master/MAVLinkSigning_8h_source.html

#pragma once


#include <QtCore/QByteArray>

#include <QtCore/QByteArrayView>

#include <QtCore/QDateTime>

#include <QtCore/QHash>

#include <QtCore/QString>

#include <QtCore/QTimeZone>

#include <array>

#include <cstdint>

#include <optional>


#include "MAVLinkMessageType.h"


// createSetupSigning takes mavlink_setup_signing_t&; full def lives in MAVLinkLib.h. Callers must include it.

struct __mavlink_setup_signing_t;

typedef struct __mavlink_setup_signing_t mavlink_setup_signing_t;


namespace MAVLinkSigning {

static constexpr int kSigningKeySize = 32;       // SHA-256 output / MAVLink secret_key size

static constexpr int kSignatureHashBytes = 6;    // truncated SHA-256 in wire signature

static constexpr int kSignaturePrefixBytes = 7;  // link_id(1) + timestamp(6) before hash


using SigningKey = std::array<uint8_t, kSigningKeySize>;


inline const QDateTime& signingEpoch()

{

    static const QDateTime epoch = QDate(2015, 1, 1).startOfDay(QTimeZone::UTC);

    return epoch;

}


inline uint64_t currentSigningTimestampTicks()

{

    return static_cast<uint64_t>(signingEpoch().msecsTo(QDateTime::currentDateTimeUtc())) * 100;

}


std::optional<SigningKey> makeSigningKey(QByteArrayView bytes);


enum class UnsignedAcceptancePolicy : uint8_t {

    Strict,   // RADIO_STATUS only (hop-by-hop). Default for confirmed-signing.

    Pending,  // RADIO_STATUS + HEARTBEAT + STATUSTEXT while awaiting enable/disable confirmation.

};


bool secureConnectionAcceptUnsignedCallback(const mavlink_status_t* status, uint32_t message_id);

bool insecureConnectionAcceptUnsignedCallback(const mavlink_status_t* status, uint32_t message_id);


mavlink_accept_unsigned_t callbackForPolicy(UnsignedAcceptancePolicy policy);


void createSetupSigning(mavlink_channel_t channel, mavlink_system_t target_system, QByteArrayView keyBytes,

                        mavlink_setup_signing_t& setup_signing);


bool encodeSetupSigning(mavlink_channel_t channel, uint8_t srcSysId, uint8_t srcCompId, mavlink_system_t target_system,

                        QByteArrayView keyBytes, mavlink_message_t& message);


bool isMessageSigned(const mavlink_message_t& message);


void setMessageSigned(mavlink_message_t& message, bool isSigned);


QByteArray serializeUnsignedCopy(const mavlink_message_t& message);


bool verifySignature(QByteArrayView key, const mavlink_message_t& message);

bool verifySignature(const SigningKey& key, const mavlink_message_t& message);


struct DetectSnapshot

{

    QString keyHint;

    bool inCooldown = false;

    bool autoDetectSuspended = false;

};


// Pure reads from mavlink_get_channel_status(); no SigningChannel state dependency.

void logSigningFailure(mavlink_channel_t channel);

bool checkSigningLinkId(mavlink_channel_t channel, const mavlink_message_t& message);

QString signingStatusString(mavlink_channel_t channel);

int signingStreamCount(mavlink_channel_t channel);


}  // namespace MAVLinkSigning

MAVLinkMessageType.h

mavlink_channel_t
mavlink_channel_t
Definition MAVLinkMessageType.h:13

mavlink_setup_signing_t
struct __mavlink_setup_signing_t mavlink_setup_signing_t
Definition MAVLinkSigning.h:17

mavlink_message_t
struct __mavlink_message mavlink_message_t
Definition QGCCorePlugin.h:24

MAVLinkSigning
Definition MAVLinkSigning.cc:22

MAVLinkSigning::serializeUnsignedCopy
QByteArray serializeUnsignedCopy(const mavlink_message_t &message)
Definition MAVLinkSigning.cc:118

MAVLinkSigning::kSignatureHashBytes
static constexpr int kSignatureHashBytes
Definition MAVLinkSigning.h:21

MAVLinkSigning::checkSigningLinkId
bool checkSigningLinkId(mavlink_channel_t channel, const mavlink_message_t &message)
Definition MAVLinkSigning.cc:189

