Skip to main content

Suite

zerodds_security_crypto::suite

Enum Suite 

Source 
pub enum Suite {
    Aes128Gcm,
    Aes256Gcm,
    HmacSha256,
}
Expand description

Verfuegbare Crypto-Suites im AesGcmCryptoPlugin.

Default (AesGcmCryptoPlugin::new()) ist Aes128Gcm — leichtgewichtig, ausreichend fuer < 10-Jahres-Vertraulichkeit. Fuer hoehere Stufen AesGcmCryptoPlugin::with_suite(Suite::Aes256Gcm) waehlen.

HmacSha256 ist Auth-only (keine Confidentiality). Wird eingesetzt wenn Governance-XML metadata_protection_kind=SIGN vorgibt — die Payload bleibt plain, aber per HMAC-Tag authentifiziert.

Variants§

§

Aes128Gcm

AES-128 im GCM-Mode. 16-byte Master-Key. Auth+Encrypt.

§

Aes256Gcm

AES-256 im GCM-Mode. 32-byte Master-Key. Auth+Encrypt.

§

HmacSha256

HMAC-SHA256 Auth-only. 32-byte Master-Key. Payload bleibt plain; 32-byte-HMAC wird angehaengt (Spec-Kind NONE + HMAC_SHA256 — “SIGN” im Governance-XML).

Implementations§

Source§

impl Suite

Source

pub const fn key_len(self) -> usize

Benötigte Master-Key-Laenge in Bytes.

Source

pub const fn is_aead(self) -> bool

true wenn die Suite Confidentiality liefert (sonst Auth-only).

Source

pub fn transform_kind_id(self) -> u8

Ein-Byte-Transform-Kind-Id fuers Wire-Format (SEC_PREFIX). Spec DDS-Security 1.2 §10.5 Tab.79 — wir liefern den Low-Byte- Anteil; der Wire-Codec packt das in [0, 0, 0, id] BE.

HmacSha256 belegt den AES128_GMAC-Slot (0x01) — die ZeroDDS-Implementation laeuft mit HMAC-SHA256 statt AES-GMAC, d.h. fuer SIGN-only-Topics ist der Cyclone-Interop noch nicht gegeben (siehe C3.7). GCM-Varianten sind voll spec-konform.

Source

pub fn transform_kind(self) -> [u8; 4]

4-byte CryptoTransformKind Big-Endian-Wire-Repraesentation (Spec §10.5 Tab.79).

Source

pub fn from_transform_kind_id(id: u8) -> Option<Self>

Inverse von Self::transform_kind_id. Liefert None fuer Spec-Werte die ZeroDDS nicht als Suite anbietet (z.B. AES256_GMAC = 0x03).

Source

pub const fn max_encrypts(self) -> u64

Maximum Encrypts pro Key, bevor Key-Refresh noetig wird. Spec §9.5.3.3.4 empfiehlt ≤ 2^32 fuer GCM — wir cappen bei 2^48 (konservativ unter Soft-Limit, viel unter harter Nonce-Bound).

Trait Implementations§

Source§

impl Clone for Suite

Source§

fn clone(&self) -> Suite

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Suite

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for Suite

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl PartialEq for Suite

Source§

fn eq(&self, other: &Suite) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 (const: unstable) · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Copy for Suite

Source§

impl Eq for Suite

Source§

impl StructuralPartialEq for Suite

Auto Trait Implementations§

§

impl Freeze for Suite

§

impl RefUnwindSafe for Suite

§

impl Send for Suite

§

impl Sync for Suite

§

impl Unpin for Suite

§

impl UnsafeUnpin for Suite

§

impl UnwindSafe for Suite

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.