 |
Aranya
a software development tool for governing access to data and services over a decentralized, zero-trust framework with secure end-to-end encrypted data exchange built-in.
|
Loading...
Searching...
No Matches
|
Aranya
a software development tool for governing access to data and services over a decentralized, zero-trust framework with secure end-to-end encrypted data exchange built-in.
|
A handle to an Aranya Client. More...
#include <aranya-client.h>
Related Symbols | |
(Note that these are not member symbols.) | |
| AranyaError | aranya_client_init (struct AranyaClient *client, const struct AranyaClientConfig *config) |
| Initializes a new client instance. | |
| AranyaError | aranya_client_init_ext (struct AranyaClient *client, const struct AranyaClientConfig *config, struct AranyaExtError *__ext_err) |
| Initializes a new client instance. | |
| AranyaError | aranya_client_cleanup (struct AranyaClient *ptr) |
Releases any resources associated with ptr. | |
| AranyaError | aranya_get_public_key_bundle (const struct AranyaClient *client, uint8_t *public_key_bundle, size_t *public_key_bundle_len) |
| Gets the public key bundle for this device. | |
| AranyaError | aranya_get_public_key_bundle_ext (const struct AranyaClient *client, uint8_t *public_key_bundle, size_t *public_key_bundle_len, struct AranyaExtError *__ext_err) |
| Gets the public key bundle for this device. | |
| AranyaError | aranya_get_key_bundle (const struct AranyaClient *client, uint8_t *public_key_bundle, size_t *public_key_bundle_len) |
| Gets the public key bundle for this device. | |
| AranyaError | aranya_get_key_bundle_ext (const struct AranyaClient *client, uint8_t *public_key_bundle, size_t *public_key_bundle_len, struct AranyaExtError *__ext_err) |
| Gets the public key bundle for this device. | |
| AranyaError | aranya_get_device_id (const struct AranyaClient *client, struct AranyaDeviceId *__output) |
| Gets the public device ID. | |
| AranyaError | aranya_get_device_id_ext (const struct AranyaClient *client, struct AranyaDeviceId *__output, struct AranyaExtError *__ext_err) |
| Gets the public device ID. | |
| AranyaError | aranya_setup_default_roles (struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaRole *roles_out, size_t *roles_len) |
| Setup default roles on team. | |
| AranyaError | aranya_setup_default_roles_ext (struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaRole *roles_out, size_t *roles_len, struct AranyaExtError *__ext_err) |
| Setup default roles on team. | |
| AranyaError | aranya_change_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *old_role, const struct AranyaRoleId *new_role) |
Changes the role on a device. | |
| AranyaError | aranya_change_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *old_role, const struct AranyaRoleId *new_role, struct AranyaExtError *__ext_err) |
Changes the role on a device. | |
| AranyaError | aranya_team_roles (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaRole *roles_out, size_t *roles_out_len) |
| Returns all of the roles for this team. | |
| AranyaError | aranya_team_roles_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaRole *roles_out, size_t *roles_out_len, struct AranyaExtError *__ext_err) |
| Returns all of the roles for this team. | |
| AranyaError | aranya_create_role (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaRoleName role_name, AranyaRank rank, struct AranyaRole *role_out) |
| Create a role. | |
| AranyaError | aranya_create_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaRoleName role_name, AranyaRank rank, struct AranyaRole *role_out, struct AranyaExtError *__ext_err) |
| Create a role. | |
| AranyaError | aranya_delete_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role) |
| Delete a role. | |
| AranyaError | aranya_delete_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, struct AranyaExtError *__ext_err) |
| Delete a role. | |
| AranyaError | aranya_query_role_perms (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, AranyaPermission *perms_out, size_t *perms_len) |
| Query all permissions assigned to a role. | |
| AranyaError | aranya_query_role_perms_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaRoleId *role, AranyaPermission *perms_out, size_t *perms_len, struct AranyaExtError *__ext_err) |
| Query all permissions assigned to a role. | |
| AranyaError | aranya_assign_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *role_id) |
| Assign a role to a device. | |
| AranyaError | aranya_assign_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *role_id, struct AranyaExtError *__ext_err) |
| Assign a role to a device. | |
| AranyaError | aranya_revoke_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *role_id) |
| Revoke a role from a device. | |
| AranyaError | aranya_revoke_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaRoleId *role_id, struct AranyaExtError *__ext_err) |
| Revoke a role from a device. | |
