 |
Aranya
a software development tool for governing access to data and services over a decentralized, zero-trust framework with secure end-to-end encrypted data exchange built-in.
|
Loading...
Searching...
No Matches
|
Aranya
a software development tool for governing access to data and services over a decentralized, zero-trust framework with secure end-to-end encrypted data exchange built-in.
|
A handle to an Aranya Client. More...
#include <aranya-client.h>
Related Symbols | |
(Note that these are not member symbols.) | |
| AranyaError | aranya_client_init (struct AranyaClient *client, const struct AranyaClientConfig *config) |
| Initializes a new client instance. | |
| AranyaError | aranya_client_init_ext (struct AranyaClient *client, const struct AranyaClientConfig *config, struct AranyaExtError *__ext_err) |
| Initializes a new client instance. | |
| AranyaError | aranya_client_cleanup (struct AranyaClient *ptr) |
Releases any resources associated with ptr. | |
| AranyaError | aranya_get_key_bundle (const struct AranyaClient *client, uint8_t *keybundle, size_t *keybundle_len) |
| Gets the public key bundle for this device. | |
| AranyaError | aranya_get_key_bundle_ext (const struct AranyaClient *client, uint8_t *keybundle, size_t *keybundle_len, struct AranyaExtError *__ext_err) |
| Gets the public key bundle for this device. | |
| AranyaError | aranya_get_device_id (const struct AranyaClient *client, struct AranyaDeviceId *__output) |
| Gets the public device ID. | |
| AranyaError | aranya_get_device_id_ext (const struct AranyaClient *client, struct AranyaDeviceId *__output, struct AranyaExtError *__ext_err) |
| Gets the public device ID. | |
| AranyaError | aranya_setup_default_roles (struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *owning_role, struct AranyaRole *roles_out, size_t *roles_len) |
| Assign a role to a device. | |
| AranyaError | aranya_setup_default_roles_ext (struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *owning_role, struct AranyaRole *roles_out, size_t *roles_len, struct AranyaExtError *__ext_err) |
| Assign a role to a device. | |
| AranyaError | aranya_add_role_owner (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, const struct AranyaRoleId *owning_role) |
Adds owning_role as an owner of role. | |
| AranyaError | aranya_add_role_owner_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, const struct AranyaRoleId *owning_role, struct AranyaExtError *__ext_err) |
Adds owning_role as an owner of role. | |
| AranyaError | aranya_remove_role_owner (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, const struct AranyaRoleId *owning_role) |
| Removes an owning_role as an owner of role. | |
| AranyaError | aranya_remove_role_owner_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, const struct AranyaRoleId *owning_role, struct AranyaExtError *__ext_err) |
| Removes an owning_role as an owner of role. | |
| AranyaError | aranya_role_owners (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, struct AranyaRole *roles_out, size_t *roles_len) |
Returns the roles that own role. | |
| AranyaError | aranya_role_owners_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, struct AranyaRole *roles_out, size_t *roles_len, struct AranyaExtError *__ext_err) |
Returns the roles that own role. | |
| AranyaError | aranya_assign_role_management_permission (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, const struct AranyaRoleId *managing_role, AranyaRoleManagementPermission perm) |
| Assigns a role management permission to a managing role. | |
| AranyaError | aranya_assign_role_management_permission_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, const struct AranyaRoleId *managing_role, AranyaRoleManagementPermission perm, struct AranyaExtError *__ext_err) |
| Assigns a role management permission to a managing role. | |
| AranyaError | aranya_revoke_role_management_permission (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, const struct AranyaRoleId *managing_role, AranyaRoleManagementPermission perm) |
| Revokes a role management permission from a managing role. | |
| AranyaError | aranya_revoke_role_management_permission_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, const struct AranyaRoleId *managing_role, AranyaRoleManagementPermission perm, struct AranyaExtError *__ext_err) |
| Revokes a role management permission from a managing role. | |
| AranyaError | aranya_change_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *old_role, const struct AranyaRoleId *new_role) |
Changes the role on a device | |
| AranyaError | aranya_change_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *old_role, const struct AranyaRoleId *new_role, struct AranyaExtError *__ext_err) |
Changes the role on a device | |
