OpenDDS  Snapshot(2023/04/28-20:55)
DdsSecurityCore.idl
Go to the documentation of this file.
1 /*
2  *
3  *
4  * Distributed under the OpenDDS License.
5  * See: http://www.opendds.org/license.html
6  */
7 
8 #ifdef OPENDDS_SECURITY
9 #ifndef OPENDDS_DDS_SECURITY_CORE_IDL
10 #define OPENDDS_DDS_SECURITY_CORE_IDL
11 
12 // DDS Security 1.1 Normative IDL (ptc/2017-09-26)
13 // This file follows the spec IDL but includes changes necessary for OpenDDS.
14 // Those changes are not expected to impact the interface between plugin
15 // implementations and the core. Where the spec uses the 'native' IDL keyword,
16 // the implementation (OpenDDS) may select a mapping either in IDL or as a
17 // special case in the compiler.
18 // Certain parts of the spec IDL have been moved to DdsSecurityParams.idl
19 // or to other files, as noted below.
20 
21 #include "DdsDcpsGuid.idl"
22 #include "DdsDcpsInfrastructure.idl"
23 #include "DdsDcpsPublication.idl"
24 #include "DdsDcpsSubscription.idl"
25 #include "DdsSecurityParams.idl"
26 #include "DdsDynamicData.idl"
27 
28 // The types in this file shall be serialized with XCDR encoding version 1
29 module DDS {
30  module Security {
31 
32  // Per the security spec these types are expected to be visible in
33  // the DDS::Security namespace. They are defined in dds/DdsDcpsCore.idl
34  // in order to satisfy dependencies of DomainParticipantQos.
35  typedef DDS::Property_t Property_t;
36  typedef DDS::PropertySeq PropertySeq;
37  typedef DDS::BinaryProperty_t BinaryProperty_t;
38  typedef DDS::BinaryPropertySeq BinaryPropertySeq;
39  typedef DDS::PropertyQosPolicy PropertyQosPolicy;
40 
41  typedef Token MessageToken;
42  typedef MessageToken AuthRequestMessageToken;
43  typedef MessageToken HandshakeMessageToken;
44 
45  typedef Token AuthenticatedPeerCredentialToken;
46  typedef Token PermissionsCredentialToken;
47 
48  typedef Token CryptoToken;
49  typedef sequence<CryptoToken> CryptoTokenSeq;
50 
51  typedef Token ParticipantCryptoToken;
52  typedef Token DatawriterCryptoToken;
53  typedef Token DatareaderCryptoToken;
54 
55  typedef CryptoTokenSeq ParticipantCryptoTokenSeq;
56  typedef CryptoTokenSeq DatawriterCryptoTokenSeq;
57  typedef CryptoTokenSeq DatareaderCryptoTokenSeq;
58 
59  struct MessageIdentity {
60  OpenDDS::DCPS::GUID_t source_guid;
61  long long sequence_number;
62  };
63 
64  typedef string GenericMessageClassId;
65 
66  //@extensibility(APPENDABLE)
67  struct ParticipantGenericMessage {
68  MessageIdentity message_identity;
69  MessageIdentity related_message_identity;
70  OpenDDS::DCPS::GUID_t destination_participant_guid;
71  OpenDDS::DCPS::GUID_t destination_endpoint_guid;
72  OpenDDS::DCPS::GUID_t source_endpoint_guid;
73  GenericMessageClassId message_class_id;
74  DataHolderSeq message_data;
75  };
76 
77  typedef ParticipantGenericMessage ParticipantStatelessMessage;
78  typedef ParticipantGenericMessage ParticipantVolatileMessageSecure;
79 
80  const string GMCLASSID_SECURITY_AUTH_REQUEST = "dds.sec.auth_request";
81  const string GMCLASSID_SECURITY_AUTH_HANDSHAKE = "dds.sec.auth";
82  const string GMCLASSID_SECURITY_PARTICIPANT_CRYPTO_TOKENS = "dds.sec.participant_crypto_tokens";
83  const string GMCLASSID_SECURITY_DATAWRITER_CRYPTO_TOKENS = "dds.sec.datawriter_crypto_tokens";
84  const string GMCLASSID_SECURITY_DATAREADER_CRYPTO_TOKENS = "dds.sec.datareader_crypto_tokens";
85 
86  const ReturnCode_t RETCODE_NOT_ALLOWED_BY_SECURITY = 1000;
87 
88  typedef DataTags DataTagQosPolicy;
89 
90  /* TODO: PENDING DATA TAGS IMPLEMENTATION
91  // See http://www.omg.org/spec/DDS-XTypes/20170301/dds-xtypes_discovery.idl
92  @extensibility(MUTABLE)
93  struct DataWriterQos : DDS::DataWriterQos {
94  PropertyQosPolicy property;
95  DataTagQosPolicy data_tags;
96  };
97 
98  // See http://www.omg.org/spec/DDS-XTypes/20170301/dds-xtypes_discovery.idl
99  @extensibility(MUTABLE)
100  struct DataReaderQos : DDS::DataReaderQos {
101  PropertyQosPolicy property;
102  DataTagQosPolicy data_tags;
103  };
104 
105  */
106 
107  // See http://www.omg.org/spec/DDS-XTypes/20170301/dds-xtypes_discovery.idl
108  //@extensibility(MUTABLE)
