pub struct SecurityGate<'c, P: CryptographicPlugin> { /* private fields */ }Expand description
Decides per topic whether/how outgoing submessages must be encrypted or signed.
Implementations§
Source§impl<'c, P: CryptographicPlugin> SecurityGate<'c, P>
impl<'c, P: CryptographicPlugin> SecurityGate<'c, P>
Sourcepub fn new(domain_id: u32, governance: Governance, crypto: &'c mut P) -> Self
pub fn new(domain_id: u32, governance: Governance, crypto: &'c mut P) -> Self
Constructor.
Sourcepub fn outbound_protection(&self, topic_name: &str) -> ProtectionKind
pub fn outbound_protection(&self, topic_name: &str) -> ProtectionKind
Decides whether the outgoing submessage for topic_name must be
wrapped.
Sourcepub fn encode_outbound(
&mut self,
topic_name: &str,
plaintext: &[u8],
) -> Result<Vec<u8>, SecurityGateError>
pub fn encode_outbound( &mut self, topic_name: &str, plaintext: &[u8], ) -> Result<Vec<u8>, SecurityGateError>
Wraps the outgoing submessage if governance requires it.
Protection kind None returns the original byte slice
unchanged (passthrough).
§Errors
See SecurityGateError.
Sourcepub fn decode_inbound(
&mut self,
topic_name: &str,
wire: &[u8],
) -> Result<Vec<u8>, SecurityGateError>
pub fn decode_inbound( &mut self, topic_name: &str, wire: &[u8], ) -> Result<Vec<u8>, SecurityGateError>
Unwraps an incoming submessage. If the format shows NO SEC_PREFIX
but governance requires SIGN/ENCRYPT → policy
violation. If governance is None and the bytes are not a SEC_PREFIX,
simply passthrough.
§Errors
See SecurityGateError.
Loopback-only: this convenience entry uses the local
slot for key lookup; real cross-participant decoding goes
via Self::decode_inbound_message with remote_slot.
Sourcepub fn register_remote(
&mut self,
remote_identity: IdentityHandle,
shared_secret: SharedSecretHandle,
) -> Result<CryptoHandle, SecurityGateError>
pub fn register_remote( &mut self, remote_identity: IdentityHandle, shared_secret: SharedSecretHandle, ) -> Result<CryptoHandle, SecurityGateError>
Registers a remote peer. The returned handle is
the CryptoHandle in the local plugin at which the remote key
is then created via Self::set_remote_token.
§Errors
See SecurityGateError.
Sourcepub fn local_token(&mut self) -> Result<Vec<u8>, SecurityGateError>
pub fn local_token(&mut self) -> Result<Vec<u8>, SecurityGateError>
Returns the crypto token of the local participant (to be sent to the remote via the SEDP ParticipantCryptoToken submessage).
§Errors
CryptoSetup/Crypto if the local handle does not exist.
Sourcepub fn set_remote_token(
&mut self,
remote: CryptoHandle,
token: &[u8],
) -> Result<(), SecurityGateError>
pub fn set_remote_token( &mut self, remote: CryptoHandle, token: &[u8], ) -> Result<(), SecurityGateError>
Accepts a remote crypto token and installs it under the supplied remote handle.
§Errors
See SecurityGateError.
Sourcepub fn message_protection(&self) -> ProtectionKind
pub fn message_protection(&self) -> ProtectionKind
Is an RTPS message-level protection configured for this domain?
Looks into the first matching <domain_rule> and returns the
rtps_protection_kind.
Sourcepub fn encode_outbound_message(
&mut self,
message: &[u8],
) -> Result<Vec<u8>, SecurityGateError>
pub fn encode_outbound_message( &mut self, message: &[u8], ) -> Result<Vec<u8>, SecurityGateError>
Wraps a complete RTPS message (incl. 20-byte header) if
rtps_protection_kind != None. Otherwise passthrough.
§Errors
See SecurityGateError.
Sourcepub fn decode_inbound_message(
&mut self,
remote_slot: CryptoHandle,
wire: &[u8],
) -> Result<Vec<u8>, SecurityGateError>
pub fn decode_inbound_message( &mut self, remote_slot: CryptoHandle, wire: &[u8], ) -> Result<Vec<u8>, SecurityGateError>
Unwraps an incoming RTPS message. remote_slot is the
CryptoHandle under which the sender key is registered
(returned by register_remote + set_remote_token).
Implementation detail: the plugin trait uses local as the
key-slot identifier (see OMG §8.5.1.9.4 mapping), so we
pass remote_slot as the local arg through to the codec —
that is the slot where Alice’s master key lives.
§Errors
See SecurityGateError.