MAVLinkSigning::encodeSetupSigning
bool encodeSetupSigning(mavlink_channel_t channel, uint8_t srcSysId, uint8_t srcCompId, mavlink_system_t target_system, QByteArrayView keyBytes, mavlink_message_t &message)
Definition MAVLinkSigning.cc:92

MAVLinkSigning::SigningKey
std::array< uint8_t, kSigningKeySize > SigningKey
std::array avoids QByteArray COW detach so secureZero() actually wipes the bytes.
Definition MAVLinkSigning.h:25

MAVLinkSigning::signingStatusString
QString signingStatusString(mavlink_channel_t channel)
Definition MAVLinkSigning.cc:199

MAVLinkSigning::signingEpoch
const QDateTime & signingEpoch()
MAVLink wire-protocol epoch; must be UTC per spec.
Definition MAVLinkSigning.h:28

MAVLinkSigning::verifySignature
bool verifySignature(QByteArrayView key, const mavlink_message_t &message)
Verify a key against a signed message's signature.
Definition MAVLinkSigning.cc:153

MAVLinkSigning::currentSigningTimestampTicks
uint64_t currentSigningTimestampTicks()
Current signing timestamp in 10µs ticks since 2015-01-01.
Definition MAVLinkSigning.h:35

MAVLinkSigning::createSetupSigning
void createSetupSigning(mavlink_channel_t channel, mavlink_system_t target_system, QByteArrayView keyBytes, mavlink_setup_signing_t &setup_signing)
Build a SETUP_SIGNING payload. Empty keyBytes produces a disable payload (zero key,...
Definition MAVLinkSigning.cc:76

MAVLinkSigning::secureConnectionAcceptUnsignedCallback
bool secureConnectionAcceptUnsignedCallback(const mavlink_status_t *status, uint32_t message_id)
Definition MAVLinkSigning.cc:34

MAVLinkSigning::makeSigningKey
std::optional< SigningKey > makeSigningKey(QByteArrayView bytes)
Build a SigningKey from arbitrary bytes. Returns nullopt if input is the wrong size.
Definition MAVLinkSigning.cc:24

MAVLinkSigning::UnsignedAcceptancePolicy
UnsignedAcceptancePolicy
Definition MAVLinkSigning.h:45

MAVLinkSigning::UnsignedAcceptancePolicy::Pending
@ Pending

MAVLinkSigning::UnsignedAcceptancePolicy::Strict
@ Strict

MAVLinkSigning::isMessageSigned
bool isMessageSigned(const mavlink_message_t &message)
Returns true if the message has a MAVLink2 signature.
Definition MAVLinkSigning.cc:104

MAVLinkSigning::callbackForPolicy
mavlink_accept_unsigned_t callbackForPolicy(UnsignedAcceptancePolicy policy)
Maps a high-level policy to the underlying libmavlink callback.
Definition MAVLinkSigning.cc:65

MAVLinkSigning::logSigningFailure
void logSigningFailure(mavlink_channel_t channel)
Definition MAVLinkSigning.cc:232

MAVLinkSigning::kSigningKeySize
static constexpr int kSigningKeySize
Definition MAVLinkSigning.h:20

MAVLinkSigning::setMessageSigned
void setMessageSigned(mavlink_message_t &message, bool isSigned)
Set or clear the MAVLink2 signature incompatibility flag on a message.
Definition MAVLinkSigning.cc:109

MAVLinkSigning::kSignaturePrefixBytes
static constexpr int kSignaturePrefixBytes
Definition MAVLinkSigning.h:22

MAVLinkSigning::insecureConnectionAcceptUnsignedCallback
bool insecureConnectionAcceptUnsignedCallback(const mavlink_status_t *status, uint32_t message_id)
Definition MAVLinkSigning.cc:40

MAVLinkSigning::signingStreamCount
int signingStreamCount(mavlink_channel_t channel)
Definition MAVLinkSigning.cc:223

MAVLinkSigning::DetectSnapshot
Single-lock snapshot struct; fields populated by SigningChannel::detectSnapshot().
Definition MAVLinkSigning.h:83

MAVLinkSigning::DetectSnapshot::keyHint
QString keyHint
Definition MAVLinkSigning.h:84

MAVLinkSigning::DetectSnapshot::autoDetectSuspended
bool autoDetectSuspended
Definition MAVLinkSigning.h:86

MAVLinkSigning::DetectSnapshot::inCooldown
bool inCooldown
Definition MAVLinkSigning.h:85