niklas/cyclonedds
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add domaingv pointer to security plugins, as a preparation for supporting the permissions_expiry callback (which needs the gv to enumerate participants.

Browse source 
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
This commit is contained in:
Dennis Potman 2020-03-26 13:40:28 +01:00 committed by eboasson
parent a6a9d1f7c1
commit e6500b6528
26 changed files with 682 additions and 915 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/security/api/CMakeLists.txt
View file

@ -17,6 +17,7 @@ target_include_directories(
security_api INTERFACE
"$<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_BINARY_DIR}/include>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_LIST_DIR}/../../core/ddsi/include>"
)
install(

22
src/security/api/include/dds/security/dds_security_api.h
View file

@ -13,8 +13,7 @@
#ifndef DDS_SECURITY_API_H
#define DDS_SECURITY_API_H
/* Various security plugins. */
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds_security_api_access_control.h"
#include "dds_security_api_authentication.h"
#include "dds_security_api_cryptography.h"
@ -24,25 +23,12 @@
extern "C" {
#endif
/**
* Integration functions for Security plugins
*
*/
typedef int (*plugin_init)(
const char *argument,
void **context
);
typedef int (*plugin_finalize)(
void *context
);
/* Integration functions for Security plugins */
typedef int (*plugin_init)(const char *argument, void **context, struct ddsi_domaingv *gv);
typedef int (*plugin_finalize)(void *context);
#if defined (__cplusplus)
}
#endif
#endif /* DDS_SECURITY_API_H */

469
src/security/api/include/dds/security/dds_security_api_access_control.h
View file

@ -16,359 +16,278 @@
#include "dds_security_api_types.h"
#include "dds_security_api_authentication.h"
#if defined (__cplusplus)
extern "C" {
#if defined(__cplusplus)
extern "C"
{
#endif
/**
* AccessControl Component
*/
/* AccessControl Component */
struct dds_security_access_control;
typedef struct dds_security_access_control dds_security_access_control;
/* AccessControlListener Interface */
struct dds_security_access_control_listener;
typedef struct dds_security_access_control_listener dds_security_access_control_listener;
/**
* AccessControlListener Interface
* */
typedef DDS_Security_boolean
(*DDS_Security_access_control_listener_on_revoke_permissions)
( dds_security_access_control_listener *instance,
const dds_security_access_control *plugin,
const DDS_Security_PermissionsHandle handle);
typedef DDS_Security_boolean (*DDS_Security_access_control_listener_on_revoke_permissions)(
const dds_security_access_control *plugin,
const DDS_Security_PermissionsHandle handle);
struct dds_security_access_control_listener
{
DDS_Security_access_control_listener_on_revoke_permissions on_revoke_permissions;
};
/* AccessControl Interface */
typedef DDS_Security_PermissionsHandle (*DDS_Security_access_control_validate_local_permissions)(
dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle identity,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex);
/**
* AccessControl Interface
*/
typedef DDS_Security_PermissionsHandle (*DDS_Security_access_control_validate_remote_permissions)(
dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityHandle remote_identity_handle,
const DDS_Security_PermissionsToken *remote_permissions_token,
const DDS_Security_AuthenticatedPeerCredentialToken *remote_credential_token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_PermissionsHandle
(*DDS_Security_access_control_validate_local_permissions)
( dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle identity,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_create_participant)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex);
typedef DDS_Security_PermissionsHandle
(*DDS_Security_access_control_validate_remote_permissions)
( dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityHandle remote_identity_handle,
const DDS_Security_PermissionsToken *remote_permissions_token,
const DDS_Security_AuthenticatedPeerCredentialToken *remote_credential_token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_create_datawriter)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *writer_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_create_participant)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_create_datareader)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *reader_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_create_datawriter)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *writer_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_create_topic)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *topic_qos,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_create_datareader)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *reader_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_local_datawriter_register_instance)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer,
const DDS_Security_DynamicData *key,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_local_datawriter_dispose_instance)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_create_topic)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *topic_qos,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_remote_participant)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_ParticipantBuiltinTopicDataSecure *participant_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_local_datawriter_register_instance)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer,
const DDS_Security_DynamicData *key,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_remote_datawriter)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_local_datawriter_dispose_instance)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_remote_datareader)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_boolean *relay_only,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_remote_participant)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_ParticipantBuiltinTopicDataSecure *participant_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_remote_topic)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_TopicBuiltinTopicData *topic_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_remote_datawriter)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_local_datawriter_match)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_remote_datareader)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_boolean *relay_only,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_local_datareader_match)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_remote_topic)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_TopicBuiltinTopicData *topic_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_remote_datawriter_register_instance)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
const DDS_Security_InstanceHandle instance_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_check_remote_datawriter_dispose_instance)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_local_datawriter_match)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_get_permissions_token)(
dds_security_access_control *instance,
DDS_Security_PermissionsToken *permissions_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_get_permissions_credential_token)(
dds_security_access_control *instance,
DDS_Security_PermissionsCredentialToken *permissions_credential_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_local_datareader_match)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_set_listener)(
dds_security_access_control *instance,
const dds_security_access_control_listener *listener,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_remote_datawriter_register_instance)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
const DDS_Security_InstanceHandle instance_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_return_permissions_token)(
dds_security_access_control *instance,
const DDS_Security_PermissionsToken *token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_check_remote_datawriter_dispose_instance)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_return_permissions_credential_token)(
dds_security_access_control *instance,
const DDS_Security_PermissionsCredentialToken *permissions_credential_token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_get_permissions_token)
( dds_security_access_control *instance,
DDS_Security_PermissionsToken *permissions_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_get_participant_sec_attributes)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_get_permissions_credential_token)
( dds_security_access_control *instance,
DDS_Security_PermissionsCredentialToken *permissions_credential_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_get_topic_sec_attributes)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_set_listener)
( dds_security_access_control *instance,
const dds_security_access_control_listener *listener,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_get_datawriter_sec_attributes)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_return_permissions_token)
( dds_security_access_control *instance,
const DDS_Security_PermissionsToken *token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_get_datareader_sec_attributes)(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_return_permissions_credential_token)
( dds_security_access_control *instance,
const DDS_Security_PermissionsCredentialToken *permissions_credential_token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_return_participant_sec_attributes)(
dds_security_access_control *instance,
const DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_get_participant_sec_attributes)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_return_topic_sec_attributes)(
dds_security_access_control *instance,
const DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_return_datawriter_sec_attributes)(
dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_get_topic_sec_attributes)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_get_datawriter_sec_attributes)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_get_datareader_sec_attributes)
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_return_participant_sec_attributes)
( dds_security_access_control *instance,
const DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_return_topic_sec_attributes)
( dds_security_access_control *instance,
const DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_return_datawriter_sec_attributes)
( dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_return_datareader_sec_attributes)
( dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_access_control_return_permissions_handle)
( dds_security_access_control *instance,
DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_return_datareader_sec_attributes)(
dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_access_control_return_permissions_handle)(
dds_security_access_control *instance,
DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_SecurityException *ex);
struct dds_security_access_control
{
struct ddsi_domaingv *gv;
DDS_Security_access_control_validate_local_permissions validate_local_permissions;
DDS_Security_access_control_validate_remote_permissions validate_remote_permissions;
DDS_Security_access_control_check_create_participant check_create_participant;
DDS_Security_access_control_check_create_datawriter check_create_datawriter;
DDS_Security_access_control_check_create_datareader check_create_datareader;
DDS_Security_access_control_check_create_topic check_create_topic;
DDS_Security_access_control_check_local_datawriter_register_instance check_local_datawriter_register_instance;
DDS_Security_access_control_check_local_datawriter_dispose_instance check_local_datawriter_dispose_instance;
DDS_Security_access_control_check_remote_participant check_remote_participant;
DDS_Security_access_control_check_remote_datawriter check_remote_datawriter;
DDS_Security_access_control_check_remote_datareader check_remote_datareader;
DDS_Security_access_control_check_remote_topic check_remote_topic;
DDS_Security_access_control_check_local_datawriter_match check_local_datawriter_match;
DDS_Security_access_control_check_local_datareader_match check_local_datareader_match;
DDS_Security_access_control_check_remote_datawriter_register_instance check_remote_datawriter_register_instance;
DDS_Security_access_control_check_remote_datawriter_dispose_instance check_remote_datawriter_dispose_instance;
DDS_Security_access_control_get_permissions_token get_permissions_token;
DDS_Security_access_control_get_permissions_credential_token get_permissions_credential_token;
DDS_Security_access_control_set_listener set_listener;
DDS_Security_access_control_return_permissions_token return_permissions_token;
DDS_Security_access_control_return_permissions_credential_token return_permissions_credential_token;
DDS_Security_access_control_get_participant_sec_attributes get_participant_sec_attributes;
DDS_Security_access_control_get_topic_sec_attributes get_topic_sec_attributes;
DDS_Security_access_control_get_datawriter_sec_attributes get_datawriter_sec_attributes;
DDS_Security_access_control_get_datareader_sec_attributes get_datareader_sec_attributes;
DDS_Security_access_control_return_participant_sec_attributes return_participant_sec_attributes;
DDS_Security_access_control_return_topic_sec_attributes return_topic_sec_attributes;
DDS_Security_access_control_return_datawriter_sec_attributes return_datawriter_sec_attributes;
DDS_Security_access_control_return_datareader_sec_attributes return_datareader_sec_attributes;
DDS_Security_access_control_return_permissions_handle return_permissions_handle;
};
#if defined (__cplusplus)
#if defined(__cplusplus)
}
#endif

