Struct MockAuthenticationPlugin 

pub struct MockAuthenticationPlugin { /* private fields */ }

Mock implementation — accepts everything, handshake step count hard-coded.

Implementations

impl MockAuthenticationPlugin

pub fn new() -> Self

Constructor.

Trait Implementations

impl AuthenticationPlugin for MockAuthenticationPlugin

fn validate_local_identity( &mut self, _props: &PropertyList, _participant_guid: [u8; 16], ) -> SecurityResult<IdentityHandle>

Called once at participant start: validate the local identity (certificate, key, trust anchor) and return a handle.

fn validate_remote_identity( &mut self, _local: IdentityHandle, _remote_participant_guid: [u8; 16], _remote_auth_token: &[u8], ) -> SecurityResult<IdentityHandle>

Called as soon as a remote participant has been discovered via SPDP. The plugin validates the remote cert (from remote_auth_token) against its trust store.

fn begin_handshake_request( &mut self, _initiator: IdentityHandle, _replier: IdentityHandle, ) -> SecurityResult<(HandshakeHandle, HandshakeStepOutcome)>

Starts the handshake. Returns the first token that must be sent to the peer.

fn begin_handshake_reply( &mut self, _replier: IdentityHandle, _initiator: IdentityHandle, request_token: &[u8], ) -> SecurityResult<(HandshakeHandle, HandshakeStepOutcome)>

Peer side of the handshake start. request_token is what the initiator sent via begin_handshake_request.

fn process_handshake( &mut self, handshake: HandshakeHandle, token: &[u8], ) -> SecurityResult<HandshakeStepOutcome>

Pass through follow-up handshake messages.

fn shared_secret( &self, handshake: HandshakeHandle, ) -> SecurityResult<SharedSecretHandle>

Ends the handshake and returns the final SharedSecret. Failure aborts. Called by the caller after a Complete outcome to pull the secret out of the plugin.

fn plugin_class_id(&self) -> &str

Identity plugin name (e.g. “DDS:Auth:PKI-DH:1.2”). Announced in SPDP as dds.sec.auth.plugin_class.

fn set_algo_nul_terminate(&mut self, _nul: bool)

Cross-vendor quirk: determines whether the next handshake algorithm strings (c.dsign_algo/c.kagree_algo) are emitted + hashed NUL-terminated. OpenDDS compares them with sizeof (incl. \0) and needs the NUL form; FastDDS (#3803) needs them WITHOUT; cyclone is tolerant. Since the handshake runs per-peer, the discovery layer calls this based on the peer’s VendorId BEFORE begin_handshake_request or begin_handshake_reply. Default no-op (NUL-free = spec/FastDDS/ Cyclone-conformant).

fn get_identity_token(&self, _local: IdentityHandle) -> SecurityResult<Vec<u8>>

Returns the IdentityToken for a local identity (spec §9.3.2.4). Published in the SPDP announce as PID_IDENTITY_TOKEN (0x1001). Default: empty token (= the plugin does not support the feature).

fn get_identity_status_token( &self, _local: IdentityHandle, ) -> SecurityResult<Vec<u8>>

Returns the IdentityStatusToken for a local identity (spec §9.3.2.5.1.2). Default: empty.

fn get_permissions_token(&self) -> Vec<u8>

Returns the PermissionsToken (spec §7.2.4, PID_PERMISSIONS_TOKEN 0x1002) for the SPDP announce. Strictly per spec the AccessControlPlugin produces it; since ZeroDDS holds the permissions in the auth plugin (set_local_permissions, for the c.perm handshake), the getter lives here. Default: empty (no permissions configured ⇒ AccessControl inactive ⇒ token omitted). Cross-vendor requirement: secure vendors (cyclone/FastDDS) only validate a remote if SPDP carries both tokens (identity + permissions).

fn set_local_participant_data(&mut self, _pdata: Vec<u8>)

Sets the local ParticipantBuiltinTopicData as PL_CDR bytes that are sent along in the handshake as c.pdata (spec §9.3.2.5.2). The replier deserializes c.pdata as a ParameterList and binds the participant_guid to the authenticated identity. Default: no-op.

fn set_permissions_credential_and_token( &mut self, _local: IdentityHandle, _permissions_credential: &[u8], _permissions_token: &[u8], ) -> SecurityResult<()>

Sets the permissions credential and the permissions token on a local identity (spec §9.3.2.4 + §9.3.2.5.4). Fed by the caller layer with the output of the AccessControlPlugin.

fn get_authenticated_peer_credential_token( &self, _handshake: HandshakeHandle, ) -> SecurityResult<Vec<u8>>

Returns the AuthenticatedPeerCredentialToken (spec §9.3.2.5.6). Fetched by the AccessControl layer after a successful handshake to perform the caller subject match. Default: empty.

impl Debug for MockAuthenticationPlugin

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for MockAuthenticationPlugin

fn default() -> MockAuthenticationPlugin

Returns the “default value” for a type.