109  struct ParticipantBuiltinTopicData { // : DDS::ParticipantBuiltinTopicData {
110  // in this and following structs, 'base' is used in place of struct inheritance
111  DDS::ParticipantBuiltinTopicData base;
112 
113  IdentityToken identity_token;
114  PermissionsToken permissions_token;
115  PropertyQosPolicy property;
116  ParticipantSecurityInfo security_info;
117  // https://issues.omg.org/browse/DDSSEC12-87
118  ExtendedBuiltinEndpointSet_t extended_builtin_endpoints;
119  };
120 
121  //@extensibility(MUTABLE)
122  struct ParticipantBuiltinTopicDataSecure { // : ParticipantBuiltinTopicData {
123  ParticipantBuiltinTopicData base;
124 
125  IdentityStatusToken identity_status_token;
126  };
127 
128  //@extensibility(MUTABLE)
129  struct PublicationBuiltinTopicData { //: DDS::PublicationBuiltinTopicData {
130  DDS::PublicationBuiltinTopicData base;
131 
132  EndpointSecurityInfo security_info;
133  };
134 
135  //@extensibility(MUTABLE)
136  struct SubscriptionBuiltinTopicData { //: DDS::SubscriptionBuiltinTopicData {
137  DDS::SubscriptionBuiltinTopicData base;
138 
139  EndpointSecurityInfo security_info;
140  };
141 
142  //@extensibility(MUTABLE)
143  struct PublicationBuiltinTopicDataSecure {// : PublicationBuiltinTopicData {
144  PublicationBuiltinTopicData base;
145 
146  DataTags data_tags;
147  };
148 
149  //@extensibility(MUTABLE)
150  struct SubscriptionBuiltinTopicDataSecure { // : SubscriptionBuiltinTopicData {
151  SubscriptionBuiltinTopicData base;
152 
153  DataTags data_tags;
154  };
155 
156  struct SecurityException {
157  string message;
158  long code;
159  long minor_code;
160  };
161 
162  // These are not in the spec, but are significant for the DDS core
163  const long OPENDDS_EXCEPTION_CODE_NO_KEY = -10;
164  const long OPENDDS_EXCEPTION_MINOR_CODE_NO_KEY = 1;
165 
166  enum ValidationResult_t {
167  VALIDATION_OK,
168  VALIDATION_FAILED,
169  VALIDATION_PENDING_RETRY,
170  VALIDATION_PENDING_HANDSHAKE_REQUEST,
171  VALIDATION_PENDING_HANDSHAKE_MESSAGE,
172  VALIDATION_OK_FINAL_MESSAGE
173  };
174 
175  typedef long IdentityHandle;
176  typedef long HandshakeHandle;
177  typedef long PermissionsHandle;
178 
179  // https://issues.omg.org/issues/DDSSEC12-2
180  local interface SharedSecretHandle {
181  readonly attribute OctetSeq challenge1, challenge2, sharedSecret;
182  };
183 
184  typedef long ParticipantCryptoHandle;
185  typedef sequence<ParticipantCryptoHandle> ParticipantCryptoHandleSeq;
186 
187  // Used internally by OpenDDS Implementation
188  typedef long NativeCryptoHandle;
189 
190  typedef NativeCryptoHandle DatawriterCryptoHandle;
191  typedef sequence<DatawriterCryptoHandle> DatawriterCryptoHandleSeq;
192 
193  typedef NativeCryptoHandle DatareaderCryptoHandle;
194  typedef sequence<DatareaderCryptoHandle> DatareaderCryptoHandleSeq;
195 
196  local interface Authentication;
197 
198  enum AuthStatusKind {
199  RESERVED_AUTH_STATUS_KIND_0,
200  //@value(1) IDENTITY_STATUS
201  IDENTITY_STATUS
202  };
203 
204  local interface AuthenticationListener {
205  boolean
206  on_revoke_identity(
207  in Authentication plugin,
208  in IdentityHandle handle,
209  inout SecurityException ex);
210 
211  boolean
212  on_status_changed(
213  in Authentication plugin,
214  in IdentityHandle handle,
215  in AuthStatusKind status_kind,
216  inout SecurityException ex);
217  };
218 
219  typedef DDS::DomainId_t DomainId_t;
220 
221  local interface Authentication {
222 
223  ValidationResult_t
224  validate_local_identity(
225  inout IdentityHandle local_identity_handle,
226  inout OpenDDS::DCPS::GUID_t adjusted_participant_guid,
227  in DomainId_t domain_id,
228  in DomainParticipantQos participant_qos,
229  in OpenDDS::DCPS::GUID_t candidate_participant_guid,
230  inout SecurityException ex );
231 
232  boolean
233  get_identity_token(
234  inout IdentityToken identity_token,
235  in IdentityHandle handle,
236  inout SecurityException ex );
237 
238  boolean
239  get_identity_status_token(
240  inout IdentityStatusToken identity_status_token,
241  in IdentityHandle handle,
242  inout SecurityException ex );
243 
244  boolean
245  set_permissions_credential_and_token(
