Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As pointed out in #82 MAVLink 2 message signing is not supported beyond being able to correctly parse signed messages.
This PR adds full support for signature creation and verification.
This is done by introducing the
signing
feature to themavlink
andmavlink-core
crates.The implementation is done in a way that the public interfaces remain unchanged without the feature and are semver compatible when it is enabled.
Additions
signing
feature for mavlink-core and as passthrough tomavlink
, all following additions require this, this is not enabled by defaultSigningConfig
to configure signing with a secret key, enable sign outgoing and allow unsigned messagesSigningData
to execute signing withverify_signature()
,sign_message()
MavConnection::setup_signing(..)
to all connection implementationspub fn
that have an additionalOption<&SigningData>
paramter:read_versioned_msg_signed()
,read_v2_raw_message_signed()
,read_v2_msg_signed()
,write_versioned_msg_signed()
,write_v2_msg_signed()
MAVLinkV2MessageRaw
:checksum_bytes()
,signature_link_id[_mut]()
,signature_timestamp[_bytes[_mut]]()
,signature_value[_mut]()
MAVLinkV2MessageRaw::header()
requiring a mut referenceMAVLinkV2MessageRaw::calculate_signature()
that calculates a messages current signatureMAVLinkV2MessageRaw::serialize_message_for_signing()
to serialze while setting the incompat_flagSigning specifications
With the
signing
feature enabled and signing setup the following applies:allow_unsigned
is setsign_outgoing
is set.Tests
signing
feature for all testCaveats
std::SystemTime::now()
which might not exist in a none-std enviroment, maybe thesigning
feature should depend onstd
.mavlink
are broken since they depend on the published version ofmavlink-core
which does not have signing, when testing locally with a path dependency they succeed.incompat_flags
field of the MAVLink header, for the purpose of preserving API stability the coresponding structMavHeader
is not modified but this should probably be done in a future breaking version.MavConnection
and then set a it to use MAVLink 1 only which ignores the setup signing configuration.