aranya-client.h File Reference

External header file containing C function definitions for the Aranya client library. More...

#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>
#include <sys/socket.h>

Go to the source code of this file.

Data Structures
struct	AranyaExtError
struct	AranyaClient
	A handle to an Aranya Client. More...
struct	AranyaClientConfig
	Configuration info for Aranya. More...
struct	AranyaRole
	A role. More...
struct	AranyaId
	Cryptographically secure Aranya ID. More...
struct	AranyaRoleId
	Uniquely identifies a `AranyaRole`. More...
struct	AranyaDeviceId
	Device ID. More...
struct	AranyaClientConfigBuilder
	Configuration info builder for an Aranya client config `AranyaClientConfig`. More...
struct	AranyaAddTeamQuicSyncConfigBuilder
	A builder for initializing an `AranyaAddTeamQuicSyncConfig`. More...
struct	AranyaCreateTeamQuicSyncConfigBuilder
	A builder for initializing a `AranyaCreateTeamQuicSyncConfig`. More...
struct	AranyaSeedIkm
	Raw PSK seed IKM for QUIC syncer. More...
struct	AranyaCreateTeamQuicSyncConfig
	QUIC syncer configuration. More...
struct	AranyaAddTeamQuicSyncConfig
	QUIC syncer configuration. More...
struct	AranyaAddTeamConfigBuilder
	A builder for initializing an `AranyaAddTeamConfig`. More...
struct	AranyaCreateTeamConfigBuilder
	A builder for initializing a `AranyaCreateTeamConfig`. More...
struct	AranyaTeamId
	Team ID. More...
struct	AranyaAddTeamConfig
	Team configuration used when joining a team. More...
struct	AranyaCreateTeamConfig
	Team configuration used when creating a team. More...
struct	AranyaSyncPeerConfigBuilder
	Builder for a Sync Peer config `AranyaSyncPeerConfig`. More...
struct	AranyaSyncPeerConfig
	Sync Peer config. More...
struct	AranyaLabelId
	Label ID. More...
struct	AranyaAfcSendChannel
	An AFC Sending Channel Object. More...
struct	AranyaAfcReceiveChannel
	An AFC Receiving Channel Object. More...
struct	AranyaAfcCtrlMsg
	An AFC Control Message, used to create the other end of a channel. More...
struct	AranyaAfcSeq
	An AFC Sequence Number, for reordering messages. More...
struct	AranyaAfcChannelId
	Channel ID for AFC channel. More...

Macros
#define	__has_attribute(x)   0
#define	ARANYA_NO_RETURN
#define	ARANYA_NON_NULL
#define	ARANYA_PACKED
#define	ARANYA_DURATION_SECONDS   (1000 * ARANYA_DURATION_MILLISECONDS)
#define	ARANYA_DURATION_MILLISECONDS   (1000 * ARANYA_DURATION_MICROSECONDS)
#define	ARANYA_DURATION_MICROSECONDS   (1000 * ARANYA_DURATION_NANOSECONDS)
#define	ARANYA_DURATION_NANOSECONDS   1
#define	ARANYA_ID_LEN   32
	The size in bytes of an ID.
#define	DEFAULT_ROLES_LEN   3
	The number of roles returned from setup_default_roles.
#define	ARANYA_SEED_IKM_LEN   32
	The size in bytes of a PSK seed IKM.
#define	ARANYA_ID_STR_LEN   (((ARANYA_ID_LEN * 1375) / 1000) + 1)
	The size in bytes of an ID converted to a human-readable base58 string.
#define	ARANYA_AFC_CHANNEL_OVERHEAD   24
	The overhead needed for a channel message.
#define	ARANYA_AFC_CHANNEL_OVERHEAD   24
	The overhead needed for a channel message.