| AranyaError | aranya_team_roles (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaRole *roles_out, size_t *roles_out_len) |
| Returns all of the roles for this team. | |
| AranyaError | aranya_team_roles_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaRole *roles_out, size_t *roles_out_len, struct AranyaExtError *__ext_err) |
| Returns all of the roles for this team. | |
| AranyaError | aranya_create_role (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaRoleName role_name, const struct AranyaRoleId *owning_role, struct AranyaRole *role_out) |
| Create a role. | |
| AranyaError | aranya_create_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaRoleName role_name, const struct AranyaRoleId *owning_role, struct AranyaRole *role_out, struct AranyaExtError *__ext_err) |
| Create a role. | |
| AranyaError | aranya_delete_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role) |
| Delete a role. | |
| AranyaError | aranya_delete_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, struct AranyaExtError *__ext_err) |
| Delete a role. | |
| AranyaError | aranya_assign_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *role_id) |
| Assign a role to a device. | |
| AranyaError | aranya_assign_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *role_id, struct AranyaExtError *__ext_err) |
| Assign a role to a device. | |
| AranyaError | aranya_revoke_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *role_id) |
| Revoke a role from a device. | |
| AranyaError | aranya_revoke_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *role_id, struct AranyaExtError *__ext_err) |
| Revoke a role from a device. | |
| AranyaError | aranya_create_label (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaLabelName name, const struct AranyaRoleId *managing_role_id, struct AranyaLabelId *__output) |
| Create a channel label. | |
| AranyaError | aranya_create_label_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaLabelName name, const struct AranyaRoleId *managing_role_id, struct AranyaLabelId *__output, struct AranyaExtError *__ext_err) |
| Create a channel label. | |
| AranyaError | aranya_delete_label (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label_id) |
| Delete a channel label. | |
| AranyaError | aranya_delete_label_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label_id, struct AranyaExtError *__ext_err) |
| Delete a channel label. | |
| AranyaError | aranya_assign_label (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaLabelId *label_id, AranyaChanOp op) |
| Assign a label to a device so that it can be used for a channel. | |
| AranyaError | aranya_assign_label_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaLabelId *label_id, AranyaChanOp op, struct AranyaExtError *__ext_err) |
| Assign a label to a device so that it can be used for a channel. | |
| AranyaError | aranya_revoke_label (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaLabelId *label_id) |
| Revoke a label from a device. | |
| AranyaError | aranya_revoke_label_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaLabelId *label_id, struct AranyaExtError *__ext_err) |
| Revoke a label from a device. | |
| AranyaError | aranya_add_label_managing_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label_id, const struct AranyaRoleId *managing_role_id) |
| Add label managing role. | |
| AranyaError | aranya_add_label_managing_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label_id, const struct AranyaRoleId *managing_role_id, struct AranyaExtError *__ext_err) |
| Add label managing role. | |
| AranyaError | aranya_create_team (const struct AranyaClient *client, const struct AranyaCreateTeamConfig *cfg, struct AranyaTeamId *__output) |
| Create a new graph/team with the current device as the owner. | |
| AranyaError | aranya_create_team_ext (const struct AranyaClient *client, const struct AranyaCreateTeamConfig *cfg, struct AranyaTeamId *__output, struct AranyaExtError *__ext_err) |
| Create a new graph/team with the current device as the owner. | |
| AranyaError | aranya_rand (const struct AranyaClient *client, uint8_t *buf, size_t buf_len) |
| Return random bytes from Aranya's CSPRNG. | |
| AranyaError | aranya_rand_ext (const struct AranyaClient *client, uint8_t *buf, size_t buf_len, struct AranyaExtError *__ext_err) |
| Return random bytes from Aranya's CSPRNG. | |
| AranyaError | aranya_encrypt_psk_seed_for_peer (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const uint8_t *keybundle, size_t keybundle_len, uint8_t *seed, size_t *seed_len) |
| Return serialized PSK seed encrypted for another device on the team. | |
| AranyaError | aranya_encrypt_psk_seed_for_peer_ext (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const uint8_t *keybundle, size_t keybundle_len, uint8_t *seed, size_t *seed_len, struct AranyaExtError *__ext_err) |