246  in IdentityHandle handle,
247  in PermissionsCredentialToken permissions_credential,
248  in PermissionsToken permissions_token,
249  inout SecurityException ex );
250 
251  ValidationResult_t
252  validate_remote_identity(
253  inout IdentityHandle remote_identity_handle,
254  inout AuthRequestMessageToken local_auth_request_token,
255  in AuthRequestMessageToken remote_auth_request_token,
256  in IdentityHandle local_identity_handle,
257  in IdentityToken remote_identity_token,
258  in OpenDDS::DCPS::GUID_t remote_participant_guid,
259  inout SecurityException ex );
260 
261  ValidationResult_t
262  begin_handshake_request(
263  inout HandshakeHandle handshake_handle,
264  inout HandshakeMessageToken handshake_message,
265  in IdentityHandle initiator_identity_handle,
266  in IdentityHandle replier_identity_handle,
267  in OctetSeq serialized_local_participant_data,
268  inout SecurityException ex );
269 
270  ValidationResult_t
271  begin_handshake_reply(
272  inout HandshakeHandle handshake_handle,
273  inout HandshakeMessageToken handshake_message_out,
274  in IdentityHandle initiator_identity_handle,
275  in IdentityHandle replier_identity_handle,
276  in OctetSeq serialized_local_participant_data,
277  inout SecurityException ex );
278 
279  ValidationResult_t
280  process_handshake(
281  inout HandshakeMessageToken handshake_message_out,
282  in HandshakeMessageToken handshake_message_in,
283  in HandshakeHandle handshake_handle,
284  inout SecurityException ex );
285 
286  SharedSecretHandle
287  get_shared_secret(
288  in HandshakeHandle handshake_handle,
289  inout SecurityException ex );
290 
291  boolean
292  get_authenticated_peer_credential_token(
293  inout AuthenticatedPeerCredentialToken peer_credential_token,
294  in HandshakeHandle handshake_handle,
295  inout SecurityException ex );
296 
297  boolean
298  set_listener(
299  in AuthenticationListener listener,
300  inout SecurityException ex );
301 
302  boolean
303  return_identity_token(
304  in IdentityToken token,
305  inout SecurityException ex);
306 
307  boolean
308  return_identity_status_token(
309  in IdentityStatusToken token,
310  inout SecurityException ex);
311 
312  boolean
313  return_authenticated_peer_credential_token(
314  in AuthenticatedPeerCredentialToken peer_credential_token,
315  inout SecurityException ex);
316 
317  boolean
318  return_handshake_handle(
319  in HandshakeHandle handshake_handle,
320  inout SecurityException ex);
321 
322  boolean
323  return_identity_handle(
324  in IdentityHandle identity_handle,
325  inout SecurityException ex);
326 
327  boolean
328  return_sharedsecret_handle(
329  in SharedSecretHandle sharedsecret_handle,
330  inout SecurityException ex);
331  };
332 
333  struct ParticipantSecurityAttributes {
334  boolean allow_unauthenticated_participants;
335  boolean is_access_protected;
336  boolean is_rtps_protected;
337  boolean is_discovery_protected;
338  boolean is_liveliness_protected;
339  PluginParticipantSecurityAttributesMask plugin_participant_attributes;
340  PropertySeq ac_endpoint_properties;
341  };
342 
343  struct TopicSecurityAttributes {
344  boolean is_read_protected;
345  boolean is_write_protected;
346  boolean is_discovery_protected;
347  boolean is_liveliness_protected;
348  };
349 
350  struct EndpointSecurityAttributes { //: TopicSecurityAttributes {
351  TopicSecurityAttributes base;
352 
353  boolean is_submessage_protected;
354  boolean is_payload_protected;
355  boolean is_key_protected;
356  PluginEndpointSecurityAttributesMask plugin_endpoint_attributes;
357  PropertySeq ac_endpoint_properties;
358  };
359 
360  local interface AccessControl;
361 
362  local interface AccessControlListener {
363  boolean
364  on_revoke_permissions(
365  in AccessControl plugin,
366  in PermissionsHandle handle);
367  };
368 
369  local interface AccessControl {
370  PermissionsHandle
371  validate_local_permissions(
372  in Authentication auth_plugin,
373  in IdentityHandle identity,
374  in DomainId_t domain_id,
375  in DomainParticipantQos participant_qos,
376  inout SecurityException ex );
377 
378  PermissionsHandle
379  validate_remote_permissions(