Typedefs
typedef uint8_t	AranyaChanOp
typedef uint32_t	AranyaError
typedef uint8_t	AranyaPermission
typedef uint8_t	AranyaRoleManagementPermission
typedef struct AranyaExtError	AranyaExtError
typedef struct AranyaClient	AranyaClient
	A handle to an Aranya Client.
typedef struct AranyaClientConfig	AranyaClientConfig
	Configuration info for Aranya.
typedef struct AranyaRole	AranyaRole
	A role.
typedef struct AranyaId	AranyaId
	Cryptographically secure Aranya ID.
typedef struct AranyaRoleId	AranyaRoleId
	Uniquely identifies a `AranyaRole`.
typedef struct AranyaDeviceId	AranyaDeviceId
	Device ID.
typedef struct AranyaClientConfigBuilder	AranyaClientConfigBuilder
	Configuration info builder for an Aranya client config `AranyaClientConfig`.
typedef struct AranyaAddTeamQuicSyncConfigBuilder	AranyaAddTeamQuicSyncConfigBuilder
	A builder for initializing an `AranyaAddTeamQuicSyncConfig`.
typedef struct AranyaCreateTeamQuicSyncConfigBuilder	AranyaCreateTeamQuicSyncConfigBuilder
	A builder for initializing a `AranyaCreateTeamQuicSyncConfig`.
typedef struct AranyaSeedIkm	AranyaSeedIkm
	Raw PSK seed IKM for QUIC syncer.
typedef struct AranyaCreateTeamQuicSyncConfig	AranyaCreateTeamQuicSyncConfig
	QUIC syncer configuration.
typedef struct AranyaAddTeamQuicSyncConfig	AranyaAddTeamQuicSyncConfig
	QUIC syncer configuration.
typedef struct AranyaAddTeamConfigBuilder	AranyaAddTeamConfigBuilder
	A builder for initializing an `AranyaAddTeamConfig`.
typedef struct AranyaCreateTeamConfigBuilder	AranyaCreateTeamConfigBuilder
	A builder for initializing a `AranyaCreateTeamConfig`.
typedef struct AranyaTeamId	AranyaTeamId
	Team ID.
typedef struct AranyaAddTeamConfig	AranyaAddTeamConfig
	Team configuration used when joining a team.
typedef struct AranyaCreateTeamConfig	AranyaCreateTeamConfig
	Team configuration used when creating a team.
typedef struct AranyaSyncPeerConfigBuilder	AranyaSyncPeerConfigBuilder
	Builder for a Sync Peer config `AranyaSyncPeerConfig`.
typedef struct AranyaSyncPeerConfig	AranyaSyncPeerConfig
	Sync Peer config.
typedef uint64_t	AranyaDuration
	A type to represent a span of time in nanoseconds.
typedef const char *	AranyaRoleName
	A role name.
typedef const char *	AranyaLabelName
	A label name.
typedef struct AranyaLabelId	AranyaLabelId
	Label ID.
typedef const char *	AranyaAddr
	A network socket address for an Aranya client.
typedef struct AranyaAfcSendChannel	AranyaAfcSendChannel
	An AFC Sending Channel Object.
typedef struct AranyaAfcReceiveChannel	AranyaAfcReceiveChannel
	An AFC Receiving Channel Object.
typedef struct AranyaAfcCtrlMsg	AranyaAfcCtrlMsg
	An AFC Control Message, used to create the other end of a channel.
typedef struct AranyaAfcSeq	AranyaAfcSeq
	An AFC Sequence Number, for reordering messages.
typedef struct AranyaAfcChannelId	AranyaAfcChannelId
	Channel ID for AFC channel.

Enumerations
enum	AranyaChanOp { ARANYA_CHAN_OP_RECV_ONLY , ARANYA_CHAN_OP_SEND_ONLY , ARANYA_CHAN_OP_SEND_RECV }
	Valid channel operations for a label assignment. More...
enum	AranyaError {   ARANYA_ERROR_SUCCESS , ARANYA_ERROR_BUG , ARANYA_ERROR_TIMEOUT , ARANYA_ERROR_INVALID_ARGUMENT ,   ARANYA_ERROR_NOT_ENABLED , ARANYA_ERROR_BUFFER_TOO_SMALL , ARANYA_ERROR_INVALID_UTF8 , ARANYA_ERROR_INVALID_ADDR ,   ARANYA_ERROR_IPC , ARANYA_ERROR_ARANYA , ARANYA_ERROR_WRONG_CHANNEL_TYPE , ARANYA_ERROR_WOULD_BLOCK ,   ARANYA_ERROR_CLOSED , ARANYA_ERROR_CONFIG , ARANYA_ERROR_SERIALIZATION , ARANYA_ERROR_OTHER }
	An error code. More...
enum	AranyaPermission {   ARANYA_PERMISSION_ADD_DEVICE , ARANYA_PERMISSION_REMOVE_DEVICE , ARANYA_PERMISSION_TERMINATE_TEAM , ARANYA_PERMISSION_CREATE_ROLE ,   ARANYA_PERMISSION_DELETE_ROLE , ARANYA_PERMISSION_ASSIGN_ROLE , ARANYA_PERMISSION_REVOKE_ROLE , ARANYA_PERMISSION_SETUP_DEFAULT_ROLE ,   ARANYA_PERMISSION_CHANGE_ROLE_MANAGING_ROLE , ARANYA_PERMISSION_CREATE_LABEL , ARANYA_PERMISSION_DELETE_LABEL , ARANYA_PERMISSION_CHANGE_LABEL_MANAGING_ROLE ,   ARANYA_PERMISSION_ASSIGN_LABEL , ARANYA_PERMISSION_REVOKE_LABEL , ARANYA_PERMISSION_CAN_USE_AFC , ARANYA_PERMISSION_CREATE_AFC_UNI_CHANNEL }
	Simple permission. More...
enum	AranyaRoleManagementPermission { ARANYA_ROLE_MANAGEMENT_PERMISSION_CAN_ASSIGN_ROLE , ARANYA_ROLE_MANAGEMENT_PERMISSION_CAN_REVOKE_ROLE , ARANYA_ROLE_MANAGEMENT_PERMISSION_CAN_CHANGE_ROLE_PERMS }
	Role management permission. More...

