Documentation
¶
Overview ¶
Package security provides pluggable transport-security for go-DDS.
Security is applied at the packet level in the RTPS transport: every outbound payload is passed through Plugin.Seal before transmission, and every inbound payload through Plugin.Open before delivery to the application. The mock transport passes payloads through the plugin at the broker level so tests can use the same Plugin implementations without a live network.
Two built-in plugins are provided:
- NullPlugin — identity transform; no confidentiality, no integrity. Use during development and for interop with non-secured peers.
- HMACPlugin — appends an HMAC-SHA-256 tag to each payload. Provides integrity and authentication without confidentiality. Fast; zero payload expansion overhead beyond the 32-byte tag.
- AESGCMPlugin — encrypts with AES-256-GCM (AEAD). Provides full confidentiality, integrity, and authenticity. Payload expands by 12 bytes (nonce) + 16 bytes (GCM tag) = 28 bytes.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewRandomKey ¶
NewRandomKey returns n cryptographically random bytes suitable for use as a plugin key. Panics if the OS random source fails (this should never happen on any supported platform).
Types ¶
type AESGCMPlugin ¶
type AESGCMPlugin struct {
// contains filtered or unexported fields
}
AESGCMPlugin encrypts payloads with AES-256-GCM (authenticated encryption). It provides confidentiality, integrity, and authenticity. Each Seal call generates a fresh 12-byte random nonce prepended to the ciphertext.
Wire format: | nonce[12] | ciphertext... | GCM-tag[16] |
Payload overhead: 28 bytes per sample.
func NewAESGCMPlugin ¶
func NewAESGCMPlugin(key []byte) (*AESGCMPlugin, error)
NewAESGCMPlugin creates an AESGCMPlugin. key must be exactly 32 bytes (AES-256); use NewRandomKey to generate one.
type HMACPlugin ¶
type HMACPlugin struct {
// contains filtered or unexported fields
}
HMACPlugin appends an HMAC-SHA-256 authentication tag to each payload. It provides integrity and peer authentication but NOT confidentiality — the payload travels in plaintext. Use when eavesdropping is not a concern but tampering or spoofing must be detected.
Wire format: | plaintext... | HMAC[32] |
func NewHMACPlugin ¶
func NewHMACPlugin(key []byte) *HMACPlugin
NewHMACPlugin creates an HMACPlugin keyed with key. The key should be at least 32 bytes of random data; use NewRandomKey to generate one.
type NullPlugin ¶
type NullPlugin struct{}
NullPlugin is the identity transform: Seal and Open return the input unchanged. Use it when no security is required (e.g. development, testing, or within a trusted private network).
type Plugin ¶
type Plugin interface {
// Seal transforms plaintext into a protected form ready for transmission.
// The returned slice may share memory with plaintext or be newly allocated.
Seal(plaintext []byte) ([]byte, error)
// Open reverses Seal, returning the original plaintext. Returns an error
// if the payload is invalid, tampered, or cannot be decrypted.
Open(ciphertext []byte) ([]byte, error)
}
Plugin is implemented by any type that can seal (encrypt / sign) and open (decrypt / verify) a DDS payload. Seal and Open must be inverses:
plaintext == must(Open(must(Seal(plaintext))))
Implementations must be safe for concurrent use from multiple goroutines.
Source Files