380  in Authentication auth_plugin,
381  in IdentityHandle local_identity_handle,
382  in IdentityHandle remote_identity_handle,
383  in PermissionsToken remote_permissions_token,
384  in AuthenticatedPeerCredentialToken remote_credential_token,
385  inout SecurityException ex );
386 
387  boolean
388  check_create_participant(
389  in PermissionsHandle permissions_handle,
390  in DomainId_t domain_id,
391  in DomainParticipantQos qos,
392  inout SecurityException ex );
393 
394  boolean
395  check_create_datawriter(
396  in PermissionsHandle permissions_handle,
397  in DomainId_t domain_id,
398  in string topic_name,
399  in DataWriterQos qos,
400  in PartitionQosPolicy partition,
401  in DataTags data_tag,
402  inout SecurityException ex);
403 
404  boolean
405  check_create_datareader(
406  in PermissionsHandle permissions_handle,
407  in DomainId_t domain_id,
408  in string topic_name,
409  in DataReaderQos qos,
410  in PartitionQosPolicy partition,
411  in DataTags data_tag,
412  inout SecurityException ex);
413 
414  boolean
415  check_create_topic(
416  in PermissionsHandle permissions_handle,
417  in DomainId_t domain_id,
418  in string topic_name,
419  in TopicQos qos,
420  inout SecurityException ex);
421 
422  boolean
423  check_local_datawriter_register_instance(
424  in PermissionsHandle permissions_handle,
425  in DataWriter writer,
426  in DynamicData key,
427  inout SecurityException ex);
428 
429  boolean
430  check_local_datawriter_dispose_instance(
431  in PermissionsHandle permissions_handle,
432  in DataWriter writer,
433  in DynamicData key,
434  inout SecurityException ex);
435 
436  boolean
437  check_remote_participant(
438  in PermissionsHandle permissions_handle,
439  in DomainId_t domain_id,
440  in ParticipantBuiltinTopicDataSecure participant_data,
441  inout SecurityException ex);
442 
443  boolean
444  check_remote_datawriter(
445  in PermissionsHandle permissions_handle,
446  in DomainId_t domain_id,
447  in PublicationBuiltinTopicDataSecure publication_data,
448  inout SecurityException ex);
449 
450  boolean
451  check_remote_datareader(
452  in PermissionsHandle permissions_handle,
453  in DomainId_t domain_id,
454  in SubscriptionBuiltinTopicDataSecure subscription_data,
455  inout boolean relay_only,
456  inout SecurityException ex);
457 
458  boolean
459  check_remote_topic(
460  in PermissionsHandle permissions_handle,
461  in DomainId_t domain_id,
462  in TopicBuiltinTopicData topic_data,
463  inout SecurityException ex);
464 
465  boolean
466  check_local_datawriter_match(
467  in PermissionsHandle writer_permissions_handle,
468  in PermissionsHandle reader_permissions_handle,
469  in PublicationBuiltinTopicDataSecure publication_data,
470  in SubscriptionBuiltinTopicDataSecure subscription_data,
471  inout SecurityException ex);
472 
473  boolean
474  check_local_datareader_match(
475  in PermissionsHandle reader_permissions_handle,
476  in PermissionsHandle writer_permissions_handle,
477  in SubscriptionBuiltinTopicDataSecure subscription_data,
478  in PublicationBuiltinTopicDataSecure publication_data,
479  inout SecurityException ex);
480 
481  boolean
482  check_remote_datawriter_register_instance(
483  in PermissionsHandle permissions_handle,
484  in DataReader reader,
485  in InstanceHandle_t publication_handle,
486  in DynamicData key,
487  inout SecurityException ex);
488 
489  boolean
490  check_remote_datawriter_dispose_instance(
491  in PermissionsHandle permissions_handle,
492  in DataReader reader,
493  in InstanceHandle_t publication_handle,
494  in DynamicData key,
495  inout SecurityException ex);
496 
497  boolean
498  get_permissions_token(
499  inout PermissionsToken permissions_token,
500  in PermissionsHandle handle,
501  inout SecurityException ex);
502 
503  boolean
504  get_permissions_credential_token(
505  inout PermissionsCredentialToken permissions_credential_token,
506  in PermissionsHandle handle,
507  inout SecurityException ex);
508 
509  boolean
510  set_listener(
511  in AccessControlListener listener,
512  inout SecurityException ex);
513 
514  // This method is not in the spec but is necessary for cleanup.
515  // See DDSSEC12-89.
516  boolean
517  return_permissions_handle(
518  in PermissionsHandle handle,
519  inout SecurityException ex);
520 
521  boolean
522  return_permissions_token(
523  in PermissionsToken token,
524  inout SecurityException ex);
525 
526  boolean
527  return_permissions_credential_token(
528  in PermissionsCredentialToken permissions_credential_token,
529  inout SecurityException ex);
530 
531  boolean
532  get_participant_sec_attributes(
533  in PermissionsHandle permissions_handle,
534  inout ParticipantSecurityAttributes attributes,
535  inout SecurityException ex);
536 
537  boolean
538  get_topic_sec_attributes (
539  in PermissionsHandle permissions_handle,
540  in string topic_name,
541  inout TopicSecurityAttributes attributes,
542  inout SecurityException ex);
543 
544  boolean
545  get_datawriter_sec_attributes(
546  in PermissionsHandle permissions_handle,
547  in string topic_name,
548  in PartitionQosPolicy partition,
549  in DataTagQosPolicy data_tag,
550  inout EndpointSecurityAttributes attributes,
551  inout SecurityException ex);
552 
553  boolean
554  get_datareader_sec_attributes(
555  in PermissionsHandle permissions_handle,
556  in string topic_name,
557  in PartitionQosPolicy partition,
558  in DataTagQosPolicy data_tag,
559  inout EndpointSecurityAttributes attributes,
560  inout SecurityException ex);
561 
562  boolean
563  return_participant_sec_attributes(
564  in ParticipantSecurityAttributes attributes,
565  inout SecurityException ex);
566 
567  boolean
568  return_datawriter_sec_attributes(
569  in EndpointSecurityAttributes attributes,
570  inout SecurityException ex);
571 
572  boolean
573  return_datareader_sec_attributes(
574  in EndpointSecurityAttributes attributes,
575  inout SecurityException ex);
576  };
577 
578 
579 
580  local interface CryptoKeyFactory {
581 
582  ParticipantCryptoHandle
583  register_local_participant(
584  in IdentityHandle participant_identity,
585  in PermissionsHandle participant_permissions,
586  in PropertySeq participant_properties,
587  in ParticipantSecurityAttributes participant_security_attributes,
588  inout SecurityException ex );
589 
590  ParticipantCryptoHandle
591  register_matched_remote_participant(
592  in ParticipantCryptoHandle local_participant_crypto_handle,
593  in IdentityHandle remote_participant_identity,
594  in PermissionsHandle remote_participant_permissions,
595  in SharedSecretHandle shared_secret,
596  inout SecurityException ex);
597 
598  DatawriterCryptoHandle
599  register_local_datawriter(
600  in ParticipantCryptoHandle participant_crypto,
601  in PropertySeq datawriter_properties,
602  in EndpointSecurityAttributes datawriter_security_attributes,
603  inout SecurityException ex);
604 
605  DatareaderCryptoHandle
606  register_matched_remote_datareader(
607  in DatawriterCryptoHandle local_datawriter_crypto_handle,
608  in ParticipantCryptoHandle remote_participant_crypto,
609  in SharedSecretHandle shared_secret,
610  in boolean relay_only,
611  inout SecurityException ex);
612 
613  DatareaderCryptoHandle
614  register_local_datareader(
615  in ParticipantCryptoHandle participant_crypto,
616  in PropertySeq datareader_properties,
617  in EndpointSecurityAttributes datareader_security_attributes,
618  inout SecurityException ex);
619 
620  DatawriterCryptoHandle
621  register_matched_remote_datawriter(
622  in DatareaderCryptoHandle local_datareader_crypto_handle,
623  in ParticipantCryptoHandle remote_participant_crypt,
624  in SharedSecretHandle shared_secret,
625  inout SecurityException ex );
626 
627  boolean
628  unregister_participant(
629  in ParticipantCryptoHandle participant_crypto_handle,
630  inout SecurityException ex);
631 
632  boolean
633  unregister_datawriter(
634  in DatawriterCryptoHandle datawriter_crypto_handle,
635  inout SecurityException ex );
636 
637  boolean
638  unregister_datareader(
639  in DatareaderCryptoHandle datareader_crypto_handle,
640  inout SecurityException ex );
641  };
642 
643  local interface CryptoKeyExchange {
644  boolean
645  create_local_participant_crypto_tokens(
646  inout ParticipantCryptoTokenSeq local_participant_crypto_tokens,
647  in ParticipantCryptoHandle local_participant_crypto,
648  in ParticipantCryptoHandle remote_participant_crypto,
649  inout SecurityException ex);
650 
651  // Not in spec.
652  boolean
653  have_local_participant_crypto_tokens(
654  in ParticipantCryptoHandle local_participant_crypto,
655  in ParticipantCryptoHandle remote_participant_crypto);
656 
657  boolean
658  set_remote_participant_crypto_tokens(
659  in ParticipantCryptoHandle local_participant_crypto,
660  in ParticipantCryptoHandle remote_participant_crypto,
661  in ParticipantCryptoTokenSeq remote_participant_tokens,
662  inout SecurityException ex);
663 
664  // Not in spec.
665  boolean
666  have_remote_participant_crypto_tokens(
667  in ParticipantCryptoHandle local_participant_crypto,
668  in ParticipantCryptoHandle remote_participant_crypto);
669 
670  boolean
671  create_local_datawriter_crypto_tokens(
672  inout DatawriterCryptoTokenSeq local_datawriter_crypto_tokens,
673  in DatawriterCryptoHandle local_datawriter_crypto,
674  in DatareaderCryptoHandle remote_datareader_crypto,
675  inout SecurityException ex);
676 
677  // Not in spec.
678  boolean
679  have_local_datawriter_crypto_tokens(
680  in DatawriterCryptoHandle local_datawriter_crypto,
681  in DatareaderCryptoHandle remote_datareader_crypto);
682 
683  boolean
684  set_remote_datawriter_crypto_tokens(
685  in DatareaderCryptoHandle local_datareader_crypto,
686  in DatawriterCryptoHandle remote_datawriter_crypto,
687  in DatawriterCryptoTokenSeq remote_datawriter_tokens,
688  inout SecurityException ex);
689 
690  // Not in spec.
691  boolean
692  have_remote_datawriter_crypto_tokens(
693  in DatareaderCryptoHandle local_datareader_crypto,
694  in DatawriterCryptoHandle remote_datawriter_crypto);
695 
696  boolean
697  create_local_datareader_crypto_tokens(
698  inout DatareaderCryptoTokenSeq local_datareader_cryto_tokens,
699  in DatareaderCryptoHandle local_datareader_crypto,
700  in DatawriterCryptoHandle remote_datawriter_crypto,
701  inout SecurityException ex);
702 
703  // Not in spec.
704  boolean
705  have_local_datareader_crypto_tokens(
706  in DatareaderCryptoHandle local_datareader_crypto,
707  in DatawriterCryptoHandle remote_datawriter_crypto);
708 
709  boolean
710  set_remote_datareader_crypto_tokens(
711  in DatawriterCryptoHandle local_datawriter_crypto,
712  in DatareaderCryptoHandle remote_datareader_crypto,
713  in DatareaderCryptoTokenSeq remote_datareader_tokens,
714  inout SecurityException ex);
715 
716  // Not in spec.
717  boolean
718  have_remote_datareader_crypto_tokens(
719  in DatawriterCryptoHandle local_datawriter_crypto,
720  in DatareaderCryptoHandle remote_datareader_crypto);
721 
722  boolean
723  return_crypto_tokens(
724  in CryptoTokenSeq crypto_tokens,
725  inout SecurityException ex);
726  };
727 
728  enum SecureSubmessageCategory_t {
729  INFO_SUBMESSAGE,
730  DATAWRITER_SUBMESSAGE,
731  DATAREADER_SUBMESSAGE
732  };
733 
734  local interface CryptoTransform {
735  boolean
736  encode_serialized_payload(
737  inout OctetSeq encoded_buffer,
738  inout OctetSeq extra_inline_qos,
739  in OctetSeq plain_buffer,
740  in DatawriterCryptoHandle sending_datawriter_crypto,
741  inout SecurityException ex);
742 
743  boolean
744  encode_datawriter_submessage(
745  inout OctetSeq encoded_rtps_submessage,
746  in OctetSeq plain_rtps_submessage,
747  in DatawriterCryptoHandle sending_datawriter_crypto,
748  in DatareaderCryptoHandleSeq receiving_datareader_crypto_list,
749  inout long receiving_datareader_crypto_list_index,
750  inout SecurityException ex);
751 
752  boolean
753  encode_datareader_submessage(
754  inout OctetSeq encoded_rtps_submessage,
755  in OctetSeq plain_rtps_submessage,
756  in DatareaderCryptoHandle sending_datareader_crypto,
757  in DatawriterCryptoHandleSeq receiving_datawriter_crypto_list,
758  inout SecurityException ex);
759 
760  boolean
761  encode_rtps_message(
762  inout OctetSeq encoded_rtps_message,
763  in OctetSeq plain_rtps_message,
764  in ParticipantCryptoHandle sending_participant_crypto,
765  in ParticipantCryptoHandleSeq receiving_participant_crypto_list,
766  inout long receiving_participant_crypto_list_index,
767  inout SecurityException ex);
768 
769  boolean
770  decode_rtps_message(
771  inout OctetSeq plain_buffer,
772  in OctetSeq encoded_buffer,
773  in ParticipantCryptoHandle receiving_participant_crypto,
774  in ParticipantCryptoHandle sending_participant_crypto,
775  inout SecurityException ex);
776 
777  boolean
778  preprocess_secure_submsg(
779  inout DatawriterCryptoHandle datawriter_crypto,
780  inout DatareaderCryptoHandle datareader_crypto,
781  inout SecureSubmessageCategory_t secure_submessage_category,
782  in OctetSeq encoded_rtps_submessage,
783  in ParticipantCryptoHandle receiving_participant_crypto,
784  in ParticipantCryptoHandle sending_participant_crypto,
785  inout SecurityException ex);
786 
787  boolean
788  decode_datawriter_submessage(
789  inout OctetSeq plain_rtps_submessage,
790  in OctetSeq encoded_rtps_submessage,
791  in DatareaderCryptoHandle receiving_datareader_crypto,
792  in DatawriterCryptoHandle sending_datawriter_crypto,
793  inout SecurityException ex); // DDSSEC12-21
794 
795  boolean
796  decode_datareader_submessage(
797  inout OctetSeq plain_rtps_submessage,
798  in OctetSeq encoded_rtps_submessage,
799  in DatawriterCryptoHandle receiving_datawriter_crypto,
800  in DatareaderCryptoHandle sending_datareader_crypto,
801  inout SecurityException ex);
802 
803  boolean
804  decode_serialized_payload(
805  inout OctetSeq plain_buffer,
806  in OctetSeq encoded_buffer,
807  in OctetSeq inline_qos,
808  in DatareaderCryptoHandle receiving_datareader_crypto,
809  in DatawriterCryptoHandle sending_datawriter_crypto,
810  inout SecurityException ex);
811  };
812 
813  };
814 };
815 
816 #endif /* DDS_SECURITY_CORE_IDL */
817 #endif
DDS::Security::PublicationBuiltinTopicData::base
DDS::PublicationBuiltinTopicData base
Definition: DdsSecurityCore.idl:130
DDS::Security::GMCLASSID_SECURITY_DATAREADER_CRYPTO_TOKENS
const string GMCLASSID_SECURITY_DATAREADER_CRYPTO_TOKENS
Definition: DdsSecurityCore.idl:84
DDS::Security::PropertySeq
DDS::PropertySeq PropertySeq
Definition: DdsSecurityCore.idl:36
DDS::Security::DatareaderCryptoHandleSeq
sequence< DatareaderCryptoHandle > DatareaderCryptoHandleSeq
Definition: DdsSecurityCore.idl:194
DDS::Security::DatareaderCryptoToken
Token DatareaderCryptoToken
Definition: DdsSecurityCore.idl:53
key
sequence< octet > key
DDS::Security::DomainId_t
DDS::DomainId_t DomainId_t
Definition: DdsSecurityCore.idl:217
DDS::Security::ParticipantGenericMessage::destination_participant_guid
OpenDDS::DCPS::GUID_t destination_participant_guid
Definition: DdsSecurityCore.idl:70
DDS::Security::DatawriterCryptoHandleSeq
sequence< DatawriterCryptoHandle > DatawriterCryptoHandleSeq
Definition: DdsSecurityCore.idl:191
DDS::Security::ExtendedBuiltinEndpointSet_t
unsigned long ExtendedBuiltinEndpointSet_t
Definition: DdsSecurityParams.idl:118
DDS::Security::PluginEndpointSecurityAttributesMask
unsigned long PluginEndpointSecurityAttributesMask
Definition: DdsSecurityParams.idl:82
DDS::Security::DataHolderSeq
sequence< DataHolder > DataHolderSeq
Definition: DdsSecurityParams.idl:41
DDS::Security::PropertyQosPolicy
DDS::PropertyQosPolicy PropertyQosPolicy
Definition: DdsSecurityCore.idl:39
DDS::Security::ParticipantVolatileMessageSecure
ParticipantGenericMessage ParticipantVolatileMessageSecure
Definition: DdsSecurityCore.idl:78
DDS::Security::EndpointSecurityAttributes::plugin_endpoint_attributes
PluginEndpointSecurityAttributesMask plugin_endpoint_attributes
Definition: DdsSecurityCore.idl:356
DDS::Security::ParticipantCryptoTokenSeq
CryptoTokenSeq ParticipantCryptoTokenSeq
Definition: DdsSecurityCore.idl:55
DDS::Security::ParticipantSecurityAttributes::plugin_participant_attributes
PluginParticipantSecurityAttributesMask plugin_participant_attributes
Definition: DdsSecurityCore.idl:339
DDS::DomainId_t
DOMAINID_TYPE_NATIVE DomainId_t
Definition: DdsDcpsInfrastructure.idl:36
DDS::Security::DatawriterCryptoHandle
NativeCryptoHandle DatawriterCryptoHandle
Definition: DdsSecurityCore.idl:190
DDS::Security::DatareaderCryptoTokenSeq
CryptoTokenSeq DatareaderCryptoTokenSeq
Definition: DdsSecurityCore.idl:57
DDS::Security::OPENDDS_EXCEPTION_CODE_NO_KEY
const long OPENDDS_EXCEPTION_CODE_NO_KEY
Definition: DdsSecurityCore.idl:163
DDS::Security::ParticipantBuiltinTopicData::extended_builtin_endpoints
ExtendedBuiltinEndpointSet_t extended_builtin_endpoints
Definition: DdsSecurityCore.idl:118
DDS::Security::DatareaderCryptoHandle
NativeCryptoHandle DatareaderCryptoHandle
Definition: DdsSecurityCore.idl:193
DDS::Security::Property_t
DDS::Property_t Property_t
Definition: DdsSecurityCore.idl:35
DDS::Security::ParticipantStatelessMessage
ParticipantGenericMessage ParticipantStatelessMessage
Definition: DdsSecurityCore.idl:77
DDS::Security::ParticipantCryptoToken
Token ParticipantCryptoToken
Definition: DdsSecurityCore.idl:51
DDS::Security::PluginParticipantSecurityAttributesMask
unsigned long PluginParticipantSecurityAttributesMask
Definition: DdsSecurityParams.idl:65
DDS::Security::AuthRequestMessageToken
MessageToken AuthRequestMessageToken
Definition: DdsSecurityCore.idl:42
DDS::Security::BinaryPropertySeq
DDS::BinaryPropertySeq BinaryPropertySeq
Definition: DdsSecurityCore.idl:38
DDS::OctetSeq
sequence< octet > OctetSeq
Definition: DdsDcpsCore.idl:64
DDS
The End User API.