Functions
AranyaError	aranya_init_logging (void)
	Initializes logging.
AranyaError	aranya_init_logging_ext (struct AranyaExtError *__ext_err)
	Initializes logging.
AranyaError	aranya_add_perm_to_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, AranyaPermission perm)
	Add a permission to a role.
AranyaError	aranya_add_perm_to_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, AranyaPermission perm, struct AranyaExtError *__ext_err)
	Add a permission to a role.
AranyaError	aranya_remove_perm_from_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, AranyaPermission perm)
	Remove a permission from a role.
AranyaError	aranya_remove_perm_from_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, AranyaPermission perm, struct AranyaExtError *__ext_err)
	Remove a permission from a role.
AranyaError	aranya_afc_send_channel_get_label_id (const struct AranyaAfcSendChannel *channel, struct AranyaLabelId *__output)
	Returns the `AranyaLabelId` for the associated `AranyaAfcSendChannel`.
AranyaError	aranya_afc_send_channel_get_label_id_ext (const struct AranyaAfcSendChannel *channel, struct AranyaLabelId *__output, struct AranyaExtError *__ext_err)
	Returns the `AranyaLabelId` for the associated `AranyaAfcSendChannel`.
AranyaError	aranya_afc_send_channel_get_id (const struct AranyaAfcSendChannel *channel, struct AranyaAfcChannelId *__output)
	Returns the `AranyaAfcChannelId` for the associated `AranyaAfcSendChannel`.
AranyaError	aranya_afc_send_channel_get_id_ext (const struct AranyaAfcSendChannel *channel, struct AranyaAfcChannelId *__output, struct AranyaExtError *__ext_err)
	Returns the `AranyaAfcChannelId` for the associated `AranyaAfcSendChannel`.
AranyaError	aranya_afc_send_channel_get_peer_id (const struct AranyaAfcSendChannel *channel, struct AranyaDeviceId *__output)
	Returns the device ID of the peer on the other side of the channel.
AranyaError	aranya_afc_send_channel_get_peer_id_ext (const struct AranyaAfcSendChannel *channel, struct AranyaDeviceId *__output, struct AranyaExtError *__ext_err)
	Returns the device ID of the peer on the other side of the channel.
AranyaError	aranya_afc_receive_channel_get_label_id (const struct AranyaAfcReceiveChannel *channel, struct AranyaLabelId *__output)
	Returns the `AranyaLabelId` for the associated `AranyaAfcReceiveChannel`.
AranyaError	aranya_afc_receive_channel_get_label_id_ext (const struct AranyaAfcReceiveChannel *channel, struct AranyaLabelId *__output, struct AranyaExtError *__ext_err)
	Returns the `AranyaLabelId` for the associated `AranyaAfcReceiveChannel`.
AranyaError	aranya_afc_receive_channel_get_id (const struct AranyaAfcReceiveChannel *channel, struct AranyaAfcChannelId *__output)
	Returns the `AranyaAfcChannelId` for the associated `AranyaAfcReceiveChannel`.
AranyaError	aranya_afc_receive_channel_get_id_ext (const struct AranyaAfcReceiveChannel *channel, struct AranyaAfcChannelId *__output, struct AranyaExtError *__ext_err)
	Returns the `AranyaAfcChannelId` for the associated `AranyaAfcReceiveChannel`.
AranyaError	aranya_afc_receive_channel_get_peer_id (const struct AranyaAfcReceiveChannel *channel, struct AranyaDeviceId *__output)
	Returns the device ID of the peer on the other side of the channel.
AranyaError	aranya_afc_receive_channel_get_peer_id_ext (const struct AranyaAfcReceiveChannel *channel, struct AranyaDeviceId *__output, struct AranyaExtError *__ext_err)
	Returns the device ID of the peer on the other side of the channel.
AranyaError	aranya_afc_ctrl_msg_get_bytes (const struct AranyaAfcCtrlMsg *control, const uint8_t **ptr, size_t *len)
	Returns the raw data for a given `AranyaAfcCtrlMsg`.
AranyaError	aranya_afc_ctrl_msg_get_bytes_ext (const struct AranyaAfcCtrlMsg *control, const uint8_t **ptr, size_t *len, struct AranyaExtError *__ext_err)
	Returns the raw data for a given `AranyaAfcCtrlMsg`.
AranyaError	aranya_afc_seq_cmp (const struct AranyaAfcSeq *seq1, const struct AranyaAfcSeq *seq2, int *__output)
	Returns the three-way comparison between seq1 and seq2.
AranyaError	aranya_afc_seq_cmp_ext (const struct AranyaAfcSeq *seq1, const struct AranyaAfcSeq *seq2, int *__output, struct AranyaExtError *__ext_err)
	Returns the three-way comparison between seq1 and seq2.
AranyaError	aranya_afc_channel_seal (struct AranyaAfcSendChannel *channel, const uint8_t *plaintext, size_t plaintext_len, uint8_t *dst, size_t *dst_len)
	Encrypts and authenticates plaintext, and writes it to dst.
AranyaError	aranya_afc_channel_seal_ext (struct AranyaAfcSendChannel *channel, const uint8_t *plaintext, size_t plaintext_len, uint8_t *dst, size_t *dst_len, struct AranyaExtError *__ext_err)
	Encrypts and authenticates plaintext, and writes it to dst.
AranyaError	aranya_afc_channel_open (const struct AranyaAfcReceiveChannel *channel, const uint8_t *ciphertext, size_t ciphertext_len, uint8_t *dst, size_t *dst_len, struct AranyaAfcSeq *seq)
	Decrypts and authenticates ciphertext, and writes it to dst.
AranyaError	aranya_afc_channel_open_ext (const struct AranyaAfcReceiveChannel *channel, const uint8_t *ciphertext, size_t ciphertext_len, uint8_t *dst, size_t *dst_len, struct AranyaAfcSeq *seq, struct AranyaExtError *__ext_err)
	Decrypts and authenticates ciphertext, and writes it to dst.