| AranyaError | aranya_create_label (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaLabelName name, AranyaRank rank, struct AranyaLabelId *__output) |
| Create a channel label with an explicit rank. | |
| AranyaError | aranya_create_label_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaLabelName name, AranyaRank rank, struct AranyaLabelId *__output, struct AranyaExtError *__ext_err) |
| Create a channel label with an explicit rank. | |
| AranyaError | aranya_delete_label (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label_id) |
| Delete a channel label. | |
| AranyaError | aranya_delete_label_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label_id, struct AranyaExtError *__ext_err) |
| Delete a channel label. | |
| AranyaError | aranya_change_rank (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaObjectId *object_id, AranyaRank old_rank, AranyaRank new_rank) |
| Change the rank of an object (device or label). | |
| AranyaError | aranya_change_rank_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaObjectId *object_id, AranyaRank old_rank, AranyaRank new_rank, struct AranyaExtError *__ext_err) |
| Change the rank of an object (device or label). | |
| AranyaError | aranya_query_rank (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaObjectId *object_id, AranyaRank *__output) |
| Query the rank of an object. | |
| AranyaError | aranya_query_rank_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaObjectId *object_id, AranyaRank *__output, struct AranyaExtError *__ext_err) |
| Query the rank of an object. | |
| AranyaError | aranya_assign_label (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaLabelId *label_id, AranyaChanOp op) |
| Assign a label to a device so that it can be used for a channel. | |
| AranyaError | aranya_assign_label_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaLabelId *label_id, AranyaChanOp op, struct AranyaExtError *__ext_err) |
| Assign a label to a device so that it can be used for a channel. | |
| AranyaError | aranya_revoke_label (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaLabelId *label_id) |
| Revoke a label from a device. | |
| AranyaError | aranya_revoke_label_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, const struct AranyaLabelId *label_id, struct AranyaExtError *__ext_err) |
| Revoke a label from a device. | |
| AranyaError | aranya_create_team (const struct AranyaClient *client, const struct AranyaCreateTeamConfig *cfg, struct AranyaTeamId *__output) |
| Create a new graph/team with the current device as the owner. | |
| AranyaError | aranya_create_team_ext (const struct AranyaClient *client, const struct AranyaCreateTeamConfig *cfg, struct AranyaTeamId *__output, struct AranyaExtError *__ext_err) |
| Create a new graph/team with the current device as the owner. | |
| AranyaError | aranya_rand (const struct AranyaClient *client, uint8_t *buf, size_t buf_len) |
| Return random bytes from Aranya's CSPRNG. | |
| AranyaError | aranya_rand_ext (const struct AranyaClient *client, uint8_t *buf, size_t buf_len, struct AranyaExtError *__ext_err) |
| Return random bytes from Aranya's CSPRNG. | |
| AranyaError | aranya_encrypt_psk_seed_for_peer (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const uint8_t *public_key_bundle, size_t public_key_bundle_len, uint8_t *seed, size_t *seed_len) |
| Return serialized PSK seed encrypted for another device on the team. | |
| AranyaError | aranya_encrypt_psk_seed_for_peer_ext (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const uint8_t *public_key_bundle, size_t public_key_bundle_len, uint8_t *seed, size_t *seed_len, struct AranyaExtError *__ext_err) |
| Return serialized PSK seed encrypted for another device on the team. | |
| AranyaError | aranya_add_team (const struct AranyaClient *client, const struct AranyaAddTeamConfig *cfg) |
| Add a team to the local device store. | |
| AranyaError | aranya_add_team_ext (const struct AranyaClient *client, const struct AranyaAddTeamConfig *cfg, struct AranyaExtError *__ext_err) |
| Add a team to the local device store. | |
| AranyaError | aranya_remove_team (const struct AranyaClient *client, const struct AranyaTeamId *team) |
| Remove a team from local device storage. | |
| AranyaError | aranya_remove_team_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaExtError *__ext_err) |
| Remove a team from local device storage. | |
| AranyaError | aranya_close_team (const struct AranyaClient *client, const struct AranyaTeamId *team) |
| Close the team and stop all operations on the graph. | |
| AranyaError | aranya_close_team_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaExtError *__ext_err) |
| Close the team and stop all operations on the graph. | |
| AranyaError | aranya_add_device_to_team (const struct AranyaClient *client, const struct AranyaTeamId *team, const uint8_t *keybundle, size_t keybundle_len, const struct AranyaRoleId *role_id, AranyaRank rank) |
| Add a device to the team with an explicit rank. | |