271
src/security/api/include/dds/security/dds_security_api_authentication.h
View file

@ -15,223 +15,170 @@
#include "dds_security_api_types.h"
#if defined (__cplusplus)
extern "C" {
#if defined(__cplusplus)
extern "C"
{
#endif
/**
* Authentication Component
*/
/* Authentication Component */
struct dds_security_authentication;
typedef struct dds_security_authentication dds_security_authentication;
struct dds_security_authentication_listener;
typedef struct dds_security_authentication_listener dds_security_authentication_listener;
/* AuthenticationListener interface */
typedef DDS_Security_boolean (*DDS_Security_authentication_listener_on_revoke_identity)(
dds_security_authentication_listener *context,
const dds_security_authentication *plugin,
const DDS_Security_IdentityHandle handle);
/**
* AuthenticationListener interface
*/
typedef DDS_Security_boolean
(*DDS_Security_authentication_listener_on_revoke_identity)
( dds_security_authentication_listener *context,
const dds_security_authentication *plugin,
const DDS_Security_IdentityHandle handle
);
typedef DDS_Security_boolean
(*DDS_Security_authentication_listener_on_status_changed)
( dds_security_authentication_listener *context,
const dds_security_authentication *plugin,
const DDS_Security_IdentityHandle handle,
const DDS_Security_AuthStatusKind status_kind
);
typedef DDS_Security_boolean (*DDS_Security_authentication_listener_on_status_changed)(
dds_security_authentication_listener *context,
const dds_security_authentication *plugin,
const DDS_Security_IdentityHandle handle,
const DDS_Security_AuthStatusKind status_kind);
struct dds_security_authentication_listener
{
DDS_Security_authentication_listener_on_revoke_identity on_revoke_identity;
DDS_Security_authentication_listener_on_status_changed on_status_changed;
};
typedef DDS_Security_ValidationResult_t
(*DDS_Security_authentication_validate_local_identity)
( dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex
);
typedef DDS_Security_ValidationResult_t (*DDS_Security_authentication_validate_local_identity)(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_get_identity_token)(
dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_get_identity_token)
( dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_get_identity_status_token)(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_set_permissions_credential_and_token)(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_get_identity_status_token)
( dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ValidationResult_t (*DDS_Security_authentication_validate_remote_identity)(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_set_permissions_credential_and_token)
( dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ValidationResult_t (*DDS_Security_authentication_begin_handshake_request)(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ValidationResult_t (*DDS_Security_authentication_begin_handshake_reply)(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ValidationResult_t
(*DDS_Security_authentication_validate_remote_identity)
( dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ValidationResult_t (*DDS_Security_authentication_process_handshake)(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_SharedSecretHandle (*DDS_Security_authentication_get_shared_secret)(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ValidationResult_t
(*DDS_Security_authentication_begin_handshake_request)
( dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_get_authenticated_peer_credential_token)(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_set_listener)(
dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ValidationResult_t
(*DDS_Security_authentication_begin_handshake_reply)
( dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_return_identity_token)(
dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ValidationResult_t
(*DDS_Security_authentication_process_handshake)
( dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_return_identity_status_token)(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_SharedSecretHandle
(*DDS_Security_authentication_get_shared_secret)
( dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_return_authenticated_peer_credential_token)(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_get_authenticated_peer_credential_token)
( dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_return_handshake_handle)(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_set_listener)
( dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_return_identity_token)
( dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_return_identity_status_token)
( dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_return_authenticated_peer_credential_token)
( dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_return_handshake_handle)
( dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_return_identity_handle)
( dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_authentication_return_sharedsecret_handle)
( dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_return_identity_handle)(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_authentication_return_sharedsecret_handle)(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex);
struct dds_security_authentication
{
struct ddsi_domaingv *gv;
DDS_Security_authentication_validate_local_identity validate_local_identity;
DDS_Security_authentication_get_identity_token get_identity_token;
DDS_Security_authentication_get_identity_status_token get_identity_status_token;
DDS_Security_authentication_set_permissions_credential_and_token set_permissions_credential_and_token;
DDS_Security_authentication_validate_remote_identity validate_remote_identity;
DDS_Security_authentication_begin_handshake_request begin_handshake_request;
DDS_Security_authentication_begin_handshake_reply begin_handshake_reply;
DDS_Security_authentication_process_handshake process_handshake;
DDS_Security_authentication_get_shared_secret get_shared_secret;
DDS_Security_authentication_get_authenticated_peer_credential_token get_authenticated_peer_credential_token;
DDS_Security_authentication_set_listener set_listener;
DDS_Security_authentication_return_identity_token return_identity_token;
DDS_Security_authentication_return_identity_status_token return_identity_status_token;
DDS_Security_authentication_return_authenticated_peer_credential_token return_authenticated_peer_credential_token;
DDS_Security_authentication_return_handshake_handle return_handshake_handle;
DDS_Security_authentication_return_identity_handle return_identity_handle;
DDS_Security_authentication_return_sharedsecret_handle return_sharedsecret_handle;
};
#if defined (__cplusplus)
#if defined(__cplusplus)
}
#endif

417
src/security/api/include/dds/security/dds_security_api_cryptography.h
View file

