|
BSL v1.1.1 - 19.g31939de
AMMOS Bundle Protocol Security Library (BSL)
|
Single entry-point include file for all of the BPSec Lib (BSL) frontend API. More...
#include <inttypes.h>#include <stdio.h>#include <stdbool.h>#include <stddef.h>#include <stdint.h>#include <string.h>#include <syslog.h>#include <time.h>#include <sys/types.h>#include "BPSecLib_Public.h"
Include dependency graph for BPSecLib_Private.h:Data Structures | |
| struct | BSL_BundleTimestamp_t |
| Creation Timestamp Defined in Section 4.2.7 of RFC 9171 [6]. More... | |
| struct | BSL_PolicyDesc_t |
| Descriptor of opaque data and callbacks for Policy Provider. More... | |
| struct | BSL_SecCtxDesc_t |
| Security Context descriptor (interface) More... | |
Macros | |
| #define | _U_ |
| Mark an unused parameter Within a function definition. | |
| #define | UNLIKELY(expr) (expr) |
| Hint to the compiler that the expression is expected to evaluate to false and the associated branch is unlikely. | |
| #define | LIKELY(expr) (expr) |
| Hint to the compiler that the expression is expected to evaluate to true and the associated branch is likely. | |
| #define | BSL_CHKRET(cond, val) |
| Check a condition and if not met return a specific value. | |
| #define | BSL_CHKVOID(cond) BSL_CHKRET(cond, ) |
| Return from void functions if condition fails. | |
| #define | BSL_CHKNULL(cond) BSL_CHKRET(cond, NULL) |
| Return a null pointer if condition fails. | |
| #define | BSL_CHKFALSE(cond) BSL_CHKRET(cond, false) |
| Return false if condition fails. | |
| #define | BSL_CHKERR1(cond) BSL_CHKRET(cond, 1) |
| Return the error value 1 if condition fails. | |
| #define | BSL_CHKERRVAL(value) BSL_CHKRET(!(value), (value)) |
| Check a value for non-zero and return that value. | |
| #define | BSL_LOG_CRIT(...) BSL_LogEvent(LOG_CRIT, __FILE__, __LINE__, __func__, __VA_ARGS__) |
| Perform LOG_CRIT level logging with auto-filled parameters. | |
| #define | BSL_LOG_ERR(...) BSL_LogEvent(LOG_ERR, __FILE__, __LINE__, __func__, __VA_ARGS__) |
| This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts. | |
| #define | BSL_LOG_WARNING(...) BSL_LogEvent(LOG_WARNING, __FILE__, __LINE__, __func__, __VA_ARGS__) |
| This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts. | |
| #define | BSL_LOG_INFO(...) BSL_LogEvent(LOG_INFO, __FILE__, __LINE__, __func__, __VA_ARGS__) |
| This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts. | |
| #define | BSL_LOG_DEBUG(...) BSL_LogEvent(LOG_DEBUG, __FILE__, __LINE__, __func__, __VA_ARGS__) |
| This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts. | |
| #define | BSL_LOG_PLAINTEXT_PTR(title, ctx, ptr, len) |
| Log plaintext as hex for debugging only when enabled by compile option BSL_LOG_PLAINTEXT_ENABLE is non-zero. | |
| #define | CHK_TEMPL(expr, msg, return_code) |
| Helpful macros for expressing invariants, pre/post conditions, and arg validation. | |
| #define | CHK_AS_BOOL(expr) CHK_TEMPL(expr, "Failed Property Check: Failed to satisfy", BSL_ERR_ARG_INVALID) |
| #define | CHK_ARG_EXPR(expr) CHK_TEMPL(expr, "Illegal Argument: Argument expression check failed to satisfy", BSL_ERR_ARG_INVALID) |
| #define | CHK_ARG_NONNULL(var) CHK_TEMPL((var) != NULL, "Illegal Argument: Argument null check failed to satisfy", BSL_ERR_ARG_NULL) |
| #define | CHK_PRECONDITION(expr) CHK_TEMPL(expr, "Precondition Failed: Did not satisfy", BSL_ERR_FAILURE) |
| #define | CHK_PROPERTY(expr) CHK_TEMPL(expr, "Property Failed: Did not satisfy", BSL_ERR_FAILURE) |
| #define | CHK_POSTCONDITION(expr) CHK_TEMPL(expr, "Postcondition Failed: Did not satisfy", BSL_ERR_FAILURE) |
| #define | ASSERT_TEMPL(expr, msg) |
| #define | ASSERT_ARG_EXPR(expr) ASSERT_TEMPL(expr, "Panic: Argument expression check failed to satisfy") |
| #define | ASSERT_ARG_NONNULL(var) ASSERT_TEMPL((var) != NULL, "Panic: Null Argument check failed to satisfy") |
| #define | ASSERT_PROPERTY(expr) ASSERT_TEMPL(expr, "Panic: Property check failed to satisfy") |
| #define | ASSERT_PRECONDITION(expr) ASSERT_TEMPL(expr, "Panic: Precondition failed to satisfy") |
| #define | ASSERT_POSTCONDITION(expr) ASSERT_TEMPL(expr, "Panic: Precondition failed to satisfy") |
| #define | BSL_HOSTEID_INIT_INVALID |
| Static initializer for an invalid BSL_HostEID_t. | |
| #define | BSL_HOSTEID_INIT_INVALID |
| Static initializer for an invalid BSL_HostEID_t. | |
| #define | BSL_SECROLE_ISVALID(role_value) (((role_value) >= BSL_SECROLE_SOURCE) && ((role_value) <= BSL_SECROLE_ACCEPTOR)) |
| #define | BSL_SecBlockType_IsSecBlock(block_id) (((block_id) >= BSL_SECBLOCKTYPE_BIB) && ((block_id) <= BSL_SECBLOCKTYPE_BCB)) |
| Helper to determine if a given block type is security. | |
Typedefs | |
| typedef int(* | BSL_PolicyInspect_f) (void *user_data, BSL_SecurityActionSet_t *output_action_set, const BSL_BundleRef_t *bundle, BSL_PolicyLocation_e location) |
| Callback interface to query policy provider to populate the action set. | |
| typedef int(* | BSL_PolicyFinalize_f) (void *user_data, const BSL_SecurityActionSet_t *output_action_set, BSL_BundleRef_t *bundle, const BSL_SecurityResponseSet_t *response_output) |
| Callback interface to finalize policy provider over the action set. | |
| typedef void(* | BSL_PolicyDeinit_f) (void *user_data) |
| Callback interface for policy provider to shut down and release any resources. | |
| typedef bool(* | BSL_SecCtx_Validate_f) (BSL_LibCtx_t *lib, const BSL_BundleRef_t *bundle, const BSL_SecOper_t *sec_oper) |
| Signature for Security Context validator for a sec OP. | |
| typedef int(* | BSL_SecCtx_Execute_f) (BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, const BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *sec_outcome) |
| Signature for Security Context executor for a sec OP. | |
Functions | |
| char * | BSL_Log_DumpAsHexString (char *dstbuf, size_t dstlen, const uint8_t *srcbuf, size_t srclen) |
| Helper function to print the ASCII encoding of a given byte stream to a given target buffer. | |
| bool | BSL_LogIsEnabledFor (int severity) |
| Determine if a particular severity is being logged. | |
| void | BSL_LogEvent (int severity, const char *filename, int lineno, const char *funcname, const char *format,...) |
| Log an event. | |
| int | BSL_SeqReader_Destroy (BSL_SeqReader_t *obj) |
| Release resources from a sequential reader. | |
| int | BSL_SeqReader_Get (BSL_SeqReader_t *obj, uint8_t *buf, size_t *bufsize) |
| Iterate a sequential reader. | |
| int | BSL_SeqWriter_Destroy (BSL_SeqWriter_t *obj) |
| Release resources from a sequential writer and commit the writes. | |
| int | BSL_SeqWriter_Put (BSL_SeqWriter_t *obj, const uint8_t *buf, size_t bufsize) |
| Iterate a sequential writer. | |
| void | BSL_HostEID_Init (BSL_HostEID_t *eid) |
| Initialize an abstract EID. | |
| void | BSL_HostEID_Deinit (BSL_HostEID_t *eid) |
| De-initialize an abstract EID. | |
| int | BSL_Host_GetSecSrcEID (BSL_HostEID_t *eid) |
| Get the local EID used when this node is a security source. | |
| int | BSL_HostEID_DecodeFromText (BSL_HostEID_t *eid, const char *text) |
| Decode an EID from its text form. | |
| int | BSL_HostEID_DecodeFromCBOR (const BSL_Data_t *encoded_bytes, BSL_HostEID_t *eid) |
| Decode an EID from CBOR. | |
| int | BSL_HostEID_EncodeToCBOR (const BSL_HostEID_t *eid, BSL_Data_t *encoded_bytes) |
| Encode a EID into CBOR. | |
| int | BSL_HostEIDPattern_Init (BSL_HostEIDPattern_t *pat) |
| Initialize an abstract EID Pattern. | |
| void | BSL_HostEIDPattern_Deinit (BSL_HostEIDPattern_t *pat) |
| De-initialize an abstract EID Pattern. | |
| int | BSL_HostEIDPattern_DecodeFromText (BSL_HostEIDPattern_t *pat, const char *text) |
| Decode an EID Pattern from its text form. | |
| bool | BSL_HostEIDPattern_IsMatch (const BSL_HostEIDPattern_t *pat, const BSL_HostEID_t *eid) |
| Determine if an EID Pattern matches a specific EID. | |
| int | BSL_BundleCtx_GetBundleMetadata (const BSL_BundleRef_t *bundle, BSL_PrimaryBlock_t *result_primary_block) |
| Calls the host interface to get a bundle primary block information.abort. | |
| int | BSL_BundleCtx_GetBlockMetadata (const BSL_BundleRef_t *bundle, uint64_t block_num, BSL_CanonicalBlock_t *result_block) |
| Returns information about the bundle Canonical block. | |
| int | BSL_BundleCtx_CreateBlock (BSL_BundleRef_t *bundle, uint64_t block_type_code, uint64_t *block_num) |
| Request the creation of a new block of a given type in the bundle. | |
| int | BSL_BundleCtx_RemoveBlock (BSL_BundleRef_t *bundle, uint64_t block_num) |
| Requests the removal of a block from a bundle. | |
| int | BSL_BundleCtx_DeleteBundle (BSL_BundleRef_t *bundle, BSL_ReasonCode_t reason_code) |
| Requests dropping of bundle. | |
| int | BSL_BundleCtx_ReallocBTSD (BSL_BundleRef_t *bundle, uint64_t block_num, size_t btsd_size) |
| Requests the re-allocation of a block's BTSD, useful for BCB. | |
| BSL_SeqReader_t * | BSL_BundleCtx_ReadBTSD (const BSL_BundleRef_t *bundle, uint64_t block_num) |
| Construct a new sequential reader for BTSD content. | |
| BSL_SeqWriter_t * | BSL_BundleCtx_WriteBTSD (BSL_BundleRef_t *bundle, uint64_t block_num, size_t btsd_size) |
| Construct a new sequential writer for BTSD content. | |
| void | BSL_IdValPair_Init (BSL_IdValPair_t *self) |
| Initialize to a default empty state. | |
| void | BSL_IdValPair_InitSet (BSL_IdValPair_t *self, const BSL_IdValPair_t *src) |
| Initialize to a copy of another value. | |
| void | BSL_IdValPair_Deinit (BSL_IdValPair_t *self) |
| De-initialize a parameter. | |
| void | BSL_IdValPair_Set (BSL_IdValPair_t *self, const BSL_IdValPair_t *src) |
| Overwrite with a copy of another value. | |
| void | BSL_IdValPair_Move (BSL_IdValPair_t *self, BSL_IdValPair_t *src) |
| Move from another value. | |
| uint64_t | BSL_IdValPair_GetId (const BSL_IdValPair_t *self) |
| Get parameter ID of this param. | |
| bool | BSL_IdValPair_IsConsistent (const BSL_IdValPair_t *self) |
| Return true if invariant conditions pass. | |
| size_t | BSL_IdValPair_Sizeof (void) |
| Return size of BSL_IdValPair_s struct type. | |
| void | BSL_IdValPair_SetInt64 (BSL_IdValPair_t *self, uint64_t param_id, uint64_t value) |
| Set to an signed integer value. | |
| bool | BSL_IdValPair_IsInt64 (const BSL_IdValPair_t *self) |
| Returns true when the value type is an integer. | |
| int | BSL_IdValPair_GetAsInt64 (const BSL_IdValPair_t *self, int64_t *out) |
| Retrieve integer value of result when this result type is integer. | |
| void | BSL_IdValPair_SetBytestr (BSL_IdValPair_t *self, uint64_t param_id, BSL_Data_t value) |
| Initialize as a parameter containing a bytestring. | |
| bool | BSL_IdValPair_IsBytestr (const BSL_IdValPair_t *self) |
| Returns true when the value type is a byte string. | |
| int | BSL_IdValPair_GetAsBytestr (const BSL_IdValPair_t *self, BSL_Data_t *out) |
| Retrieve byte string value of a parameter. | |
| void | BSL_IdValPair_SetTextstr (BSL_IdValPair_t *self, uint64_t param_id, const char *value) |
| Initialize as a parameter containing a byte string with a null-terminated text value. | |
| bool | BSL_IdValPair_IsTextstr (const BSL_IdValPair_t *self) |
| Returns true when the value type is a text string. | |
| int | BSL_IdValPair_GetAsTextstr (const BSL_IdValPair_t *self, const char **out) |
| Retrieve bytestring value of result when security parameter type is bytestring. | |
| void | BSL_IdValPair_SetRaw (BSL_IdValPair_t *self, uint64_t param_id, const void *ptr, size_t len) |
| Initialize as a parameter containing raw encoded content. | |
| size_t | BSL_SecOper_Sizeof (void) |
| void | BSL_SecOper_Init (BSL_SecOper_t *self) |
| Initialize a newly allocated structure. | |
| void | BSL_SecOper_InitSet (BSL_SecOper_t *self, const BSL_SecOper_t *src) |
| Initialize from a copy. | |
| void | BSL_SecOper_Deinit (BSL_SecOper_t *self) |
| Empty and release any resources used internally by this structure. | |
