_str());
+  }
+
+  if (clientConfig.Has(CFG_TLS_PRIVATE_KEY_FILE) && clientConfig.Get(CFG_TLS_PRIVATE_KEY_FILE).IsString()) {
+    Napi::String tlsPrivateKeyFilePath = clientConfig.Get(CFG_TLS_PRIVATE_KEY_FILE).ToString();
+    pulsar_client_configuration_set_tls_private_key_file_path(cClientConfig.get(),
+                                                              tlsPrivateKeyFilePath.Utf8Value().c_str());
+  }
+
   if (clientConfig.Has(CFG_TLS_VALIDATE_HOSTNAME) &&
       clientConfig.Get(CFG_TLS_VALIDATE_HOSTNAME).IsBoolean()) {
     Napi::Boolean tlsValidateHostname = clientConfig.Get(CFG_TLS_VALIDATE_HOSTNAME).ToBoolean();

package/src/ConsumerConfig.cc

@@ -20,6 +20,7 @@
 #include "ConsumerConfig.h"
 #include "Consumer.h"
 #include "SchemaInfo.h"
+#include "CryptoKeyReader.h"
 #include "Message.h"
 #include "pulsar/ConsumerConfiguration.h"
 #include <pulsar/c/consumer_configuration.h>
@@ -60,6 +61,7 @@ static const std::string CFG_KEY_SHARED_POLICY = "keySharedPolicy";
 static const std::string CFG_KEY_SHARED_POLICY_MODE = "keyShareMode";
 static const std::string CFG_KEY_SHARED_POLICY_ALLOW_OUT_OF_ORDER = "allowOutOfOrderDelivery";
 static const std::string CFG_KEY_SHARED_POLICY_STICKY_RANGES = "stickyRanges";
+static const std::string CFG_CRYPTO_KEY_READER = "cryptoKeyReader";
 
 static const std::map<std::string, pulsar_consumer_type> SUBSCRIPTION_TYPE = {
     {"Exclusive", pulsar_ConsumerExclusive},
@@ -249,13 +251,21 @@ void ConsumerConfig::InitConfig(std::shared_ptr<ThreadSafeDeferred> deferred,
     std::string privateKeyPath = consumerConfig.Get(CFG_PRIVATE_KEY_PATH).ToString().Utf8Value();
     pulsar_consumer_configuration_set_default_crypto_key_reader(
         this->cConsumerConfig.get(), publicKeyPath.c_str(), privateKeyPath.c_str());
-    if (consumerConfig.Has(CFG_CRYPTO_FAILURE_ACTION) &&
-        consumerConfig.Get(CFG_CRYPTO_FAILURE_ACTION).IsString()) {
-      std::string cryptoFailureAction = consumerConfig.Get(CFG_CRYPTO_FAILURE_ACTION).ToString().Utf8Value();
-      if (CONSUMER_CRYPTO_FAILURE_ACTION.count(cryptoFailureAction)) {
-        pulsar_consumer_configuration_set_crypto_failure_action(
-            this->cConsumerConfig.get(), CONSUMER_CRYPTO_FAILURE_ACTION.at(cryptoFailureAction));
-      }
+  }
+
+  if (consumerConfig.Has(CFG_CRYPTO_KEY_READER) && consumerConfig.Get(CFG_CRYPTO_KEY_READER).IsObject()) {
+    Napi::Object cryptoKeyReaderObj = consumerConfig.Get(CFG_CRYPTO_KEY_READER).As<Napi::Object>();
+    CryptoKeyReader *cryptoKeyReader = Napi::ObjectWrap<CryptoKeyReader>::Unwrap(cryptoKeyReaderObj);
+    this->cConsumerConfig.get()->consumerConfiguration.setCryptoKeyReader(
+        cryptoKeyReader->GetCCryptoKeyReader());
+  }
+
+  if (consumerConfig.Has(CFG_CRYPTO_FAILURE_ACTION) &&
+      consumerConfig.Get(CFG_CRYPTO_FAILURE_ACTION).IsString()) {
+    std::string cryptoFailureAction = consumerConfig.Get(CFG_CRYPTO_FAILURE_ACTION).ToString().Utf8Value();
+    if (CONSUMER_CRYPTO_FAILURE_ACTION.count(cryptoFailureAction)) {
+      pulsar_consumer_configuration_set_crypto_failure_action(
+          this->cConsumerConfig.get(), CONSUMER_CRYPTO_FAILURE_ACTION.at(cryptoFailureAction));
     }
   }
 

