Skip to main content

Module caps_wire

Module caps_wire 

Source
Expand description

SPDP mapping for PeerCapabilities.

Bridge between the policy layer (PeerCapabilities) and the SPDP wire format (WirePropertyList). On send, the own caps are written into the SPDP properties; on receive the properties are parsed back to PeerCapabilities.

§Property keys

KeySemantics
dds.sec.auth.plugin_classOMG standard, authentication plugin class
dds.sec.access.plugin_classOMG standard, access-control plugin class
dds.sec.crypto.plugin_classOMG standard, crypto plugin class
zerodds.sec.supported_suitesCSV: AES_128_GCM,AES_256_GCM,HMAC_SHA256
zerodds.sec.offered_protectionNONE / SIGN / ENCRYPT
zerodds.sec.vendor_hintfree string, e.g. "zerodds"

The zerodds.sec.* namespace is intentionally ZeroDDS-specific. Other vendors (Cyclone, Fast-DDS) silently ignore unknown properties — this preserves SPDP interop (see architecture doc §8.1).

has_valid_cert and validity_window are not transferred via SPDP; these are post-handshake values set by the authentication plugin.

Constants§

KEY_ACCESS_PLUGIN
OMG standard: access-control plugin class.
KEY_AUTH_PLUGIN
OMG standard: authentication plugin class.
KEY_CRYPTO_PLUGIN
OMG standard: crypto plugin class.
KEY_DELEGATION_CHAIN
ZeroDDS extension: delegation chain (base64-encoded wire bytes, RC1). Format: base64 over the DelegationChain::encode() output. Passes through SPDP via PID_PROPERTY_LIST.
KEY_OFFERED_PROTECTION
ZeroDDS extension: offered protection level.
KEY_SUPPORTED_SUITES
ZeroDDS extension: CSV of accepted suites.
KEY_VENDOR_HINT
ZeroDDS extension: vendor identification for quirks.
MAX_DELEGATION_CHAIN_BYTES
DoS cap for the wire blob (before base64 decode). Architecture §11.

Functions§

advertise_security_caps
Writes the security caps into the given PropertyList.
parse_peer_caps
Reads security caps from a PropertyList. Unknown or malformed values are silently treated as “empty” — a peer must not be able to throw us out of the SPDP process via a broken property.