| AranyaError | aranya_add_device_to_team_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const uint8_t *keybundle, size_t keybundle_len, const struct AranyaRoleId *role_id, AranyaRank rank, struct AranyaExtError *__ext_err) |
| Add a device to the team with an explicit rank. | |
| AranyaError | aranya_remove_device_from_team (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device) |
| Remove a device from the team. | |
| AranyaError | aranya_remove_device_from_team_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaExtError *__ext_err) |
| Remove a device from the team. | |
| AranyaError | aranya_add_sync_peer (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, const struct AranyaSyncPeerConfig *config) |
| Add the peer for automatic periodic Aranya state syncing. | |
| AranyaError | aranya_add_sync_peer_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, const struct AranyaSyncPeerConfig *config, struct AranyaExtError *__ext_err) |
| Add the peer for automatic periodic Aranya state syncing. | |
| AranyaError | aranya_remove_sync_peer (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr) |
| Remove the peer from automatic Aranya state syncing. | |
| AranyaError | aranya_remove_sync_peer_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, struct AranyaExtError *__ext_err) |
| Remove the peer from automatic Aranya state syncing. | |
| AranyaError | aranya_sync_now (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, const struct AranyaSyncPeerConfig *config) |
| Sync with peer immediately. | |
| AranyaError | aranya_sync_now_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, AranyaAddr addr, const struct AranyaSyncPeerConfig *config, struct AranyaExtError *__ext_err) |
| Sync with peer immediately. | |
| AranyaError | aranya_team_devices (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaDeviceId *devices, size_t *devices_len) |
| Query devices on team. | |
| AranyaError | aranya_team_devices_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaDeviceId *devices, size_t *devices_len, struct AranyaExtError *__ext_err) |
| Query devices on team. | |
| AranyaError | aranya_team_device_role (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaRole *role_out, bool *has_role) |
| Returns the role assigned to the device, if any. | |
| AranyaError | aranya_team_device_role_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaRole *role_out, bool *has_role, struct AranyaExtError *__ext_err) |
| Returns the role assigned to the device, if any. | |
| AranyaError | aranya_team_device_public_key_bundle (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, uint8_t *public_key_bundle, size_t *public_key_bundle_len) |
| Query device's public key bundle. | |
| AranyaError | aranya_team_device_public_key_bundle_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, uint8_t *public_key_bundle, size_t *public_key_bundle_len, struct AranyaExtError *__ext_err) |
| Query device's public key bundle. | |
| AranyaError | aranya_team_device_keybundle (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, uint8_t *public_key_bundle, size_t *public_key_bundle_len) |
| Query device's public key bundle. | |
| AranyaError | aranya_team_device_keybundle_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, uint8_t *public_key_bundle, size_t *public_key_bundle_len, struct AranyaExtError *__ext_err) |
| Query device's public key bundle. | |
| AranyaError | aranya_team_device_label_assignments (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaLabelId *labels, size_t *labels_len) |
| Query device label assignments. | |
| AranyaError | aranya_team_device_label_assignments_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaDeviceId *device, struct AranyaLabelId *labels, size_t *labels_len, struct AranyaExtError *__ext_err) |
| Query device label assignments. | |
| AranyaError | aranya_team_labels (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaLabelId *labels, size_t *labels_len) |
| Query for list of existing labels. | |
| AranyaError | aranya_team_labels_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, struct AranyaLabelId *labels, size_t *labels_len, struct AranyaExtError *__ext_err) |
| Query for list of existing labels. | |
| AranyaError | aranya_team_label (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label_id, struct AranyaLabel *label_out) |
| Query a label. | |
| AranyaError | aranya_team_label_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label_id, struct AranyaLabel *label_out, struct AranyaExtError *__ext_err) |
| Query a label. | |
| AranyaError | aranya_team_label_exists (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label, bool *__output) |
| Query if a label exists. | |
| AranyaError | aranya_team_label_exists_ext (const struct AranyaClient *client, const struct AranyaTeamId *team, const struct AranyaLabelId *label, bool *__output, struct AranyaExtError *__ext_err) |
| Query if a label exists. | |
