SamplePolicyProvider.h

Go to the documentation of this file.

/*
 * Copyright (c) 2025 The Johns Hopkins University Applied Physics
 * Laboratory LLC.
 *
 * This file is part of the Bundle Protocol Security Library (BSL).
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *     http://www.apache.org/licenses/LICENSE-2.0
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 * This work was performed for the Jet Propulsion Laboratory, California
 * Institute of Technology, sponsored by the United States Government under
 * the prime contract 80NM0018D0004 between the Caltech and NASA under
 * subcontract 1700763.
 */
 
#ifndef BSLP_SAMPLE_POLICY_PROVIDER_H
#define BSLP_SAMPLE_POLICY_PROVIDER_H
 
#include <stdint.h>
 
#include <BPSecLib_Private.h>
 
typedef struct
{
    BSL_PolicyLocation_e location;
    BSL_HostEIDPattern_t src_eid_pattern;
    BSL_HostEIDPattern_t secsrc_eid_pattern;
    BSL_HostEIDPattern_t dst_eid_pattern;
} BSLP_PolicyPredicate_t;
 
void BSLP_PolicyPredicate_Init(BSLP_PolicyPredicate_t *self, BSL_PolicyLocation_e location,
                               BSL_HostEIDPattern_t src_eid_pattern, BSL_HostEIDPattern_t secsrc_eid_pattern,
                               BSL_HostEIDPattern_t dst_eid_pattern);
 
void BSLP_PolicyPredicate_Deinit(BSLP_PolicyPredicate_t *self);
 
bool BSLP_PolicyPredicate_IsMatch(const BSLP_PolicyPredicate_t *self, BSL_PolicyLocation_e location,
                                  BSL_HostEID_t src_eid, BSL_HostEID_t dst_eid);
 
typedef struct BSLP_PolicyRule_s
{
    BSL_StaticString_t        description;
    BSLP_PolicyPredicate_t   *predicate;
    BSL_SecRole_e             role;
    BSL_BundleBlockTypeCode_e target_block_type;
    BSL_SecBlockType_e        sec_block_type;
    uint64_t                  context_id;
    BSL_SecParam_t           *params;
    size_t                    nparams;
    BSL_PolicyAction_e        failure_action_code;
} BSLP_PolicyRule_t;
 
int BSLP_PolicyRule_Init(BSLP_PolicyRule_t *self, const char *desc, BSLP_PolicyPredicate_t *predicate,
                         uint64_t context_id, BSL_SecRole_e role, BSL_SecBlockType_e sec_block_type,
                         BSL_BundleBlockTypeCode_e target_block_type, BSL_PolicyAction_e failure_action_code);
 
void BSLP_PolicyRule_Deinit(BSLP_PolicyRule_t *self);
 
void BSLP_PolicyRule_AddParam(BSLP_PolicyRule_t *self, const BSL_SecParam_t *param);
 
int BSLP_PolicyRule_EvaluateAsSecOper(const BSLP_PolicyRule_t *self, BSL_SecOper_t *sec_oper,
                                      const BSL_BundleRef_t *bundle, BSL_PolicyLocation_e location);
 
#define BSLP_POLICYPREDICATE_ARRAY_CAPACITY (100)
typedef struct BSLP_PolicyProvider_s
{
    BSL_StaticString_t     name;
    BSLP_PolicyPredicate_t predicates[BSLP_POLICYPREDICATE_ARRAY_CAPACITY];
    size_t                 predicate_count;
    BSLP_PolicyRule_t      rules[BSLP_POLICYPREDICATE_ARRAY_CAPACITY];
    size_t                 rule_count;
} BSLP_PolicyProvider_t;
 
void BSLP_Deinit(void *user_data);
 
int BSLP_QueryPolicy(const void *user_data, BSL_SecurityActionSet_t *output_action_set, const BSL_BundleRef_t *bundle,
                     BSL_PolicyLocation_e location);
#endif // BSLP_SAMPLE_POLICY_PROVIDER_H