Crate zerodds_security_runtime

Expand description

Crate zerodds-security-runtime. Safety classification: SAFE (pure adapter without its own crypto primitives — delegates to security-crypto + security-rtps).

Security runtime: governance-driven plugin lifecycle, peer-capabilities cache, outbound/inbound verdict engine, built-in data tagging, anti-squatter, heterogeneous-mesh gateway bridge. Adapter layer between the governance-XML policy and the secure-submessage wrapper.

§Layer position

Layer 4 — core services. Consumes zerodds-security (SPI) + zerodds-security-crypto + -permissions + -pki + -rtps + zerodds-rtps + zerodds-qos. Fed by the DCPS runtime via Box<dyn ...> plugins (feature security).

§Public API (as of 1.0.0-rc.1)

SecurityGate — high-level adapter between governance + crypto + RTPS wrap.
engine::* — GovernancePolicyEngine default impl + PolicyEngine trait.
policy::* — PolicyDecision with suite, receiver MACs, topic class.
caps::* — PeerCapabilities + PeerCapabilitiesCache.
caps_wire::* — SPDP mapping for peer capabilities (wire codec).
peer_class::* — <peer_class> match (CIDR, subject patterns).
endpoint::* — endpoint slot lookup.
data_tagging::* — built-in DataTaggingPlugin (spec §8.7).
builtin_topics::* — DCPSParticipantStatelessMessage + DCPSParticipantVolatileMessageSecure.
anti_squatter::* — spec §8.5.3 anti-squatter logic.
gateway_bridge::* — heterogeneous-mesh gateway bridge (edge ↔ backend).
shared::* — shared inbound/outbound verdict types.

§Example

use zerodds_security_crypto::AesGcmCryptoPlugin;
use zerodds_security_permissions::parse_governance_xml;
use zerodds_security_runtime::SecurityGate;

let governance = parse_governance_xml(GOVERNANCE_XML).unwrap();
let mut crypto = AesGcmCryptoPlugin::new();
let mut gate = SecurityGate::new(0, governance, &mut crypto);

// Outbound:
let wire = gate.encode_outbound("Chatter", b"hello").unwrap();

// Inbound (at the peer):
let plain = gate.decode_inbound("Chatter", &wire).unwrap();

Re-exports§

pub use anti_squatter::BindingDecision;
pub use anti_squatter::GuidPrefixBytes;
pub use anti_squatter::IdentityBindingCache;
pub use caps::PeerCache;
pub use caps::PeerCapabilities;
pub use caps::Validity;
pub use caps_wire::advertise_security_caps;
pub use caps_wire::parse_peer_caps;
pub use data_tagging::BuiltinDataTaggingPlugin;
pub use data_tagging::TAG_PROPERTY_PREFIX;
pub use endpoint::EndpointMatch;
pub use endpoint::EndpointProtection;
pub use endpoint::MatchRejectReason;
pub use endpoint::match_endpoints;
pub use gateway_bridge::GatewayBridge;
pub use gateway_bridge::GatewayBridgeConfig;
pub use gateway_bridge::GatewayBridgeError;
pub use gateway_bridge::GatewayBridgeResult;
pub use peer_class::interface_accepts_class;
pub use peer_class::peer_matches_class;
pub use peer_class::resolve_peer_class;
pub use peer_class::resolve_protection;
pub use policy::InboundCtx;
pub use policy::InterfaceConfig;
pub use policy::IpRange;
pub use policy::NetInterface;
pub use policy::OutboundCtx;
pub use policy::PolicyDecision;
pub use policy::PolicyEngine;
pub use policy::ProtectionLevel;
pub use policy::SuiteHint;
pub use policy::classify_interface;
pub use profile::SecurityProfile;
pub use profile::SecurityProfileConfig;
pub use profile::SecurityProfileError;
pub use profile::strip_file_url;

Modules§

anti_squatter: GUID-to-identity bindings cache (C3.8).
builtin_topics: C3.4-b — API bridge for the DDS-Security 1.2 §7.5.3/§7.5.4 builtin topics (DCPSParticipantStatelessMessage + DCPSParticipantVolatileMessage- Secure). Wraps the spec data model from zerodds_security::generic_message into a DCPS-ready form:
caps: Peer capabilities and cache.
caps_wire: SPDP mapping for PeerCapabilities.
data_tagging: Builtin DataTagging plugin (OMG DDS-Security 1.2 §12).
endpoint: Endpoint-level protection abstraction.
gateway_bridge: Gateway-bridge helper.
peer_class: Peer-class matching engine.
policy: Heterogeneous security — PolicyEngine trait and data types .
profile: Vendor-style-conform “from-paths” builder for DDS-Security 1.2 setups.

Structs§

GovernancePolicyEngine: Governance-XML-driven PolicyEngine default implementation.
SecurityGate: Decides per topic whether/how outgoing submessages must be encrypted or signed.
SharedSecurityGate: Thread-safe security gate. Clone gives a second reference to the same plugin instance — all clones operate on the same key store.

Enums§

InboundVerdict: Result of a classify_inbound decision.
LogLevel: Severity of a security event (spec §8.6.3 table 36).
SecurityGateError: Error class for the gate.

Traits§

LoggingPlugin: Logging plugin (spec §8.6.2.1).

Type Aliases§

PeerKey: Opaque peer identifier. In RTPS environments the caller typically maps GuidPrefix (12 bytes) onto it — [u8; 12] fits exactly.