| AranyaError | aranya_afc_create_channel (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const struct AranyaDeviceId *peer_id, const struct AranyaLabelId *label_id, struct AranyaAfcSendChannel *channel, struct AranyaAfcCtrlMsg *control) |
| Create a send-only AFC channel between this device and a peer. | |
| AranyaError | aranya_afc_create_channel_ext (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const struct AranyaDeviceId *peer_id, const struct AranyaLabelId *label_id, struct AranyaAfcSendChannel *channel, struct AranyaAfcCtrlMsg *control, struct AranyaExtError *__ext_err) |
| Create a send-only AFC channel between this device and a peer. | |
| AranyaError | aranya_afc_accept_channel (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const uint8_t *control, size_t control_len, struct AranyaAfcReceiveChannel *channel) |
| Accept a receive-only AFC channel from by a peer by processing a control message. | |
| AranyaError | aranya_afc_accept_channel_ext (const struct AranyaClient *client, const struct AranyaTeamId *team_id, const uint8_t *control, size_t control_len, struct AranyaAfcReceiveChannel *channel, struct AranyaExtError *__ext_err) |
| Accept a receive-only AFC channel from by a peer by processing a control message. | |
| AranyaError | aranya_afc_send_channel_delete (const struct AranyaClient *client, struct AranyaAfcSendChannel *channel) |
| Removes an `AranyaAfcSendChannel` from use. | |
| AranyaError | aranya_afc_send_channel_delete_ext (const struct AranyaClient *client, struct AranyaAfcSendChannel *channel, struct AranyaExtError *__ext_err) |
| Removes an `AranyaAfcSendChannel` from use. | |
| AranyaError | aranya_afc_receive_channel_delete (const struct AranyaClient *client, struct AranyaAfcReceiveChannel *channel) |
| Removes an `AranyaAfcReceiveChannel` from use. | |
| AranyaError | aranya_afc_receive_channel_delete_ext (const struct AranyaClient *client, struct AranyaAfcReceiveChannel *channel, struct AranyaExtError *__ext_err) |
| Removes an `AranyaAfcReceiveChannel` from use. | |
A handle to an Aranya Client.
|
related |
Add a device to the team with an explicit rank.
Requires:
AddDevice permissioncaller_rank >= rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | keybundle | serialized keybundle byte buffer KeyBundle. |
| [in] | keybundle_len | is the length of the serialized keybundle. |
| [in] | role_id | (optional) the ID of the role to assign to the device. |
| [in] | rank | the rank to assign to the device. |
|
related |
Add a device to the team with an explicit rank.
Requires:
AddDevice permissioncaller_rank >= rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | keybundle | serialized keybundle byte buffer KeyBundle. |
| [in] | keybundle_len | is the length of the serialized keybundle. |
| [in] | role_id | (optional) the ID of the role to assign to the device. |
| [in] | rank | the rank to assign to the device. |
|
related |
Add the peer for automatic periodic Aranya state syncing.
If a peer is not reachable on the network, sync errors will appear in the tracing logs and Aranya will be unable to sync state with that peer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
| [in] | config | configuration values for syncing with a peer. |
|
related |
Add the peer for automatic periodic Aranya state syncing.
If a peer is not reachable on the network, sync errors will appear in the tracing logs and Aranya will be unable to sync state with that peer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
| [in] | config | configuration values for syncing with a peer. |
|
related |
Add a team to the local device store.
| [in] | client | the Aranya Client |
| [in] | cfg | the Team Configuration |
|
related |
Add a team to the local device store.
| [in] | client | the Aranya Client |
| [in] | cfg | the Team Configuration |
|
related |
Accept a receive-only AFC channel from by a peer by processing a control message.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's identifier |
| [in] | control | the AFC control message. |
| [out] | channel | the AFC channel object |
| [out] | __output | the corresponding AFC channel type |
|
related |
Accept a receive-only AFC channel from by a peer by processing a control message.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's identifier |
| [in] | control | the AFC control message. |
| [out] | channel | the AFC channel object |
| [out] | __output | the corresponding AFC channel type |
|
related |
Create a send-only AFC channel between this device and a peer.
Note that the control message needs to be sent to the other peer using the transport of your choice to create the other side of the channel.
Requires:
CanUseAfc permissionSendOnly, RecvOnly, or SendRecv) assigned for the label| [in] | client | the Aranya Client |
| [in] | team_id | the team's identifier |
| [in] | peer_id | the peer's identifier |
| [in] | label_id | the label identifier to create the channel with. |
| [out] | channel | the AFC channel object |
| [out] | control | the AFC control message |
|
related |
Create a send-only AFC channel between this device and a peer.