@ -15,14 +15,12 @@
#include "dds_security_api_types.h"
#if defined (__cplusplus)
extern "C" {
#if defined(__cplusplus)
extern "C"
{
#endif
/**
* Crypto Component
*/
/* Crypto Component */
struct dds_security_crypto_key_factory;
typedef struct dds_security_crypto_key_factory dds_security_crypto_key_factory;
@ -32,305 +30,240 @@ typedef struct dds_security_crypto_key_exchange dds_security_crypto_key_exchange
struct dds_security_crypto_transform;
typedef struct dds_security_crypto_transform dds_security_crypto_transform;
/**
* CryptoKeyFactory interface
*/
/* CryptoKeyFactory interface */
typedef DDS_Security_ParticipantCryptoHandle (*DDS_Security_crypto_key_factory_register_local_participant)(
dds_security_crypto_key_factory *instance,
const DDS_Security_IdentityHandle participant_identity,
const DDS_Security_PermissionsHandle participant_permissions,
const DDS_Security_PropertySeq *participant_properties,
const DDS_Security_ParticipantSecurityAttributes *participant_security_attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ParticipantCryptoHandle
(*DDS_Security_crypto_key_factory_register_local_participant)
( dds_security_crypto_key_factory *instance,
const DDS_Security_IdentityHandle participant_identity,
const DDS_Security_PermissionsHandle participant_permissions,
const DDS_Security_PropertySeq *participant_properties,
const DDS_Security_ParticipantSecurityAttributes *participant_security_attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ParticipantCryptoHandle (*DDS_Security_crypto_key_factory_register_matched_remote_participant)(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto_handle,
const DDS_Security_IdentityHandle remote_participant_identity,
const DDS_Security_PermissionsHandle remote_participant_permissions,
const DDS_Security_SharedSecretHandle shared_secret,
DDS_Security_SecurityException *ex);
typedef DDS_Security_ParticipantCryptoHandle
(*DDS_Security_crypto_key_factory_register_matched_remote_participant)
( dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto_handle,
const DDS_Security_IdentityHandle remote_participant_identity,
const DDS_Security_PermissionsHandle remote_participant_permissions,
const DDS_Security_SharedSecretHandle shared_secret,
DDS_Security_SecurityException *ex);
typedef DDS_Security_DatawriterCryptoHandle (*DDS_Security_crypto_key_factory_register_local_datawriter)(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto,
const DDS_Security_PropertySeq *datawriter_properties,
const DDS_Security_EndpointSecurityAttributes *datawriter_security_attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_DatareaderCryptoHandle (*DDS_Security_crypto_key_factory_register_matched_remote_datareader)(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto_handle,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
const DDS_Security_SharedSecretHandle shared_secret,
const DDS_Security_boolean relay_only,
DDS_Security_SecurityException *ex);
typedef DDS_Security_DatawriterCryptoHandle
(*DDS_Security_crypto_key_factory_register_local_datawriter)
( dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto,
const DDS_Security_PropertySeq *datawriter_properties,
const DDS_Security_EndpointSecurityAttributes *datawriter_security_attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_DatareaderCryptoHandle (*DDS_Security_crypto_key_factory_register_local_datareader)(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto_handle,
const DDS_Security_PropertySeq *datareader_properties,
const DDS_Security_EndpointSecurityAttributes *datareader_security_attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_DatareaderCryptoHandle
(*DDS_Security_crypto_key_factory_register_matched_remote_datareader)
( dds_security_crypto_key_factory *instance,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto_handle,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
const DDS_Security_SharedSecretHandle shared_secret,
const DDS_Security_boolean relay_only,
DDS_Security_SecurityException *ex);
typedef DDS_Security_DatawriterCryptoHandle (*DDS_Security_crypto_key_factory_register_matched_remote_datawriter)(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto_handle,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypt,
const DDS_Security_SharedSecretHandle shared_secret,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_key_factory_unregister_participant)(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_DatareaderCryptoHandle
(*DDS_Security_crypto_key_factory_register_local_datareader)
( dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto_handle,
const DDS_Security_PropertySeq *datareader_properties,
const DDS_Security_EndpointSecurityAttributes *datareader_security_attributes,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_key_factory_unregister_datawriter)(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatawriterCryptoHandle datawriter_crypto_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_DatawriterCryptoHandle
(*DDS_Security_crypto_key_factory_register_matched_remote_datawriter)
( dds_security_crypto_key_factory *instance,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto_handle,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypt,
const DDS_Security_SharedSecretHandle shared_secret,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_factory_unregister_participant)
( dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_factory_unregister_datawriter)
( dds_security_crypto_key_factory *instance,
const DDS_Security_DatawriterCryptoHandle datawriter_crypto_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_factory_unregister_datareader)
( dds_security_crypto_key_factory *instance,
const DDS_Security_DatareaderCryptoHandle datareader_crypto_handle,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_key_factory_unregister_datareader)(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatareaderCryptoHandle datareader_crypto_handle,
DDS_Security_SecurityException *ex);
struct dds_security_crypto_key_factory
{
DDS_Security_crypto_key_factory_register_local_participant register_local_participant;
DDS_Security_crypto_key_factory_register_matched_remote_participant register_matched_remote_participant;
DDS_Security_crypto_key_factory_register_local_datawriter register_local_datawriter;
DDS_Security_crypto_key_factory_register_matched_remote_datareader register_matched_remote_datareader;
DDS_Security_crypto_key_factory_register_local_datareader register_local_datareader;
DDS_Security_crypto_key_factory_register_matched_remote_datawriter register_matched_remote_datawriter;
DDS_Security_crypto_key_factory_unregister_participant unregister_participant;
DDS_Security_crypto_key_factory_unregister_datawriter unregister_datawriter;
DDS_Security_crypto_key_factory_unregister_datareader unregister_datareader;
} ;
};
/* CryptoKeyExchange Interface */
typedef DDS_Security_boolean (*DDS_Security_crypto_key_exchange_create_local_participant_crypto_tokens)(
dds_security_crypto_key_exchange *instance,
DDS_Security_ParticipantCryptoTokenSeq *local_participant_crypto_tokens,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
DDS_Security_SecurityException *ex);
/**
* CryptoKeyExchange Interface
*/
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_exchange_create_local_participant_crypto_tokens)
( dds_security_crypto_key_exchange *instance,
DDS_Security_ParticipantCryptoTokenSeq *local_participant_crypto_tokens,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_key_exchange_set_remote_participant_crypto_tokens)(
dds_security_crypto_key_exchange *instance,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
const DDS_Security_ParticipantCryptoTokenSeq *remote_participant_tokens,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_exchange_set_remote_participant_crypto_tokens)
( dds_security_crypto_key_exchange *instance,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
const DDS_Security_ParticipantCryptoTokenSeq *remote_participant_tokens,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_key_exchange_create_local_datawriter_crypto_tokens)(
dds_security_crypto_key_exchange *instance,
DDS_Security_DatawriterCryptoTokenSeq *local_datawriter_crypto_tokens,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle remote_datareader_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_exchange_create_local_datawriter_crypto_tokens)
( dds_security_crypto_key_exchange *instance,
DDS_Security_DatawriterCryptoTokenSeq *local_datawriter_crypto_tokens,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle remote_datareader_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_key_exchange_set_remote_datawriter_crypto_tokens)(
dds_security_crypto_key_exchange *instance,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle remote_datawriter_crypto,
const DDS_Security_DatawriterCryptoTokenSeq *remote_datawriter_tokens,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_exchange_set_remote_datawriter_crypto_tokens)
( dds_security_crypto_key_exchange *instance,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle remote_datawriter_crypto,