Detailed Description

External header file containing C function definitions for the Aranya client library.

Macro Definition Documentation

ARANYA_AFC_CHANNEL_OVERHEAD [1/2]

#define ARANYA_AFC_CHANNEL_OVERHEAD   24

The overhead needed for a channel message.

Note that the ciphertext buffer must be at least plaintext_len + aranya_afc_channel_overhead() long.

ARANYA_AFC_CHANNEL_OVERHEAD [2/2]

#define ARANYA_AFC_CHANNEL_OVERHEAD   24

The overhead needed for a channel message.

Note that the ciphertext buffer must be at least plaintext_len + aranya_afc_channel_overhead() long.

Typedef Documentation

AranyaAddr

typedef const char* AranyaAddr

A network socket address for an Aranya client.

E.g. "localhost:8080", "127.0.0.1:8080"

AranyaAddTeamConfig

typedef struct AranyaAddTeamConfig AranyaAddTeamConfig

Team configuration used when joining a team.

Use an `AranyaAddTeamConfigBuilder` to construct this object.

AranyaAddTeamQuicSyncConfig

typedef struct AranyaAddTeamQuicSyncConfig AranyaAddTeamQuicSyncConfig

QUIC syncer configuration.

Use an `AranyaAddTeamQuicSyncConfigBuilder` to construct this object.

AranyaAddTeamQuicSyncConfigBuilder

typedef struct AranyaAddTeamQuicSyncConfigBuilder AranyaAddTeamQuicSyncConfigBuilder

A builder for initializing an `AranyaAddTeamQuicSyncConfig`.

The `AranyaAddTeamQuicSyncConfig` is an optional part of initializing an `AranyaAddTeamConfig`.

AranyaAfcCtrlMsg

typedef struct AranyaAfcCtrlMsg AranyaAfcCtrlMsg

An AFC Control Message, used to create the other end of a channel.

In order to access the underlying buffer to send to a peer, you'll need to call aranya_afc_ctrl_msg_get_bytes().

AranyaAfcSeq

typedef struct AranyaAfcSeq AranyaAfcSeq

An AFC Sequence Number, for reordering messages.

You can compare two sequence numbers using aranya_afc_seq_cmp().

AranyaClientConfig

typedef struct AranyaClientConfig AranyaClientConfig

Configuration info for Aranya.

Use a `AranyaClientConfigBuilder` to construct this object.

AranyaCreateTeamConfig

typedef struct AranyaCreateTeamConfig AranyaCreateTeamConfig

Team configuration used when creating a team.

Use a `AranyaCreateTeamConfigBuilder` to construct this object.

AranyaCreateTeamQuicSyncConfig

typedef struct AranyaCreateTeamQuicSyncConfig AranyaCreateTeamQuicSyncConfig

QUIC syncer configuration.

Use a `AranyaCreateTeamQuicSyncConfigBuilder` to construct this object.