| Return serialized PSK seed encrypted for another device on the team. | |
| AranyaError | aranya_add_team (const struct AranyaClient *client, const struct AranyaAddTeamConfig *cfg) |
| Add a team to the local device store. | |
| AranyaError | aranya_add_team_ext (const struct AranyaClient *client, const struct AranyaAddTeamConfig *cfg, struct AranyaExtError *__ext_err) |
| Add a team to the local device store. | |
| AranyaError | aranya_remove_team (const struct AranyaClient *client, const struct AranyaTeamId *team) |
| Remove a team from local device storage. | |
| AranyaError | aranya_remove_team_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaExtError *__ext_err) |
| Remove a team from local device storage. | |
| AranyaError | aranya_close_team (const struct AranyaClient *client, const struct AranyaTeamId *team) |
| Close the team and stop all operations on the graph. | |
| AranyaError | aranya_close_team_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaExtError *__ext_err) |
| Close the team and stop all operations on the graph. | |
| AranyaError | aranya_add_device_to_team (const struct AranyaClient *client, const struct AranyaTeamId *team, const uint8_t *keybundle, size_t keybundle_len, const struct AranyaRoleId *role_id) |
| Add a device to the team with the default role. | |
| AranyaError | aranya_add_device_to_team_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const uint8_t *keybundle, size_t keybundle_len, const struct AranyaRoleId *role_id, struct AranyaExtError *__ext_err) |
| Add a device to the team with the default role. | |
| AranyaError | aranya_remove_device_from_team (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device) |
| Remove a device from the team. | |
| AranyaError | aranya_remove_device_from_team_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaExtError *__ext_err) |
| Remove a device from the team. | |
| AranyaError | aranya_add_sync_peer (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, const struct AranyaSyncPeerConfig *config) |
| Add the peer for automatic periodic Aranya state syncing. | |
| AranyaError | aranya_add_sync_peer_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, const struct AranyaSyncPeerConfig *config, struct AranyaExtError *__ext_err) |
| Add the peer for automatic periodic Aranya state syncing. | |
| AranyaError | aranya_remove_sync_peer (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr) |
| Remove the peer from automatic Aranya state syncing. | |
| AranyaError | aranya_remove_sync_peer_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, struct AranyaExtError *__ext_err) |
| Remove the peer from automatic Aranya state syncing. | |
| AranyaError | aranya_sync_hello_subscribe (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr peer, AranyaDuration graph_change_delay, AranyaDuration duration, AranyaDuration schedule_delay) |
| Subscribe to hello notifications from a sync peer. | |
| AranyaError | aranya_sync_hello_subscribe_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr peer, AranyaDuration graph_change_delay, AranyaDuration duration, AranyaDuration schedule_delay, struct AranyaExtError *__ext_err) |
| Subscribe to hello notifications from a sync peer. | |
| AranyaError | aranya_sync_hello_unsubscribe (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr peer) |
| Unsubscribe from hello notifications from a sync peer. | |
| AranyaError | aranya_sync_hello_unsubscribe_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr peer, struct AranyaExtError *__ext_err) |
| Unsubscribe from hello notifications from a sync peer. | |
| AranyaError | aranya_sync_now (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, const struct AranyaSyncPeerConfig *config) |
| Sync with peer immediately. | |
| AranyaError | aranya_sync_now_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, const struct AranyaSyncPeerConfig *config, struct AranyaExtError *__ext_err) |
| Sync with peer immediately. | |
| AranyaError | aranya_team_devices (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaDeviceId *devices, size_t *devices_len) |
| Query devices on team. | |
| AranyaError | aranya_team_devices_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaDeviceId *devices, size_t *devices_len, struct AranyaExtError *__ext_err) |
| Query devices on team. | |
| AranyaError | aranya_team_device_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaRole *role_out, bool *has_role) |
| Returns the role assigned to the device, if any. | |
| AranyaError | aranya_team_device_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaRole *role_out, bool *has_role, struct AranyaExtError *__ext_err) |
| Returns the role assigned to the device, if any. | |
| AranyaError | aranya_team_device_keybundle (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, uint8_t *keybundle, size_t *keybundle_len) |