const DDS_Security_DatawriterCryptoTokenSeq *remote_datawriter_tokens,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_key_exchange_create_local_datareader_crypto_tokens)(
dds_security_crypto_key_exchange *instance,
DDS_Security_DatareaderCryptoTokenSeq *local_datareader_cryto_tokens,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle remote_datawriter_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_exchange_create_local_datareader_crypto_tokens)
( dds_security_crypto_key_exchange *instance,
DDS_Security_DatareaderCryptoTokenSeq *local_datareader_cryto_tokens,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle remote_datawriter_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_key_exchange_set_remote_datareader_crypto_tokens)(
dds_security_crypto_key_exchange *instance,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle remote_datareader_crypto,
const DDS_Security_DatareaderCryptoTokenSeq *remote_datareader_tokens,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_exchange_set_remote_datareader_crypto_tokens)
( dds_security_crypto_key_exchange *instance,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle remote_datareader_crypto,
const DDS_Security_DatareaderCryptoTokenSeq *remote_datareader_tokens,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_key_exchange_return_crypto_tokens)
( dds_security_crypto_key_exchange *instance,
DDS_Security_CryptoTokenSeq *crypto_tokens,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_key_exchange_return_crypto_tokens)(
dds_security_crypto_key_exchange *instance,
DDS_Security_CryptoTokenSeq *crypto_tokens,
DDS_Security_SecurityException *ex);
struct dds_security_crypto_key_exchange
{
DDS_Security_crypto_key_exchange_create_local_participant_crypto_tokens create_local_participant_crypto_tokens;
DDS_Security_crypto_key_exchange_set_remote_participant_crypto_tokens set_remote_participant_crypto_tokens;
DDS_Security_crypto_key_exchange_create_local_datawriter_crypto_tokens create_local_datawriter_crypto_tokens;
DDS_Security_crypto_key_exchange_set_remote_datawriter_crypto_tokens set_remote_datawriter_crypto_tokens;
DDS_Security_crypto_key_exchange_create_local_datareader_crypto_tokens create_local_datareader_crypto_tokens;
DDS_Security_crypto_key_exchange_set_remote_datareader_crypto_tokens set_remote_datareader_crypto_tokens;
DDS_Security_crypto_key_exchange_return_crypto_tokens return_crypto_tokens;
} ;
};
/* CryptoTransform Interface */
typedef DDS_Security_boolean (*DDS_Security_crypto_transform_encode_serialized_payload)(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_buffer,
DDS_Security_OctetSeq *extra_inline_qos,
const DDS_Security_OctetSeq *plain_buffer,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex);
/**
* CryptoTransform Interface
*/
typedef DDS_Security_boolean (*DDS_Security_crypto_transform_encode_datawriter_submessage)(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandleSeq *receiving_datareader_crypto_list,
DDS_Security_long *receiving_datareader_crypto_list_index,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_transform_encode_serialized_payload)
( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_buffer,
DDS_Security_OctetSeq *extra_inline_qos,
const DDS_Security_OctetSeq *plain_buffer,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_transform_encode_datareader_submessage)(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_DatareaderCryptoHandle sending_datareader_crypto,
const DDS_Security_DatawriterCryptoHandleSeq *receiving_datawriter_crypto_list,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_transform_encode_datawriter_submessage)
( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandleSeq *receiving_datareader_crypto_list,
DDS_Security_long *receiving_datareader_crypto_list_index,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_transform_encode_rtps_message)(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_message,
const DDS_Security_OctetSeq *plain_rtps_message,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
const DDS_Security_ParticipantCryptoHandleSeq *receiving_participant_crypto_list,
DDS_Security_long *receiving_participant_crypto_list_index,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_transform_encode_datareader_submessage)
( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_DatareaderCryptoHandle sending_datareader_crypto,
const DDS_Security_DatawriterCryptoHandleSeq *receiving_datawriter_crypto_list,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_transform_decode_rtps_message)(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_buffer,
const DDS_Security_OctetSeq *encoded_buffer,
const DDS_Security_ParticipantCryptoHandle receiving_participant_crypto,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_transform_preprocess_secure_submsg)(
dds_security_crypto_transform *instance,
DDS_Security_DatawriterCryptoHandle *datawriter_crypto,
DDS_Security_DatareaderCryptoHandle *datareader_crypto,
DDS_Security_SecureSubmessageCategory_t *secure_submessage_category,
const DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_ParticipantCryptoHandle receiving_participant_crypto,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_transform_encode_rtps_message)
( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_message,
const DDS_Security_OctetSeq *plain_rtps_message,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
const DDS_Security_ParticipantCryptoHandleSeq *receiving_participant_crypto_list,
DDS_Security_long *receiving_participant_crypto_list_index,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_transform_decode_datawriter_submessage)(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_DatareaderCryptoHandle receiving_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_transform_decode_rtps_message)
( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_buffer,
const DDS_Security_OctetSeq *encoded_buffer,
const DDS_Security_ParticipantCryptoHandle receiving_participant_crypto,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_transform_preprocess_secure_submsg)
( dds_security_crypto_transform *instance,
DDS_Security_DatawriterCryptoHandle *datawriter_crypto,
DDS_Security_DatareaderCryptoHandle *datareader_crypto,
DDS_Security_SecureSubmessageCategory_t *secure_submessage_category,
const DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_ParticipantCryptoHandle receiving_participant_crypto,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_transform_decode_datawriter_submessage)
( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_DatareaderCryptoHandle receiving_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_transform_decode_datareader_submessage)
( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_rtps_message,
const DDS_Security_OctetSeq *encoded_rtps_message,
const DDS_Security_DatawriterCryptoHandle receiving_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle sending_datareader_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean
(*DDS_Security_crypto_transform_decode_serialized_payload)
( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_buffer,
const DDS_Security_OctetSeq *encoded_buffer,
const DDS_Security_OctetSeq *inline_qos,
const DDS_Security_DatareaderCryptoHandle receiving_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_transform_decode_datareader_submessage)(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_rtps_message,
const DDS_Security_OctetSeq *encoded_rtps_message,
const DDS_Security_DatawriterCryptoHandle receiving_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle sending_datareader_crypto,
DDS_Security_SecurityException *ex);
typedef DDS_Security_boolean (*DDS_Security_crypto_transform_decode_serialized_payload)(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_buffer,
const DDS_Security_OctetSeq *encoded_buffer,
const DDS_Security_OctetSeq *inline_qos,
const DDS_Security_DatareaderCryptoHandle receiving_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex);
struct dds_security_crypto_transform
{
DDS_Security_crypto_transform_encode_serialized_payload encode_serialized_payload;
DDS_Security_crypto_transform_encode_datawriter_submessage encode_datawriter_submessage;
DDS_Security_crypto_transform_encode_datareader_submessage encode_datareader_submessage;
DDS_Security_crypto_transform_encode_rtps_message encode_rtps_message;
DDS_Security_crypto_transform_decode_rtps_message decode_rtps_message;
DDS_Security_crypto_transform_preprocess_secure_submsg preprocess_secure_submsg;
DDS_Security_crypto_transform_decode_datawriter_submessage decode_datawriter_submessage;
DDS_Security_crypto_transform_decode_datareader_submessage decode_datareader_submessage;
DDS_Security_crypto_transform_decode_serialized_payload decode_serialized_payload;
} ;
};
typedef struct dds_security_cryptography
{
dds_security_crypto_transform *crypto_transform;
dds_security_crypto_key_factory *crypto_key_factory;
dds_security_crypto_key_exchange *crypto_key_exchange;
struct ddsi_domaingv *gv;
dds_security_crypto_transform *crypto_transform;
dds_security_crypto_key_factory *crypto_key_factory;
dds_security_crypto_key_exchange *crypto_key_exchange;
} dds_security_cryptography;
#if defined (__cplusplus)
#if defined(__cplusplus)
}
#endif

27
src/security/builtin_plugins/access_control/src/access_control.c
View file

@ -20,13 +20,14 @@
#include "dds/ddsrt/string.h"
#include "dds/ddsrt/sync.h"
#include "dds/ddsrt/types.h"
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds/security/dds_security_api.h"
#include "dds/security/core/dds_security_utils.h"
#include "dds/security/core/dds_security_timed_cb.h"
#include "access_control.h"
#include "access_control_utils.h"
#include "access_control_objects.h"
#include "access_control_parser.h"
#include "dds/security/core/dds_security_timed_cb.h"
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L
#define REMOVE_THREAD_STATE() ERR_remove_thread_state(NULL);
@ -82,7 +83,6 @@ typedef struct dds_security_access_control_impl
struct dds_security_timed_cb_data *timed_callbacks;
struct dds_security_timed_dispatcher_t *dispatcher;
} dds_security_access_control_impl;
static bool get_sec_attributes(dds_security_access_control_impl *ac, const DDS_Security_PermissionsHandle permissions_handle, const char *topic_name,
@ -162,12 +162,9 @@ validate_local_permissions(
}
#endif
permissions_handle = ACCESS_CONTROL_OBJECT_HANDLE(rights);
if (permissions_handle != DDS_SECURITY_HANDLE_NIL)
if ((permissions_handle = ACCESS_CONTROL_OBJECT_HANDLE(rights)) != DDS_SECURITY_HANDLE_NIL)
{
assert (rights->permissions_expiry != DDS_TIME_INVALID);
if (rights->permissions_expiry != 0)
add_validity_end_trigger(ac, permissions_handle, rights->permissions_expiry);
}
@ -228,10 +225,12 @@ validate_remote_permissions(
remote_rights = check_and_create_remote_participant_rights(remote_identity_handle, local_rights, remote_permissions_token, remote_credential_token, ex);
#endif
permissions_handle = ACCESS_CONTROL_OBJECT_HANDLE(remote_rights);
if (permissions_handle != DDS_SECURITY_HANDLE_NIL)
add_validity_end_trigger(ac, permissions_handle, remote_rights->permissions_expiry);
if ((permissions_handle = ACCESS_CONTROL_OBJECT_HANDLE(remote_rights)) != DDS_SECURITY_HANDLE_NIL)
{
assert (remote_rights->permissions_expiry != DDS_TIME_INVALID);
if (remote_rights->permissions_expiry != 0)
add_validity_end_trigger(ac, permissions_handle, remote_rights->permissions_expiry);
}
if (remote_rights)
access_control_table_insert(ac->remote_permissions, (AccessControlObject *)remote_rights);
@ -1475,14 +1474,13 @@ return_permissions_handle(
return true;
}
int init_access_control(const char *argument, void **context)
int init_access_control(const char *argument, void **context, struct ddsi_domaingv *gv)
{
DDSRT_UNUSED_ARG(argument);
dds_security_access_control_impl *access_control = ddsrt_malloc(sizeof(*access_control));
memset(access_control, 0, sizeof(*access_control));
access_control->base.gv = gv;
access_control->timed_callbacks = dds_security_timed_cb_new();
access_control->dispatcher = dds_security_timed_dispatcher_new(access_control->timed_callbacks);
access_control->base.validate_local_permissions = &validate_local_permissions;
@ -1881,7 +1879,6 @@ validity_callback(struct dds_security_timed_dispatcher_t *d,
void *arg)
{
validity_cb_info *info = arg;
DDSRT_UNUSED_ARG(d);
assert(d);
assert(arg);
@ -1892,7 +1889,7 @@ validity_callback(struct dds_security_timed_dispatcher_t *d,
{
dds_security_access_control_listener *ac_listener = (dds_security_access_control_listener *)listener;
if (ac_listener->on_revoke_permissions)
ac_listener->on_revoke_permissions(ac_listener, (dds_security_access_control *)info->ac, info->hdl);
ac_listener->on_revoke_permissions((dds_security_access_control *)info->ac, info->hdl);
}
}
ddsrt_free(arg);

3
src/security/builtin_plugins/access_control/src/access_control.h
View file

@ -12,10 +12,11 @@
#ifndef ACCESS_CONTROL_H
#define ACCESS_CONTROL_H
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds/security/dds_security_api.h"
#include "dds/security/export.h"
SECURITY_EXPORT int init_access_control(const char *argument, void **context);
SECURITY_EXPORT int init_access_control(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int finalize_access_control(void *context);
#endif /* ACCESS_CONTROL_H */

1
src/security/builtin_plugins/authentication/CMakeLists.txt
View file

@ -43,6 +43,7 @@ target_include_directories(dds_security_auth
"$<BUILD_INTERFACE:$<TARGET_PROPERTY:security_core,INTERFACE_INCLUDE_DIRECTORIES>>"
"$<BUILD_INTERFACE:$<TARGET_PROPERTY:ddsrt,INTERFACE_INCLUDE_DIRECTORIES>>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_BINARY_DIR}/include>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_LIST_DIR}/../../../core/ddsi/include>"
)
install(

5
src/security/builtin_plugins/authentication/src/authentication.c
View file

@ -41,6 +41,7 @@
#include "dds/ddsrt/string.h"
#include "dds/ddsrt/sync.h"
#include "dds/ddsrt/hopscotch.h"
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds/security/dds_security_api.h"
#include "dds/security/core/dds_security_timed_cb.h"
#include "dds/security/core/dds_security_utils.h"
@ -2229,14 +2230,14 @@ DDS_Security_boolean return_sharedsecret_handle(dds_security_authentication *ins
return true;
}
int32_t init_authentication(const char *argument, void **context)
int32_t init_authentication(const char *argument, void **context, struct ddsi_domaingv *gv)
{
DDSRT_UNUSED_ARG(argument);
dds_security_authentication_impl *authentication;
authentication = (dds_security_authentication_impl *)ddsrt_malloc(sizeof(dds_security_authentication_impl));
memset(authentication, 0, sizeof(dds_security_authentication_impl));
authentication->base.gv = gv;
authentication->timed_callbacks = dds_security_timed_cb_new();
authentication->dispatcher = dds_security_timed_dispatcher_new(authentication->timed_callbacks);

2
src/security/builtin_plugins/authentication/src/authentication.h
View file

@ -17,7 +17,7 @@
#include "dds/security/dds_security_api.h"
#include "dds/security/export.h"
SECURITY_EXPORT int32_t init_authentication(const char *argument, void **context);
SECURITY_EXPORT int32_t init_authentication(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_authentication(void *context);
DDS_Security_ValidationResult_t validate_local_identity(dds_security_authentication *instance, DDS_Security_IdentityHandle *local_identity_handle, DDS_Security_GUID_t *adjusted_participant_guid,

1
src/security/builtin_plugins/cryptographic/CMakeLists.txt
View file

@ -42,6 +42,7 @@ target_include_directories(dds_security_crypto
"$<BUILD_INTERFACE:$<TARGET_PROPERTY:security_core,INTERFACE_INCLUDE_DIRECTORIES>>"
"$<BUILD_INTERFACE:$<TARGET_PROPERTY:ddsrt,INTERFACE_INCLUDE_DIRECTORIES>>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_BINARY_DIR}/include>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_LIST_DIR}/../../../core/ddsi/include>"
)
install(

5
src/security/builtin_plugins/cryptographic/src/cryptography.c
View file

@ -11,6 +11,7 @@
*/
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/types.h"
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds/security/dds_security_api.h"
#include "cryptography.h"
#include "crypto_key_exchange.h"
@ -24,6 +25,7 @@
typedef struct dds_security_cryptography_impl {
dds_security_cryptography base;
struct ddsi_domaingv *gv;
} dds_security_cryptography_impl;
dds_security_crypto_key_factory *cryptography_get_crypto_key_factory (const struct dds_security_cryptography *crypto)
@ -45,7 +47,7 @@ dds_security_crypto_transform *cryptography_get_crypto_transform (const struct d
}
int init_crypto (const char *argument, void **context)
int init_crypto (const char *argument, void **context, struct ddsi_domaingv *gv)
{
dds_security_cryptography_impl *cryptography;
dds_security_crypto_key_exchange *crypto_key_exchange;
@ -56,6 +58,7 @@ int init_crypto (const char *argument, void **context)
/* allocate new instance */
cryptography = ddsrt_malloc (sizeof(*cryptography));
cryptography->base.gv = gv;
/* assign the sub components */
crypto_key_exchange = dds_security_crypto_key_exchange__alloc ((dds_security_cryptography *)cryptography);

17
src/security/builtin_plugins/cryptographic/src/cryptography.h
View file

@ -12,22 +12,15 @@
#ifndef CRYPTOGRAPHY_H
#define CRYPTOGRAPHY_H
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds/security/dds_security_api.h"
#include "dds/security/export.h"
SECURITY_EXPORT int init_crypto(const char *argument, void **context);
SECURITY_EXPORT int init_crypto(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int finalize_crypto(void *instance);
dds_security_crypto_key_factory *
cryptography_get_crypto_key_factory(
const dds_security_cryptography *crypto);
dds_security_crypto_key_exchange *
cryptography_get_crypto_key_exchange(
const dds_security_cryptography *crypto);
dds_security_crypto_transform *
cryptography_get_crypto_transform(
const dds_security_cryptography *crypto);
dds_security_crypto_key_factory *cryptography_get_crypto_key_factory(const dds_security_cryptography *crypto);
dds_security_crypto_key_exchange * cryptography_get_crypto_key_exchange(const dds_security_cryptography *crypto);
dds_security_crypto_transform *cryptography_get_crypto_transform(const dds_security_cryptography *crypto);
#endif /* CRYPTOGRAPHY_H */

