ADPilot
/
modularization


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169
							// Copyright 2016 Proyectos y Sistemas de Mantenimiento SL (eProsima).
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

/*!
 * @file CryptoKeyFactory.h
 */
#ifndef _FASTDDS_RTPS_SECURITY_CRYPTOGRAPHY_CRYPTOKEYFACTORY_H_
#define _FASTDDS_RTPS_SECURITY_CRYPTOGRAPHY_CRYPTOKEYFACTORY_H_

#include <fastdds/rtps/security/cryptography/CryptoTypes.h>
#include <fastdds/rtps/security/accesscontrol/EndpointSecurityAttributes.h>
#include <fastdds/rtps/security/accesscontrol/ParticipantSecurityAttributes.h>

namespace eprosima {
namespace fastrtps {
namespace rtps {
namespace security {

class CryptoKeyFactory
{
    public:

        virtual ~CryptoKeyFactory(){}
        /**
         * Register a local, already authenticated Participant with the Cryptographic Plugin.
         * Creates Crypto material needed to encrypt messages directed to other Participants
         * @param participant_identity Made by a prior call to validate_local_identity
         * @param participant_permissions Made by a prior call to validate_local_permissions
         * @param participant_properties Combination of PropertyQoSPolicy and contents of AccessControl
         * @param participant_security_attributes ParticipantSecurity Attributes.
         * @param exception (out) Security exception
         * @return ParticipantCryptoHandle with generated key material
         */
        virtual ParticipantCryptoHandle * register_local_participant(
                const IdentityHandle &participant_identity,
                const PermissionsHandle &participant_permissions,
                const PropertySeq &participant_properties,
                const ParticipantSecurityAttributes &participant_security_attributes,
                SecurityException &exception) = 0;

        /**
         * Register a remote, already authenticated Participant with the Cryptographic Plugin.
         * Creates key material to decrypt messages coming from and aimed at it.
         * @param local_participant_crypto_handle Returned by a prior call to register_local_participant
         * @param remote_participant_identity Returned by a prior call to validate_remote_identity
         * @param remote_participant_permissions Returned by a prior call to validate_remote_permissions
         * @param shared_secret Returned by a prior call to get_shared_secret (Auth Handshake)
         * @param exception (out) Security exception
         * @return ParticipantCryptoHandle with generated key material
         */
        virtual ParticipantCryptoHandle * register_matched_remote_participant(
                const ParticipantCryptoHandle& local_participant_crypto_handle,
                const IdentityHandle& remote_participant_identity,
                const PermissionsHandle& remote_participant_permissions,
                const SharedSecretHandle& shared_secret,
                SecurityException &exception) = 0;

        /**
         * Register a local DataWriter belonging to an authenticated Pariticipant.
         * Creates cryptomaterial for use with incoming/outgoing messages
         * @param participant_crypto returned by a prior call to register_local_participant
         * @param datawriter_prop Combination of PropertyWosPolicy and contents of AccessControl
         * @param datawriter_sec_attr EndpointSecurity Attributes.
         * @param exception (out) Security exception
         * @return CryptoHandle to be used with operations related to the DataWriter
         */
        virtual DatawriterCryptoHandle * register_local_datawriter(
                ParticipantCryptoHandle &participant_crypto,
                const PropertySeq &datawriter_prop,
                const EndpointSecurityAttributes &datawriter_sec_attr,
                SecurityException &exception) = 0;

        /**
         * Register a remote DataReader that has been granted permission to match with the local DataWriter.
         * Creates cryptographic material to encript/decrypt messages from and towards that DataReader.
         * @param local_datawriter_crypto_handle Returned by a prior call to register_local_datawriter
         * @param remote_participant_crypto Returned by a prior call to register_matched_remote_participant.
         * @param shared_secret Obtained as a result of the Authentication Handshake.
         * @param relay_only If FALSE it generates material for both a submessage and serialized payload. Submessages only if TRUE.
         * @param exception (out) Security exception.
         * @return Crypto Handle to the generated key material.
         */
        virtual DatareaderCryptoHandle * register_matched_remote_datareader(
                DatawriterCryptoHandle &local_datawriter_crypto_handle,
                ParticipantCryptoHandle &remote_participant_crypto,
                const SharedSecretHandle &shared_secret,
                const bool relay_only,
                SecurityException &exception) = 0;

        /**
         * Register a local DataReader (belonging to an authenticated and authorized Participant) with the Cryptographic Plugin.
         * Creates crypto material to encode messages when the encryption is independent of the targeted DataWriter
         * @param participant_crypto Returned by a prior call to register_local_participant
         * @param datareader_properties Combination of PropertyQosPolicy and the contents of AccessControl
         * @param datareader_security_attributes EndpointSecurity Attributes.
         * @param exception (out) Security exception
         * @return Crypto Handle to the generated key material
         */
        virtual DatareaderCryptoHandle * register_local_datareader(
                ParticipantCryptoHandle &participant_crypto,
                const PropertySeq &datareader_properties,
                const EndpointSecurityAttributes &datareader_security_attributes,
                SecurityException &exception) = 0;

        /**
         * Register a remote DataWriter that has been granted permission to match with a local DataReader.
         * Creates crypto material to decrypt messages coming from and encode messages going towards that datareader
         * @param local_datareader_crypto_handle
         * @param remote_participant_crypt
         * @param shared_secret
         * @param exception (out) Security exception
         * @return Crypto handle to the generated key material
         */
        virtual DatawriterCryptoHandle * register_matched_remote_datawriter(
                DatareaderCryptoHandle &local_datareader_crypto_handle,
                ParticipantCryptoHandle &remote_participant_crypt,
                const SharedSecretHandle &shared_secret,
                SecurityException &exception) = 0;

        /**
         * Releases resources associated with a Participant. The Crypto Handle becomes unusable after this
         * @param participant_crypto_handle Belonging to the Participant that awaits termination
         * @param exception (out) Security exception
         * @return TRUE is succesful
         */
        virtual bool unregister_participant(
                ParticipantCryptoHandle* participant_crypto_handle,
                SecurityException &exception) = 0;

        /**
         * Releases resources associated with a DataWriter. The Crypto Handle becomes unusable after this
         * @param datawriter_crypto_handle Belonging to the DataWriter that awaits termination
         * @param exception (out) Security exception
         * @return TRUE is succesful
         */
        virtual bool unregister_datawriter(
                DatawriterCryptoHandle *datawriter_crypto_handle,
                SecurityException &exception) = 0;

        /**
         * Releases resources associated with a DataReader. The Crypto Handle becomes unusable after this
         * @param datareader_crypto_handle Belonging to the DataReader that awaits termination
         * @param exception (out) Security exception
         * @return TRUE is succesful
         */
        virtual bool unregister_datareader(
                DatareaderCryptoHandle *datareader_crypto_handle,
                SecurityException &exception) = 0;


};

} //namespace security
} //namespace rtps
} //namespace fastrtps
} //namespace eprosima

#endif //_FASTDDS_RTPS_SECURITY_CRYPTOGRAPHY_CRYPTOKEYFACTORY_H_