AranyaCreateTeamQuicSyncConfigBuilder

typedef struct AranyaCreateTeamQuicSyncConfigBuilder AranyaCreateTeamQuicSyncConfigBuilder

A builder for initializing a `AranyaCreateTeamQuicSyncConfig`.

The `AranyaCreateTeamQuicSyncConfig` is an optional part of initializing a `AranyaCreateTeamConfig`.

AranyaExtError

typedef struct AranyaExtError AranyaExtError

• ─────────────────────── Extended‐error (_ext) Variants ───────────────────────
• Functions suffixed with _ext accept an extra
• struct AranyaExtError *ext_err parameter for extended error information.
• - ext_err must be a valid, non-NULL pointer.
• - If the call returns anything other than ARANYA_ERROR_SUCCESS,
• *ext_err is populated with additional error details.
• - On success, the content of ext_err is unchanged.
• - To extract a human-readable message:
• AranyaError aranya_ext_error_msg( * const struct AranyaExtError *err, * char *msg, * size_t *msg_len * );
• Example:
• struct AranyaExtError ext_err;
• AranyaError rc = aranya_get_device_id_ext(client, &id, &ext_err);
• if (rc != ARANYA_ERROR_SUCCESS) {
• size_t len = 0;
• aranya_ext_error_msg(&ext_err, NULL, &len);
• char *buf = malloc(len);
• aranya_ext_error_msg(&ext_err, buf, &len);
• // buf now holds the detailed error message
• }
• ────────────────────────────────────────────────────────────────────────────── Extended error information.

AranyaLabelName

typedef const char* AranyaLabelName

A label name.

E.g. "TELEMETRY_LABEL"

AranyaRoleName

typedef const char* AranyaRoleName

A role name.

E.g. "owner"

AranyaSyncPeerConfig

typedef struct AranyaSyncPeerConfig AranyaSyncPeerConfig

Sync Peer config.

Use a `AranyaSyncPeerConfigBuilder` to construct this object.

Enumeration Type Documentation

AranyaChanOp

enum AranyaChanOp

Valid channel operations for a label assignment.

Enumerator
ARANYA_CHAN_OP_RECV_ONLY	The device can only receive data in channels with this label.
ARANYA_CHAN_OP_SEND_ONLY	The device can only send data in channels with this label.
ARANYA_CHAN_OP_SEND_RECV	The device can send or receive data in channels with this label.

AranyaError

enum AranyaError

An error code.

For extended error information, see `AranyaExtError`.

Enumerator
ARANYA_ERROR_SUCCESS	Success.
ARANYA_ERROR_BUG	Internal bug discovered.
ARANYA_ERROR_TIMEOUT	Timed out.
ARANYA_ERROR_INVALID_ARGUMENT	Invalid argument.
ARANYA_ERROR_NOT_ENABLED	Component is not enabled.
ARANYA_ERROR_BUFFER_TOO_SMALL	Buffer is too small.
ARANYA_ERROR_INVALID_UTF8	Invalid UTF-8.
ARANYA_ERROR_INVALID_ADDR	Invalid Address.
ARANYA_ERROR_IPC	Could not send request to daemon.
ARANYA_ERROR_ARANYA	An Aranya error.
ARANYA_ERROR_WOULD_BLOCK	Tried to poll an endpoint but nothing received yet.
ARANYA_ERROR_CLOSED	A connection got unexpectedly closed.
ARANYA_ERROR_CONFIG	Unable to create configuration info.
ARANYA_ERROR_SERIALIZATION	Serialization error.
ARANYA_ERROR_OTHER	Some other error occurred.

AranyaPermission

enum AranyaPermission

Simple permission.

Enumerator
ARANYA_PERMISSION_ADD_DEVICE	The role can add a device to the team.
ARANYA_PERMISSION_REMOVE_DEVICE	The role can remove a device from the team.
ARANYA_PERMISSION_TERMINATE_TEAM	The role can terminate the team. This causes all team commands to fail until a new team is created.
ARANYA_PERMISSION_CREATE_ROLE	The role can create a role.
ARANYA_PERMISSION_DELETE_ROLE	The role can delete a role.
ARANYA_PERMISSION_ASSIGN_ROLE	The role can assign a role to other devices.
ARANYA_PERMISSION_REVOKE_ROLE	The role can revoke a role from other devices.
ARANYA_PERMISSION_SETUP_DEFAULT_ROLE	The role can set up default roles. This can only be done once, so this permission can only effectively be used by the owner role.
ARANYA_PERMISSION_CHANGE_ROLE_MANAGING_ROLE	The role can add a managing role to or remove a managing role from a target role.
ARANYA_PERMISSION_CREATE_LABEL	The role can create a label.
ARANYA_PERMISSION_DELETE_LABEL	The role can delete a label.
ARANYA_PERMISSION_CHANGE_LABEL_MANAGING_ROLE	The role can grant a target role the ability to manage a label. This management ability includes deleting a label and adding/revoking a label to a device.
ARANYA_PERMISSION_ASSIGN_LABEL	The role can assign a label to a device. The role must also have label management permissions granted by a role with the ChangeLabelManagingRole permission above.
ARANYA_PERMISSION_REVOKE_LABEL	The role can revoke a label from a device. The role must also have label management permissions granted by a role with the ChangeLabelManagingRole permission above.
ARANYA_PERMISSION_CAN_USE_AFC	The role can use AFC. This controls the ability to create or receive a unidirectional AFC channels.
ARANYA_PERMISSION_CREATE_AFC_UNI_CHANNEL	The role can create a unidirectional AFC channel.