| void | BSL_SecOper_Set (BSL_SecOper_t *self, const BSL_SecOper_t *src) |
| Set from a copy. | |
| void | BSL_SecOper_Populate (BSL_SecOper_t *self, int64_t context_id, uint64_t target_block_num, uint64_t sec_block_num, BSL_SecBlockType_e sec_type, BSL_SecRole_e sec_role, BSL_PolicyAction_e policy_action) |
| Populate an initialized Security Operation with the given values. | |
| bool | BSL_SecOper_IsConsistent (const BSL_SecOper_t *self) |
| Returns true if internal consistency and sanity checks pass. | |
| const BSL_IdValPair_t * | BSL_SecOper_FindOption (const BSL_SecOper_t *self, uint64_t option_id) |
| Returns a pointer to the Security Parameter at a given index in the list of all parameters. | |
| const BSL_IdValPair_t * | BSL_SecOper_FindParam (const BSL_SecOper_t *self, uint64_t param_id) |
| Returns a pointer to the Security Parameter at a given index in the list of all parameters. | |
| const BSL_IdValPair_t * | BSL_SecOper_FindResult (const BSL_SecOper_t *self, uint64_t param_id) |
| Returns a pointer to the Security Parameter at a given index in the list of all parameters. | |
| uint64_t | BSL_SecOper_GetSecurityBlockNum (const BSL_SecOper_t *self) |
| Get the block number of the security block containing this sec operation. | |
| uint64_t | BSL_SecOper_GetTargetBlockNum (const BSL_SecOper_t *self) |
| Get the block number of the target block covered by this security operation. | |
| size_t | BSL_SecOper_CountOptions (const BSL_SecOper_t *self) |
| Get the count of parameters contained within this security operation. | |
| void | BSL_SecOper_AppendOption (BSL_SecOper_t *self, const BSL_IdValPair_t *option) |
| Add the given option to this operation. | |
| void | BSL_SecOper_AppendParam (BSL_SecOper_t *self, const BSL_IdValPair_t *param) |
| Add the given security parameter to this operation manually. | |
| bool | BSL_SecOper_IsRoleSource (const BSL_SecOper_t *self) |
| Return true if this security operation's role is SOURCE. | |
| bool | BSL_SecOper_IsRoleVerifier (const BSL_SecOper_t *self) |
| Return true if this security operation's role is Verifier. | |
| bool | BSL_SecOper_IsRoleAcceptor (const BSL_SecOper_t *self) |
| Return true if this security operation's role is Acceptor. | |
| bool | BSL_SecOper_IsBIB (const BSL_SecOper_t *self) |
| Return true if this security operation is BIB. | |
| BSL_PolicyAction_e | BSL_SecOper_GetPolicyAction (const BSL_SecOper_t *self) |
| Retrieve the policy action of a security operation. | |
| BSL_SecOper_ConclusionState_e | BSL_SecOper_GetConclusion (const BSL_SecOper_t *self) |
| Retrieve the conclusion state of a security operation. | |
| void | BSL_SecOper_SetConclusion (BSL_SecOper_t *self, BSL_SecOper_ConclusionState_e new_conclusion) |
| Set the security operation conclusion state. | |
| BSL_ReasonCode_t | BSL_SecOper_GetReasonCode (const BSL_SecOper_t *self) |
| Get security operation reason code. | |
| void | BSL_SecOper_SetReasonCode (BSL_SecOper_t *self, BSL_ReasonCode_t new_reason_code) |
| Set the security operation reason code. | |
| size_t | BSL_AbsSecBlock_Sizeof (void) |
| Returns the size of the BSL_AbsSecBlock_s struct in bytes. | |
| void | BSL_AbsSecBlock_Init (BSL_AbsSecBlock_t *self) |
| Populate a pre-allocated Abstract Security Block. | |
| bool | BSL_AbsSecBlock_IsConsistent (const BSL_AbsSecBlock_t *self) |
| Checks internal consistency and sanity of this structure. | |
| void | BSL_AbsSecBlock_Deinit (BSL_AbsSecBlock_t *self) |
| Deinitializes and clears this ASB, clearing and releasing any owned memory. | |
| void | BSL_AbsSecBlock_Print (const BSL_AbsSecBlock_t *self) |
| Logs events exposing the ASB content at LOG DEBUG severity. | |
| bool | BSL_AbsSecBlock_IsEmpty (const BSL_AbsSecBlock_t *self) |
| Returns true if this ASB contains no operations (i.e., no targets and results) | |
| int64_t | BSL_AbsSecBlock_GetContextID (const BSL_AbsSecBlock_t *self) |
| Get the security context ID from a security block. | |
| bool | BSL_AbsSecBlock_ContainsTarget (const BSL_AbsSecBlock_t *self, uint64_t target_block_num) |
| Returns true if a given ASB contains the given block number as a security target. | |
| const BSL_IdValPair_t * | BSL_AbsSecBlock_FindResult (BSL_AbsSecBlock_t *self, uint64_t target_index, uint64_t result_id) |
| Search for a specific security result by its ID. | |
| int | BSL_AbsSecBlock_StripResults (BSL_AbsSecBlock_t *self, uint64_t target_block_num) |
Remove security parameters and results found in outcome from this ASB. | |
| ssize_t | BSL_AbsSecBlock_EncodeToCBOR (const BSL_AbsSecBlock_t *self, BSL_Data_t *buf) |
| Encodes this ASB into a CBOR string into the space pre-allocated indicated by the argument. | |
| int | BSL_AbsSecBlock_DecodeFromCBOR (BSL_AbsSecBlock_t *self, const BSL_Data_t *buf) |
| Decodes and populates this ASB from a CBOR string. | |
| int | BSL_TlmCounters_IncrementCounter (BSL_LibCtx_t *bsl, BSL_TlmCounterIndex_e tlm_index, uint64_t count) |
| Increments a telemetry counter in the ctx based on telemetry index. | |
| size_t | BSL_SecOutcome_Sizeof (void) |
| Returns the size of the BSL_SecOutcome_s structure. | |
| void | BSL_SecOutcome_Init (BSL_SecOutcome_t *self, const BSL_SecOper_t *sec_oper) |
| Populate a pre-allocated security outcome struct. | |
| void | BSL_SecOutcome_Deinit (BSL_SecOutcome_t *self) |
| Release any resources owned by this security outcome. | |
| bool | BSL_SecOutcome_IsConsistent (const BSL_SecOutcome_t *self) |
| Return true if internal invariants hold. | |
| BSL_IdValPair_t * | BSL_SecOutcome_AppendResult (BSL_SecOutcome_t *self) |
| Append a Security Result to this outcome. | |
| const BSL_IdValPair_t * | BSL_SecOutcome_GetResultAtIndex (const BSL_SecOutcome_t *self, size_t index) |
| Get the result at index i. | |
| size_t | BSL_SecOutcome_CountResults (const BSL_SecOutcome_t *self) |
| Get the number of results. | |
| BSL_IdValPair_t * | BSL_SecOutcome_AppendParam (BSL_SecOutcome_t *self) |
| Append a Security Parameter to this outcome. | |
| size_t | BSL_SecOutcome_CountParams (const BSL_SecOutcome_t *self) |
| Returns number of parameters in this outcome. | |
| const BSL_IdValPair_t * | BSL_SecOutcome_GetParamAt (const BSL_SecOutcome_t *self, size_t index) |
| Get the security parameter from the security outcome at the provided index. | |
| size_t | BSL_SecurityAction_Sizeof (void) |
| bool | BSL_SecurityAction_IsConsistent (const BSL_SecurityAction_t *self) |
| void | BSL_SecurityAction_Init (BSL_SecurityAction_t *self) |
| Initialize security action. | |
| void | BSL_SecurityAction_InitSet (BSL_SecurityAction_t *self, const BSL_SecurityAction_t *src) |
| Initialize from a copy. | |
| void | BSL_SecurityAction_Set (BSL_SecurityAction_t *self, const BSL_SecurityAction_t *src) |
| Set from a copy. | |
| void | BSL_SecurityAction_Deinit (BSL_SecurityAction_t *self) |
| De-initialize security action. | |
| int | BSL_SecurityAction_AppendSecOper (BSL_SecurityAction_t *self, BSL_SecOper_t *sec_oper) |
| Add security operation to security action. | |
| int | BSL_SecurityAction_OrderSecOps (BSL_SecurityAction_t *self) |
| Order the Security operations such that execution will be successful. | |
| size_t | BSL_SecurityAction_CountSecOpers (const BSL_SecurityAction_t *self) |
| BSL_SecOper_t * | BSL_SecurityAction_GetSecOperAtIndex (const BSL_SecurityAction_t *self, size_t index) |
| void | BSL_SecurityAction_IncrError (BSL_SecurityAction_t *self) |
| Increment a security failure for this action set. | |
| size_t | BSL_SecurityAction_CountErrors (const BSL_SecurityAction_t *self) |
| Returns count of failures after processing this action. | |
| uint64_t | BSL_SecurityAction_GetPPID (const BSL_SecurityAction_t *self) |
| Returns Policy Provider ID of. | |
| size_t | BSL_SecurityActionSet_Sizeof (void) |
| Returns size of the struct, helpful for dynamic allocation. | |
| void | BSL_SecurityActionSet_Init (BSL_SecurityActionSet_t *self) |
| Initialize a new security action set. | |
| void | BSL_SecurityActionSet_Deinit (BSL_SecurityActionSet_t *self) |
| Zeroize, clear, and release itself and any owned resources. | |
| int | BSL_SecurityActionSet_AppendAction (BSL_SecurityActionSet_t *self, const BSL_SecurityAction_t *action) |
| Append a security operation to the security action set. | |
| bool | BSL_SecurityActionSet_IsConsistent (const BSL_SecurityActionSet_t *self) |
| Return true if internal sanity and consistency checks pass. | |
| size_t | BSL_SecurityActionSet_CountOperations (const BSL_SecurityActionSet_t *self) |
| size_t | BSL_SecurityActionSet_CountActions (const BSL_SecurityActionSet_t *self) |
| Count number of security operations present in this policy action set. | |
| const BSL_SecurityAction_t * | BSL_SecurityActionSet_GetActionAtIndex (const BSL_SecurityActionSet_t *self, size_t index) |
| Returns the Security Operation at the given index. | |
| size_t | BSL_SecurityActionSet_CountErrors (const BSL_SecurityActionSet_t *self) |
| Returns count of failures after processing this action set. | |
| size_t | BSL_SecurityResponseSet_Sizeof (void) |
| Returns size of this struct type. | |
| void | BSL_SecurityResponseSet_Init (BSL_SecurityResponseSet_t *self) |
| Initialize with the given count of operations and failures. | |
| void | BSL_SecurityResponseSet_Deinit (BSL_SecurityResponseSet_t *self) |
| Zeroize itself and release any owned resources. | |
| bool | BSL_SecurityResponseSet_IsConsistent (const BSL_SecurityResponseSet_t *self) |
| Return true if internal consistency checks pass. | |
| size_t | BSL_SecurityResponseSet_CountResponses (const BSL_SecurityResponseSet_t *self) |
| Return number of responses (operations acted upon) | |
| void | BSL_SecurityResponseSet_AppendResult (BSL_SecurityResponseSet_t *self, int64_t result, BSL_PolicyAction_e policy_action) |
| Append a result code to the security response set. | |
| int | BSL_PolicyRegistry_InspectActions (const BSL_LibCtx_t *bsl, BSL_SecurityActionSet_t *output_action_set, const BSL_BundleRef_t *bundle, BSL_PolicyLocation_e location) |
| Queries the policy provider for any security operations to take on the bundle. | |
| int | BSL_PolicyRegistry_FinalizeActions (const BSL_LibCtx_t *bsl, const BSL_SecurityActionSet_t *policy_actions, BSL_BundleRef_t *bundle, const BSL_SecurityResponseSet_t *response_output) |
| Finalizes policy provider for sec ops & sec results for a bundle. | |
| int | BSL_SecCtx_ExecutePolicyActionSet (BSL_LibCtx_t *lib, BSL_SecurityResponseSet_t *output_response, BSL_BundleRef_t *bundle, const BSL_SecurityActionSet_t *action_set) |
| Call the underlying security context to perform the given action. | |
| bool | BSL_SecCtx_ValidatePolicyActionSet (BSL_LibCtx_t *lib, const BSL_BundleRef_t *bundle, const BSL_SecurityActionSet_t *action_set) |
| Validate policy action set. | |
| int | BSL_ExecBIBSource (BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome) |
| Internal function to execute an operation as source. | |
| int | BSL_ExecBIBVerifierAcceptor (BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome) |
| int | BSL_ExecBCBSource (BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome) |
| int | BSL_ExecBCBVerifierAcceptor (BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome) |
Single entry-point include file for all of the BPSec Lib (BSL) frontend API.
This file is for backend and BSL-adjacent modules (the Policy Provider, Security Context, and Test Harness) to have more reach into the BSL, without requiring any of them to have specific dependencies on the other. The Host BPA should only need the purely public header file.
| #define _U_ |
Mark an unused parameter Within a function definition.
This avoids compiler warnings when parameters need to be present to satisfy an interface but are otherwise unused.
