Mountain/IPC/Enhanced/SecureMessageChannel/
SecurityConfig.rs

1
2//! Tunables for the secure-message channel - encryption /
3//! HMAC algorithm, key-rotation cadence, nonce / tag sizes,
4//! and the maximum allowed message size (DOS guard).
5
6use ring::aead::{AES_256_GCM, NONCE_LEN};
7use serde::{Deserialize, Serialize};
8
9#[derive(Debug, Clone, Serialize, Deserialize)]
10pub struct Struct {
11	pub encryption_algorithm:String,
12
13	pub key_rotation_interval_hours:u64,
14
15	pub hmac_algorithm:String,
16
17	pub nonce_size_bytes:usize,
18
19	pub auth_tag_size_bytes:usize,
20
21	pub max_message_size_bytes:usize,
22}
23
24impl Default for Struct {
25	fn default() -> Self {
26		Self {
27			encryption_algorithm:"AES-256-GCM".to_string(),
28
29			key_rotation_interval_hours:24,
30
31			hmac_algorithm:"HMAC-SHA256".to_string(),
32
33			nonce_size_bytes:NONCE_LEN,
34
35			auth_tag_size_bytes:AES_256_GCM.tag_len(),
36
37			max_message_size_bytes:10 * 1024 * 1024,
38		}
39	}
40}

Mountain/IPC/Enhanced/SecureMessageChannel/SecurityConfig.rs

Mountain/IPC/Enhanced/SecureMessageChannel/
SecurityConfig.rs