| Query device's keybundle. | |
| AranyaError | aranya_team_device_keybundle_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, uint8_t *keybundle, size_t *keybundle_len, struct AranyaExtError *__ext_err) |
| Query device's keybundle. | |
| AranyaError | aranya_team_device_label_assignments (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaLabelId *labels, size_t *labels_len) |
| Query device label assignments. | |
| AranyaError | aranya_team_device_label_assignments_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaLabelId *labels, size_t *labels_len, struct AranyaExtError *__ext_err) |
| Query device label assignments. | |
| AranyaError | aranya_team_labels (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaLabelId *labels, size_t *labels_len) |
| Query for list of existing labels. | |
| AranyaError | aranya_team_labels_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaLabelId *labels, size_t *labels_len, struct AranyaExtError *__ext_err) |
| Query for list of existing labels. | |
| AranyaError | aranya_team_label_exists (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label, bool *__output) |
| Query if a label exists. | |
| AranyaError | aranya_team_label_exists_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label, bool *__output, struct AranyaExtError *__ext_err) |
| Query if a label exists. | |
| AranyaError | aranya_afc_create_channel (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const struct AranyaDeviceId *peer_id, const struct AranyaLabelId *label_id, struct AranyaAfcSendChannel *channel, struct AranyaAfcCtrlMsg *control) |
| Create a send-only AFC channel between this device and a peer. | |
| AranyaError | aranya_afc_create_channel_ext (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const struct AranyaDeviceId *peer_id, const struct AranyaLabelId *label_id, struct AranyaAfcSendChannel *channel, struct AranyaAfcCtrlMsg *control, struct AranyaExtError *__ext_err) |
| Create a send-only AFC channel between this device and a peer. | |
| AranyaError | aranya_afc_accept_channel (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const uint8_t *control, size_t control_len, struct AranyaAfcReceiveChannel *channel) |
| Accept a receive-only AFC channel from by a peer by processing a control message. | |
| AranyaError | aranya_afc_accept_channel_ext (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const uint8_t *control, size_t control_len, struct AranyaAfcReceiveChannel *channel, struct AranyaExtError *__ext_err) |
| Accept a receive-only AFC channel from by a peer by processing a control message. | |
| AranyaError | aranya_afc_send_channel_delete (const struct AranyaClient *client, struct AranyaAfcSendChannel *channel) |
| Removes an `AranyaAfcSendChannel` from use. | |
| AranyaError | aranya_afc_send_channel_delete_ext (const struct AranyaClient *client, struct AranyaAfcSendChannel *channel, struct AranyaExtError *__ext_err) |
| Removes an `AranyaAfcSendChannel` from use. | |
| AranyaError | aranya_afc_receive_channel_delete (const struct AranyaClient *client, struct AranyaAfcReceiveChannel *channel) |
| Removes an `AranyaAfcReceiveChannel` from use. | |
| AranyaError | aranya_afc_receive_channel_delete_ext (const struct AranyaClient *client, struct AranyaAfcReceiveChannel *channel, struct AranyaExtError *__ext_err) |
| Removes an `AranyaAfcReceiveChannel` from use. | |
A handle to an Aranya Client.
|
related |
Add a device to the team with the default role.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | keybundle | serialized keybundle byte buffer KeyBundle. |
| [in] | keybundle_len | is the length of the serialized keybundle. |
| [in] | role_id | (optional) the ID of the role to assign to the device. |
|
related |
Add a device to the team with the default role.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | keybundle | serialized keybundle byte buffer KeyBundle. |
| [in] | keybundle_len | is the length of the serialized keybundle. |
| [in] | role_id | (optional) the ID of the role to assign to the device. |
|
related |
Add label managing role.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label_id | the label ID |
| [in] | managing_role_id | the ID of the managing role |
|
related |
Add label managing role.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label_id | the label ID |
| [in] | managing_role_id | the ID of the managing role |
|
related |
Adds owning_role as an owner of role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | ID of the subject role |
| [in] | owning_role | ID of the owning role |
|
related |
Adds owning_role as an owner of role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | ID of the subject role |
| [in] | owning_role | ID of the owning role |
|
related |
Add the peer for automatic periodic Aranya state syncing.