For example, this second parameter is marked unused:
| #define ASSERT_ARG_EXPR | ( | expr | ) | ASSERT_TEMPL(expr, "Panic: Argument expression check failed to satisfy") |
| #define ASSERT_ARG_NONNULL | ( | var | ) | ASSERT_TEMPL((var) != NULL, "Panic: Null Argument check failed to satisfy") |
| #define ASSERT_POSTCONDITION | ( | expr | ) | ASSERT_TEMPL(expr, "Panic: Precondition failed to satisfy") |
| #define ASSERT_PRECONDITION | ( | expr | ) | ASSERT_TEMPL(expr, "Panic: Precondition failed to satisfy") |
| #define ASSERT_PROPERTY | ( | expr | ) | ASSERT_TEMPL(expr, "Panic: Property check failed to satisfy") |
| #define ASSERT_TEMPL | ( | expr, | |
| msg | |||
| ) |
| #define BSL_CHKERR1 | ( | cond | ) | BSL_CHKRET(cond, 1) |
Return the error value 1 if condition fails.
| #define BSL_CHKERRVAL | ( | value | ) | BSL_CHKRET(!(value), (value)) |
Check a value for non-zero and return that value.
| value | The value to check and conditionally return. |
| #define BSL_CHKFALSE | ( | cond | ) | BSL_CHKRET(cond, false) |
Return false if condition fails.
| #define BSL_CHKNULL | ( | cond | ) | BSL_CHKRET(cond, NULL) |
Return a null pointer if condition fails.
| #define BSL_CHKRET | ( | cond, | |
| val | |||
| ) |
Check a condition and if not met return a specific value.
| cond | The condition to check. |
| val | The return value if the check fails. |
| #define BSL_CHKVOID | ( | cond | ) | BSL_CHKRET(cond, ) |
Return from void functions if condition fails.
| #define BSL_HOSTEID_INIT_INVALID |
Static initializer for an invalid BSL_HostEID_t.
Static initializer for an invalid BSL_HostEIDPattern_t.
Even after this, BSL_HostEID_Init() must be used to get into a valid state.
Even after this, BSL_HostEIDPattern_Init() must be used to get into a valid state.
| #define BSL_HOSTEID_INIT_INVALID |
Static initializer for an invalid BSL_HostEID_t.
Static initializer for an invalid BSL_HostEIDPattern_t.
Even after this, BSL_HostEID_Init() must be used to get into a valid state.
Even after this, BSL_HostEIDPattern_Init() must be used to get into a valid state.
| #define BSL_LOG_CRIT | ( | ... | ) | BSL_LogEvent(LOG_CRIT, __FILE__, __LINE__, __func__, __VA_ARGS__) |
Perform LOG_CRIT level logging with auto-filled parameters.
The arguments to this macro are passed to BSL_LogEvent() as the format and its parameter values.
| #define BSL_LOG_DEBUG | ( | ... | ) | BSL_LogEvent(LOG_DEBUG, __FILE__, __LINE__, __func__, __VA_ARGS__) |
This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts.
| #define BSL_LOG_ERR | ( | ... | ) | BSL_LogEvent(LOG_ERR, __FILE__, __LINE__, __func__, __VA_ARGS__) |
This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts.
| #define BSL_LOG_INFO | ( | ... | ) | BSL_LogEvent(LOG_INFO, __FILE__, __LINE__, __func__, __VA_ARGS__) |
This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts.
| #define BSL_LOG_PLAINTEXT_PTR | ( | title, | |
| ctx, | |||
| ptr, | |||
| len | |||
| ) |
Log plaintext as hex for debugging only when enabled by compile option BSL_LOG_PLAINTEXT_ENABLE is non-zero.
| title | The static C string title. |
| ctc | A correlating context pointer to log. |
| ptr | The data start pointer. |
| len | The data length. |
| #define BSL_LOG_WARNING | ( | ... | ) | BSL_LogEvent(LOG_WARNING, __FILE__, __LINE__, __func__, __VA_ARGS__) |
This is an overloaded member function, provided for convenience. It differs from the above function only in what argument(s) it accepts.
| #define BSL_SecBlockType_IsSecBlock | ( | block_id | ) | (((block_id) >= BSL_SECBLOCKTYPE_BIB) && ((block_id) <= BSL_SECBLOCKTYPE_BCB)) |
Helper to determine if a given block type is security.
| #define BSL_SECROLE_ISVALID | ( | role_value | ) | (((role_value) >= BSL_SECROLE_SOURCE) && ((role_value) <= BSL_SECROLE_ACCEPTOR)) |
| #define CHK_ARG_EXPR | ( | expr | ) | CHK_TEMPL(expr, "Illegal Argument: Argument expression check failed to satisfy", BSL_ERR_ARG_INVALID) |
| #define CHK_ARG_NONNULL | ( | var | ) | CHK_TEMPL((var) != NULL, "Illegal Argument: Argument null check failed to satisfy", BSL_ERR_ARG_NULL) |
| #define CHK_AS_BOOL | ( | expr | ) | CHK_TEMPL(expr, "Failed Property Check: Failed to satisfy", BSL_ERR_ARG_INVALID) |
| #define CHK_POSTCONDITION | ( | expr | ) | CHK_TEMPL(expr, "Postcondition Failed: Did not satisfy", BSL_ERR_FAILURE) |
| #define CHK_PRECONDITION | ( | expr | ) | CHK_TEMPL(expr, "Precondition Failed: Did not satisfy", BSL_ERR_FAILURE) |
| #define CHK_PROPERTY | ( | expr | ) | CHK_TEMPL(expr, "Property Failed: Did not satisfy", BSL_ERR_FAILURE) |
| #define CHK_TEMPL | ( | expr, | |
| msg, | |||
| return_code | |||
| ) |
Helpful macros for expressing invariants, pre/post conditions, and arg validation.
The expression is nominally true and only false during exceptional cases.
| #define LIKELY | ( | expr | ) | (expr) |
Hint to the compiler that the expression is expected to evaluate to true and the associated branch is likely.
| expr | The expression to evaluate. |
| #define UNLIKELY | ( | expr | ) | (expr) |
Hint to the compiler that the expression is expected to evaluate to false and the associated branch is unlikely.
| expr | The expression to evaluate. |
| typedef void(* BSL_PolicyDeinit_f) (void *user_data) |
Callback interface for policy provider to shut down and release any resources.
| typedef int(* BSL_PolicyFinalize_f) (void *user_data, const BSL_SecurityActionSet_t *output_action_set, BSL_BundleRef_t *bundle, const BSL_SecurityResponseSet_t *response_output) |
Callback interface to finalize policy provider over the action set.
Finalize should ignore actions from different policy providers
| typedef int(* BSL_PolicyInspect_f) (void *user_data, BSL_SecurityActionSet_t *output_action_set, const BSL_BundleRef_t *bundle, BSL_PolicyLocation_e location) |
Callback interface to query policy provider to populate the action set.
| typedef int(* BSL_SecCtx_Execute_f) (BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, const BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *sec_outcome) |
Signature for Security Context executor for a sec OP.
| [in] | lib | The library context. |
| [in,out] | bundle | The bundle to modify. |
| [in] | sec_oper | The security operation to perform. |
| [in] | asb | For verifier or acceptor, this is the existing ASB structure. |
| [in,out] | sec_outcome | The pre-allocated outcome to populate |
| typedef bool(* BSL_SecCtx_Validate_f) (BSL_LibCtx_t *lib, const BSL_BundleRef_t *bundle, const BSL_SecOper_t *sec_oper) |
Signature for Security Context validator for a sec OP.
| [in] | lib | The library context. |
| [in] | bundle | The bundle to inspect. |
| [in] | sec_oper | The security operation to perform. |
| enum BSL_BundleASBFlag_e |
Flags of the Abstract Security Block [3].
| Enumerator | |
|---|---|
| BSL_ASB_FLAG_PARAMS | Flag set when parameters are present. |
Block types using IANA-assigned code points from [8].
| Enumerator | |
|---|---|
| BSL_BLOCK_TYPE_PRIMARY | Primary block ID (a special case) |
| BSL_BLOCK_TYPE_PAYLOAD | Payload block. |
| BSL_BLOCK_TYPE_BUNDLE_AUTH | |
| BSL_BLOCK_TYPE_PAYLOAD_INTEGRITY | |
| BSL_BLOCK_TYPE_PAYLOAD_CONFIDENTIALITY | |
| BSL_BLOCK_TYPE_PREVIOUS_HOP_INSERTION | |
| BSL_BLOCK_TYPE_PREVIOUS_NODE | |
| BSL_BLOCK_TYPE_BUNDLE_AGE | |
| BSL_BLOCK_TYPE_METADATA_EXT | |
| BSL_BLOCK_TYPE_EXT_SECURITY | |
| BSL_BLOCK_TYPE_HOP_COUNT | |
| BSL_BLOCK_TYPE_BIB | Block Integrity [8]. |
| BSL_BLOCK_TYPE_BCB | Block Confidentiality [8]. |
| enum BSL_BundleCtrlFlag_e |
Bundle processing control flags.
Defined in Section 4.2.3 of RFC 9171 [6].
| Enumerator | |
|---|---|
| BSL_BUNDLE_IS_FRAGMENT | Set if this bundle is a fragment. |
| enum BSL_ErrCodes_e |
Catalog of error code.
if (BSL_MyFunc(...) < 0) for errors. | enum BSL_PolicyAction_e |
Codes indicating the fate of a block if a security operation over it fails.
| enum BSL_SecBlockType_e |
RFC 9172-specified block type codes for BIB and BCB.
| Enumerator | |
|---|---|
| BSL_SECBLOCKTYPE_BIB | RFC9172 code for BIB. |
| BSL_SECBLOCKTYPE_BCB | RFC9172 code for BCB. |
| enum BSL_SecRole_e |
| bool BSL_AbsSecBlock_ContainsTarget | ( | const BSL_AbsSecBlock_t * | self, |
| uint64_t | target_block_num | ||
| ) |
Returns true if a given ASB contains the given block number as a security target.
| [in] | self | This ASB. |
| [in] | target_block_num | ID of a block, 0 indicates primary block |
References ASSERT_PRECONDITION, BSL_AbsSecBlock_IsConsistent(), and BSL_AbsSecBlock_Target_t::target_block_num.
Referenced by BSL_API_QuerySecurity(), and TestASBDecodeEncodeClosure().
| int BSL_AbsSecBlock_DecodeFromCBOR | ( | BSL_AbsSecBlock_t * | self, |
| const BSL_Data_t * | buf | ||
| ) |
Decodes and populates this ASB from a CBOR string.
| [in,out] | self | This allocated, but uninitialized ASB to populate. |
| [in] | buf | A buffer containing a CBOR string representing the ASB |
References ASSERT_POSTCONDITION, BSL_AbsSecBlock_AddTarget(), BSL_AbsSecBlock_IsConsistent(), BSL_Data_Deinit(), BSL_Data_InitView(), BSL_ERR_DECODING, BSL_HostEID_DecodeFromCBOR(), BSL_IdValPair_Decode(), BSL_LOG_DEBUG, BSL_LOG_ERR, BSL_LOG_PLAINTEXT_PTR, BSL_LOG_WARNING, BSL_SUCCESS, buf, CHK_ARG_EXPR, CHK_ARG_NONNULL, BSL_Data_t::len, BSL_AbsSecBlock_Target_t::results, and BSL_AbsSecBlock_Target_t::target_block_num.
Referenced by BSL_API_QuerySecurity(), BSL_ExecAnyVerifierAcceptor_Pre(), LLVMFuzzerTestOneInput(), TEST_CASE(), and TestASBDecodeEncodeClosure().
| void BSL_AbsSecBlock_Deinit | ( | BSL_AbsSecBlock_t * | self | ) |
Deinitializes and clears this ASB, clearing and releasing any owned memory.
| [in,out] | self | This ASB |
References ASSERT_PRECONDITION, BSL_AbsSecBlock_IsConsistent(), and BSL_HostEID_Deinit().
Referenced by BSL_API_QuerySecurity(), BSL_ExecBCBSource(), BSL_ExecBCBVerifierAcceptor(), BSL_ExecBIBSource(), BSL_ExecBIBVerifierAcceptor(), LLVMFuzzerTestOneInput(), TEST_CASE(), and TestASBDecodeEncodeClosure().
| ssize_t BSL_AbsSecBlock_EncodeToCBOR | ( | const BSL_AbsSecBlock_t * | self, |
| BSL_Data_t * | buf | ||
| ) |
Encodes this ASB into a CBOR string into the space pre-allocated indicated by the argument.
| [in] | self | This ASB. |
| [in] | buf | A buffer with allocated space for the encoded CBOR or a zero-length buffer to calculate the needed size. |
References BSL_AbsSecBlock_IsConsistent(), BSL_Data_Deinit(), BSL_Data_InitBuffer(), BSL_ERR_ENCODING, BSL_HostEID_EncodeToCBOR(), BSL_IdValPair_Encode(), BSL_LOG_DEBUG, BSL_LOG_ERR, BSL_LOG_PLAINTEXT_PTR, BSL_SUCCESS, buf, CHK_PRECONDITION, encoder, BSL_Data_t::len, BSL_Data_t::ptr, BSL_AbsSecBlock_Target_t::results, and BSL_AbsSecBlock_Target_t::target_block_num.
Referenced by Encode_ASB(), LLVMFuzzerTestOneInput(), and TestASBDecodeEncodeClosure().
| const BSL_IdValPair_t * BSL_AbsSecBlock_FindResult | ( | BSL_AbsSecBlock_t * | self, |
| uint64_t | target_index, | ||
| uint64_t | result_id | ||
| ) |
Search for a specific security result by its ID.
| [in,out] | self | This security block |
| target_index | The target index in the block. This is not the block number, it is the zero-based index. | |
| result_id | The result ID to search for. |
| int64_t BSL_AbsSecBlock_GetContextID | ( | const BSL_AbsSecBlock_t * | self | ) |
Get the security context ID from a security block.
| [in] | self | This ASB. |
References ASSERT_ARG_NONNULL.
Referenced by TestASBDecodeEncodeClosure().
| void BSL_AbsSecBlock_Init | ( | BSL_AbsSecBlock_t * | self | ) |
Populate a pre-allocated Abstract Security Block.
| [in,out] | self | This ASB |
| [in] | sec_context_id | Security Context ID |
References ASSERT_ARG_NONNULL, ASSERT_POSTCONDITION, BSL_AbsSecBlock_IsConsistent(), and BSL_HostEID_Init().
