Skip to main content

DpopNonceStore

chio_kernel::dpop

Struct DpopNonceStore

pub struct DpopNonceStore { /* private fields */ }

Expand description

In-memory LRU nonce replay store.

Keys are (nonce, capability_id) pairs. Values are the Instant when the nonce was first seen. A nonce is rejected if it is still within the TTL window when seen a second time.

This is intentionally synchronous (no async) and uses std::sync::Mutex so it integrates cleanly into the Guard pipeline.

Implementations§

impl DpopNonceStore

pub fn new(capacity: usize, ttl: Duration) -> Self

Create a new nonce store.

capacity is the maximum number of (nonce, capability_id) pairs to remember. ttl is how long a nonce is considered “live” after first use. After the TTL elapses, the same nonce can be used again.

pub fn check_and_insert( &self, nonce: &str, capability_id: &str, ) -> Result<bool, KernelError>

Check a nonce and insert it if not already live.

Returns Ok(true) if the nonce is fresh (accepted). Returns Ok(false) if the nonce was already used within the TTL window (rejected – replay detected). Returns Err if the internal mutex is poisoned (fail-closed: deny).

Auto Trait Implementations§

impl !Freeze for DpopNonceStore

impl RefUnwindSafe for DpopNonceStore

impl Send for DpopNonceStore

impl Sync for DpopNonceStore

impl Unpin for DpopNonceStore

impl UnsafeUnpin for DpopNonceStore

impl UnwindSafe for DpopNonceStore

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> PolicyExt for T
where T: ?Sized,

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more