If a peer is not reachable on the network, sync errors will appear in the tracing logs and Aranya will be unable to sync state with that peer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
| [in] | config | configuration values for syncing with a peer. |
|
related |
Add the peer for automatic periodic Aranya state syncing.
If a peer is not reachable on the network, sync errors will appear in the tracing logs and Aranya will be unable to sync state with that peer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
| [in] | config | configuration values for syncing with a peer. |
|
related |
Add a team to the local device store.
| [in] | client | the Aranya Client |
| [in] | cfg | the Team Configuration |
|
related |
Add a team to the local device store.
| [in] | client | the Aranya Client |
| [in] | cfg | the Team Configuration |
|
related |
Accept a receive-only AFC channel from by a peer by processing a control message.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's identifier |
| [in] | control | the AFC control message. |
| [out] | channel | the AFC channel object |
| [out] | __output | the corresponding AFC channel type |
|
related |
Accept a receive-only AFC channel from by a peer by processing a control message.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's identifier |
| [in] | control | the AFC control message. |
| [out] | channel | the AFC channel object |
| [out] | __output | the corresponding AFC channel type |
|
related |
Create a send-only AFC channel between this device and a peer.
Note that the control message needs to be sent to the other peer using the transport of your choice to create the other side of the channel.
Permission to perform this operation is checked against the Aranya policy. Both the current node and its peer should have permission to use the label and have appropriate channel permissions.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's identifier |
| [in] | peer_id | the peer's identifier |
| [in] | label_id | the label identifier to create the channel with. |
| [out] | channel | the AFC channel object |
| [out] | control | the AFC control message |
|
related |
Create a send-only AFC channel between this device and a peer.
Note that the control message needs to be sent to the other peer using the transport of your choice to create the other side of the channel.
Permission to perform this operation is checked against the Aranya policy. Both the current node and its peer should have permission to use the label and have appropriate channel permissions.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's identifier |
| [in] | peer_id | the peer's identifier |
| [in] | label_id | the label identifier to create the channel with. |
| [out] | channel | the AFC channel object |
| [out] | control | the AFC control message |
|
related |
Removes an `AranyaAfcReceiveChannel` from use.
Note that this function takes ownership of the `AranyaAfcReceiveChannel` and invalidates any further use (i.e. calling seal).
| [in] | client | the Aranya Client |
| [in] | channel | the AFC channel object |
|
related |
Removes an `AranyaAfcReceiveChannel` from use.
Note that this function takes ownership of the `AranyaAfcReceiveChannel` and invalidates any further use (i.e. calling seal).
| [in] | client | the Aranya Client |
| [in] | channel | the AFC channel object |
|
related |
Removes an `AranyaAfcSendChannel` from use.
Note that this function takes ownership of the `AranyaAfcSendChannel` and invalidates any further use (i.e. calling seal).
| [in] | client | the Aranya Client |
| [in] | channel | the AFC channel object |
|
related |
Removes an `AranyaAfcSendChannel` from use.
Note that this function takes ownership of the `AranyaAfcSendChannel` and invalidates any further use (i.e. calling seal).
| [in] | client | the Aranya Client |
| [in] | channel | the AFC channel object |
|
related |
Assign a label to a device so that it can be used for a channel.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device ID of the device to assign the label to. |
| [in] | label_id | the channel label ID |
|
related |
Assign a label to a device so that it can be used for a channel.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device ID of the device to assign the label to. |
| [in] | label_id | the channel label ID |
|
related |
Assign a role to a device.
This will change the device's currently assigned role to the new role.
Permission to perform this operation is checked against the Aranya policy.
It is an error if the device has already been assigned a role. If you want to assign a different role to a device that already has a role, use change_role() instead.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | role_id | the ID of the role to assign to the device |
|
related |
Assign a role to a device.
This will change the device's currently assigned role to the new role.
Permission to perform this operation is checked against the Aranya policy.