package/src/CryptoKeyReader.cc

@@ -0,0 +1,151 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#include "CryptoKeyReader.h"
+#include <pulsar/Result.h>
+#include <pulsar/EncryptionKeyInfo.h>
+#include <thread>
+#include <future>
+
+class CryptoKeyReaderWrapper : public pulsar::CryptoKeyReader {
+ public:
+  CryptoKeyReaderWrapper(const Napi::Object& jsObject) : mainThreadId_(std::this_thread::get_id()) {
+    jsObject_.Reset(jsObject, 1);
+    tsfn_ = Napi::ThreadSafeFunction::New(
+        jsObject.Env(), Napi::Function::New(jsObject.Env(), [](const Napi::CallbackInfo& info) {}), jsObject,
+        "CryptoKeyReader", 0, 1);
+  }
+
+  ~CryptoKeyReaderWrapper() { tsfn_.Release(); }
+
+  pulsar::Result getPublicKey(const std::string& keyName, std::map<std::string, std::string>& metadata,
+                              pulsar::EncryptionKeyInfo& encKeyInfo) const override {
+    return executeCallback("getPublicKey", keyName, metadata, encKeyInfo);
+  }
+
+  pulsar::Result getPrivateKey(const std::string& keyName, std::map<std::string, std::string>& metadata,
+                               pulsar::EncryptionKeyInfo& encKeyInfo) const override {
+    return executeCallback("getPrivateKey", keyName, metadata, encKeyInfo);
+  }
+
+ private:
+  Napi::ObjectReference jsObject_;
+  Napi::ThreadSafeFunction tsfn_;
+  std::thread::id mainThreadId_;
+
+  static void parseEncryptionKeyInfo(const Napi::Object& obj, pulsar::EncryptionKeyInfo& info) {
+    if (obj.Has("key") && obj.Get("key").IsBuffer()) {
+      Napi::Buffer<char> keyBuf = obj.Get("key").As<Napi::Buffer<char>>();
+      info.setKey(std::string(keyBuf.Data(), keyBuf.Length()));
+    }
+    if (obj.Has("metadata") && obj.Get("metadata").IsObject()) {
+      std::map<std::string, std::string> metadata;
+      Napi::Object metaObj = obj.Get("metadata").As<Napi::Object>();
+      Napi::Array keys = metaObj.GetPropertyNames();
+      for (uint32_t i = 0; i < keys.Length(); i++) {
+        std::string k = keys.Get(i).ToString().Utf8Value();
+        std::string v = metaObj.Get(k).ToString().Utf8Value();
+        metadata[k] = v;
+      }
+      info.setMetadata(metadata);
+    }
+  }
+
+  pulsar::Result callJsMethod(Napi::Env env, const std::string& method, const std::string& keyName,
+                              const std::map<std::string, std::string>& metadata,
+                              pulsar::EncryptionKeyInfo& encKeyInfo) const {
+    Napi::HandleScope scope(env);
+
+    if (jsObject_.IsEmpty()) {
+      return pulsar::Result::ResultCryptoError;
+    }
+    Napi::Object obj = jsObject_.Value();
+
+    if (!obj.Has(method)) {
+      return pulsar::Result::ResultCryptoError;
+    }
+    Napi::Value funcVal = obj.Get(method);
+    if (!funcVal.IsFunction()) {
+      return pulsar::Result::ResultCryptoError;
+    }
+    Napi::Function func = funcVal.As<Napi::Function>();
+
+    Napi::Object metadataObj = Napi::Object::New(env);
+    for (const auto& kv : metadata) {
+      metadataObj.Set(kv.first, kv.second);
+    }
+
+    try {
+      Napi::Value result = func.Call(obj, {Napi::String::New(env, keyName), metadataObj});
+      if (result.IsObject()) {
+        parseEncryptionKeyInfo(result.As<Napi::Object>(), encKeyInfo);
+        return pulsar::Result::ResultOk;
+      }
+    } catch (const Napi::Error& e) {
+      return pulsar::Result::ResultCryptoError;
+    } catch (...) {
+      return pulsar::Result::ResultCryptoError;
+    }
+    return pulsar::Result::ResultCryptoError;
+  }
+
+  pulsar::Result executeCallback(const std::string& method, const std::string& keyName,
+                                 std::map<std::string, std::string>& metadata,
+                                 pulsar::EncryptionKeyInfo& encKeyInfo) const {
+    if (std::this_thread::get_id() == mainThreadId_) {
+      return callJsMethod(jsObject_.Env(), method, keyName, metadata, encKeyInfo);
+    } else {
+      auto promise = std::make_shared<std::promise<pulsar::Result>>();
+      auto future = promise->get_future();
+
+      napi_status status = tsfn_.BlockingCall([this, promise, &method, &keyName, &metadata, &encKeyInfo](
+                                                  Napi::Env env, Napi::Function jsCallback) {
+        promise->set_value(callJsMethod(env, method, keyName, metadata, encKeyInfo));
+      });
+
+      if (status != napi_ok) {
+        return pulsar::Result::ResultCryptoError;
+      }
+
+      future.wait();
+      return future.get();
+    }
+  }
+};
+
+Napi::FunctionReference CryptoKeyReader::constructor;
+
+void CryptoKeyReader::Init(Napi::Env env, Napi::Object exports) {
+  Napi::HandleScope scope(env);
+
+  Napi::Function func = DefineClass(env, "CryptoKeyReader", {});
+
+  constructor = Napi::Persistent(func);
+  constructor.SuppressDestruct();
+
+  exports.Set("CryptoKeyReader", func);
+}
+
+CryptoKeyReader::CryptoKeyReader(const Napi::CallbackInfo& info) : Napi::ObjectWrap<CryptoKeyReader>(info) {}
+
+CryptoKeyReader::~CryptoKeyReader() {}
+
+std::shared_ptr<pulsar::CryptoKeyReader> CryptoKeyReader::GetCCryptoKeyReader() {
+  return std::make_shared<CryptoKeyReaderWrapper>(Value());
+}

package/src/CryptoKeyReader.h

@@ -0,0 +1,38 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef CRYPTO_KEY_READER_H
+#define CRYPTO_KEY_READER_H
+
+#include <napi.h>
+#include <pulsar/CryptoKeyReader.h>
+
+class CryptoKeyReader : public Napi::ObjectWrap<CryptoKeyReader> {
+ public:
+  static void Init(Napi::Env env, Napi::Object exports);
+  static Napi::Object NewInstance(const Napi::CallbackInfo &info);
+  CryptoKeyReader(const Napi::CallbackInfo &info);
+  ~CryptoKeyReader();
+  std::shared_ptr<pulsar::CryptoKeyReader> GetCCryptoKeyReader();
+
+ private:
+  static Napi::FunctionReference constructor;
+};
+
+#endif

package/src/Message.cc

@@ -20,6 +20,15 @@
 #include "Message.h"
 #include "MessageId.h"
 #include <pulsar/c/message.h>
+#include <pulsar/Message.h>
+#include <pulsar/MessageBuilder.h>
+#include <pulsar/EncryptionContext.h>
+#include <map>
+
+struct _pulsar_message {
+  pulsar::MessageBuilder builder;
+  pulsar::Message message;
+};
 
 static const std::string CFG_DATA = "data";
 static const std::string CFG_PROPS = "properties";
@@ -32,6 +41,12 @@ static const std::string CFG_DELIVER_AT = "deliverAt";
 static const std::string CFG_DISABLE_REPLICATION = "disableReplication";
 static const std::string CFG_ORDERING_KEY = "orderingKey";
 
+static const std::map<pulsar::CompressionType, std::string> COMPRESSION_TYPE_MAP = {
+    {pulsar::CompressionNone, "None"},     {pulsar::CompressionLZ4, "LZ4"},
+    {pulsar::CompressionZLib, "Zlib"},     {pulsar::CompressionZSTD, "ZSTD"},
+    {pulsar::CompressionSNAPPY, "SNAPPY"},
+};
+
 Napi::FunctionReference Message::constructor;
 
 Napi::Object Message::Init(Napi::Env env, Napi::Object exports) {
@@ -46,7 +61,9 @@ Napi::Object Message::Init(Napi::Env env, Napi::Object exports) {
        InstanceMethod("getEventTimestamp", &Message::GetEventTimestamp),
        InstanceMethod("getRedeliveryCount", &Message::GetRedeliveryCount),
        InstanceMethod("getPartitionKey", &Message::GetPartitionKey),
-       InstanceMethod("getOrderingKey", &Message::GetOrderingKey)});
+       InstanceMethod("getOrderingKey", &Message::GetOrderingKey),
+       InstanceMethod("getProducerName", &Message::GetProducerName),
+       InstanceMethod("getEncryptionContext", &Message::GetEncryptionContext)});
 
   constructor = Napi::Persistent(func);
   constructor.SuppressDestruct();
@@ -147,6 +164,62 @@ Napi::Value Message::GetOrderingKey(const Napi::CallbackInfo &info) {
   return Napi::String::New(env, pulsar_message_get_orderingKey(this->cMessage.get()));
 }
 