Referenced by BSL_API_QuerySecurity(), BSL_ExecBCBSource(), BSL_ExecBCBVerifierAcceptor(), BSL_ExecBIBSource(), BSL_ExecBIBVerifierAcceptor(), LLVMFuzzerTestOneInput(), TEST_CASE(), and TestASBDecodeEncodeClosure().
| bool BSL_AbsSecBlock_IsConsistent | ( | const BSL_AbsSecBlock_t * | self | ) |
Checks internal consistency and sanity of this structure.
| [in] | self | This ASB |
References CHK_AS_BOOL.
Referenced by BSL_AbsSecBlock_AddTarget(), BSL_AbsSecBlock_ContainsTarget(), BSL_AbsSecBlock_DecodeFromCBOR(), BSL_AbsSecBlock_Deinit(), BSL_AbsSecBlock_EncodeToCBOR(), BSL_AbsSecBlock_Init(), BSL_AbsSecBlock_StripResults(), BSL_ExecAnyVerifierAcceptor_Pre(), and TestASBDecodeEncodeClosure().
| bool BSL_AbsSecBlock_IsEmpty | ( | const BSL_AbsSecBlock_t * | self | ) |
Returns true if this ASB contains no operations (i.e., no targets and results)
| [in] | self | This ASB. |
References ASSERT_ARG_NONNULL.
Referenced by BSL_ExecBCBVerifierAcceptor(), and BSL_ExecBIBVerifierAcceptor().
| void BSL_AbsSecBlock_Print | ( | const BSL_AbsSecBlock_t * | self | ) |
Logs events exposing the ASB content at LOG DEBUG severity.
| [in] | self | This ASB |
References BSL_IdValPair_Print(), BSL_LOG_DEBUG, BSL_AbsSecBlock_Target_t::results, and BSL_AbsSecBlock_Target_t::target_block_num.
| size_t BSL_AbsSecBlock_Sizeof | ( | void | ) |
Returns the size of the BSL_AbsSecBlock_s struct in bytes.
Referenced by BSL_API_QuerySecurity(), LLVMFuzzerTestOneInput(), TEST_CASE(), and TestASBDecodeEncodeClosure().
| int BSL_AbsSecBlock_StripResults | ( | BSL_AbsSecBlock_t * | self, |
| uint64_t | target_block_num | ||
| ) |
Remove security parameters and results found in outcome from this ASB.
| [in,out] | self | This ASB |
| [in] | outcome | Security Operation outcome containing params and results |
References BSL_AbsSecBlock_IsConsistent(), CHK_POSTCONDITION, CHK_PRECONDITION, BSL_AbsSecBlock_Target_t::results, and BSL_AbsSecBlock_Target_t::target_block_num.
Referenced by BSL_ExecBCBVerifierAcceptor(), and BSL_ExecBIBVerifierAcceptor().
| int BSL_BundleCtx_CreateBlock | ( | BSL_BundleRef_t * | bundle, |
| uint64_t | block_type_code, | ||
| uint64_t * | block_num | ||
| ) |
Request the creation of a new block of a given type in the bundle.
| [in] | bundle | Context bundle |
| [in] | block_type_code | The type of block to be created (e.g, 1 means payload) |
| [out] | block_num | Pointer to integer containing the number of the block just created.abort |
References BSL_HostDescriptors_t::block_create_fn, BSL_ERR_HOST_CALLBACK_FAILED, BSL_SUCCESS, CHK_ARG_EXPR, CHK_ARG_NONNULL, CHK_PRECONDITION, and HostDescriptorTable.
Referenced by BSL_ExecBCBSource(), and BSL_ExecBIBSource().
| int BSL_BundleCtx_DeleteBundle | ( | BSL_BundleRef_t * | bundle, |
| BSL_ReasonCode_t | reason_code | ||
| ) |
Requests dropping of bundle.
| [in] | bundle | Context bundle |
| [in] | reason_code | reason code indicating reason for bundle deletion |
References BSL_ERR_HOST_CALLBACK_FAILED, BSL_SUCCESS, BSL_HostDescriptors_t::bundle_delete_fn, CHK_ARG_NONNULL, CHK_PRECONDITION, and HostDescriptorTable.
Referenced by BSLP_PolicyProvider_HandleFailures().
| int BSL_BundleCtx_GetBlockMetadata | ( | const BSL_BundleRef_t * | bundle, |
| uint64_t | block_num, | ||
| BSL_CanonicalBlock_t * | result_block | ||
| ) |
Returns information about the bundle Canonical block.
| [in] | bundle | Context bundle |
| [in] | block_num | The number of the bundle canonical block we seek information on |
| [out] | result_block | Pointer to allocated memory which contains the results of the query. |
References BSL_HostDescriptors_t::block_metadata_fn, BSL_ERR_HOST_CALLBACK_FAILED, BSL_SUCCESS, CHK_ARG_EXPR, CHK_ARG_NONNULL, CHK_PRECONDITION, and HostDescriptorTable.
Referenced by BSL_API_QuerySecurity(), BSL_ExecAnySource_Post(), BSL_ExecAnyVerifierAcceptor_Pre(), BSL_ExecBIBSource(), BSLX_BCB_Execute(), BSLX_BCB_Init(), BSLX_BIB_Execute(), get_target_block_id(), n_test_BSL_6(), test_BSL_32(), TEST_CASE(), test_dyn_mem_cbs_BSL_32(), and test_RFC9173_AppendixA_Example4_Acceptor().
| int BSL_BundleCtx_GetBundleMetadata | ( | const BSL_BundleRef_t * | bundle, |
| BSL_PrimaryBlock_t * | result_primary_block | ||
| ) |
Calls the host interface to get a bundle primary block information.abort.
| [in] | bundle | Bundle context |
| [out] | result_primary_block | Non-null pointer to result which gets populated on a zero return code. |
References BSL_ERR_HOST_CALLBACK_FAILED, BSL_SUCCESS, BSL_HostDescriptors_t::bundle_metadata_fn, CHK_ARG_NONNULL, CHK_PRECONDITION, and HostDescriptorTable.
Referenced by BSL_API_QuerySecurity(), BSL_TestUtils_ModifyEIDs(), BSLP_PolicyRule_EvaluateAsSecOper(), BSLP_QueryPolicy(), BSLX_BCB_Init(), BSLX_BIB_Execute(), get_target_block_id(), n_test_BSL_6(), test_BSL_32(), TEST_CASE(), test_dyn_mem_cbs_BSL_32(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), and test_RFC9173_AppendixA_Example4_Source().
| BSL_SeqReader_t * BSL_BundleCtx_ReadBTSD | ( | const BSL_BundleRef_t * | bundle, |
| uint64_t | block_num | ||
| ) |
Construct a new sequential reader for BTSD content.
| [in] | bundle | Context bundle |
| [in] | block_num | The unique block number for which BTSD will be read from. |
References BSL_HostDescriptors_t::block_read_btsd_fn, and HostDescriptorTable.
Referenced by BSL_API_QuerySecurity(), BSL_ExecAnyVerifierAcceptor_Pre(), BSLX_BCB_Decrypt(), BSLX_BCB_Encrypt(), BSLX_BIB_GenIPPT(), and TEST_CASE().
| int BSL_BundleCtx_ReallocBTSD | ( | BSL_BundleRef_t * | bundle, |
| uint64_t | block_num, | ||
| size_t | btsd_size | ||
| ) |
Requests the re-allocation of a block's BTSD, useful for BCB.
memcpy().| [in] | bundle | Context bundle |
| [in] | block_num | The unique block number for which BTSD will be resized. |
| [in] | btsd_size | Size of new BTSD content. |
References BSL_HostDescriptors_t::block_realloc_btsd_fn, BSL_HostDescriptors_t::block_remove_fn, BSL_ERR_HOST_CALLBACK_FAILED, BSL_SUCCESS, CHK_ARG_EXPR, CHK_ARG_NONNULL, CHK_PRECONDITION, and HostDescriptorTable.
| int BSL_BundleCtx_RemoveBlock | ( | BSL_BundleRef_t * | bundle, |
| uint64_t | block_num | ||
| ) |
Requests the removal of a block from a bundle.
| [in] | bundle | Context bundle |
| [in] | block_num | Block number to be removed |
References BSL_HostDescriptors_t::block_remove_fn, BSL_ERR_HOST_CALLBACK_FAILED, BSL_SUCCESS, CHK_ARG_EXPR, CHK_ARG_NONNULL, CHK_PRECONDITION, and HostDescriptorTable.
Referenced by BSL_ExecBCBVerifierAcceptor(), BSL_ExecBIBVerifierAcceptor(), and BSLP_PolicyProvider_HandleFailures().
| BSL_SeqWriter_t * BSL_BundleCtx_WriteBTSD | ( | BSL_BundleRef_t * | bundle, |
| uint64_t | block_num, | ||
| size_t | btsd_size | ||
| ) |
Construct a new sequential writer for BTSD content.
| [in] | bundle | Context bundle |
| [in] | block_num | The unique block number for which BTSD will be overwritten. |
| btsd_size | The total total size of BTSD content that will be written. The actual sequence of writes must not exceed this total size or it will be considered an error. If the actual sequence of writes does not reach this size it should be zero-padded and logged as an anomaly. |
References BSL_HostDescriptors_t::block_write_btsd_fn, and HostDescriptorTable.
Referenced by BSLX_BCB_Decrypt(), BSLX_BCB_Encrypt(), and Encode_ASB().
| int BSL_ExecBCBSource | ( | BSL_SecCtx_Execute_f | sec_context_fn, |
| BSL_LibCtx_t * | lib, | ||
| BSL_BundleRef_t * | bundle, | ||
| BSL_SecOper_t * | sec_oper, | ||
| BSL_SecOutcome_t * | outcome | ||
| ) |
References BSL_AbsSecBlock_Deinit(), BSL_AbsSecBlock_Init(), BSL_BundleCtx_CreateBlock(), BSL_ERR_HOST_CALLBACK_FAILED, BSL_ERR_SECURITY_OPERATION_FAILED, BSL_ExecAnySource_Post(), BSL_LOG_ERR, BSL_LOG_INFO, BSL_SECBLOCKTYPE_BCB, BSL_SUCCESS, BSL_TLM_SECOP_FAIL_COUNT, BSL_TLM_SECOP_SOURCE_COUNT, BSL_TlmCounters_IncrementCounter(), and CHK_ARG_NONNULL.
Referenced by BSL_SecCtx_ExecutePolicyActionSet().
| int BSL_ExecBCBVerifierAcceptor | ( | BSL_SecCtx_Execute_f | sec_context_fn, |
| BSL_LibCtx_t * | lib, | ||
| BSL_BundleRef_t * | bundle, | ||
| BSL_SecOper_t * | sec_oper, | ||
| BSL_SecOutcome_t * | outcome | ||
| ) |
References BSL_AbsSecBlock_Deinit(), BSL_AbsSecBlock_Init(), BSL_AbsSecBlock_IsEmpty(), BSL_AbsSecBlock_StripResults(), BSL_BundleCtx_RemoveBlock(), BSL_ERR_FAILURE, BSL_ERR_HOST_CALLBACK_FAILED, BSL_ERR_SECURITY_OPERATION_FAILED, BSL_ExecAnyVerifierAcceptor_Pre(), BSL_LOG_ERR, BSL_SecOper_GetTargetBlockNum(), BSL_SecOper_IsRoleVerifier(), BSL_SUCCESS, BSL_TLM_SECOP_ACCEPTOR_COUNT, BSL_TLM_SECOP_FAIL_COUNT, BSL_TLM_SECOP_VERIFIER_COUNT, BSL_TlmCounters_IncrementCounter(), CHK_ARG_NONNULL, and Encode_ASB().
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), test_RFC9173_AppendixA_Example2_BCB_Acceptor(), and test_sec_accept_keyunwrap().
| int BSL_ExecBIBSource | ( | BSL_SecCtx_Execute_f | sec_context_fn, |
| BSL_LibCtx_t * | lib, | ||
| BSL_BundleRef_t * | bundle, | ||
| BSL_SecOper_t * | sec_oper, | ||
| BSL_SecOutcome_t * | outcome | ||
| ) |
Internal function to execute an operation as source.
References BSL_AbsSecBlock_Deinit(), BSL_AbsSecBlock_Init(), BSL_BundleCtx_CreateBlock(), BSL_BundleCtx_GetBlockMetadata(), BSL_ERR_BUNDLE_OPERATION_FAILED, BSL_ERR_SECURITY_OPERATION_FAILED, BSL_ExecAnySource_Post(), BSL_LOG_ERR, BSL_SECBLOCKTYPE_BIB, BSL_SUCCESS, BSL_TLM_SECOP_FAIL_COUNT, BSL_TLM_SECOP_SOURCE_COUNT, BSL_TlmCounters_IncrementCounter(), CHK_ARG_NONNULL, and CHK_PROPERTY.
Referenced by BSL_SecCtx_ExecutePolicyActionSet().
| int BSL_ExecBIBVerifierAcceptor | ( | BSL_SecCtx_Execute_f | sec_context_fn, |
| BSL_LibCtx_t * | lib, | ||
| BSL_BundleRef_t * | bundle, | ||
| BSL_SecOper_t * | sec_oper, | ||
| BSL_SecOutcome_t * | outcome | ||
| ) |
References BSL_AbsSecBlock_Deinit(), BSL_AbsSecBlock_Init(), BSL_AbsSecBlock_IsEmpty(), BSL_AbsSecBlock_StripResults(), BSL_BundleCtx_RemoveBlock(), BSL_ERR_FAILURE, BSL_ERR_HOST_CALLBACK_FAILED, BSL_ERR_SECURITY_OPERATION_FAILED, BSL_ExecAnyVerifierAcceptor_Pre(), BSL_LOG_ERR, BSL_SecOper_GetTargetBlockNum(), BSL_SecOper_IsConsistent(), BSL_SecOper_IsRoleVerifier(), BSL_SecOutcome_IsConsistent(), BSL_SUCCESS, BSL_TLM_SECOP_ACCEPTOR_COUNT, BSL_TLM_SECOP_FAIL_COUNT, BSL_TLM_SECOP_VERIFIER_COUNT, BSL_TlmCounters_IncrementCounter(), CHK_ARG_NONNULL, CHK_PRECONDITION, and Encode_ASB().
