QGroundControl
Ground Control Station for MAVLink Drones
Loading...
Searching...
No Matches
SigningController Class Reference

Owns MAVLink signing state and the deferred-confirmation state machine for one LinkInterface. More...

#include <SigningController.h>

+ Inheritance diagram for SigningController:
+ Collaboration diagram for SigningController:

Public Types

using FailReason = SigningFailure::Reason
 
using State = SigningStatus::State
 

Signals

void stateChanged ()
 
void keyAutoDetected (const QString &keyName)
 
void alertRaised (const QString &detail)
 
void signingConfirmed (const QString &keyName)
 Emitted exactly once per begin*() on success. keyName is the enabled key, or empty for disable.
 
void signingFailed (SigningFailure failure)
 Emitted exactly once per begin*() on failure (timeout, init error, cancel, re-entry).
 

Public Member Functions

 SigningController (mavlink_channel_t channel, QObject *parent=nullptr)
 
 ~SigningController () override
 
State state () const
 
SigningStatus status () const
 
bool isEnabled () const
 
QString keyName () const
 
QString statusText () const
 
std::optional< SigningFailuretryBeginEnable (uint8_t expectedSysId, const QString &keyName, const MAVLinkSigning::SigningKey &keyBytes)
 Begin pending-enable. Caller must send SETUP_SIGNING only on nullopt; outcome arrives via signingConfirmed/signingFailed.
 
std::optional< SigningFailuretryBeginDisable (uint8_t expectedSysId)
 Atomic check-and-commit for disable; same contract as tryBeginEnable.
 
void cancelPending (const QString &detail={})
 
bool clearSigning ()
 
bool initSigningImmediate (QByteArrayView key, MAVLinkSigning::UnsignedAcceptancePolicy policy, const QString &keyNameHint={})
 Bypasses the FSM; used by tests and auto-detect. Non-empty keyNameHint seeds the persisted timestamp.
 
const SigningChannelchannel () const
 
bool signOutgoing (mavlink_message_t &message)
 
void recordDetectMiss ()
 
void clearDetectCooldown ()
 
bool processFrame (bool framingOk, const mavlink_message_t &message)
 Per-frame entry point; drives burst alerts, auto-detect, and the FSM. Returns true on auto-detect.
 
void resetBadSigBurst ()
 
bool wallClockRefreshActiveForTesting () const
 

Static Public Member Functions

static void setTimeoutForTesting (std::chrono::milliseconds timeout)
 Test-only override for the vehicle-confirmation timeout, read at each begin*(); zero restores the default.
 

Detailed Description

Owns MAVLink signing state and the deferred-confirmation state machine for one LinkInterface.

Definition at line 19 of file SigningController.h.

Member Typedef Documentation

◆ FailReason

◆ State

Constructor & Destructor Documentation

◆ SigningController()

SigningController::SigningController ( mavlink_channel_t  channel,
QObject *  parent = nullptr 
)
explicit

Definition at line 23 of file SigningController.cc.

References SigningChannel::refreshOutgoingTimestamp().

◆ ~SigningController()

SigningController::~SigningController ( )
override

Definition at line 33 of file SigningController.cc.

References SigningChannel::init(), and QGC::secureZero().

Member Function Documentation

◆ alertRaised

void SigningController::alertRaised ( const QString &  detail)
signal

Referenced by processFrame().

◆ cancelPending()

void SigningController::cancelPending ( const QString &  detail = {})

Abort any in-flight operation. Emits signingFailed if pending. No-op if Idle. detail overrides the default ("primary link changed before vehicle confirmation").

Definition at line 383 of file SigningController.cc.

◆ channel()

const SigningChannel & SigningController::channel ( ) const
inline

Definition at line 55 of file SigningController.h.

Referenced by MAVLinkSigningKeys::tryDetectKey().

◆ clearDetectCooldown()

void SigningController::clearDetectCooldown ( )
inline

◆ clearSigning()

◆ initSigningImmediate()

bool SigningController::initSigningImmediate ( QByteArrayView  key,
MAVLinkSigning::UnsignedAcceptancePolicy  policy,
const QString &  keyNameHint = {} 
)

Bypasses the FSM; used by tests and auto-detect. Non-empty keyNameHint seeds the persisted timestamp.