It is an error if the device has already been assigned a role. If you want to assign a different role to a device that already has a role, use change_role() instead.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | role_id | the ID of the role to assign to the device |
|
related |
Assigns a role management permission to a managing role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the subject role |
| [in] | managing_role | the ID of the managing role |
| [in] | perm | the management permission to assign |
|
related |
Assigns a role management permission to a managing role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the subject role |
| [in] | managing_role | the ID of the managing role |
| [in] | perm | the management permission to assign |
|
related |
Changes the role on a device
This will change the device's current role to the new role assigned.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | old_role | the ID of the role currently assigned to the device |
| [in] | new_role | the ID of the role to assign to the device |
|
related |
Changes the role on a device
This will change the device's current role to the new role assigned.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | old_role | the ID of the role currently assigned to the device |
| [in] | new_role | the ID of the role to assign to the device |
|
related |
Releases any resources associated with ptr.
ptr must either be null or initialized by aranya_client_init.
|
related |
Initializes a new client instance.
| [out] | client | the uninitialized Aranya Client |
| [in] | config | the client's configuration |
|
related |
Initializes a new client instance.
| [out] | client | the uninitialized Aranya Client |
| [in] | config | the client's configuration |
|
related |
Close the team and stop all operations on the graph.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
|
related |
Close the team and stop all operations on the graph.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
|
related |
Create a channel label.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | name | label name string |
| [in] | managing_role_id | the ID of the role that manages this label |
|
related |
Create a channel label.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | name | label name string |
| [in] | managing_role_id | the ID of the role that manages this label |
|
related |
Create a role.
The owning_role is the initial owner of the new role.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role_name | the name of the new role |
| [in] | owning_role | the role ID of the role that will own the new role |
| [out] | role_out | the newly created role |
|
related |
Create a role.
The owning_role is the initial owner of the new role.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role_name | the name of the new role |
| [in] | owning_role | the role ID of the role that will own the new role |
| [out] | role_out | the newly created role |
|
related |
Create a new graph/team with the current device as the owner.
| [in] | client | the Aranya Client |
| [in] | cfg | the Team Configuration |
| [out] | __output | the team's ID |
|
related |
Create a new graph/team with the current device as the owner.
| [in] | client | the Aranya Client |
| [in] | cfg | the Team Configuration |
| [out] | __output | the team's ID |
|
related |
Delete a channel label.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label_id | the channel label ID to delete. |
|
related |
Delete a channel label.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label_id | the channel label ID to delete. |
|
related |
Delete a role.
The role must not be assigned to any devices, nor should it own any other roles.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the role to delete |
|
related |
Delete a role.
The role must not be assigned to any devices, nor should it own any other roles.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the role to delete |
|
related |
Return serialized PSK seed encrypted for another device on the team.
The PSK seed will be encrypted using the public encryption key of the specified device on the team.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the seed bytes. Writes the number of bytes that would have been returned to seed_len. The application can use seed_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's ID |
| [in] | keybundle | serialized keybundle byte buffer KeyBundle. |
| [in] | keybundle_len | the length of the keybundle |
| [out] | seed | the serialized, encrypted PSK seed. |
| [in,out] | seed_len | the number of bytes written to the seed buffer. |
This method will be removed soon since certificates will be used instead of PSKs in the future.
|
related |
Return serialized PSK seed encrypted for another device on the team.
The PSK seed will be encrypted using the public encryption key of the specified device on the team.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the seed bytes. Writes the number of bytes that would have been returned to seed_len. The application can use seed_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's ID |
| [in] | keybundle | serialized keybundle byte buffer KeyBundle. |
| [in] | keybundle_len | the length of the keybundle |
| [out] | seed | the serialized, encrypted PSK seed. |
| [in,out] | seed_len | the number of bytes written to the seed buffer. |
This method will be removed soon since certificates will be used instead of PSKs in the future.
|
related |
Gets the public device ID.
| [in] | client | the Aranya Client |
| [out] | __output | the client's device ID |
|
related |
Gets the public device ID.
| [in] | client | the Aranya Client |
| [out] | __output | the client's device ID |
|
related |
Gets the public key bundle for this device.
| [in] | client | the Aranya Client |
| [out] | keybundle | keybundle byte buffer KeyBundle. |
| [in,out] | keybundle_len | returns the length of the serialized keybundle. |
|
related |
Gets the public key bundle for this device.
| [in] | client | the Aranya Client |
| [out] | keybundle | keybundle byte buffer KeyBundle. |
| [in,out] | keybundle_len | returns the length of the serialized keybundle. |
|
related |
Return random bytes from Aranya's CSPRNG.