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), and test_sec_accept_keyunwrap().
| int BSL_Host_GetSecSrcEID | ( | BSL_HostEID_t * | eid | ) |
Get the local EID used when this node is a security source.
| [out] | eid | The EID to write into. This must already be initialized. |
References CHK_ARG_NONNULL, CHK_PRECONDITION, BSL_HostDescriptors_t::get_sec_src_eid_fn, HostDescriptorTable, and BSL_HostDescriptors_t::user_data.
Referenced by BSL_ExecAnySource_Post().
| int BSL_HostEID_DecodeFromCBOR | ( | const BSL_Data_t * | encoded_bytes, |
| BSL_HostEID_t * | eid | ||
| ) |
Decode an EID from CBOR.
| [in] | encoded_bytes | CBOR encoded bytes |
| [in,out] | eid | The value to decode into |
References CHK_ARG_NONNULL, CHK_PRECONDITION, BSL_HostDescriptors_t::eid_from_cbor, BSL_HostEID_t::handle, and HostDescriptorTable.
Referenced by BSL_AbsSecBlock_DecodeFromCBOR(), and LLVMFuzzerTestOneInput().
| int BSL_HostEID_DecodeFromText | ( | BSL_HostEID_t * | eid, |
| const char * | text | ||
| ) |
Decode an EID from its text form.
| [out] | eid | The EID to write into. This must already be initialized. |
| [in] | text | The text to read from, which must be non-null. |
References CHK_ARG_NONNULL, CHK_PRECONDITION, BSL_HostDescriptors_t::eid_from_text, BSL_HostEID_t::handle, HostDescriptorTable, and BSL_HostDescriptors_t::user_data.
Referenced by LLVMFuzzerTestOneInput(), main(), test_BSL_HostEID_DecodeFromText_invalid(), test_BSL_HostEID_DecodeFromText_ipn(), test_BSL_HostEID_DecodeFromText_valid(), test_BSL_HostEIDPattern_IsMatch(), test_bsl_mock_encode_bundle(), and test_bsl_mock_encode_primary().
| void BSL_HostEID_Deinit | ( | BSL_HostEID_t * | eid | ) |
De-initialize an abstract EID.
| [in,out] | eid | The object to de-initialize. |
References ASSERT_ARG_NONNULL, ASSERT_PRECONDITION, BSL_HostDescriptors_t::eid_deinit, HostDescriptorTable, and BSL_HostDescriptors_t::user_data.
Referenced by BSL_AbsSecBlock_Deinit(), LLVMFuzzerTestOneInput(), main(), MockBPA_Bundle_Deinit(), test_BSL_HostEID_DecodeFromText_invalid(), test_BSL_HostEID_DecodeFromText_ipn(), test_BSL_HostEID_DecodeFromText_valid(), test_BSL_HostEIDPattern_IsMatch(), test_bsl_loopback_eid(), and test_bsl_mock_encode_primary().
| int BSL_HostEID_EncodeToCBOR | ( | const BSL_HostEID_t * | eid, |
| BSL_Data_t * | encoded_bytes | ||
| ) |
Encode a EID into CBOR.
| [in] | eid | The value to encode |
| [in,out] | encoded_bytes | CBOR encoded bytes |
References CHK_ARG_NONNULL, BSL_HostDescriptors_t::eid_to_cbor, and HostDescriptorTable.
Referenced by BSL_AbsSecBlock_EncodeToCBOR(), bsl_mock_encode_eid_from_ctx(), and LLVMFuzzerTestOneInput().
| void BSL_HostEID_Init | ( | BSL_HostEID_t * | eid | ) |
Initialize an abstract EID.
| [out] | eid | The object to initialize. |
References ASSERT_ARG_NONNULL, ASSERT_PRECONDITION, BSL_HostDescriptors_t::eid_init, HostDescriptorTable, and BSL_HostDescriptors_t::user_data.
Referenced by BSL_AbsSecBlock_Init(), LLVMFuzzerTestOneInput(), main(), MockBPA_Bundle_Init(), test_BSL_HostEID_DecodeFromText_invalid(), test_BSL_HostEID_DecodeFromText_ipn(), test_BSL_HostEID_DecodeFromText_valid(), test_BSL_HostEIDPattern_IsMatch(), test_bsl_loopback_eid(), and test_bsl_mock_encode_primary().
| int BSL_HostEIDPattern_DecodeFromText | ( | BSL_HostEIDPattern_t * | pat, |
| const char * | text | ||
| ) |
Decode an EID Pattern from its text form.
| [out] | pat | The pattern to write into. This must already be initialized. |
| [in] | text | The text to read from, which must be non-null. |
References CHK_ARG_NONNULL, CHK_PRECONDITION, BSL_HostDescriptors_t::eidpat_from_text, HostDescriptorTable, and BSL_HostDescriptors_t::user_data.
Referenced by BSL_TestUtils_GetEidPatternFromText(), BSLP_PolicyPredicate_InitFrom(), LLVMFuzzerTestOneInput(), test_BSL_HostEIDPattern_DecodeFromText_invalid(), test_BSL_HostEIDPattern_DecodeFromText_valid(), test_BSL_HostEIDPattern_IsMatch(), and TEST_CASE().
| void BSL_HostEIDPattern_Deinit | ( | BSL_HostEIDPattern_t * | pat | ) |
De-initialize an abstract EID Pattern.
| [in,out] | pat | The object to de-initialize. |
References ASSERT_ARG_NONNULL, BSL_HostDescriptors_t::eidpat_deinit, HostDescriptorTable, and BSL_HostDescriptors_t::user_data.
Referenced by BSLP_PolicyPredicate_Deinit(), LLVMFuzzerTestOneInput(), test_BSL_HostEIDPattern_DecodeFromText_invalid(), test_BSL_HostEIDPattern_DecodeFromText_valid(), test_BSL_HostEIDPattern_IsMatch(), and TEST_CASE().
| int BSL_HostEIDPattern_Init | ( | BSL_HostEIDPattern_t * | pat | ) |
Initialize an abstract EID Pattern.
| [out] | pat | The object to initialize. |
References CHK_ARG_NONNULL, CHK_PRECONDITION, BSL_HostDescriptors_t::eidpat_init, HostDescriptorTable, and BSL_HostDescriptors_t::user_data.
Referenced by BSL_TestUtils_GetEidPatternFromText(), BSLP_PolicyPredicate_Init(), LLVMFuzzerTestOneInput(), test_BSL_HostEIDPattern_DecodeFromText_invalid(), test_BSL_HostEIDPattern_DecodeFromText_valid(), test_BSL_HostEIDPattern_IsMatch(), and TEST_CASE().
| bool BSL_HostEIDPattern_IsMatch | ( | const BSL_HostEIDPattern_t * | pat, |
| const BSL_HostEID_t * | eid | ||
| ) |
Determine if an EID Pattern matches a specific EID.
| [in] | pat | The pattern to compare. |
| [in] | eid | The EID to compare. |
References ASSERT_ARG_NONNULL, ASSERT_PRECONDITION, BSL_HostDescriptors_t::eidpat_match, HostDescriptorTable, and BSL_HostDescriptors_t::user_data.
Referenced by BSLP_PolicyPredicate_IsMatch(), and test_BSL_HostEIDPattern_IsMatch().
| void BSL_IdValPair_Deinit | ( | BSL_IdValPair_t * | self | ) |
De-initialize a parameter.
| [in,out] | self | The object to deinitialize. |
References ASSERT_ARG_NONNULL, BSL_IDVALPAIR_TYPE_BYTESTR, BSL_IDVALPAIR_TYPE_INT64, BSL_IDVALPAIR_TYPE_RAW, BSL_IDVALPAIR_TYPE_TEXTSTR, and BSL_IDVALPAIR_TYPE_UNKNOWN.
Referenced by _tearDown(), BCBTestContext_Deinit(), BIBTestContext_Deinit(), BSL_IdValPair_Move(), BSL_IdValPair_Set(), BSL_IdValPair_SetBytestr(), BSL_IdValPair_SetInt64(), BSL_IdValPair_SetRaw(), BSL_IdValPair_SetTextstr(), BSLP_InitParams_Deinit(), PublicInterfaceTestCtx_deinit(), and test_SecurityContext_BIB_Verifier_Failure().
| int BSL_IdValPair_GetAsBytestr | ( | const BSL_IdValPair_t * | self, |
| BSL_Data_t * | out | ||
| ) |
Retrieve byte string value of a parameter.
| [in] | self | This Security Parameter |
| [out] | out | Pointer to optional struct which will be made a view onto this parameter value. That view must not outlive this pair instance. |
References BSL_Data_InitView(), BSL_IdValPair_IsConsistent(), BSL_IDVALPAIR_TYPE_BYTESTR, BSL_SUCCESS, CHK_PRECONDITION, and CHK_PROPERTY.
Referenced by BSL_IdValPair_Encode(), BSL_IdValPair_Print(), BSLX_BCB_Execute(), BSLX_BCB_GetOptions(), BSLX_BIB_Execute(), BSLX_BIB_InitFromSecOper(), test_RFC9173_AppendixA_Example1_BIB_Source(), test_RFC9173_AppendixA_Example2_BCB_Source(), and test_sec_source_keywrap().
| int BSL_IdValPair_GetAsInt64 | ( | const BSL_IdValPair_t * | self, |
| int64_t * | out | ||
| ) |
Retrieve integer value of result when this result type is integer.
| [in] | self | This Security Parameter |
| [out] | out | The optional value |
References ASSERT_ARG_NONNULL, ASSERT_PRECONDITION, BSL_IDVALPAIR_TYPE_INT64, and BSL_SUCCESS.
Referenced by BSL_IdValPair_Encode(), BSLX_BCB_Execute(), BSLX_BCB_GetOptions(), BSLX_BIB_Execute(), and BSLX_BIB_InitFromSecOper().
| int BSL_IdValPair_GetAsTextstr | ( | const BSL_IdValPair_t * | self, |
| const char ** | out | ||
| ) |
Retrieve bytestring value of result when security parameter type is bytestring.
| [in] | self | This Security Parameter |
| [in,out] | out | Pointer to optional string pointer for view onto this parameter value. |
References BSL_IdValPair_IsConsistent(), BSL_IDVALPAIR_TYPE_TEXTSTR, BSL_SUCCESS, CHK_PRECONDITION, and CHK_PROPERTY.
Referenced by BSL_IdValPair_Print(), BSLX_BCB_GetOptions(), and BSLX_BIB_InitFromSecOper().
| uint64_t BSL_IdValPair_GetId | ( | const BSL_IdValPair_t * | self | ) |
Get parameter ID of this param.
| [in] | self | This BPSec Param type |
References ASSERT_PRECONDITION, and BSL_IdValPair_IsConsistent().
Referenced by BSLX_BCB_GetOptions(), BSLX_BIB_InitFromSecOper(), and test_SecurityContext_BIB_Verifier_Failure().
| void BSL_IdValPair_Init | ( | BSL_IdValPair_t * | self | ) |
Initialize to a default empty state.
| [out] | self | The object to initialize. |
References ASSERT_ARG_NONNULL, and BSL_IDVALPAIR_TYPE_UNKNOWN.
Referenced by _setUp(), BCBTestContext_Init(), BIBTestContext_Init(), BSL_IdValPair_InitSet(), BSL_TestUtils_GetRFC9173_A1Params(), BSLP_InitParams_Init(), and PublicInterfaceTestCtx_init().
| void BSL_IdValPair_InitSet | ( | BSL_IdValPair_t * | self, |
| const BSL_IdValPair_t * | src | ||
| ) |
Initialize to a copy of another value.
| [out] | self | The object to initialize. |
| [in] | src | The source of the copy. |
References BSL_IdValPair_Init(), and BSL_IdValPair_Set().
| bool BSL_IdValPair_IsBytestr | ( | const BSL_IdValPair_t * | self | ) |
Returns true when the value type is a byte string.
| [in] | self | This Security Parameter |
References BSL_IDVALPAIR_TYPE_BYTESTR, and CHK_AS_BOOL.
Referenced by BSL_IdValPair_Encode(), BSL_IdValPair_Print(), and BSLX_BIB_Execute().
| bool BSL_IdValPair_IsConsistent | ( | const BSL_IdValPair_t * | self | ) |
Return true if invariant conditions pass.
| [in] | self | This security parameter |
References BSL_IDVALPAIR_TYPE_TEXTSTR, BSL_IDVALPAIR_TYPE_UNKNOWN, and CHK_AS_BOOL.
Referenced by BSL_IdValPair_GetAsBytestr(), BSL_IdValPair_GetAsTextstr(), BSL_IdValPair_GetId(), BSL_SecOper_AppendOption(), and BSL_SecOper_AppendParam().
| bool BSL_IdValPair_IsInt64 | ( | const BSL_IdValPair_t * | self | ) |
Returns true when the value type is an integer.
| [in] | self | This Security Parameter |
References BSL_IDVALPAIR_TYPE_INT64, and CHK_AS_BOOL.
Referenced by BSL_IdValPair_Encode(), and BSL_IdValPair_Print().
| bool BSL_IdValPair_IsTextstr | ( | const BSL_IdValPair_t * | self | ) |
Returns true when the value type is a text string.
| [in] | self | This Security Parameter |
References BSL_IDVALPAIR_TYPE_TEXTSTR, and CHK_AS_BOOL.
Referenced by BSL_IdValPair_Print().
| void BSL_IdValPair_Move | ( | BSL_IdValPair_t * | self, |
| BSL_IdValPair_t * | src | ||
| ) |
Move from another value.
The other value is left deinitialized.
| [in,out] | self | The object to overwrite. |
| [in] | src | The source of the copy. |
References ASSERT_ARG_NONNULL, BSL_IdValPair_Deinit(), BSL_IDVALPAIR_TYPE_BYTESTR, BSL_IDVALPAIR_TYPE_INT64, BSL_IDVALPAIR_TYPE_RAW, BSL_IDVALPAIR_TYPE_TEXTSTR, and BSL_IDVALPAIR_TYPE_UNKNOWN.