Note that the control message needs to be sent to the other peer using the transport of your choice to create the other side of the channel.
Requires:
CanUseAfc permissionSendOnly, RecvOnly, or SendRecv) assigned for the label| [in] | client | the Aranya Client |
| [in] | team_id | the team's identifier |
| [in] | peer_id | the peer's identifier |
| [in] | label_id | the label identifier to create the channel with. |
| [out] | channel | the AFC channel object |
| [out] | control | the AFC control message |
|
related |
Removes an `AranyaAfcReceiveChannel` from use.
Note that this function takes ownership of the `AranyaAfcReceiveChannel` and invalidates any further use (i.e. calling seal).
| [in] | client | the Aranya Client |
| [in] | channel | the AFC channel object |
|
related |
Removes an `AranyaAfcReceiveChannel` from use.
Note that this function takes ownership of the `AranyaAfcReceiveChannel` and invalidates any further use (i.e. calling seal).
| [in] | client | the Aranya Client |
| [in] | channel | the AFC channel object |
|
related |
Removes an `AranyaAfcSendChannel` from use.
Note that this function takes ownership of the `AranyaAfcSendChannel` and invalidates any further use (i.e. calling seal).
| [in] | client | the Aranya Client |
| [in] | channel | the AFC channel object |
|
related |
Removes an `AranyaAfcSendChannel` from use.
Note that this function takes ownership of the `AranyaAfcSendChannel` and invalidates any further use (i.e. calling seal).
| [in] | client | the Aranya Client |
| [in] | channel | the AFC channel object |
|
related |
Assign a label to a device so that it can be used for a channel.
Requires:
AssignLabel permissioncaller_rank > device_rank and caller_rank > label_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device ID of the device to assign the label to. |
| [in] | label_id | the channel label ID |
|
related |
Assign a label to a device so that it can be used for a channel.
Requires:
AssignLabel permissioncaller_rank > device_rank and caller_rank > label_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device ID of the device to assign the label to. |
| [in] | label_id | the channel label ID |
|
related |
Assign a role to a device.
Requires:
AssignRole permissioncaller_rank > device_rank and caller_rank > role_rankIt is an error if the device has already been assigned a role. If you want to assign a different role to a device that already has a role, use change_role() instead.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | role_id | the ID of the role to assign to the device |
|
related |
Assign a role to a device.
Requires:
AssignRole permissioncaller_rank > device_rank and caller_rank > role_rankIt is an error if the device has already been assigned a role. If you want to assign a different role to a device that already has a role, use change_role() instead.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | role_id | the ID of the role to assign to the device |
|
related |
Change the rank of an object (device or label).
The caller must provide the current rank of the object (old_rank) to guard against concurrent changes by other devices. If another device changes the rank before this command is applied, the operation will fail rather than silently overwriting the new value. This preserves the caller's intent to only change the rank under expected conditions.
Requires:
ChangeRank permissioncaller_rank > object_rank (unless changing own rank)caller_rank >= new_rankNote: Role ranks cannot be changed after creation. This maintains the invariant that role_rank >= device_rank for all devices assigned to the role. To effectively change a role's rank, create a new role with matching permissions at the desired rank, assign the new role to the devices that had the old role, then delete the old role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | object_id | the ID of the object to change the rank of |
| [in] | old_rank | the current rank of the object |
| [in] | new_rank | the new rank to assign to the object |
|
related |
Change the rank of an object (device or label).
The caller must provide the current rank of the object (old_rank) to guard against concurrent changes by other devices. If another device changes the rank before this command is applied, the operation will fail rather than silently overwriting the new value. This preserves the caller's intent to only change the rank under expected conditions.
Requires:
ChangeRank permissioncaller_rank > object_rank (unless changing own rank)caller_rank >= new_rankNote: Role ranks cannot be changed after creation. This maintains the invariant that role_rank >= device_rank for all devices assigned to the role. To effectively change a role's rank, create a new role with matching permissions at the desired rank, assign the new role to the devices that had the old role, then delete the old role.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | object_id | the ID of the object to change the rank of |
| [in] | old_rank | the current rank of the object |
| [in] | new_rank | the new rank to assign to the object |
|
related |
Changes the role on a device.
This will change the device's current role to the new role assigned.
