Skip to main content

AesGcmCryptoPlugin

zerodds_security_crypto

Struct AesGcmCryptoPlugin 

Source 
pub struct AesGcmCryptoPlugin { /* private fields */ }
Expand description

AES-GCM Crypto-Plugin. Keys werden in einem internen Slab gehalten; Lookup per CryptoHandle. Welche Suite lokal erzeugte Keys haben, bestimmt local_suite — Remote-Keys kommen mit ihrer eigenen Suite-ID via Token.

Implementations§

Source§

impl AesGcmCryptoPlugin

Source

pub fn new() -> Self

Konstruktor mit Default-Suite AES-GCM-128.

Source

pub fn with_suite(suite: Suite) -> Self

Konstruktor mit expliziter Suite (Aes128Gcm oder Aes256Gcm).

Source

pub fn with_secret_provider( suite: Suite, provider: Arc<dyn SharedSecretProvider>, ) -> Self

Baut einen Plugin-Slot mit echtem DH-abgeleiteten Per-Peer-Key . Der SharedSecretProvider liefert die rohen Bytes aus einem abgeschlossenen Authentication-Handshake; wir leiten via HKDF-SHA256 einen deterministischen Master-Key ab, den beide Seiten ohne Token-Exchange berechnen koennen.

Mit Provider: register_matched_remote_participant nutzt den uebergebenen SharedSecretHandle, um den Per-Peer-Key aus dem PKI-Handshake zu ziehen. Ohne Provider bleibt das v1.4-Verhalten (Random-Key + Token-Exchange).

Source

pub fn local_suite(&self) -> Suite

Lokale Suite (fuer Tests / Metrics).

Source

pub fn encrypts_remaining(&self, handle: CryptoHandle) -> SecurityResult<u64>

Zaehl der verbleibenden sicheren Encrypts auf einem Slot. Wrapping-Point: Suite::max_encrypts() (2^48 per Default). Caller sollte bei 0 einen Key-Refresh anstossen .

§Errors

BadArgument wenn der Handle nicht existiert.

Source

pub fn rotate_key(&mut self, handle: CryptoHandle) -> SecurityResult<()>

Erzwingt einen neuen Master-Key im Slot. Nach rotate_key ist der alte Key futsch — Gegenseite muss per CryptographicPlugin::create_local_participant_crypto_tokens einen neuen Token ziehen und via CryptographicPlugin::set_remote_participant_crypto_tokens synchronisieren.

§Errors

BadArgument wenn der Handle nicht existiert; CryptoFailed wenn die RNG versagt.

Trait Implementations§

Source§

impl CryptographicPlugin for AesGcmCryptoPlugin

Source§

fn register_local_participant( &mut self, _identity: IdentityHandle, _properties: &[(&str, &str)], ) -> SecurityResult<CryptoHandle>

Erzeugt Participant-Crypto-Material aus dem Handshake- SharedSecret.
Source§

fn register_matched_remote_participant( &mut self, _local: CryptoHandle, _remote_identity: IdentityHandle, shared_secret: SharedSecretHandle, ) -> SecurityResult<CryptoHandle>

Erzeugt Crypto-Material fuer einen Remote-Participant.
Source§

fn register_local_endpoint( &mut self, _participant: CryptoHandle, _is_writer: bool, _properties: &[(&str, &str)], ) -> SecurityResult<CryptoHandle>

Erzeugt Crypto-Material fuer einen lokalen DataWriter/Reader.
Source§

fn create_local_participant_crypto_tokens( &mut self, local: CryptoHandle, _remote: CryptoHandle, ) -> SecurityResult<Vec<u8>>

Erzeugt das ParticipantCryptoTokens-Blob, das an den Remote- Participant gesendet wird (enthaelt verschluesseltes Key-Material).
Source§

fn set_remote_participant_crypto_tokens( &mut self, _local: CryptoHandle, remote: CryptoHandle, tokens: &[u8], ) -> SecurityResult<()>

Verarbeitet die Tokens vom Remote-Participant. Danach sind die Keys fuer encrypted Submessages wechselseitig bekannt.
Source§

fn encrypt_submessage( &self, local: CryptoHandle, _remote_list: &[CryptoHandle], plaintext: &[u8], aad_extension: &[u8], ) -> SecurityResult<Vec<u8>>

Encrypt + Sign einer RTPS-Submessage. Input: plain submessage bytes. Output: SecureSubmessage-Payload (ciphertext + tag). Read more
Source§

fn decrypt_submessage( &self, local: CryptoHandle, _remote: CryptoHandle, ciphertext: &[u8], aad_extension: &[u8], ) -> SecurityResult<Vec<u8>>

Decrypt + Verify. Output: plain submessage bytes. aad_extension muss byte-identisch zur Sender-AAD sein (sonst Tag-Mismatch). Read more
Source§

fn encrypt_submessage_multi( &self, local: CryptoHandle, receivers: &[(CryptoHandle, u32)], plaintext: &[u8], aad_extension: &[u8], ) -> SecurityResult<(Vec<u8>, Vec<ReceiverMac>)>

Encrypt+Sign mit Receiver-Specific-MACs (Spec §7.3.6.3). Produziert einen Ciphertext (Sender-Key) plus pro Remote einen 16-byte Truncated-HMAC. Read more
Source§

fn decrypt_submessage_with_receiver_mac( &self, local: CryptoHandle, remote: CryptoHandle, own_key_id: u32, own_mac_key_handle: CryptoHandle, ciphertext: &[u8], macs: &[ReceiverMac], aad_extension: &[u8], ) -> SecurityResult<Vec<u8>>

Verify Receiver-Specific-MAC + Decrypt. Read more
Source§

fn plugin_class_id(&self) -> &str

Plugin-Class-Id (z.B. “DDS:Crypto:AES-GCM-GMAC:1.2”).
Source§

impl Default for AesGcmCryptoPlugin

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.