Referenced by test_MultiplePolicyProviders(), and test_PolicyProvider_Inspect_RFC9173_BIB().
| void BSL_IdValPair_Set | ( | BSL_IdValPair_t * | self, |
| const BSL_IdValPair_t * | src | ||
| ) |
Overwrite with a copy of another value.
| [in,out] | self | The object to overwrite. |
| [in] | src | The source of the copy. |
References ASSERT_ARG_NONNULL, BSL_IdValPair_Deinit(), BSL_IDVALPAIR_TYPE_BYTESTR, BSL_IDVALPAIR_TYPE_INT64, BSL_IDVALPAIR_TYPE_RAW, BSL_IDVALPAIR_TYPE_TEXTSTR, and BSL_IDVALPAIR_TYPE_UNKNOWN.
Referenced by _setUp(), BSL_IdValPair_InitSet(), BSLP_RegisterPolicyFromBitstring(), BSLP_RegisterPolicyFromJSON(), and setUp().
| void BSL_IdValPair_SetBytestr | ( | BSL_IdValPair_t * | self, |
| uint64_t | param_id, | ||
| BSL_Data_t | value | ||
| ) |
Initialize as a parameter containing a bytestring.
| [in,out] | self | This Security Parameter |
| [in] | param_id | ID of the parameter |
| [in] | value | View of bytes, which get copied into this Security Parameter. |
References ASSERT_ARG_NONNULL, BSL_IdValPair_Deinit(), BSL_IDVALPAIR_TYPE_BYTESTR, BSL_Data_t::len, and BSL_Data_t::ptr.
Referenced by BSL_IdValPair_Decode(), BSLX_BCB_Execute(), BSLX_BIB_Execute(), and setUp().
| void BSL_IdValPair_SetInt64 | ( | BSL_IdValPair_t * | self, |
| uint64_t | param_id, | ||
| uint64_t | value | ||
| ) |
Set to an signed integer value.
| [in,out] | self | This Security Parameter |
| [in] | param_id | ID of the parameter |
| [in] | value | The value to use. |
References ASSERT_ARG_NONNULL, BSL_IdValPair_Deinit(), and BSL_IDVALPAIR_TYPE_INT64.
Referenced by _setUp(), BSL_IdValPair_Decode(), BSL_TestUtils_GetRFC9173_A1Params(), BSL_TestUtils_InitBCB_Appendix2(), BSL_TestUtils_InitBIB_AppendixA1(), BSLP_RegisterPolicyFromBitstring(), BSLP_RegisterPolicyFromJSON(), BSLX_BCB_Execute(), BSLX_BIB_Execute(), setUp(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), test_sec_accept_keyunwrap(), and test_sec_source_keywrap().
| void BSL_IdValPair_SetRaw | ( | BSL_IdValPair_t * | self, |
| uint64_t | param_id, | ||
| const void * | ptr, | ||
| size_t | len | ||
| ) |
Initialize as a parameter containing raw encoded content.
| [in,out] | self | This Security Parameter |
| [in] | param_id | ID of the parameter |
| [in] | ptr | The stat of the data. |
| len | The length to copy. |
References ASSERT_ARG_NONNULL, BSL_IdValPair_Deinit(), and BSL_IDVALPAIR_TYPE_RAW.
Referenced by BSL_IdValPair_Decode().
| void BSL_IdValPair_SetTextstr | ( | BSL_IdValPair_t * | self, |
| uint64_t | param_id, | ||
| const char * | value | ||
| ) |
Initialize as a parameter containing a byte string with a null-terminated text value.
| [in,out] | self | This Security Parameter |
| [in] | param_id | ID of the parameter |
| [in] | value | text string of the parameter, copied into self |
References ASSERT_ARG_NONNULL, BSL_IdValPair_Deinit(), and BSL_IDVALPAIR_TYPE_TEXTSTR.
Referenced by _setUp(), BSL_TestUtils_GetRFC9173_A1Params(), BSL_TestUtils_InitBCB_Appendix2(), BSL_TestUtils_InitBIB_AppendixA1(), BSLP_RegisterPolicyFromBitstring(), BSLP_RegisterPolicyFromJSON(), setUp(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), test_sec_accept_keyunwrap(), test_sec_source_keywrap(), and test_SecurityContext_BIB_Verifier_Failure().
| size_t BSL_IdValPair_Sizeof | ( | void | ) |
Return size of BSL_IdValPair_s struct type.
Referenced by BSLP_InitParams_Init().
| char * BSL_Log_DumpAsHexString | ( | char * | dstbuf, |
| size_t | dstlen, | ||
| const uint8_t * | srcbuf, | ||
| size_t | srclen | ||
| ) |
Helper function to print the ASCII encoding of a given byte stream to a given target buffer.
| dstbuf | Pointer to a buffer where the C string should go. |
| dstlen | The length in bytes of dstbuf |
| srcbuf | Pointer to the buffer containing the byte stream to be printed. |
| srclen | The length in bytes of srcbuf. |
dstbuf. References ASSERT_ARG_NONNULL.
Referenced by BSL_IdValPair_Print(), BSL_TestUtils_PrintHexToBuffer(), test_RFC9173_AppendixA_Example2_BCB_Acceptor(), test_RFC9173_AppendixA_Example2_BCB_Source(), test_sec_accept_keyunwrap(), and test_sec_source_keywrap().
| void BSL_LogEvent | ( | int | severity, |
| const char * | filename, | ||
| int | lineno, | ||
| const char * | funcname, | ||
| const char * | format, | ||
| ... | |||
| ) |
Log an event.
| severity | The severity from a subset of the POSIX syslog values. | |
| [in] | filename | The originating file name, which may include directory parts. |
| [in] | lineno | The originating file line number. |
| [in] | funcname | The originating function name. |
| [in] | format | The log message format string. |
| ... | Values for the format string. |
References BSL_LogIsEnabledFor(), HostDescriptorTable, BSL_HostDescriptors_t::log_event, and log_sev_names.
| bool BSL_LogIsEnabledFor | ( | int | severity | ) |
Determine if a particular severity is being logged.
This function is multi-thread safe.
| severity | The severity from a subset of the POSIX syslog values. |
References HostDescriptorTable, and BSL_HostDescriptors_t::log_is_enabled_for.
Referenced by BSL_LogEvent().
| int BSL_PolicyRegistry_FinalizeActions | ( | const BSL_LibCtx_t * | bsl, |
| const BSL_SecurityActionSet_t * | policy_actions, | ||
| BSL_BundleRef_t * | bundle, | ||
| const BSL_SecurityResponseSet_t * | response_output | ||
| ) |
Finalizes policy provider for sec ops & sec results for a bundle.
| [in] | bsl | BSL library context |
| [in] | policy_actions | A policy action set, which may contain error codes and other info. [Zeroed, pre-allocated and memory owned by caller] Caller-allocated, zeroed space for action set |
| [in,out] | bundle | Bundle seeking security operations |
| [in] | response_output | results from security context |
| [in] | location | Where in the BPA lifecycle this query arises from |
References bsl, BSL_ERR_POLICY_FINAL, BSL_SecurityActionSet_CountActions(), BSL_SUCCESS, CHK_ARG_NONNULL, and policy.
Referenced by BSL_API_ApplySecurity(), and test_MultiplePolicyProviders().
| int BSL_PolicyRegistry_InspectActions | ( | const BSL_LibCtx_t * | bsl, |
| BSL_SecurityActionSet_t * | output_action_set, | ||
| const BSL_BundleRef_t * | bundle, | ||
| BSL_PolicyLocation_e | location | ||
| ) |
Queries the policy provider for any security operations to take on the bundle.
| [in] | bsl | BSL library context |
| [out] | output_action_set | policy action set, which may contain error codes and other info. [Zeroed, pre-allocated and memory owned by caller] Caller-allocated, zeroed space for action set |
| [in,out] | bundle | Bundle seeking security operations |
| [in] | location | Where in the BPA lifecycle this query arises from |
References bsl, BSL_ERR_POLICY_FINAL, BSL_LOG_INFO, BSL_SecurityActionSet_CountActions(), BSL_SUCCESS, CHK_ARG_NONNULL, and policy.
Referenced by BSL_API_QuerySecurity(), test_MultiplePolicyProviders(), test_PolicyProvider_Inspect_RFC9173_BIB(), test_PolicyProvider_InspectEmptyRuleset(), and test_PolicyProvider_InspectSingleBIBRuleset().
| int BSL_SecCtx_ExecutePolicyActionSet | ( | BSL_LibCtx_t * | lib, |
| BSL_SecurityResponseSet_t * | output_response, | ||
| BSL_BundleRef_t * | bundle, | ||
| const BSL_SecurityActionSet_t * | action_set | ||
| ) |
Call the underlying security context to perform the given action.
| [in] | lib | This BSL context |
| [out] | output_response | Pointer to allocated, zeroed memory into which the response is populated |
| [in,out] | bundle | Pointer to bundle, which may be modified. |
| [in] | action_set | Action containing all params and operations. |
Notes:
References action_set, ASSERT_PROPERTY, BSL_calloc(), BSL_ExecBCBSource(), BSL_ExecBCBVerifierAcceptor(), BSL_ExecBIBSource(), BSL_ExecBIBVerifierAcceptor(), BSL_free(), BSL_LOG_ERR, BSL_LOG_INFO, BSL_REASONCODE_FAILED_SECOP, BSL_REASONCODE_NO_ADDITIONAL_INFO, BSL_SECOP_CONCLUSION_FAILURE, BSL_SECOP_CONCLUSION_SUCCESS, BSL_SecOper_GetReasonCode(), BSL_SecOper_IsBIB(), BSL_SecOper_IsRoleSource(), BSL_SecOper_SetConclusion(), BSL_SecOper_SetReasonCode(), BSL_SecOutcome_Deinit(), BSL_SecOutcome_Init(), BSL_SecOutcome_Sizeof(), BSL_SecurityAction_CountSecOpers(), BSL_SecurityAction_GetSecOperAtIndex(), BSL_SecurityActionSet_IsConsistent(), BSL_SecurityResponseSet_AppendResult(), BSL_SUCCESS, CHK_ARG_NONNULL, and CHK_PRECONDITION.
Referenced by BSL_API_ApplySecurity(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), test_SecurityContext_BIB_Acceptor(), test_SecurityContext_BIB_Source(), test_SecurityContext_BIB_Verifier(), and test_SecurityContext_BIB_Verifier_Failure().
| bool BSL_SecCtx_ValidatePolicyActionSet | ( | BSL_LibCtx_t * | lib, |
| const BSL_BundleRef_t * | bundle, | ||
| const BSL_SecurityActionSet_t * | action_set | ||
| ) |
Validate policy action set.
| [in] | lib | This BSL context |
| [in,out] | bundle | Pointer to bundle, which may be modified. |
| [in] | action_set | Action containing all params and operations. |
References action_set.
Referenced by BSL_API_QuerySecurity().
| void BSL_SecOper_AppendOption | ( | BSL_SecOper_t * | self, |
| const BSL_IdValPair_t * | option | ||
| ) |
Add the given option to this operation.
| [in,out] | self | This security operation |
| [in] | option | Security option to include. |
References ASSERT_ARG_EXPR, ASSERT_POSTCONDITION, ASSERT_PRECONDITION, BSL_IdValPair_IsConsistent(), and BSL_SecOper_IsConsistent().
Referenced by BSL_TestUtils_InitBCB_Appendix2(), BSL_TestUtils_InitBIB_AppendixA1(), BSLP_PolicyRule_EvaluateAsSecOper(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), test_sec_accept_keyunwrap(), and test_sec_source_keywrap().
| void BSL_SecOper_AppendParam | ( | BSL_SecOper_t * | self, |
| const BSL_IdValPair_t * | param | ||
| ) |
Add the given security parameter to this operation manually.
| [in,out] | self | This security operation |
| [in] | param | Security parameter to include. |
References ASSERT_ARG_EXPR, ASSERT_POSTCONDITION, ASSERT_PRECONDITION, BSL_IdValPair_IsConsistent(), and BSL_SecOper_IsConsistent().
| size_t BSL_SecOper_CountOptions | ( | const BSL_SecOper_t * | self | ) |
Get the count of parameters contained within this security operation.
| self | This security operation. |
References ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by test_PolicyProvider_Inspect_RFC9173_BIB().
| void BSL_SecOper_Deinit | ( | BSL_SecOper_t * | self | ) |
Empty and release any resources used internally by this structure.
Certain backend implementations may create dynamic data structures that may need to be cleaned up, so it is essential to call this under all circumstances.
| [in,out] | self | Non-NULL pointer to this security operation |
References ASSERT_ARG_NONNULL.