Definition at line 137 of file SigningController.cc.

References MAVLinkSigning::callbackForPolicy(), SigningChannel::init(), MAVLinkSigningKeys::instance(), SigningChannel::isEnabled(), and MAVLinkSigningKeys::lastTimestamp().

Referenced by MAVLinkSigningKeys::tryDetectKey().

◆ isEnabled()

bool SigningController::isEnabled ( ) const

Definition at line 94 of file SigningController.cc.

References state().

Referenced by MAVLinkSigningKeys::tryDetectKey().

◆ keyAutoDetected

void SigningController::keyAutoDetected ( const QString &  keyName)
signal

Referenced by processFrame().

◆ keyName()

QString SigningController::keyName ( ) const

Definition at line 101 of file SigningController.cc.

References SigningChannel::keyHint().

◆ processFrame()

◆ recordDetectMiss()

void SigningController::recordDetectMiss ( )
inline

Definition at line 61 of file SigningController.h.

References SigningChannel::recordDetectMiss().

Referenced by MAVLinkSigningKeys::tryDetectKey().

◆ resetBadSigBurst()

void SigningController::resetBadSigBurst ( )

◆ setTimeoutForTesting()

static void SigningController::setTimeoutForTesting ( std::chrono::milliseconds  timeout)
inlinestatic

Test-only override for the vehicle-confirmation timeout, read at each begin*(); zero restores the default.

Definition at line 73 of file SigningController.h.

◆ signingConfirmed

void SigningController::signingConfirmed ( const QString &  keyName)
signal

Emitted exactly once per begin*() on success. keyName is the enabled key, or empty for disable.

◆ signingFailed

void SigningController::signingFailed ( SigningFailure  failure)
signal

Emitted exactly once per begin*() on failure (timeout, init error, cancel, re-entry).

References None.

◆ signOutgoing()

bool SigningController::signOutgoing ( mavlink_message_t message)
inline

Re-sign a cached outgoing message in place with a current, monotonic timestamp. No-op when signing is disabled or this isn't an outgoing-signed channel. Thread-safe (channel takes its own RW lock).

Definition at line 59 of file SigningController.h.

References SigningChannel::signOutgoing().

◆ state()

SigningController::State SigningController::state ( ) const

Definition at line 63 of file SigningController.cc.

References SigningChannel::isEnabled().

Referenced by isEnabled(), status(), and statusText().

◆ stateChanged

void SigningController::stateChanged ( )
signal

Referenced by processFrame().

◆ status()

◆ statusText()

QString SigningController::statusText ( ) const

Definition at line 106 of file SigningController.cc.

References SigningChannel::isEnabled(), MAVLinkSigning::signingStatusString(), and state().

Referenced by status().

◆ tryBeginDisable()

std::optional< SigningFailure > SigningController::tryBeginDisable ( uint8_t  expectedSysId)

Atomic check-and-commit for disable; same contract as tryBeginEnable.

Definition at line 185 of file SigningController.cc.

References MAVLinkSigning::callbackForPolicy(), MAVLinkSigning::Pending, and SigningChannel::setAcceptUnsignedCallback().

◆ tryBeginEnable()

std::optional< SigningFailure > SigningController::tryBeginEnable ( uint8_t  expectedSysId,
const QString &  keyName,
const MAVLinkSigning::SigningKey keyBytes 
)

Begin pending-enable. Caller must send SETUP_SIGNING only on nullopt; outcome arrives via signingConfirmed/signingFailed.

Definition at line 146 of file SigningController.cc.

References MAVLinkSigning::callbackForPolicy(), SigningChannel::init(), MAVLinkSigningKeys::instance(), MAVLinkSigningKeys::lastTimestamp(), MAVLinkSigning::Pending, and SigningChannel::suspendAutoDetect().

◆ wallClockRefreshActiveForTesting()

bool SigningController::wallClockRefreshActiveForTesting ( ) const
inline

Definition at line 70 of file SigningController.h.


The documentation for this class was generated from the following files: