Introduction

This documentation is for the detailed BPSec Library (BSL) application programming interface (API) in the C language. This is an implementation of RFC 9172 [1] functionality and RFC 9173 [2] default security contexts.

For details about installation, maintenance, and compile-time use of the BSL, see the BSL Product Guide [7]. For details about higher-level run-time use patterns, see the BSL User Guide [8].

There is more technical detail about the BSL architecture in the Background page.

Getting Started with the API

Each runtime instance of the BSL is isolated for thread safety within a host-specific struct referenced by a BSL_LibCtx_t pointer.

The runtime instance is used by the BPA via the BSL service interface to process bundles at each of the following four security interaction points within the BPA's bundle workflow. When invoked from the BPA, all BSL activities will occur within the context of a single bundle which is referenced by a BSL_BundleCtx_t pointer.

Details of how the BSL processing order relates to other BPA processing of bundles along the BPA's workflow are left to the BPA integration.

After bundle creation from an application source, indicated by BSL_POLICYLOCATION_APPIN
Before bundle delivery to an application destination, indicated by BSL_POLICYLOCATION_APPOUT
After bundle reception via a CLA, indicated by BSL_POLICYLOCATION_CLIN
Before bundle forwarding via a CLA, indicated by BSL_POLICYLOCATION_CLOUT

These are shown for a notional BPA in the diagram below, where each edge indicates one of the four interaction points listed above.

BPA Interaction Points

Motivation and CONOPs

New notes coming soon.

Quickstart

New notes coming soon.

Design

New notes coming soon.

Notes

New notes coming soon.

Legalistics

New notes coming soon.