Referenced by BCBTestContext_Deinit(), BIBTestContext_Deinit(), BSLP_QueryPolicy(), and test_SamplePolicyProvider_WildcardPolicyRuleVerifiesBIB().
| const BSL_IdValPair_t * BSL_SecOper_FindOption | ( | const BSL_SecOper_t * | self, |
| uint64_t | option_id | ||
| ) |
Returns a pointer to the Security Parameter at a given index in the list of all parameters.
| [in] | self | This security operation |
| option_id | The internal option ID value to search for. |
References ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSLX_BCB_GetOptions(), and BSLX_BIB_InitFromSecOper().
| const BSL_IdValPair_t * BSL_SecOper_FindParam | ( | const BSL_SecOper_t * | self, |
| uint64_t | param_id | ||
| ) |
Returns a pointer to the Security Parameter at a given index in the list of all parameters.
| [in] | self | This security operation |
| param_id | The parameter ID value to search for. |
References ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSLX_BCB_Execute(), and BSLX_BIB_Execute().
| const BSL_IdValPair_t * BSL_SecOper_FindResult | ( | const BSL_SecOper_t * | self, |
| uint64_t | param_id | ||
| ) |
Returns a pointer to the Security Parameter at a given index in the list of all parameters.
| [in] | self | This security operation |
| [in] | index | Index of security parameter list to retrieve from |
References ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSLX_BCB_Execute(), and BSLX_BIB_Execute().
| BSL_SecOper_ConclusionState_e BSL_SecOper_GetConclusion | ( | const BSL_SecOper_t * | self | ) |
Retrieve the conclusion state of a security operation.
| [in] | self | The security operation |
References ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSL_API_ApplySecurity(), BSLP_FinalizePolicy(), test_BSL_32(), TEST_CASE(), and test_dyn_mem_cbs_BSL_32().
| BSL_PolicyAction_e BSL_SecOper_GetPolicyAction | ( | const BSL_SecOper_t * | self | ) |
Retrieve the policy action of a security operation.
| [in] | self | The security operation |
References ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSLP_PolicyProvider_HandleFailures().
| BSL_ReasonCode_t BSL_SecOper_GetReasonCode | ( | const BSL_SecOper_t * | self | ) |
Get security operation reason code.
| [in] | self | the security operation |
References ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), and BSLP_PolicyProvider_HandleFailures().
| uint64_t BSL_SecOper_GetSecurityBlockNum | ( | const BSL_SecOper_t * | self | ) |
Get the block number of the security block containing this sec operation.
| [in] | self | This security operation |
References ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSLP_QueryPolicy(), BSLX_BCB_Execute(), and BSLX_BIB_Execute().
| uint64_t BSL_SecOper_GetTargetBlockNum | ( | const BSL_SecOper_t * | self | ) |
Get the block number of the target block covered by this security operation.
| [in] | self | This security operation |
References ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSL_ExecBCBVerifierAcceptor(), BSL_ExecBIBVerifierAcceptor(), BSLP_PolicyProvider_HandleFailures(), BSLP_QueryPolicy(), BSLX_BCB_Execute(), BSLX_BCB_Init(), and BSLX_BIB_Execute().
| void BSL_SecOper_Init | ( | BSL_SecOper_t * | self | ) |
Initialize a newly allocated structure.
| [in,out] | self | Non-NULL pointer to this security operation |
References ASSERT_ARG_NONNULL.
Referenced by BCBTestContext_Init(), BIBTestContext_Init(), BSL_TestUtils_InitMallocBIBActionSet(), BSLP_QueryPolicy(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), and test_SamplePolicyProvider_WildcardPolicyRuleVerifiesBIB().
| void BSL_SecOper_InitSet | ( | BSL_SecOper_t * | self, |
| const BSL_SecOper_t * | src | ||
| ) |
Initialize from a copy.
| [in,out] | self | Non-NULL pointer to this security operation |
| [in] | src | Non-NULL pointer to this source to copy from. |
References ASSERT_ARG_NONNULL, ASSERT_POSTCONDITION, and BSL_SecOper_IsConsistent().
| bool BSL_SecOper_IsBIB | ( | const BSL_SecOper_t * | self | ) |
Return true if this security operation is BIB.
| [in] | self | This security operation |
References ASSERT_PRECONDITION, BSL_SECBLOCKTYPE_BIB, and BSL_SecOper_IsConsistent().
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), BSLP_QueryPolicy(), and test_SamplePolicyProvider_WildcardPolicyRuleVerifiesBIB().
| bool BSL_SecOper_IsConsistent | ( | const BSL_SecOper_t * | self | ) |
Returns true if internal consistency and sanity checks pass.
| [in] | self | This security operation |
References BSL_SECBLOCKTYPE_BCB, BSL_SECBLOCKTYPE_BIB, BSL_SECOP_CONCLUSION_FAILURE, BSL_SECOP_CONCLUSION_PENDING, BSL_SECROLE_ACCEPTOR, BSL_SECROLE_SOURCE, BSL_SECROLE_VERIFIER, and CHK_AS_BOOL.
Referenced by BSL_ExecBIBVerifierAcceptor(), BSL_SecOper_AppendOption(), BSL_SecOper_AppendParam(), BSL_SecOper_CountOptions(), BSL_SecOper_FindOption(), BSL_SecOper_FindParam(), BSL_SecOper_FindResult(), BSL_SecOper_GetConclusion(), BSL_SecOper_GetPolicyAction(), BSL_SecOper_GetReasonCode(), BSL_SecOper_GetSecurityBlockNum(), BSL_SecOper_GetTargetBlockNum(), BSL_SecOper_InitSet(), BSL_SecOper_IsBIB(), BSL_SecOper_IsRoleAcceptor(), BSL_SecOper_IsRoleSource(), BSL_SecOper_IsRoleVerifier(), BSL_SecOper_Populate(), BSL_SecOper_Set(), BSL_SecOper_SetConclusion(), BSL_SecOper_SetReasonCode(), BSL_SecOutcome_Init(), and BSLX_BIB_Execute().
| bool BSL_SecOper_IsRoleAcceptor | ( | const BSL_SecOper_t * | self | ) |
Return true if this security operation's role is Acceptor.
| [in] | self | This Security Operation |
References ASSERT_PRECONDITION, BSL_SecOper_IsConsistent(), and BSL_SECROLE_ACCEPTOR.
Referenced by BSLX_BCB_Execute().
| bool BSL_SecOper_IsRoleSource | ( | const BSL_SecOper_t * | self | ) |
Return true if this security operation's role is SOURCE.
| [in] | self | This Security Operation |
References ASSERT_PRECONDITION, BSL_SecOper_IsConsistent(), and BSL_SECROLE_SOURCE.
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), BSLP_QueryPolicy(), BSLX_BCB_Init(), and BSLX_BIB_InitFromSecOper().
| bool BSL_SecOper_IsRoleVerifier | ( | const BSL_SecOper_t * | self | ) |
Return true if this security operation's role is Verifier.
| [in] | self | This Security Operation |
References ASSERT_PRECONDITION, BSL_SecOper_IsConsistent(), and BSL_SECROLE_VERIFIER.
Referenced by BSL_ExecBCBVerifierAcceptor(), and BSL_ExecBIBVerifierAcceptor().
| void BSL_SecOper_Populate | ( | BSL_SecOper_t * | self, |
| int64_t | context_id, | ||
| uint64_t | target_block_num, | ||
| uint64_t | sec_block_num, | ||
| BSL_SecBlockType_e | sec_type, | ||
| BSL_SecRole_e | sec_role, | ||
| BSL_PolicyAction_e | policy_action | ||
| ) |
Populate an initialized Security Operation with the given values.
| [in,out] | self | Non-NULL pointer to this security operation. |
| [in] | context_id | ID of the security context |
| [in] | target_block_num | Block ID of security target block |
| [in] | sec_block_num | Block ID of security block. |
| [in] | sec_type | Member of BSL_SecBlockType_e enum indicating BIB or BCB |
| [in] | sec_role | Member of BSL_SecRole_e enum indicating role. |
| [in] | policy_action | Member of BSL_PolicyAction_e enum indicating failure policy |
References ASSERT_ARG_NONNULL, ASSERT_POSTCONDITION, BSL_REASONCODE_NO_ADDITIONAL_INFO, BSL_SECOP_CONCLUSION_PENDING, and BSL_SecOper_IsConsistent().
Referenced by BSL_TestUtils_InitBCB_Appendix2(), BSL_TestUtils_InitBIB_AppendixA1(), BSLP_PolicyRule_EvaluateAsSecOper(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), test_sec_accept_keyunwrap(), and test_sec_source_keywrap().
| void BSL_SecOper_Set | ( | BSL_SecOper_t * | self, |
| const BSL_SecOper_t * | src | ||
| ) |
Set from a copy.
| [in,out] | self | Non-NULL pointer to this security operation |
| [in] | src | Non-NULL pointer to this source to copy from. |
References ASSERT_POSTCONDITION, ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
| void BSL_SecOper_SetConclusion | ( | BSL_SecOper_t * | self, |
| BSL_SecOper_ConclusionState_e | new_conclusion | ||
| ) |
Set the security operation conclusion state.
| [in,out] | self | security operation to change conclusion state of |
| [in] | new_conclusion | new conclusion to set to |
References ASSERT_POSTCONDITION, ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), and BSLP_QueryPolicy().
| void BSL_SecOper_SetReasonCode | ( | BSL_SecOper_t * | self, |
| BSL_ReasonCode_t | new_reason_code | ||
| ) |
Set the security operation reason code.
| [in,out] | self | security operation to change reason code of |
| [in] | new_reason_code | new reason code to set to |
References ASSERT_POSTCONDITION, ASSERT_PRECONDITION, and BSL_SecOper_IsConsistent().
Referenced by BSL_API_QuerySecurity(), and BSL_SecCtx_ExecutePolicyActionSet().
| size_t BSL_SecOper_Sizeof | ( | void | ) |
Referenced by BSLP_QueryPolicy().
| BSL_IdValPair_t * BSL_SecOutcome_AppendParam | ( | BSL_SecOutcome_t * | self | ) |
Append a Security Parameter to this outcome.
| [in,out] | self | Non-NULL pointer to this security outcome. |
References ASSERT_PRECONDITION, and BSL_SecOutcome_IsConsistent().
Referenced by BSLX_BCB_Execute(), and BSLX_BIB_Execute().
| BSL_IdValPair_t * BSL_SecOutcome_AppendResult | ( | BSL_SecOutcome_t * | self | ) |
Append a Security Result to this outcome.
| [in,out] | self | Non-NULL pointer to this security outcome. |
References ASSERT_PRECONDITION, and BSL_SecOutcome_IsConsistent().
Referenced by BSLX_BCB_Execute(), and BSLX_BIB_Execute().
| size_t BSL_SecOutcome_CountParams | ( | const BSL_SecOutcome_t * | self | ) |
Returns number of parameters in this outcome.
| [in] | self | This outcome |
References ASSERT_PRECONDITION, and BSL_SecOutcome_IsConsistent().
Referenced by test_sec_source_keywrap().
| size_t BSL_SecOutcome_CountResults | ( | const BSL_SecOutcome_t * | self | ) |
Get the number of results.
| [in] | self | this sec outcome |
References ASSERT_PRECONDITION, and BSL_SecOutcome_IsConsistent().
Referenced by test_RFC9173_AppendixA_Example1_BIB_Source(), test_RFC9173_AppendixA_Example2_BCB_Acceptor(), test_RFC9173_AppendixA_Example2_BCB_Source(), and test_sec_source_keywrap().
| void BSL_SecOutcome_Deinit | ( | BSL_SecOutcome_t * | self | ) |
Release any resources owned by this security outcome.
| [in,out] | self | Non-Null pointer to this security outcome. |
References ASSERT_PRECONDITION, and BSL_SecOutcome_IsConsistent().
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), test_RFC9173_AppendixA_Example1_BIB_Source(), test_RFC9173_AppendixA_Example2_BCB_Acceptor(), test_RFC9173_AppendixA_Example2_BCB_Source(), test_sec_accept_keyunwrap(), and test_sec_source_keywrap().
| const BSL_IdValPair_t * BSL_SecOutcome_GetParamAt | ( | const BSL_SecOutcome_t * | self, |
| size_t | index | ||
| ) |
Get the security parameter from the security outcome at the provided index.
| [in] | self | security outcome |
| [in] | index | index to retrieve security parameter from |
References ASSERT_PRECONDITION, and BSL_SecOutcome_IsConsistent().
Referenced by test_sec_source_keywrap().
| const BSL_IdValPair_t * BSL_SecOutcome_GetResultAtIndex | ( | const BSL_SecOutcome_t * | self, |
| size_t | index | ||
| ) |
Get the result at index i.
Panics if i is out of range.
| [in] | self | This outcome |
| [in] | index | Index in the list to retrieve |
References ASSERT_PRECONDITION, and BSL_SecOutcome_IsConsistent().
Referenced by test_RFC9173_AppendixA_Example1_BIB_Source(), test_RFC9173_AppendixA_Example2_BCB_Source(), and test_sec_source_keywrap().
| void BSL_SecOutcome_Init | ( | BSL_SecOutcome_t * | self, |
| const BSL_SecOper_t * | sec_oper | ||
| ) |
Populate a pre-allocated security outcome struct.
| [in,out] | self | Non-Null pointer to this security outcome. |
| [in] | sec_oper | Security operation containing the necessary info. |
References ASSERT_ARG_NONNULL, ASSERT_POSTCONDITION, ASSERT_PRECONDITION, BSL_SecOper_IsConsistent(), and BSL_SecOutcome_IsConsistent().
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), test_RFC9173_AppendixA_Example1_BIB_Source(), test_RFC9173_AppendixA_Example2_BCB_Acceptor(), test_RFC9173_AppendixA_Example2_BCB_Source(), test_sec_accept_keyunwrap(), and test_sec_source_keywrap().
| bool BSL_SecOutcome_IsConsistent | ( | const BSL_SecOutcome_t * | self | ) |
Return true if internal invariants hold.
| [in] | self | This sec outcome. |
References CHK_AS_BOOL.
Referenced by BSL_ExecBIBVerifierAcceptor(), BSL_SecOutcome_AppendParam(), BSL_SecOutcome_AppendResult(), BSL_SecOutcome_CountParams(), BSL_SecOutcome_CountResults(), BSL_SecOutcome_Deinit(), BSL_SecOutcome_GetParamAt(), BSL_SecOutcome_GetResultAtIndex(), and BSL_SecOutcome_Init().
| size_t BSL_SecOutcome_Sizeof | ( | void | ) |
Returns the size of the BSL_SecOutcome_s structure.
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), test_RFC9173_AppendixA_Example1_BIB_Source(), test_RFC9173_AppendixA_Example2_BCB_Acceptor(), test_RFC9173_AppendixA_Example2_BCB_Source(), test_sec_accept_keyunwrap(), and test_sec_source_keywrap().
| int BSL_SecurityAction_AppendSecOper | ( | BSL_SecurityAction_t * | self, |
| BSL_SecOper_t * | sec_oper | ||
| ) |
Add security operation to security action.
| [in,out] | self | action to add security operation to |
| [in,out] | sec_oper | new security operation to add and move from. |
References ASSERT_ARG_NONNULL, and BSL_SUCCESS.