Requires:
RevokeRole permission (for old_role)AssignRole permission (for new_role)caller_rank > device_rank, caller_rank > old_role_rank, and caller_rank > new_role_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | old_role | the ID of the role currently assigned to the device |
| [in] | new_role | the ID of the role to assign to the device |
|
related |
Changes the role on a device.
This will change the device's current role to the new role assigned.
Requires:
RevokeRole permission (for old_role)AssignRole permission (for new_role)caller_rank > device_rank, caller_rank > old_role_rank, and caller_rank > new_role_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | old_role | the ID of the role currently assigned to the device |
| [in] | new_role | the ID of the role to assign to the device |
|
related |
Releases any resources associated with ptr.
ptr must either be null or initialized by aranya_client_init.
|
related |
Initializes a new client instance.
| [out] | client | the uninitialized Aranya Client |
| [in] | config | the client's configuration |
|
related |
Initializes a new client instance.
| [out] | client | the uninitialized Aranya Client |
| [in] | config | the client's configuration |
|
related |
Close the team and stop all operations on the graph.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
|
related |
Close the team and stop all operations on the graph.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
|
related |
Create a channel label with an explicit rank.
Requires:
CreateLabel permissioncaller_rank >= rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | name | label name string |
| [in] | rank | the rank to assign to the label |
|
related |
Create a channel label with an explicit rank.
Requires:
CreateLabel permissioncaller_rank >= rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | name | label name string |
| [in] | rank | the rank to assign to the label |
|
related |
Create a role.
Requires:
CreateRole permissioncaller_rank >= rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role_name | the name of the new role |
| [in] | rank | the rank to assign to the new role |
| [out] | role_out | the newly created role |
|
related |
Create a role.
Requires:
CreateRole permissioncaller_rank >= rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role_name | the name of the new role |
| [in] | rank | the rank to assign to the new role |
| [out] | role_out | the newly created role |
|
related |
Create a new graph/team with the current device as the owner.
| [in] | client | the Aranya Client |
| [in] | cfg | the Team Configuration |
| [out] | __output | the team's ID |
|
related |
Create a new graph/team with the current device as the owner.
| [in] | client | the Aranya Client |
| [in] | cfg | the Team Configuration |
| [out] | __output | the team's ID |
|
related |
Delete a channel label.
Requires:
DeleteLabel permissioncaller_rank > label_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label_id | the channel label ID to delete. |
|
related |
Delete a channel label.
Requires:
DeleteLabel permissioncaller_rank > label_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label_id | the channel label ID to delete. |
|
related |
Delete a role.
The role must not be assigned to any devices.
Requires:
DeleteRole permissioncaller_rank > role_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the role to delete |
|
related |
Delete a role.
The role must not be assigned to any devices.
Requires:
DeleteRole permissioncaller_rank > role_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the ID of the role to delete |
|
related |
Return serialized PSK seed encrypted for another device on the team.
The PSK seed will be encrypted using the public encryption key of the specified device on the team.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the seed bytes. Writes the number of bytes that would have been returned to seed_len. The application can use seed_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's ID |
| [in] | public_key_bundle | serialized key bundle bytes |
| [in] | public_key_bundle_len | the length of the key bundle |
| [out] | seed | the serialized, encrypted PSK seed. |
| [in,out] | seed_len | the number of bytes written to the seed buffer. |
This method will be removed soon since certificates will be used instead of PSKs in the future.
|
related |
Return serialized PSK seed encrypted for another device on the team.
The PSK seed will be encrypted using the public encryption key of the specified device on the team.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the seed bytes. Writes the number of bytes that would have been returned to seed_len. The application can use seed_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team_id | the team's ID |
| [in] | public_key_bundle | serialized key bundle bytes |
| [in] | public_key_bundle_len | the length of the key bundle |
| [out] | seed | the serialized, encrypted PSK seed. |
| [in,out] | seed_len | the number of bytes written to the seed buffer. |
This method will be removed soon since certificates will be used instead of PSKs in the future.
|
related |
Gets the public device ID.
| [in] | client | the Aranya Client |
| [out] | __output | the client's device ID |
|
related |
Gets the public device ID.
| [in] | client | the Aranya Client |
| [out] | __output | the client's device ID |
|
related |
Gets the public key bundle for this device.
Renamed to `aranya_get_public_key_bundle`.
| [in] | client | the Aranya Client |
| [out] | public_key_bundle | key bundle byte buffer |
| [in,out] | public_key_bundle_len | returns the length of the serialized key bundle. |
|
related |
Gets the public key bundle for this device.