This method can be used to generate a PSK seed IKM for the QUIC syncer.
| [in] | client | the Aranya Client |
| [out] | buf | buffer where random bytes are written to. |
| [in] | buf_len | the size of the buffer. |
|
related |
Return random bytes from Aranya's CSPRNG.
This method can be used to generate a PSK seed IKM for the QUIC syncer.
| [in] | client | the Aranya Client |
| [out] | buf | buffer where random bytes are written to. |
| [in] | buf_len | the size of the buffer. |
|
related |
Remove a device from the team.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
|
related |
Remove a device from the team.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
|
related |
Removes an owning_role as an owner of role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the subject role |
| [in] | owning_role | ID of the owning role |
|
related |
Removes an owning_role as an owner of role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the subject role |
| [in] | owning_role | ID of the owning role |
|
related |
Remove the peer from automatic Aranya state syncing.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
|
related |
Remove the peer from automatic Aranya state syncing.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
|
related |
Remove a team from local device storage.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
|
related |
Remove a team from local device storage.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
|
related |
Revoke a label from a device.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device ID of the device to revoke the label from. |
| [in] | label_id | the channel label ID |
|
related |
Revoke a label from a device.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device ID of the device to revoke the label from. |
| [in] | label_id | the channel label ID |
|
related |
Revoke a role from a device.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | role_id | the ID of the role to revoke from the device. |
|
related |
Revoke a role from a device.
Permission to perform this operation is checked against the Aranya policy.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | role_id | the ID of the role to revoke from the device. |
|
related |
Revokes a role management permission from a managing role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the subject role |
| [in] | managing_role | the ID of the managing role |
| [in] | perm | the management permission to assign |
|
related |
Revokes a role management permission from a managing role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the subject role |
| [in] | managing_role | the ID of the managing role |
| [in] | perm | the management permission to assign |
|
related |
Returns the roles that own role.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len. The application can use roles_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the subject role |
| [in] | roles_out | returns a list of roles that own role |
| [in,out] | roles_len | the number of roles written to the buffer. |
|
related |
Returns the roles that own role.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len. The application can use roles_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the subject role |
| [in] | roles_out | returns a list of roles that own role |
| [in,out] | roles_len | the number of roles written to the buffer. |
|
related |
Assign a role to a device.
Setup default roles on team.
This sets up the following roles with default permissions as defined in Aranya's default policy:
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len.
N.B. this function is meant to be called once to set up the default roles. Subsequent calls will result in an error if the default roles were already created.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | owning_role | the ID of the owning role |
| [in] | roles_out | returns a list of roles that own role |
| [in,out] | roles_len | the number of roles written to the buffer. |
|
related |
Assign a role to a device.
Setup default roles on team.
This sets up the following roles with default permissions as defined in Aranya's default policy:
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len.
N.B. this function is meant to be called once to set up the default roles. Subsequent calls will result in an error if the default roles were already created.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | owning_role | the ID of the owning role |
| [in] | roles_out | returns a list of roles that own role |
| [in,out] | roles_len | the number of roles written to the buffer. |
|
related |
Subscribe to hello notifications from a sync peer.
This will request the peer to send hello notifications when their graph head changes.
| [in] | client | the Aranya Client `AranyaClient`. |
| [in] | team | the team's ID `AranyaTeamId`. |
| [in] | peer | the peer's Aranya network address `AranyaAddr`. |
| [in] | graph_change_delay | minimum delay between notifications when graph changes. |
| [in] | duration | how long the subscription should remain active. |
| [in] | schedule_delay | interval for periodic scheduled hello sends. |
|
related |
Subscribe to hello notifications from a sync peer.
This will request the peer to send hello notifications when their graph head changes.
| [in] | client | the Aranya Client `AranyaClient`. |
| [in] | team | the team's ID `AranyaTeamId`. |
| [in] | peer | the peer's Aranya network address `AranyaAddr`. |
| [in] | graph_change_delay | minimum delay between notifications when graph changes. |
| [in] | duration | how long the subscription should remain active. |
| [in] | schedule_delay | interval for periodic scheduled hello sends. |
|
related |
Unsubscribe from hello notifications from a sync peer.