+Napi::Value Message::GetProducerName(const Napi::CallbackInfo &info) {
+  Napi::Env env = info.Env();
+  if (!ValidateCMessage(env)) {
+    return env.Null();
+  }
+  return Napi::String::New(env, pulsar_message_get_producer_name(this->cMessage.get()));
+}
+
+Napi::Value Message::GetEncryptionContext(const Napi::CallbackInfo &info) {
+  Napi::Env env = info.Env();
+  if (!ValidateCMessage(env)) {
+    return env.Null();
+  }
+
+  auto encCtxOpt = this->cMessage.get()->message.getEncryptionContext();
+  if (!encCtxOpt) {
+    return env.Null();
+  }
+
+  // getEncryptionContext returns std::optional<const EncryptionContext*>
+  const pulsar::EncryptionContext *encCtxPtr = *encCtxOpt;
+  if (!encCtxPtr) {
+    return env.Null();
+  }
+  const pulsar::EncryptionContext &encCtx = *encCtxPtr;
+
+  Napi::Object obj = Napi::Object::New(env);
+  Napi::Array keys = Napi::Array::New(env);
+  int i = 0;
+  for (const auto &keyInfo : encCtx.keys()) {
+    Napi::Object keyObj = Napi::Object::New(env);
+    keyObj.Set("key", Napi::String::New(env, keyInfo.key));
+    keyObj.Set("value", Napi::Buffer<char>::Copy(env, keyInfo.value.c_str(), keyInfo.value.length()));
+
+    Napi::Object metadataObj = Napi::Object::New(env);
+    for (const auto &meta : keyInfo.metadata) {
+      metadataObj.Set(meta.first, Napi::String::New(env, meta.second));
+    }
+    keyObj.Set("metadata", metadataObj);
+
+    keys.Set(i++, keyObj);
+  }
+  obj.Set("keys", keys);
+
+  obj.Set("param", Napi::Buffer<char>::Copy(env, encCtx.param().c_str(), encCtx.param().length()));
+  obj.Set("algorithm", Napi::String::New(env, encCtx.algorithm()));
+  const auto it = COMPRESSION_TYPE_MAP.find(encCtx.compressionType());
+  std::string compressionTypeStr = (it != COMPRESSION_TYPE_MAP.end()) ? it->second : "None";
+  obj.Set("compressionType", Napi::String::New(env, compressionTypeStr));
+  obj.Set("uncompressedMessageSize", Napi::Number::New(env, encCtx.uncompressedMessageSize()));
+  obj.Set("batchSize", Napi::Number::New(env, encCtx.batchSize()));
+  obj.Set("isDecryptionFailed", Napi::Boolean::New(env, encCtx.isDecryptionFailed()));
+
+  return obj;
+}
+
 bool Message::ValidateCMessage(Napi::Env env) {
   if (this->cMessage.get()) {
     return true;

package/src/Message.h

@@ -45,7 +45,9 @@ class Message : public Napi::ObjectWrap<Message> {
   Napi::Value GetEventTimestamp(const Napi::CallbackInfo &info);
   Napi::Value GetPartitionKey(const Napi::CallbackInfo &info);
   Napi::Value GetOrderingKey(const Napi::CallbackInfo &info);
+  Napi::Value GetProducerName(const Napi::CallbackInfo &info);
   Napi::Value GetRedeliveryCount(const Napi::CallbackInfo &info);
+  Napi::Value GetEncryptionContext(const Napi::CallbackInfo &info);
   bool ValidateCMessage(Napi::Env env);
 
   static char **NewStringArray(int size) { return (char **)calloc(sizeof(char *), size); }

package/src/ProducerConfig.cc

@@ -18,6 +18,7 @@
  */
 #include "SchemaInfo.h"
 #include "ProducerConfig.h"
+#include "CryptoKeyReader.h"
 #include "Message.h"
 #include <cstdio>
 #include <map>
@@ -45,6 +46,8 @@ static const std::string CFG_SCHEMA = "schema";
 static const std::string CFG_PROPS = "properties";
 static const std::string CFG_PUBLIC_KEY_PATH = "publicKeyPath";
 static const std::string CFG_ENCRYPTION_KEY = "encryptionKey";
+static const std::string CFG_ENCRYPTION_KEYS = "encryptionKeys";
+static const std::string CFG_CRYPTO_KEY_READER = "cryptoKeyReader";
 static const std::string CFG_CRYPTO_FAILURE_ACTION = "cryptoFailureAction";
 static const std::string CFG_CHUNK_ENABLED = "chunkingEnabled";
 static const std::string CFG_ACCESS_MODE = "accessMode";
@@ -67,10 +70,8 @@ static const std::map<std::string, pulsar_hashing_scheme> HASHING_SCHEME = {
 };
 