Renamed to `aranya_get_public_key_bundle`.
| [in] | client | the Aranya Client |
| [out] | public_key_bundle | key bundle byte buffer |
| [in,out] | public_key_bundle_len | returns the length of the serialized key bundle. |
|
related |
Gets the public key bundle for this device.
| [in] | client | the Aranya Client |
| [out] | public_key_bundle | key bundle byte buffer |
| [in,out] | public_key_bundle_len | returns the length of the serialized key bundle. |
|
related |
Gets the public key bundle for this device.
| [in] | client | the Aranya Client |
| [out] | public_key_bundle | key bundle byte buffer |
| [in,out] | public_key_bundle_len | returns the length of the serialized key bundle. |
|
related |
Query the rank of an object.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | object_id | the ID of the object to query |
| [out] | __output | the rank of the object |
|
related |
Query the rank of an object.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | object_id | the ID of the object to query |
| [out] | __output | the rank of the object |
|
related |
Query all permissions assigned to a role.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the permissions. Writes the number of permissions that would have been returned to perms_len. The application can use perms_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the role ID to query permissions for |
| [out] | perms_out | returns a list of permissions assigned to the role |
| [in,out] | perms_len | the number of permissions written to the buffer |
|
related |
Query all permissions assigned to a role.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the permissions. Writes the number of permissions that would have been returned to perms_len. The application can use perms_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | role | the role ID to query permissions for |
| [out] | perms_out | returns a list of permissions assigned to the role |
| [in,out] | perms_len | the number of permissions written to the buffer |
|
related |
Return random bytes from Aranya's CSPRNG.
This method can be used to generate a PSK seed IKM for the QUIC syncer.
| [in] | client | the Aranya Client |
| [out] | buf | buffer where random bytes are written to. |
| [in] | buf_len | the size of the buffer. |
|
related |
Return random bytes from Aranya's CSPRNG.
This method can be used to generate a PSK seed IKM for the QUIC syncer.
| [in] | client | the Aranya Client |
| [out] | buf | buffer where random bytes are written to. |
| [in] | buf_len | the size of the buffer. |
|
related |
Remove a device from the team.
A device can always remove itself. Removing another device requires:
RemoveDevice permissioncaller_rank > device_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
|
related |
Remove a device from the team.
A device can always remove itself. Removing another device requires:
RemoveDevice permissioncaller_rank > device_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
|
related |
Remove the peer from automatic Aranya state syncing.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
|
related |
Remove the peer from automatic Aranya state syncing.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
|
related |
Remove a team from local device storage.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
|
related |
Remove a team from local device storage.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
|
related |
Revoke a label from a device.
Requires:
RevokeLabel permissioncaller_rank > device_rank and caller_rank > label_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device ID of the device to revoke the label from. |
| [in] | label_id | the channel label ID |
|
related |
Revoke a label from a device.
Requires:
RevokeLabel permissioncaller_rank > device_rank and caller_rank > label_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device ID of the device to revoke the label from. |
| [in] | label_id | the channel label ID |
|
related |
Revoke a role from a device.
Requires:
RevokeRole permissioncaller_rank > device_rank and caller_rank > role_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | role_id | the ID of the role to revoke from the device. |
|
related |
Revoke a role from a device.
Requires:
RevokeRole permissioncaller_rank > device_rank and caller_rank > role_rank| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [in] | role_id | the ID of the role to revoke from the device. |
|
related |
Setup default roles on team.
This sets up the following roles with default permissions as defined in Aranya's default policy:
The owner role is created automatically when the team is created, so it is not included here.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len. The application can use roles_len to allocate a larger buffer and retry.
N.B. this function is meant to be called once to set up the default roles. Subsequent calls will result in an error if the default roles were already created.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | roles_out | returns a list of the created default roles |
| [in,out] | roles_len | the number of roles written to the buffer. |
|
related |
Setup default roles on team.
This sets up the following roles with default permissions as defined in Aranya's default policy:
The owner role is created automatically when the team is created, so it is not included here.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len. The application can use roles_len to allocate a larger buffer and retry.
N.B. this function is meant to be called once to set up the default roles. Subsequent calls will result in an error if the default roles were already created.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | roles_out | returns a list of the created default roles |
| [in,out] | roles_len | the number of roles written to the buffer. |
|
related |
Sync with peer immediately.