AranyaRoleManagementPermission

enum AranyaRoleManagementPermission

Role management permission.

Enumerator
ARANYA_ROLE_MANAGEMENT_PERMISSION_CAN_ASSIGN_ROLE	Grants a managing role the ability to assign the target role to any device except itself.
ARANYA_ROLE_MANAGEMENT_PERMISSION_CAN_REVOKE_ROLE	Grants a managing role the ability to revoke the target role from any device.
ARANYA_ROLE_MANAGEMENT_PERMISSION_CAN_CHANGE_ROLE_PERMS	Grants a managing role the ability to change the permissions assigned to the target role.

Function Documentation

aranya_add_perm_to_role()

AranyaError aranya_add_perm_to_role	(	const struct AranyaClient *	client,
		const struct AranyaTeamId *	team,
		const struct AranyaRoleId *	role,
		AranyaPermission	perm
	)

Add a permission to a role.

It is an error to add a permission already added to the role.

Permission to perform this operation is checked against the Aranya policy.

Parameters

[in]	client	the Aranya Client
[in]	team	the team's ID
[in]	role	the role ID of the role the permission is being added to
[in]	perm	a permission to add to the role

aranya_add_perm_to_role_ext()

AranyaError aranya_add_perm_to_role_ext	(	const struct AranyaClient *	client,
		const struct AranyaTeamId *	team,
		const struct AranyaRoleId *	role,
		AranyaPermission	perm,
		struct AranyaExtError *	__ext_err
	)

Add a permission to a role.

It is an error to add a permission already added to the role.

Permission to perform this operation is checked against the Aranya policy.

Parameters

[in]	client	the Aranya Client
[in]	team	the team's ID
[in]	role	the role ID of the role the permission is being added to
[in]	perm	a permission to add to the role

aranya_afc_channel_open()

AranyaError aranya_afc_channel_open	(	const struct AranyaAfcReceiveChannel *	channel,
		const uint8_t *	ciphertext,
		size_t	ciphertext_len,
		uint8_t *	dst,
		size_t *	dst_len,
		struct AranyaAfcSeq *	seq
	)

Decrypts and authenticates ciphertext, and writes it to dst.

Note that dst must be at least ciphertext.len() - aranya_afc_channel_overhead(), or the function will return an error (InvalidArgument or BufferTooSmall).

Parameters

[in]	channel	the AFC channel object
[in]	ciphertext	the message being decrypted.
[out]	dst	the output buffer the message is written to.
[out]	seq	the sequence number for the opened message, for reordering.

aranya_afc_channel_open_ext()

AranyaError aranya_afc_channel_open_ext	(	const struct AranyaAfcReceiveChannel *	channel,
		const uint8_t *	ciphertext,
		size_t	ciphertext_len,
		uint8_t *	dst,
		size_t *	dst_len,
		struct AranyaAfcSeq *	seq,
		struct AranyaExtError *	__ext_err
	)

Decrypts and authenticates ciphertext, and writes it to dst.

Note that dst must be at least ciphertext.len() - aranya_afc_channel_overhead(), or the function will return an error (InvalidArgument or BufferTooSmall).

Parameters

[in]	channel	the AFC channel object
[in]	ciphertext	the message being decrypted.
[out]	dst	the output buffer the message is written to.
[out]	seq	the sequence number for the opened message, for reordering.

aranya_afc_channel_seal()

AranyaError aranya_afc_channel_seal	(	struct AranyaAfcSendChannel *	channel,
		const uint8_t *	plaintext,
		size_t	plaintext_len,
		uint8_t *	dst,
		size_t *	dst_len
	)

Encrypts and authenticates plaintext, and writes it to dst.

Note that dst must be at least plaintext.len() + aranya_afc_channel_overhead(), or the function will return an error (InvalidArgument or BufferTooSmall).

