Skip to main content

ShieldChannel

shield_core::channel

Struct ShieldChannel 

Source 
pub struct ShieldChannel<S> { /* private fields */ }
Expand description

Shield secure channel for encrypted communication.

Provides TLS-like security using only symmetric cryptography:

  • PAKE handshake establishes shared key from password
  • RatchetSession provides forward secrecy
  • All messages authenticated with HMAC

Implementations§

Source§

impl<S: Read + Write> ShieldChannel<S>

Source

pub fn connect(stream: S, config: &ChannelConfig) -> Result<Self>

Connect as client (initiator).

Performs PAKE handshake and establishes encrypted channel.

§Arguments
  • stream - Underlying transport (TCP, etc.)
  • config - Channel configuration with shared password
Source

pub fn accept(stream: S, config: &ChannelConfig) -> Result<Self>

Accept connection as server.

Waits for client handshake and establishes encrypted channel.

§Arguments
  • stream - Underlying transport (TCP, etc.)
  • config - Channel configuration with shared password
Source

pub fn send(&mut self, data: &[u8]) -> Result<()>

Send encrypted message.

Message is encrypted with current ratchet key, then key advances.

Source

pub fn recv(&mut self) -> Result<Vec<u8>>

Receive and decrypt message.

Verifies authentication and advances receive ratchet.

Source

pub fn service(&self) -> &str

Get service identifier.

Source

pub fn messages_sent(&self) -> u64

Get send message count.

Source

pub fn messages_received(&self) -> u64

Get receive message count.

Source

pub fn into_inner(self) -> S

Get underlying stream (for shutdown, etc.)

Source§

impl ShieldChannel<TcpStream>

Source

pub fn connect_tcp(stream: TcpStream, config: &ChannelConfig) -> Result<Self>

Connect as client with handshake timeout enforcement.

Sets socket read/write timeouts during handshake, then clears them so post-handshake messaging is not affected.

Source

pub fn accept_tcp(stream: TcpStream, config: &ChannelConfig) -> Result<Self>

Accept connection as server with handshake timeout enforcement.

Sets socket read/write timeouts during handshake, then clears them so post-handshake messaging is not affected.

Auto Trait Implementations§

§

impl<S> Freeze for ShieldChannel<S>
where S: Freeze,

§

impl<S> RefUnwindSafe for ShieldChannel<S>
where S: RefUnwindSafe,

§

impl<S> Send for ShieldChannel<S>
where S: Send,

§

impl<S> Sync for ShieldChannel<S>
where S: Sync,

§

impl<S> Unpin for ShieldChannel<S>
where S: Unpin,

§

impl<S> UnsafeUnpin for ShieldChannel<S>
where S: UnsafeUnpin,

§

impl<S> UnwindSafe for ShieldChannel<S>
where S: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.