If a peer is not reachable on the network, sync errors will appear in the tracing logs and Aranya will be unable to sync state with that peer.
This function ignores `aranya_sync_peer_config_builder_set_interval` and `aranya_sync_peer_config_builder_set_sync_later`, if set.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
| [in] | config | configuration values for syncing with a peer. |
Default values for a sync config will be used if config is NULL
|
related |
Sync with peer immediately.
If a peer is not reachable on the network, sync errors will appear in the tracing logs and Aranya will be unable to sync state with that peer.
This function ignores `aranya_sync_peer_config_builder_set_interval` and `aranya_sync_peer_config_builder_set_sync_later`, if set.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | addr | the peer's Aranya network address |
| [in] | config | configuration values for syncing with a peer. |
Default values for a sync config will be used if config is NULL
|
related |
Query device's public key bundle.
Renamed to `aranya_team_device_public_key_bundle`.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | public_key_bundle | key bundle byte buffer |
| [in,out] | public_key_bundle_len | returns the length of the serialized public key bundle. |
|
related |
Query device's public key bundle.
Renamed to `aranya_team_device_public_key_bundle`.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | public_key_bundle | key bundle byte buffer |
| [in,out] | public_key_bundle_len | returns the length of the serialized public key bundle. |
|
related |
Query device label assignments.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the labels. Writes the number of labels that would have been returned to labels_len. The application can use labels_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | labels | returns a list of labels assigned to the device |
| [in,out] | labels_len | returns the length of the labels list |
|
related |
Query device label assignments.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the labels. Writes the number of labels that would have been returned to labels_len. The application can use labels_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | labels | returns a list of labels assigned to the device |
| [in,out] | labels_len | returns the length of the labels list |
|
related |
Query device's public key bundle.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | public_key_bundle | key bundle byte buffer |
| [in,out] | public_key_bundle_len | returns the length of the serialized public key bundle. |
|
related |
Query device's public key bundle.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | device | the device's ID |
| [out] | public_key_bundle | key bundle byte buffer |
| [in,out] | public_key_bundle_len | returns the length of the serialized public key bundle. |
|
related |
Returns the role assigned to the device, if any.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | device | the ID of the device |
| [out] | role_out | the role assigned to the device. role_out will be zeroed if a role was not assigned to the device |
| [out] | has_role | whether a role is assigned to the device |
|
related |
Returns the role assigned to the device, if any.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | device | the ID of the device |
| [out] | role_out | the role assigned to the device. role_out will be zeroed if a role was not assigned to the device |
| [out] | has_role | whether a role is assigned to the device |
|
related |
Query devices on team.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | devices | returns a list of device IDs on the team |
| [in,out] | devices_len | returns the length of the devices list |
|
related |
Query devices on team.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | devices | returns a list of device IDs on the team |
| [in,out] | devices_len | returns the length of the devices list |
|
related |
Query a label.
Returns the label metadata for the given label ID. Returns an error if the label does not exist.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label_id | the label ID to query |
| [out] | label_out | returns the label |
|
related |
Query if a label exists.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label | the label |
| [out] | __output | boolean indicating whether the label exists. |
|
related |
Query if a label exists.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label | the label |
| [out] | __output | boolean indicating whether the label exists. |
|
related |
Query a label.
Returns the label metadata for the given label ID. Returns an error if the label does not exist.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [in] | label_id | the label ID to query |
| [out] | label_out | returns the label |
|
related |
Query for list of existing labels.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the labels. Writes the number of labels that would have been returned to labels_len. The application can use labels_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | labels | returns a list of labels |
| [in,out] | labels_len | returns the length of the labels list |
|
related |
Query for list of existing labels.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the labels. Writes the number of labels that would have been returned to labels_len. The application can use labels_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | labels | returns a list of labels |
| [in,out] | labels_len | returns the length of the labels list |
|
related |
Returns all of the roles for this team.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len. The application can use roles_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | roles_out | returns a list of roles on the team |
| [in,out] | roles_len | the number of roles written to the buffer. |
|
related |
Returns all of the roles for this team.
Returns an AranyaBufferTooSmall error if the output buffer is too small to hold the roles. Writes the number of roles that would have been returned to roles_len. The application can use roles_len to allocate a larger buffer.
| [in] | client | the Aranya Client |
| [in] | team | the team's ID |
| [out] | roles_out | returns a list of roles on the team |
| [in,out] | roles_len | the number of roles written to the buffer. |
1.9.8