Parameters

[in]	channel	the AFC channel object
[in]	plaintext	the message being encrypted.
[out]	dst	the output buffer the ciphertext is written to.

aranya_afc_channel_seal_ext()

AranyaError aranya_afc_channel_seal_ext	(	struct AranyaAfcSendChannel *	channel,
		const uint8_t *	plaintext,
		size_t	plaintext_len,
		uint8_t *	dst,
		size_t *	dst_len,
		struct AranyaExtError *	__ext_err
	)

Encrypts and authenticates plaintext, and writes it to dst.

Note that dst must be at least plaintext.len() + aranya_afc_channel_overhead(), or the function will return an error (InvalidArgument or BufferTooSmall).

Parameters

[in]	channel	the AFC channel object
[in]	plaintext	the message being encrypted.
[out]	dst	the output buffer the ciphertext is written to.

aranya_afc_ctrl_msg_get_bytes()

AranyaError aranya_afc_ctrl_msg_get_bytes	(	const struct AranyaAfcCtrlMsg *	control,
		const uint8_t **	ptr,
		size_t *	len
	)

Returns the raw data for a given `AranyaAfcCtrlMsg`.

Note that the lifetime of the pointer is tied to the `AranyaAfcCtrlMsg`.

Parameters

[in]	control	the control message produced by creating a channel.
[out]	ptr	the raw pointer of the stored buffer.
[out]	len	the raw length of the stored buffer.

aranya_afc_ctrl_msg_get_bytes_ext()

AranyaError aranya_afc_ctrl_msg_get_bytes_ext	(	const struct AranyaAfcCtrlMsg *	control,
		const uint8_t **	ptr,
		size_t *	len,
		struct AranyaExtError *	__ext_err
	)

Returns the raw data for a given `AranyaAfcCtrlMsg`.

Note that the lifetime of the pointer is tied to the `AranyaAfcCtrlMsg`.

Parameters

[in]	control	the control message produced by creating a channel.
[out]	ptr	the raw pointer of the stored buffer.
[out]	len	the raw length of the stored buffer.

aranya_afc_receive_channel_get_id()

AranyaError aranya_afc_receive_channel_get_id	(	const struct AranyaAfcReceiveChannel *	channel,
		struct AranyaAfcChannelId *	__output
	)

Returns the `AranyaAfcChannelId` for the associated `AranyaAfcReceiveChannel`.

Parameters

[in]	channel	the AFC channel object
[out]	__output	the corresponding channel ID

aranya_afc_receive_channel_get_id_ext()

AranyaError aranya_afc_receive_channel_get_id_ext	(	const struct AranyaAfcReceiveChannel *	channel,
		struct AranyaAfcChannelId *	__output,
		struct AranyaExtError *	__ext_err
	)

Returns the `AranyaAfcChannelId` for the associated `AranyaAfcReceiveChannel`.

Parameters

[in]	channel	the AFC channel object
[out]	__output	the corresponding channel ID

aranya_afc_receive_channel_get_label_id()

AranyaError aranya_afc_receive_channel_get_label_id	(	const struct AranyaAfcReceiveChannel *	channel,
		struct AranyaLabelId *	__output
	)

Returns the `AranyaLabelId` for the associated `AranyaAfcReceiveChannel`.

Parameters

[in]	channel	the AFC channel object
[out]	__output	the corresponding label ID

aranya_afc_receive_channel_get_label_id_ext()

AranyaError aranya_afc_receive_channel_get_label_id_ext	(	const struct AranyaAfcReceiveChannel *	channel,
		struct AranyaLabelId *	__output,
		struct AranyaExtError *	__ext_err
	)

Returns the `AranyaLabelId` for the associated `AranyaAfcReceiveChannel`.

Parameters

[in]	channel	the AFC channel object
[out]	__output	the corresponding label ID

aranya_afc_receive_channel_get_peer_id()

AranyaError aranya_afc_receive_channel_get_peer_id	(	const struct AranyaAfcReceiveChannel *	channel,
		struct AranyaDeviceId *	__output
	)

Returns the device ID of the peer on the other side of the channel.

Parameters

[in]	channel	the AFC channel object.
[out]	__output	the peer's ID.

aranya_afc_receive_channel_get_peer_id_ext()

AranyaError aranya_afc_receive_channel_get_peer_id_ext	(	const struct AranyaAfcReceiveChannel *	channel,
		struct AranyaDeviceId *	__output,
		struct AranyaExtError *	__ext_err
	)

Returns the device ID of the peer on the other side of the channel.

Parameters

[in]	channel	the AFC channel object.
[out]	__output	the peer's ID.

aranya_afc_send_channel_get_id()

AranyaError aranya_afc_send_channel_get_id	(	const struct AranyaAfcSendChannel *	channel,
		struct AranyaAfcChannelId *	__output
	)

Returns the `AranyaAfcChannelId` for the associated `AranyaAfcSendChannel`.

