zerodds-security 1.0.0-rc.1

DDS-Security 1.1 Plugin-SPI fuer ZeroDDS: Authentication / AccessControl / Cryptographic / Logging / DataTagging Trait-Definitionen + Generic-Message-Topics + Token-Datenmodell.
Documentation
  • Coverage
  • 100%
    221 out of 221 items documented1 out of 113 items with examples
  • Size
  • Source code size: 111.4 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 3.78 MB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 11s Average build duration of successful builds.
  • all releases: 11s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • Homepage
  • zero-objects/zero-dds
    2 1 0
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • SandraK82

zerodds-security

License: Apache-2.0 docs.rs

DDS-Security 1.1 (formal/2018-04-01) Plugin-SPI fuer den ZeroDDS-Stack: Trait-Definitionen, Token- Datenmodell, Generic-Message-Topics. Pure-Rust + alloc. Safety classification: SAFE (trust-neutraler SPI-Layer).

Spec-Mapping

Spec Trait / Modul Konkrete Impl
§8.3 Authentication AuthenticationPlugin zerodds-security-pki
§8.4 Access Control AccessControlPlugin zerodds-security-permissions
§8.5 Cryptographic CryptographicPlugin zerodds-security-crypto
§8.6 Logging LoggingPlugin zerodds-security-logging
§8.7 Data Tagging DataTaggingPlugin zerodds-security-runtime

Coverage-Doc: docs/spec-coverage/dds-security-1.2.md (50 done / 0 partial / 0 open / 1 n/a, K6-Audit).

Was ist drin

Plugin-Traits (object-safe, Box<dyn Plugin>-erasable):

  • AuthenticationPlugin — Identity-Validation + Handshake.
  • AccessControlPlugin — Permissions-Check, Topic-Allow-/Deny.
  • CryptographicPlugin — Encrypt/Decrypt-Submessage + Key-Material + Receiver-Specific-MACs.
  • LoggingPlugin — Audit-Events.
  • DataTaggingPlugin — Built-in DataTagging (DDS-Security 1.2 §8.7).

Token-Datenmodell:

  • IdentityToken, PermissionsToken, CryptoToken, IdentityStatusToken.
  • DataHolder, BinaryProperty, WireProperty.

Generic Messages (DCPSParticipantStatelessMessage + DCPSParticipantVolatileMessageSecure):

  • ParticipantGenericMessage, MessageIdentity.
  • Topic-Konstanten: TOPIC_STATELESS_MESSAGE, TOPIC_VOLATILE_MESSAGE_SECURE, TYPE_NAME_GENERIC_MESSAGE.

Querschnitt:

  • Property, PropertyList — Plugin-Konfiguration via <participant_qos><property>.
  • security_topic_qos — Built-in-Security-Topic-QoS-Profile (§7.4.5).
  • SecurityError — alle Plugin-Fehler.
  • mock (Feature std) — Test-Mock-Plugins.

Schichten-Position

Layer 4 — Core Services (SPI-Crate). Pure-Rust + alloc, keine ZeroDDS-Crate-Deps. Wird von 7 weiteren Security-Crates konsumiert (security-pki, -crypto, -keyexchange, -permissions, -logging, -rtps, -runtime) plus von zerodds-discovery (Built-in-Endpoint-Slots) und zerodds-dcps (Feature security).

Quickstart

use zerodds_security::{AuthenticationPlugin, AccessControlPlugin};
use zerodds_security::mock::MockAuthenticationPlugin;

let auth: Box<dyn AuthenticationPlugin> = Box::new(MockAuthenticationPlugin::new());
// Use auth.validate_local_identity(...), auth.begin_handshake_request(...) etc.

Produktive Use-Cases bauen die echten Plugins (security-pki, etc.) und stecken sie via Box<dyn Plugin> in den DCPS-Participant.

Feature-Flags

Feature Default Zweck
std Mutex + Thread-Safe Mock
alloc ✅ via std Vec/String
safety Reserve-Hook

Stabilitaet

1.0.0-rc.1 ist API-frozen — Breaking Changes erfordern v2.0-Major-Bump. Semver-Patch + Minor duerfen nur neue Methoden mit Default-Body oder non-breaking Enum-Varianten hinzufuegen. Diese Frozen-Pledge ist verbindlich, weil 7 Schwester-Crates + dcps + discovery von dem SPI abhaengen.

Tests

cargo test -p zerodds-security

39 Unit-Tests + 1 Doc-Test grün.

Lizenz

Apache-2.0. Siehe LICENSE.

Siehe auch