Definition: DataDurabilityCache.h:45
DDS::Security::DataTagQosPolicy
DataTags DataTagQosPolicy
Definition: DdsSecurityCore.idl:88
DDS::Security::ParticipantBuiltinTopicData::base
DDS::ParticipantBuiltinTopicData base
Definition: DdsSecurityCore.idl:111
DDS::Security::DatawriterCryptoToken
Token DatawriterCryptoToken
Definition: DdsSecurityCore.idl:52
DDS::InstanceHandle_t
HANDLE_TYPE_NATIVE InstanceHandle_t
Definition: DdsDcpsCore.idl:51
DDS::Security::MessageIdentity::source_guid
OpenDDS::DCPS::GUID_t source_guid
Definition: DdsSecurityCore.idl:60
DDS::Security::HandshakeMessageToken
MessageToken HandshakeMessageToken
Definition: DdsSecurityCore.idl:43
DDS::Security::GMCLASSID_SECURITY_AUTH_HANDSHAKE
const string GMCLASSID_SECURITY_AUTH_HANDSHAKE
Definition: DdsSecurityCore.idl:81
DDS::Security::OPENDDS_EXCEPTION_MINOR_CODE_NO_KEY
const long OPENDDS_EXCEPTION_MINOR_CODE_NO_KEY
Definition: DdsSecurityCore.idl:164
DDS::Security::GMCLASSID_SECURITY_AUTH_REQUEST
const string GMCLASSID_SECURITY_AUTH_REQUEST
Definition: DdsSecurityCore.idl:80
DDS::Security::ParticipantCryptoHandleSeq
sequence< ParticipantCryptoHandle > ParticipantCryptoHandleSeq
Definition: DdsSecurityCore.idl:185
DDS::Security::SharedSecretHandle::sharedSecret
readonly attribute OctetSeq sharedSecret
Definition: DdsSecurityCore.idl:181
DDS::Security::PermissionsCredentialToken
Token PermissionsCredentialToken
Definition: DdsSecurityCore.idl:46
DDS::Security::RETCODE_NOT_ALLOWED_BY_SECURITY
const ReturnCode_t RETCODE_NOT_ALLOWED_BY_SECURITY
Definition: DdsSecurityCore.idl:86
DDS::Security::BinaryProperty_t
DDS::BinaryProperty_t BinaryProperty_t
Definition: DdsSecurityCore.idl:37
DDS::Security::GenericMessageClassId
string GenericMessageClassId
Definition: DdsSecurityCore.idl:64
DDS::Security::GMCLASSID_SECURITY_DATAWRITER_CRYPTO_TOKENS
const string GMCLASSID_SECURITY_DATAWRITER_CRYPTO_TOKENS
Definition: DdsSecurityCore.idl:83
DDS::Security::CryptoTokenSeq
sequence< CryptoToken > CryptoTokenSeq
Definition: DdsSecurityCore.idl:49
DDS::Security::DatawriterCryptoTokenSeq
CryptoTokenSeq DatawriterCryptoTokenSeq
Definition: DdsSecurityCore.idl:56
DDS::Security::AuthenticatedPeerCredentialToken
Token AuthenticatedPeerCredentialToken
Definition: DdsSecurityCore.idl:45
DDS::Security::GMCLASSID_SECURITY_PARTICIPANT_CRYPTO_TOKENS
const string GMCLASSID_SECURITY_PARTICIPANT_CRYPTO_TOKENS
Definition: DdsSecurityCore.idl:82
DDS::Security::SubscriptionBuiltinTopicData::base
DDS::SubscriptionBuiltinTopicData base
Definition: DdsSecurityCore.idl:137
Generated by   doxygen 1.8.13