2
src/security/builtin_plugins/tests/common/src/loader.c
View file

@ -64,7 +64,7 @@ load_plugin(
}
char * init_parameters = "";
(void)info->func_init(init_parameters, &plugin);
(void)info->func_init(init_parameters, &plugin, NULL);
if (plugin) {
info->context = plugin;
} else {

3
src/security/builtin_plugins/tests/listeners_access_control/src/listeners_access_control_utests.c
View file

@ -568,9 +568,8 @@ CU_Clean(ddssec_builtin_listeners_access_control)
return 0;
}
static DDS_Security_boolean on_revoke_permissions_cb(dds_security_access_control_listener *instance, const dds_security_access_control *plugin, const DDS_Security_PermissionsHandle handle)
static DDS_Security_boolean on_revoke_permissions_cb(const dds_security_access_control *plugin, const DDS_Security_PermissionsHandle handle)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(plugin);
if (permission_handle_for_callback1 == DDS_SECURITY_HANDLE_NIL)
permission_handle_for_callback1 = handle;

29
src/security/core/include/dds/security/core/dds_security_plugins.h
View file

@ -14,10 +14,11 @@
#ifndef SECURITY_CORE_PLUGINS_H_
#define SECURITY_CORE_PLUGINS_H_
#include <stdint.h>
#include "dds/export.h"
#include "dds/ddsrt/retcode.h"
#include "dds/ddsrt/dynlib.h"
#include <stdint.h>
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds/security/dds_security_api.h"
struct ddsrt_log_cfg;
@ -47,24 +48,14 @@ typedef struct dds_security_plugin_suite_config{
dds_security_plugin_config access_control;
} dds_security_plugin_suite_config;
DDS_EXPORT dds_return_t dds_security_plugin_release(
const dds_security_plugin *security_plugin,
void *context );
DDS_EXPORT dds_return_t dds_security_check_plugin_configuration(
const dds_security_plugin_suite_config *security_suite_config,
const struct ddsrt_log_cfg *logcfg);
DDS_EXPORT dds_return_t dds_security_load_security_library(
const dds_security_plugin_config *plugin_config,
dds_security_plugin *security_plugin, void **security_plugin_context,
const struct ddsrt_log_cfg *logcfg);
DDS_EXPORT dds_return_t dds_security_plugin_release(const dds_security_plugin *security_plugin, void *context);
DDS_EXPORT dds_return_t dds_security_check_plugin_configuration(const dds_security_plugin_suite_config *security_suite_config, struct ddsi_domaingv *gv);
DDS_EXPORT dds_return_t dds_security_load_security_library(const dds_security_plugin_config *plugin_config, dds_security_plugin *security_plugin,
void **security_plugin_context, struct ddsi_domaingv *gv);
DDS_EXPORT dds_return_t dds_security_verify_plugin_functions(
dds_security_authentication *authentication_context, dds_security_plugin *auth_plugin,
dds_security_cryptography *crypto_context, dds_security_plugin *crypto_plugin,
dds_security_access_control *access_control_context, dds_security_plugin *ac_plugin,
const struct ddsrt_log_cfg *logcfg);
dds_security_authentication *authentication_context, dds_security_plugin *auth_plugin,
dds_security_cryptography *crypto_context, dds_security_plugin *crypto_plugin,
dds_security_access_control *access_control_context, dds_security_plugin *ac_plugin,
struct ddsi_domaingv *gv);
#endif /* SECURITY_CORE_PLUGINS_H_ */

41
src/security/core/src/dds_security_plugins.c
View file

@ -19,40 +19,40 @@
#include "dds/ddsrt/dynlib.h"
#include "dds/ddsrt/io.h"
static bool check_plugin_configuration (const dds_security_plugin_config *config, const char *name, const struct ddsrt_log_cfg *logcfg)
static bool check_plugin_configuration (const dds_security_plugin_config *config, const char *name, struct ddsi_domaingv *gv)
{
if (config->library_path == NULL || *config->library_path == 0) {
DDS_CERROR (logcfg, "%s security plugin library path is undefined or empty\n", name);
GVERROR ("%s security plugin library path is undefined or empty\n", name);
return false;
}
if (config->library_init == NULL || *config->library_init == 0) {
DDS_CERROR (logcfg, "%s security plugin init function is undefined or empty\n", name);
GVERROR ("%s security plugin init function is undefined or empty\n", name);
return false;
}
if (config->library_finalize == NULL || *config->library_finalize == 0) {
DDS_CERROR (logcfg, "%s security plugin finalize function is undefined or empty\n", name);
GVERROR ("%s security plugin finalize function is undefined or empty\n", name);
return false;
}
return true;
}
dds_return_t dds_security_check_plugin_configuration (const dds_security_plugin_suite_config *security_suite_config, const struct ddsrt_log_cfg *logcfg)
dds_return_t dds_security_check_plugin_configuration (const dds_security_plugin_suite_config *security_suite_config, struct ddsi_domaingv *gv)
{
if (check_plugin_configuration (&security_suite_config->access_control, "AccessControl", logcfg) &&
check_plugin_configuration (&security_suite_config->authentication, "Authentication", logcfg) &&
check_plugin_configuration (&security_suite_config->cryptography, "Cryptography", logcfg))
if (check_plugin_configuration (&security_suite_config->access_control, "AccessControl", gv) &&
check_plugin_configuration (&security_suite_config->authentication, "Authentication", gv) &&
check_plugin_configuration (&security_suite_config->cryptography, "Cryptography", gv))
return DDS_RETCODE_OK;
else
return DDS_RETCODE_ERROR;
}
static bool verify_function (const void *function_ptr, dds_security_plugin *plugin, const char *function_name, const struct ddsrt_log_cfg *logcfg)
static bool verify_function (const void *function_ptr, dds_security_plugin *plugin, const char *function_name, struct ddsi_domaingv *gv)
{
if (function_ptr != NULL)
return true;
else
{
DDS_CERROR (logcfg, "Could not find the function for %s: %s\n", plugin->name, function_name);
GVERROR ("Could not find the function for %s: %s\n", plugin->name, function_name);
return false;
}
}
@ -62,12 +62,12 @@ struct verify_plugin_functions_tab {
const char *name;
};
static bool verify_plugin_functions (const void *context, dds_security_plugin *plugin, const struct verify_plugin_functions_tab *entries, size_t nentries, const struct ddsrt_log_cfg *logcfg)
static bool verify_plugin_functions (const void *context, dds_security_plugin *plugin, const struct verify_plugin_functions_tab *entries, size_t nentries, struct ddsi_domaingv *gv)
{
for (size_t i = 0; i < nentries; i++)
{
const char *p = (const char *) context + entries[i].off;
if (!verify_function (*((void **) p), plugin, entries[i].name, logcfg))
if (!verify_function (*((void **) p), plugin, entries[i].name, gv))
return false;
}
return true;
@ -77,7 +77,7 @@ dds_return_t dds_security_verify_plugin_functions(
dds_security_authentication *authentication_context, dds_security_plugin *auth_plugin,
dds_security_cryptography *crypto_context, dds_security_plugin *crypto_plugin,
dds_security_access_control *access_control_context, dds_security_plugin *ac_plugin,
const struct ddsrt_log_cfg *logcfg)
struct ddsi_domaingv *gv)
{
#define FGEN(context, name) { offsetof (context, name), #name }
#define F(name) FGEN (dds_security_authentication, name)
@ -170,7 +170,7 @@ dds_return_t dds_security_verify_plugin_functions(
F (decode_serialized_payload)
};
#undef F
#define C(context, plugin, table) verify_plugin_functions (context, plugin, table, sizeof (table) / sizeof (table[0]), logcfg)
#define C(context, plugin, table) verify_plugin_functions (context, plugin, table, sizeof (table) / sizeof (table[0]), gv)
if (C (authentication_context, auth_plugin, auth) &&
C (access_control_context, ac_plugin, ac) &&
C (crypto_context->crypto_key_factory, crypto_plugin, cryptoF) &&
@ -189,7 +189,8 @@ dds_return_t dds_security_verify_plugin_functions(
/**
* All fields of the library properties are supposed to be non-empty
*/
dds_return_t dds_security_load_security_library (const dds_security_plugin_config *plugin_config, dds_security_plugin *security_plugin, void **security_plugin_context, const struct ddsrt_log_cfg *logcfg)
dds_return_t dds_security_load_security_library (const dds_security_plugin_config *plugin_config, dds_security_plugin *security_plugin,
void **security_plugin_context, struct ddsi_domaingv *gv)
{
dds_return_t lib_ret;
char *init_parameters = "";
@ -211,30 +212,30 @@ dds_return_t dds_security_load_security_library (const dds_security_plugin_confi
{
char buffer[256];
ddsrt_dlerror (buffer, sizeof (buffer));
DDS_CERROR (logcfg, "Could not load %s library: %s\n", security_plugin->name, buffer);
GVERROR ("Could not load %s library: %s\n", security_plugin->name, buffer);
goto load_error;
}
void *tmp;
if (ddsrt_dlsym (security_plugin->lib_handle, plugin_config->library_init, &tmp) != DDS_RETCODE_OK)
{
DDS_CERROR (logcfg, "Could not find the function: %s\n", plugin_config->library_init);
GVERROR ("Could not find the function: %s\n", plugin_config->library_init);
goto library_error;
}
security_plugin->func_init = (plugin_init) tmp;
if (ddsrt_dlsym (security_plugin->lib_handle, plugin_config->library_finalize, &tmp) != DDS_RETCODE_OK)
{
DDS_CERROR (logcfg, "Could not find the function: %s\n", plugin_config->library_finalize);
GVERROR ("Could not find the function: %s\n", plugin_config->library_finalize);
goto library_error;
}
security_plugin->func_finalize = (plugin_finalize) tmp;
if (security_plugin->func_init != 0)
{
if (security_plugin->func_init (init_parameters, (void **) security_plugin_context) != DDS_RETCODE_OK)
if (security_plugin->func_init (init_parameters, (void **) security_plugin_context, gv) != DDS_RETCODE_OK)
{
DDS_CERROR (logcfg, "Error occured while initializing %s plugin\n", security_plugin->name);
GVERROR ("Error occured while initializing %s plugin\n", security_plugin->name);
goto library_error;
}
}