Parameters

[in]	channel	the AFC channel object
[out]	__output	the corresponding channel ID

aranya_afc_send_channel_get_id_ext()

AranyaError aranya_afc_send_channel_get_id_ext	(	const struct AranyaAfcSendChannel *	channel,
		struct AranyaAfcChannelId *	__output,
		struct AranyaExtError *	__ext_err
	)

Returns the `AranyaAfcChannelId` for the associated `AranyaAfcSendChannel`.

Parameters

[in]	channel	the AFC channel object
[out]	__output	the corresponding channel ID

aranya_afc_send_channel_get_label_id()

AranyaError aranya_afc_send_channel_get_label_id	(	const struct AranyaAfcSendChannel *	channel,
		struct AranyaLabelId *	__output
	)

Returns the `AranyaLabelId` for the associated `AranyaAfcSendChannel`.

Parameters

[in]	channel	the AFC channel object
[out]	__output	the corresponding label ID

aranya_afc_send_channel_get_label_id_ext()

AranyaError aranya_afc_send_channel_get_label_id_ext	(	const struct AranyaAfcSendChannel *	channel,
		struct AranyaLabelId *	__output,
		struct AranyaExtError *	__ext_err
	)

Returns the `AranyaLabelId` for the associated `AranyaAfcSendChannel`.

Parameters

[in]	channel	the AFC channel object
[out]	__output	the corresponding label ID

aranya_afc_send_channel_get_peer_id()

AranyaError aranya_afc_send_channel_get_peer_id	(	const struct AranyaAfcSendChannel *	channel,
		struct AranyaDeviceId *	__output
	)

Returns the device ID of the peer on the other side of the channel.

Parameters

[in]	channel	the AFC channel object.
[out]	__output	the peer's ID.

aranya_afc_send_channel_get_peer_id_ext()

AranyaError aranya_afc_send_channel_get_peer_id_ext	(	const struct AranyaAfcSendChannel *	channel,
		struct AranyaDeviceId *	__output,
		struct AranyaExtError *	__ext_err
	)

Returns the device ID of the peer on the other side of the channel.

Parameters

[in]	channel	the AFC channel object.
[out]	__output	the peer's ID.

aranya_afc_seq_cmp()

AranyaError aranya_afc_seq_cmp	(	const struct AranyaAfcSeq *	seq1,
		const struct AranyaAfcSeq *	seq2,
		int *	__output
	)

Returns the three-way comparison between seq1 and seq2.

Parameters

[in]	seq1	the first sequence number to compare.
[in]	seq1	the second sequence number to compare.
[out]	__output	the comparison result (-1 is <, 0 is =, 1 is >).

aranya_afc_seq_cmp_ext()

AranyaError aranya_afc_seq_cmp_ext	(	const struct AranyaAfcSeq *	seq1,
		const struct AranyaAfcSeq *	seq2,
		int *	__output,
		struct AranyaExtError *	__ext_err
	)

Returns the three-way comparison between seq1 and seq2.

Parameters

[in]	seq1	the first sequence number to compare.
[in]	seq1	the second sequence number to compare.
[out]	__output	the comparison result (-1 is <, 0 is =, 1 is >).

aranya_init_logging()

AranyaError aranya_init_logging

(

void

)

Initializes logging.

Assumes the ARANYA_CAPI environment variable has been set to the desired tracing log level. E.g. ARANYA_CAPI=debug.

aranya_init_logging_ext()

AranyaError aranya_init_logging_ext

(

struct AranyaExtError *

__ext_err

)

Initializes logging.

Assumes the ARANYA_CAPI environment variable has been set to the desired tracing log level. E.g. ARANYA_CAPI=debug.

aranya_remove_perm_from_role()

AranyaError aranya_remove_perm_from_role	(	const struct AranyaClient *	client,
		const struct AranyaTeamId *	team,
		const struct AranyaRoleId *	role,
		AranyaPermission	perm
	)

Remove a permission from a role.

It is an error to remove a permission not added to the role.

Permission to perform this operation is checked against the Aranya policy.

Parameters

[in]	client	the Aranya Client
[in]	team	the team's ID
[in]	role	the role ID of the role the permission is being removed from
[in]	perm	a permission to remove from the role

aranya_remove_perm_from_role_ext()

AranyaError aranya_remove_perm_from_role_ext	(	const struct AranyaClient *	client,
		const struct AranyaTeamId *	team,
		const struct AranyaRoleId *	role,
		AranyaPermission	perm,
		struct AranyaExtError *	__ext_err
	)

Remove a permission from a role.

It is an error to remove a permission not added to the role.

Permission to perform this operation is checked against the Aranya policy.

Parameters

[in]	client	the Aranya Client
[in]	team	the team's ID
[in]	role	the role ID of the role the permission is being removed from
[in]	perm	a permission to remove from the role