Mountain/IPC/Enhanced/SecureMessageChannel/
SecurityConfig.rs

1#![allow(non_snake_case)]
2
3//! Tunables for the secure-message channel - encryption /
4//! HMAC algorithm, key-rotation cadence, nonce / tag sizes,
5//! and the maximum allowed message size (DOS guard).
6
7use ring::aead::{AES_256_GCM, NONCE_LEN};
8use serde::{Deserialize, Serialize};
9
10#[derive(Debug, Clone, Serialize, Deserialize)]
11pub struct Struct {
12	pub encryption_algorithm:String,
13	pub key_rotation_interval_hours:u64,
14	pub hmac_algorithm:String,
15	pub nonce_size_bytes:usize,
16	pub auth_tag_size_bytes:usize,
17	pub max_message_size_bytes:usize,
18}
19
20impl Default for Struct {
21	fn default() -> Self {
22		Self {
23			encryption_algorithm:"AES-256-GCM".to_string(),
24			key_rotation_interval_hours:24,
25			hmac_algorithm:"HMAC-SHA256".to_string(),
26			nonce_size_bytes:NONCE_LEN,
27			auth_tag_size_bytes:AES_256_GCM.tag_len(),
28			max_message_size_bytes:10 * 1024 * 1024,
29		}
30	}
31}

Mountain/IPC/Enhanced/SecureMessageChannel/SecurityConfig.rs

Mountain/IPC/Enhanced/SecureMessageChannel/
SecurityConfig.rs