6
src/security/core/tests/common/access_control_wrapper.c
View file

@ -514,10 +514,11 @@ static struct dds_security_access_control_impl * init_test_access_control_common
return impl;
}
int32_t init_test_access_control_all_ok(const char *argument, void **context)
int32_t init_test_access_control_all_ok(const char *argument, void **context, struct ddsi_domaingv *gv)
{
DDSRT_UNUSED_ARG(argument);
DDSRT_UNUSED_ARG(context);
DDSRT_UNUSED_ARG(gv);
struct dds_security_access_control_impl *impl = init_test_access_control_common();
impl->mode = PLUGIN_MODE_ALL_OK;
*context = impl;
@ -531,10 +532,11 @@ int32_t finalize_test_access_control_all_ok(void *context)
return 0;
}
int32_t init_test_access_control_missing_func(const char *argument, void **context)
int32_t init_test_access_control_missing_func(const char *argument, void **context, struct ddsi_domaingv *gv)
{
DDSRT_UNUSED_ARG(argument);
DDSRT_UNUSED_ARG(context);
DDSRT_UNUSED_ARG(gv);
struct dds_security_access_control_impl *impl = init_test_access_control_common();
impl->base.check_create_datareader = NULL;
impl->mode = PLUGIN_MODE_MISSING_FUNC;

5
src/security/core/tests/common/access_control_wrapper.h
View file

@ -12,15 +12,16 @@
#ifndef SECURITY_CORE_TEST_ACCESS_CONTROL_WRAPPER_H_
#define SECURITY_CORE_TEST_ACCESS_CONTROL_WRAPPER_H_
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds/security/dds_security_api.h"
#include "dds/security/access_control_wrapper_export.h"
/* Init in all-ok mode: all functions return success without calling the actual plugin */
SECURITY_EXPORT int32_t init_test_access_control_all_ok(const char *argument, void **context);
SECURITY_EXPORT int32_t init_test_access_control_all_ok(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_test_access_control_all_ok(void *context);
/* Init in missing function mode: one of the function pointers is null */
SECURITY_EXPORT int32_t init_test_access_control_missing_func(const char *argument, void **context);
SECURITY_EXPORT int32_t init_test_access_control_missing_func(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_test_access_control_missing_func(void *context);
#endif /* SECURITY_CORE_TEST_ACCESS_CONTROL_WRAPPER_H_ */

23
src/security/core/tests/common/authentication_wrapper.c
View file

@ -22,7 +22,7 @@
#include "test_identity.h"
#include "plugin_wrapper_msg_q.h"
int32_t init_authentication(const char *argument, void **context);
int32_t init_authentication(const char *argument, void **context, struct ddsi_domaingv *gv);
int32_t finalize_authentication(void *context);
enum auth_plugin_mode {
@ -41,7 +41,6 @@ struct dds_security_authentication_impl
dds_security_authentication base;
dds_security_authentication *instance;
struct message_queue msg_queue;
const struct ddsi_domaingv *gv;
enum auth_plugin_mode mode;
};
@ -439,7 +438,7 @@ static struct dds_security_authentication_impl * get_impl_for_domain(dds_domaini
{
for (size_t i = 0; i < auth_impl_idx; i++)
{
if (auth_impl[i] && auth_impl[i]->gv->config.domainId == domain_id)
if (auth_impl[i] && auth_impl[i]->instance->gv->config.domainId == domain_id)
{
return auth_impl[i];
}
@ -483,10 +482,11 @@ static struct dds_security_authentication_impl * init_test_authentication_common
return impl;
}
int32_t init_test_authentication_all_ok(const char *argument, void **context)
int32_t init_test_authentication_all_ok(const char *argument, void **context, struct ddsi_domaingv *gv)
{
DDSRT_UNUSED_ARG(argument);
DDSRT_UNUSED_ARG(context);
DDSRT_UNUSED_ARG(gv);
struct dds_security_authentication_impl *impl = init_test_authentication_common();
impl->mode = PLUGIN_MODE_ALL_OK;
*context = impl;
@ -500,10 +500,11 @@ int32_t finalize_test_authentication_all_ok(void *context)
return 0;
}
int32_t init_test_authentication_missing_func(const char *argument, void **context)
int32_t init_test_authentication_missing_func(const char *argument, void **context, struct ddsi_domaingv *gv)
{
DDSRT_UNUSED_ARG(argument);
DDSRT_UNUSED_ARG(context);
DDSRT_UNUSED_ARG(gv);
struct dds_security_authentication_impl *impl = init_test_authentication_common();
impl->base.get_shared_secret = NULL;
impl->mode = PLUGIN_MODE_MISSING_FUNC;
@ -518,10 +519,11 @@ int32_t finalize_test_authentication_missing_func(void *context)
return 0;
}
int32_t init_test_authentication_init_error(const char *argument, void **context)
int32_t init_test_authentication_init_error(const char *argument, void **context, struct ddsi_domaingv *gv)
{
DDSRT_UNUSED_ARG(argument);
DDSRT_UNUSED_ARG(context);
DDSRT_UNUSED_ARG(gv);
return 1;
}
@ -535,19 +537,14 @@ int32_t finalize_test_authentication_init_error(void *context)
* Init and fini functions for using wrapped mode for the authentication plugin.
* These functions assumes that there are no concurrent calls, as the static
* variables used here are not protected by a lock. */
int32_t init_test_authentication_wrapped(const char *argument, void **context)
int32_t init_test_authentication_wrapped(const char *argument, void **context, struct ddsi_domaingv *gv)
{
int32_t ret;
struct dds_security_authentication_impl *impl = init_test_authentication_common();
impl->mode = PLUGIN_MODE_WRAPPED;
init_message_queue(&impl->msg_queue);
struct thread_state1 * const ts1 = lookup_thread_state ();
struct ddsi_domaingv const * const gv = ddsrt_atomic_ldvoidp (&ts1->gv);
impl->gv = gv;
ret = init_authentication(argument, (void **)&impl->instance);
ret = init_authentication(argument, (void **)&impl->instance, gv);
auth_impl_idx++;
auth_impl = ddsrt_realloc(auth_impl, auth_impl_idx * sizeof(*auth_impl));
auth_impl[auth_impl_idx - 1] = impl;