 static std::map<std::string, pulsar_compression_type> COMPRESSION_TYPE = {
-    {"Zlib", pulsar_CompressionZLib},
-    {"LZ4", pulsar_CompressionLZ4},
-    {"ZSTD", pulsar_CompressionZSTD},
-    {"SNAPPY", pulsar_CompressionSNAPPY},
+    {"None", pulsar_CompressionNone}, {"Zlib", pulsar_CompressionZLib},     {"LZ4", pulsar_CompressionLZ4},
+    {"ZSTD", pulsar_CompressionZSTD}, {"SNAPPY", pulsar_CompressionSNAPPY},
 };
 
 static std::map<std::string, pulsar_producer_crypto_failure_action> PRODUCER_CRYPTO_FAILURE_ACTION = {
@@ -239,15 +240,32 @@ ProducerConfig::ProducerConfig(const Napi::Object& producerConfig) : topic("") {
       std::string encryptionKey = producerConfig.Get(CFG_ENCRYPTION_KEY).ToString().Utf8Value();
       pulsar_producer_configuration_set_encryption_key(this->cProducerConfig.get(), encryptionKey.c_str());
     }
-    if (producerConfig.Has(CFG_CRYPTO_FAILURE_ACTION) &&
-        producerConfig.Get(CFG_CRYPTO_FAILURE_ACTION).IsString()) {
-      std::string cryptoFailureAction = producerConfig.Get(CFG_CRYPTO_FAILURE_ACTION).ToString().Utf8Value();
-      if (PRODUCER_CRYPTO_FAILURE_ACTION.count(cryptoFailureAction))
-        pulsar_producer_configuration_set_crypto_failure_action(
-            this->cProducerConfig.get(), PRODUCER_CRYPTO_FAILURE_ACTION.at(cryptoFailureAction));
+  }
+
+  if (producerConfig.Has(CFG_ENCRYPTION_KEYS) && producerConfig.Get(CFG_ENCRYPTION_KEYS).IsArray()) {
+    Napi::Array keys = producerConfig.Get(CFG_ENCRYPTION_KEYS).As<Napi::Array>();
+    for (uint32_t i = 0; i < keys.Length(); i++) {
+      if (keys.Get(i).IsString()) {
+        std::string key = keys.Get(i).ToString().Utf8Value();
+        this->cProducerConfig.get()->conf.addEncryptionKey(key);
+      }
     }
   }
 
+  if (producerConfig.Has(CFG_CRYPTO_KEY_READER) && producerConfig.Get(CFG_CRYPTO_KEY_READER).IsObject()) {
+    Napi::Object cryptoKeyReaderObj = producerConfig.Get(CFG_CRYPTO_KEY_READER).As<Napi::Object>();
+    CryptoKeyReader* cryptoKeyReader = Napi::ObjectWrap<CryptoKeyReader>::Unwrap(cryptoKeyReaderObj);
+    this->cProducerConfig.get()->conf.setCryptoKeyReader(cryptoKeyReader->GetCCryptoKeyReader());
+  }
+
+  if (producerConfig.Has(CFG_CRYPTO_FAILURE_ACTION) &&
+      producerConfig.Get(CFG_CRYPTO_FAILURE_ACTION).IsString()) {
+    std::string cryptoFailureAction = producerConfig.Get(CFG_CRYPTO_FAILURE_ACTION).ToString().Utf8Value();
+    if (PRODUCER_CRYPTO_FAILURE_ACTION.count(cryptoFailureAction))
+      pulsar_producer_configuration_set_crypto_failure_action(
+          this->cProducerConfig.get(), PRODUCER_CRYPTO_FAILURE_ACTION.at(cryptoFailureAction));
+  }
+
   if (producerConfig.Has(CFG_CHUNK_ENABLED) && producerConfig.Get(CFG_CHUNK_ENABLED).IsBoolean()) {
     bool chunkingEnabled = producerConfig.Get(CFG_CHUNK_ENABLED).ToBoolean().Value();
     pulsar_producer_configuration_set_chunking_enabled(this->cProducerConfig.get(), chunkingEnabled);

package/src/addon.cc

@@ -24,6 +24,7 @@
 #include "Consumer.h"
 #include "Client.h"
 #include "Reader.h"
+#include "CryptoKeyReader.h"
 #include <napi.h>
 
 Napi::Object InitAll(Napi::Env env, Napi::Object exports) {
@@ -33,6 +34,7 @@ Napi::Object InitAll(Napi::Env env, Napi::Object exports) {
   Producer::Init(env, exports);
   Consumer::Init(env, exports);
   Reader::Init(env, exports);
+  CryptoKeyReader::Init(env, exports);
   return Client::Init(env, exports);
 }