This will stop receiving hello notifications from the specified peer.
| [in] | client | the Aranya Client `AranyaClient`. |
| [in] | team | the team's ID `AranyaTeamId`. |
| [in] | addr | the peer's Aranya network address `AranyaAddr`. |
|
related |
Unsubscribe from hello notifications from a sync peer.
This will stop receiving hello notifications from the specified peer.
| [in] | client | the Aranya Client `AranyaClient`. |
| [in] | team | the team's ID `AranyaTeamId`. |
| [in] | addr | the peer's Aranya network address `AranyaAddr`. |
|
related |
Sync with peer immediately.
If a peer is not reachable on the network, sync errors will appear in the tracing logs and Aranya will be unable to sync state with that peer.
This function ignores `aranya_sync_peer_config_builder_set_interval` and `aranya_sync_peer_config_builder_set_sync_later`, if set.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
| [in] | config | configuration values for syncing with a peer. |
Default values for a sync config will be used if config is NULL
|
related |
Sync with peer immediately.
If a peer is not reachable on the network, sync errors will appear in the tracing logs and Aranya will be unable to sync state with that peer.
This function ignores `aranya_sync_peer_config_builder_set_interval` and `aranya_sync_peer_config_builder_set_sync_later`, if set.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
| [in] | config | configuration values for syncing with a peer. |
Default values for a sync config will be used if config is NULL
|
related |
Query device's keybundle.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | keybundle | keybundle byte buffer KeyBundle. |
| [in,out] | keybundle_len | returns the length of the serialized keybundle. |
|
related |
Query device's keybundle.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | keybundle | keybundle byte buffer KeyBundle. |
| [in,out] | keybundle_len | returns the length of the serialized keybundle. |
|
related |
Query device label assignments.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the labels. Writes the number of labels that would have been returned to labels_len. The application can use labels_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | labels | returns a list of labels assigned to the device |
| [in,out] | labels_len | returns the length of the labels list |
|
related |
Query device label assignments.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the labels. Writes the number of labels that would have been returned to labels_len. The application can use labels_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | labels | returns a list of labels assigned to the device |
| [in,out] | labels_len | returns the length of the labels list |
|
related |
Returns the role assigned to the device, if any.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | device | the ID of the device |
| [out] | role_out | the role assigned to the device. role_out will be zeroed if a role was not assigned to the device |
| [out] | has_role | whether a role is assigned to the device |
|
related |
Returns the role assigned to the device, if any.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | device | the ID of the device |
| [out] | role_out | the role assigned to the device. role_out will be zeroed if a role was not assigned to the device |
| [out] | has_role | whether a role is assigned to the device |
|
related |
Query devices on team.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | devices | returns a list of device IDs on the team |
| [in,out] | devices_len | returns the length of the devices list |
|
related |
Query devices on team.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | devices | returns a list of device IDs on the team |
| [in,out] | devices_len | returns the length of the devices list |
|
related |
Query if a label exists.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | label | the label |
| [out] | __output | boolean indicating whether the label exists. |
|
related |
Query if a label exists.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | label | the label |
| [out] | __output | boolean indicating whether the label exists. |
|
related |
Query for list of existing labels.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the labels. Writes the number of labels that would have been returned to labels_len. The application can use labels_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | labels | returns a list of labels |
| [in,out] | labels_len | returns the length of the labels list |
|
related |
Query for list of existing labels.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the labels. Writes the number of labels that would have been returned to labels_len. The application can use labels_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | labels | returns a list of labels |
| [in,out] | labels_len | returns the length of the labels list |
|
related |
Returns all of the roles for this team.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len. The application can use roles_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | roles_out | returns a list of roles on the team |
| [in,out] | roles_len | the number of roles written to the buffer. |
|
related |
Returns all of the roles for this team.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len. The application can use roles_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | roles_out | returns a list of roles on the team |
| [in,out] | roles_len | the number of roles written to the buffer. |
1.9.8