9
src/security/core/tests/common/authentication_wrapper.h
View file

@ -12,24 +12,25 @@
#ifndef SECURITY_CORE_TEST_AUTHENTICATION_WRAPPER_H_
#define SECURITY_CORE_TEST_AUTHENTICATION_WRAPPER_H_
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds/security/dds_security_api.h"
#include "dds/security/authentication_wrapper_export.h"
#include "plugin_wrapper_msg_q.h"
/* Init in wrapper mode */
SECURITY_EXPORT int32_t init_test_authentication_wrapped(const char *argument, void **context);
SECURITY_EXPORT int32_t init_test_authentication_wrapped(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_test_authentication_wrapped(void *context);
/* Init in all-ok mode: all functions return success without calling the actual plugin */
SECURITY_EXPORT int32_t init_test_authentication_all_ok(const char *argument, void **context);
SECURITY_EXPORT int32_t init_test_authentication_all_ok(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_test_authentication_all_ok(void *context);
/* Init in missing function mode: one of the function pointers is null */
SECURITY_EXPORT int32_t init_test_authentication_missing_func(const char *argument, void **context);
SECURITY_EXPORT int32_t init_test_authentication_missing_func(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_test_authentication_missing_func(void *context);
/* Init function fails */
SECURITY_EXPORT int32_t init_test_authentication_init_error(const char *argument, void **context);
SECURITY_EXPORT int32_t init_test_authentication_init_error(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_test_authentication_init_error(void *context);
SECURITY_EXPORT struct message * test_authentication_plugin_take_msg(dds_domainid_t domain_id, message_kind_t kind, DDS_Security_IdentityHandle lidHandle, DDS_Security_IdentityHandle ridHandle, DDS_Security_IdentityHandle hsHandle, dds_duration_t timeout);

18
src/security/core/tests/common/cryptography_wrapper.c
View file

@ -22,7 +22,7 @@
#include "dds/security/core/dds_security_utils.h"
#include "cryptography_wrapper.h"
int32_t init_crypto(const char *argument, void **context);
int32_t init_crypto(const char *argument, void **context, struct ddsi_domaingv *gv);
int32_t finalize_crypto(void *context);
enum crypto_plugin_mode {
@ -700,14 +700,14 @@ static DDS_Security_boolean decode_serialized_payload(
/**
* Init and finalize functions
*/
static struct dds_security_cryptography_impl * init_test_cryptography_common(const char *argument, bool wrapped)
static struct dds_security_cryptography_impl * init_test_cryptography_common(const char *argument, bool wrapped, struct ddsi_domaingv *gv)
{
struct dds_security_cryptography_impl *impl = (struct dds_security_cryptography_impl*) ddsrt_malloc(sizeof(*impl));
memset(impl, 0, sizeof(*impl));
if (wrapped)
{
if (init_crypto(argument, (void **)&impl->instance) != DDS_SECURITY_SUCCESS)
if (init_crypto(argument, (void **)&impl->instance, gv) != DDS_SECURITY_SUCCESS)
return NULL;
impl->transform_wrap.instance = impl->instance->crypto_transform;
@ -763,9 +763,9 @@ static int32_t finalize_test_cryptography_common(struct dds_security_cryptograph
return DDS_SECURITY_SUCCESS;
}
int32_t init_test_cryptography_all_ok(const char *argument, void **context)
int32_t init_test_cryptography_all_ok(const char *argument, void **context, struct ddsi_domaingv *gv)
{
struct dds_security_cryptography_impl *impl = init_test_cryptography_common(argument, false);
struct dds_security_cryptography_impl *impl = init_test_cryptography_common(argument, false, gv);
if (!impl)
return DDS_SECURITY_FAILED;
impl->mode = PLUGIN_MODE_ALL_OK;
@ -780,9 +780,9 @@ int32_t finalize_test_cryptography_all_ok(void *context)
return finalize_test_cryptography_common(impl, false);
}
int32_t init_test_cryptography_missing_func(const char *argument, void **context)
int32_t init_test_cryptography_missing_func(const char *argument, void **context, struct ddsi_domaingv *gv)
{
struct dds_security_cryptography_impl *impl = init_test_cryptography_common(argument, false);
struct dds_security_cryptography_impl *impl = init_test_cryptography_common(argument, false, gv);
if (!impl)
return DDS_SECURITY_FAILED;
impl->base.crypto_key_exchange->set_remote_participant_crypto_tokens = NULL;
@ -798,9 +798,9 @@ int32_t finalize_test_cryptography_missing_func(void *context)
return finalize_test_cryptography_common(impl, false);
}
int32_t init_test_cryptography_wrapped(const char *argument, void **context)
int32_t init_test_cryptography_wrapped(const char *argument, void **context, struct ddsi_domaingv *gv)
{
struct dds_security_cryptography_impl *impl = init_test_cryptography_common(argument, true);
struct dds_security_cryptography_impl *impl = init_test_cryptography_common(argument, true, gv);
if (!impl)
return DDS_SECURITY_FAILED;
impl->mode = PLUGIN_MODE_WRAPPED;

7
src/security/core/tests/common/cryptography_wrapper.h
View file

@ -12,6 +12,7 @@
#ifndef SECURITY_CORE_TEST_CRYPTO_WRAPPER_H_
#define SECURITY_CORE_TEST_CRYPTO_WRAPPER_H_
#include "dds/ddsi/ddsi_domaingv.h"
#include "dds/security/dds_security_api.h"
#include "dds/security/dds_security_api_defs.h"
#include "dds/security/cryptography_wrapper_export.h"
@ -34,15 +35,15 @@ SECURITY_EXPORT void set_disc_protection_kinds(
SECURITY_EXPORT void set_entity_data_secret(struct dds_security_cryptography_impl * impl, const char * pp_secret, const char * groupdata_secret, const char * ep_secret);
/* Init in all-ok mode: all functions return success without calling the actual plugin */
SECURITY_EXPORT int32_t init_test_cryptography_all_ok(const char *argument, void **context);
SECURITY_EXPORT int32_t init_test_cryptography_all_ok(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_test_cryptography_all_ok(void *context);
/* Init in missing function mode: one of the function pointers is null */
SECURITY_EXPORT int32_t init_test_cryptography_missing_func(const char *argument, void **context);
SECURITY_EXPORT int32_t init_test_cryptography_missing_func(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_test_cryptography_missing_func(void *context);
/* Init in wrapper mode */
SECURITY_EXPORT int32_t init_test_cryptography_wrapped(const char *argument, void **context);
SECURITY_EXPORT int32_t init_test_cryptography_wrapped(const char *argument, void **context, struct ddsi_domaingv *gv);
SECURITY_EXPORT int32_t finalize_test_cryptography_wrapped(void *context);
#endif /* SECURITY_CORE_TEST_CRYPTO_WRAPPER_H_ */