Referenced by BSL_TestUtils_InitMallocBIBActionSet(), BSLP_QueryPolicy(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), and test_RFC9173_AppendixA_Example4_Source().
| size_t BSL_SecurityAction_CountErrors | ( | const BSL_SecurityAction_t * | self | ) |
Returns count of failures after processing this action.
| [in] | self | Pointer to this security action. |
References ASSERT_ARG_NONNULL.
| size_t BSL_SecurityAction_CountSecOpers | ( | const BSL_SecurityAction_t * | self | ) |
| [in] | self | action |
References ASSERT_ARG_NONNULL.
Referenced by BSL_API_ApplySecurity(), BSL_API_QuerySecurity(), BSL_SecCtx_ExecutePolicyActionSet(), BSL_SecurityActionSet_AppendAction(), BSLP_FinalizePolicy(), n_test_BSL_6(), test_BSL_32(), TEST_CASE(), test_dyn_mem_cbs_BSL_32(), test_MultiplePolicyProviders(), test_PolicyProvider_Inspect_RFC9173_BIB(), test_PolicyProvider_InspectEmptyRuleset(), and test_PolicyProvider_InspectSingleBIBRuleset().
| void BSL_SecurityAction_Deinit | ( | BSL_SecurityAction_t * | self | ) |
De-initialize security action.
| [in,out] | self | security action |
References ASSERT_ARG_NONNULL.
Referenced by BSL_TestUtils_InitMallocBIBActionSet(), BSLP_QueryPolicy(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), and test_RFC9173_AppendixA_Example4_Source().
| uint64_t BSL_SecurityAction_GetPPID | ( | const BSL_SecurityAction_t * | self | ) |
Returns Policy Provider ID of.
| [in] | self | action |
References ASSERT_ARG_NONNULL.
Referenced by BSLP_FinalizePolicy().
| BSL_SecOper_t * BSL_SecurityAction_GetSecOperAtIndex | ( | const BSL_SecurityAction_t * | self, |
| size_t | index | ||
| ) |
| [in] | index | index in |
| [in] | self | security action |
References ASSERT_ARG_NONNULL.
Referenced by BSL_API_ApplySecurity(), BSL_API_QuerySecurity(), BSL_SecCtx_ExecutePolicyActionSet(), BSLP_FinalizePolicy(), n_test_BSL_6(), test_BSL_32(), TEST_CASE(), test_dyn_mem_cbs_BSL_32(), test_MultiplePolicyProviders(), test_PolicyProvider_Inspect_RFC9173_BIB(), and test_SecurityContext_BIB_Verifier_Failure().
| void BSL_SecurityAction_IncrError | ( | BSL_SecurityAction_t * | self | ) |
Increment a security failure for this action set.
| [in,out] | self | Pointer to this security action set. |
References ASSERT_ARG_NONNULL.
Referenced by BSLP_QueryPolicy().
| void BSL_SecurityAction_Init | ( | BSL_SecurityAction_t * | self | ) |
Initialize security action.
| [out] | self | security action |
References ASSERT_ARG_NONNULL.
Referenced by BSL_TestUtils_InitMallocBIBActionSet(), BSLP_QueryPolicy(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), and test_RFC9173_AppendixA_Example4_Source().
| void BSL_SecurityAction_InitSet | ( | BSL_SecurityAction_t * | self, |
| const BSL_SecurityAction_t * | src | ||
| ) |
Initialize from a copy.
| [out] | self | security action |
| [in] | src | The source of the copy. |
References ASSERT_ARG_NONNULL.
| bool BSL_SecurityAction_IsConsistent | ( | const BSL_SecurityAction_t * | self | ) |
| self | is consistent |
| int BSL_SecurityAction_OrderSecOps | ( | BSL_SecurityAction_t * | self | ) |
Order the Security operations such that execution will be successful.
| [in,out] | self | action to sort |
| void BSL_SecurityAction_Set | ( | BSL_SecurityAction_t * | self, |
| const BSL_SecurityAction_t * | src | ||
| ) |
Set from a copy.
References ASSERT_ARG_NONNULL.
| size_t BSL_SecurityAction_Sizeof | ( | void | ) |
Referenced by BSLP_QueryPolicy(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), and test_RFC9173_AppendixA_Example4_Source().
| int BSL_SecurityActionSet_AppendAction | ( | BSL_SecurityActionSet_t * | self, |
| const BSL_SecurityAction_t * | action | ||
| ) |
Append a security operation to the security action set.
| [in,out] | self | This security action set. |
| [in] | action | Action to include. |
References ASSERT_ARG_NONNULL, BSL_SecurityAction_CountSecOpers(), and BSL_SUCCESS.
Referenced by BSL_TestUtils_InitMallocBIBActionSet(), BSLP_QueryPolicy(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), and test_RFC9173_AppendixA_Example4_Source().
| size_t BSL_SecurityActionSet_CountActions | ( | const BSL_SecurityActionSet_t * | self | ) |
Count number of security operations present in this policy action set.
| [in] | self | This action set. |
References ASSERT_ARG_NONNULL.
Referenced by BSL_PolicyRegistry_FinalizeActions(), BSL_PolicyRegistry_InspectActions(), BSLP_FinalizePolicy(), test_BSL_32(), TEST_CASE(), test_dyn_mem_cbs_BSL_32(), test_MultiplePolicyProviders(), test_PolicyProvider_InspectEmptyRuleset(), and test_PolicyProvider_InspectSingleBIBRuleset().
| size_t BSL_SecurityActionSet_CountErrors | ( | const BSL_SecurityActionSet_t * | self | ) |
Returns count of failures after processing this action set.
| [in] | self | Pointer to this security action set. |
References ASSERT_ARG_NONNULL.
Referenced by BSLP_QueryPolicy().
| size_t BSL_SecurityActionSet_CountOperations | ( | const BSL_SecurityActionSet_t * | self | ) |
| self | action set |
References ASSERT_ARG_NONNULL.
Referenced by test_BSL_32(), TEST_CASE(), and test_dyn_mem_cbs_BSL_32().
| void BSL_SecurityActionSet_Deinit | ( | BSL_SecurityActionSet_t * | self | ) |
Zeroize, clear, and release itself and any owned resources.
| [in,out] | self | This action set. |
References ASSERT_ARG_NONNULL.
Referenced by _tearDown(), MockBPA_Agent_process(), tearDown(), test_MultiplePolicyProviders(), test_PolicyProvider_Inspect_RFC9173_BIB(), test_PolicyProvider_InspectEmptyRuleset(), test_PolicyProvider_InspectSingleBIBRuleset(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), test_SecurityContext_BIB_Acceptor(), test_SecurityContext_BIB_Source(), test_SecurityContext_BIB_Verifier(), and test_SecurityContext_BIB_Verifier_Failure().
| const BSL_SecurityAction_t * BSL_SecurityActionSet_GetActionAtIndex | ( | const BSL_SecurityActionSet_t * | self, |
| size_t | index | ||
| ) |
Returns the Security Operation at the given index.
| [in] | self | This action set |
| [in] | index | index |
References ASSERT_ARG_NONNULL.
Referenced by BSLP_FinalizePolicy(), n_test_BSL_6(), test_BSL_32(), TEST_CASE(), test_dyn_mem_cbs_BSL_32(), test_MultiplePolicyProviders(), test_PolicyProvider_Inspect_RFC9173_BIB(), test_PolicyProvider_InspectEmptyRuleset(), test_PolicyProvider_InspectSingleBIBRuleset(), and test_SecurityContext_BIB_Verifier_Failure().
| void BSL_SecurityActionSet_Init | ( | BSL_SecurityActionSet_t * | self | ) |
Initialize a new security action set.
| [in,out] | self | This pre-allocated action set |
References ASSERT_ARG_NONNULL.
Referenced by BSL_TestUtils_InitMallocBIBActionSet(), MockBPA_Agent_process(), setUp(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), and test_RFC9173_AppendixA_Example4_Source().
| bool BSL_SecurityActionSet_IsConsistent | ( | const BSL_SecurityActionSet_t * | self | ) |
Return true if internal sanity and consistency checks pass.
| [in] | self | This action set. |
Referenced by BSL_SecCtx_ExecutePolicyActionSet(), and BSLP_QueryPolicy().
| size_t BSL_SecurityActionSet_Sizeof | ( | void | ) |
Returns size of the struct, helpful for dynamic allocation.
Referenced by MockBPA_Agent_process(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), and test_RFC9173_AppendixA_Example4_Source().
| void BSL_SecurityResponseSet_AppendResult | ( | BSL_SecurityResponseSet_t * | self, |
| int64_t | result, | ||
| BSL_PolicyAction_e | policy_action | ||
| ) |
Append a result code to the security response set.
| [in,out] | self | the response set to append result to |
| [in] | result | the result code to append |
| [in] | policy_action | the on-failure policy action associated with the response |
References ASSERT_ARG_NONNULL.
Referenced by BSL_SecCtx_ExecutePolicyActionSet().
| size_t BSL_SecurityResponseSet_CountResponses | ( | const BSL_SecurityResponseSet_t * | self | ) |
Return number of responses (operations acted upon)
| [in] | self | This response set. |
References ASSERT_PRECONDITION, and BSL_SecurityResponseSet_IsConsistent().
Referenced by test_RFC9173_AppendixA_Example3_Source().
| void BSL_SecurityResponseSet_Deinit | ( | BSL_SecurityResponseSet_t * | self | ) |
Zeroize itself and release any owned resources.
| [in,out] | self | This response set. |
References ASSERT_PRECONDITION, and BSL_SecurityResponseSet_IsConsistent().
Referenced by MockBPA_Agent_process(), n_test_BSL_6(), test_BSL_32(), TEST_CASE(), test_dyn_mem_cbs_BSL_32(), test_MultiplePolicyProviders(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), test_SecurityContext_BIB_Acceptor(), test_SecurityContext_BIB_Source(), test_SecurityContext_BIB_Verifier(), and test_SecurityContext_BIB_Verifier_Failure().
| void BSL_SecurityResponseSet_Init | ( | BSL_SecurityResponseSet_t * | self | ) |
Initialize with the given count of operations and failures.
References ASSERT_ARG_NONNULL.
Referenced by MockBPA_Agent_process(), n_test_BSL_6(), test_BSL_32(), TEST_CASE(), test_dyn_mem_cbs_BSL_32(), and test_RFC9173_AppendixA_Example3_Source().
| bool BSL_SecurityResponseSet_IsConsistent | ( | const BSL_SecurityResponseSet_t * | self | ) |
Return true if internal consistency checks pass.
| [in] | self | This response set. |
References ASSERT_PROPERTY, and CHK_AS_BOOL.
Referenced by BSL_SecurityResponseSet_CountResponses(), and BSL_SecurityResponseSet_Deinit().
| size_t BSL_SecurityResponseSet_Sizeof | ( | void | ) |
Returns size of this struct type.
Referenced by BSL_TestUtils_MallocEmptyPolicyResponse(), and MockBPA_Agent_process().
| int BSL_SeqReader_Destroy | ( | BSL_SeqReader_t * | obj | ) |
Release resources from a sequential reader.
This also frees memory of the instance itself.
| [in,out] | obj | The reader handle. |
References BSL_free(), BSL_SUCCESS, and CHK_ARG_NONNULL.
Referenced by BSL_API_QuerySecurity(), BSL_ExecAnyVerifierAcceptor_Pre(), BSLX_BCB_Decrypt(), BSLX_BCB_Encrypt(), BSLX_BIB_GenIPPT(), switch(), TEST_CASE(), test_decrypt(), test_encrypt(), and test_SeqReader_flat().
| int BSL_SeqReader_Get | ( | BSL_SeqReader_t * | obj, |
| uint8_t * | buf, | ||
| size_t * | bufsize | ||
| ) |
Iterate a sequential reader.
| [in,out] | obj | The reader handle. |
| [out] | buf | The output buffer to fill. |
| [in,out] | bufsize | The available output buffer size as input, set to the used buffer size as output. |
References buf, and CHK_ARG_NONNULL.
Referenced by BSL_API_QuerySecurity(), BSL_AuthCtx_DigestSeq(), BSL_Cipher_AddSeq(), BSL_ExecAnyVerifierAcceptor_Pre(), BSLX_BIB_GenIPPT(), TEST_CASE(), and test_SeqReader_flat().
| int BSL_SeqWriter_Destroy | ( | BSL_SeqWriter_t * | obj | ) |
Release resources from a sequential writer and commit the writes.
This also frees memory of the instance itself.
| [in,out] | obj | The writer handle. |
References BSL_free(), BSL_SUCCESS, and CHK_ARG_NONNULL.
Referenced by BSLX_BCB_Decrypt(), BSLX_BCB_Encrypt(), Encode_ASB(), test_decrypt(), test_encrypt(), and test_SeqWriter_flat().
| int BSL_SeqWriter_Put | ( | BSL_SeqWriter_t * | obj, |
| const uint8_t * | buf, | ||
| size_t | bufsize | ||
| ) |
Iterate a sequential writer.
| obj | The writer handle. | |
| [in] | buf | The input buffer to copy from. |
| [in,out] | bufsize | The available input buffer size as input, set to the used buffer size as output. |
References buf, and CHK_ARG_NONNULL.
Referenced by BSL_Cipher_AddSeq(), BSL_Cipher_FinalizeSeq(), Encode_ASB(), and test_SeqWriter_flat().
| int BSL_TlmCounters_IncrementCounter | ( | BSL_LibCtx_t * | bsl, |
| BSL_TlmCounterIndex_e | tlm_index, | ||
| uint64_t | count | ||
| ) |
Increments a telemetry counter in the ctx based on telemetry index.
References bsl, BSL_SUCCESS, BSL_TLM_TOTAL_COUNT, and CHK_ARG_NONNULL.
Referenced by BSL_API_QuerySecurity(), BSL_ExecAnySource_Post(), BSL_ExecAnyVerifierAcceptor_Pre(), BSL_ExecBCBSource(), BSL_ExecBCBVerifierAcceptor(), BSL_ExecBIBSource(), BSL_ExecBIBVerifierAcceptor(), and Encode_ASB().