Implementation of functions to interact with the security context. More...
#include <BPSecLib_Private.h>#include "AbsSecBlock.h"#include "PublicInterfaceImpl.h"#include "SecOperation.h"#include "SecurityActionSet.h"#include "SecurityResultSet.h"
Include dependency graph for SecurityContext.c:Functions | |
| static int | Encode_ASB (BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, uint64_t blk_num, const BSL_AbsSecBlock_t *abs_sec_block) |
| static int | BSL_ExecBIBSource (BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome) |
| static int | BSL_ExecBIBAccept (BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome) |
| static int | BSL_ExecBCBAcceptor (BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome) |
| static int | BSL_ExecBCBSource (BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome) |
| int | BSL_SecCtx_ExecutePolicyActionSet (BSL_LibCtx_t *lib, BSL_SecurityResponseSet_t *output_response, BSL_BundleRef_t *bundle, const BSL_SecurityActionSet_t *action_set) |
| Call the underlying security context to perform the given action. | |
| bool | BSL_SecCtx_ValidatePolicyActionSet (BSL_LibCtx_t *lib, const BSL_BundleRef_t *bundle, const BSL_SecurityActionSet_t *action_set) |
Detailed Description
Implementation of functions to interact with the security context.
- Todo:
Enable checking (not just using a stub returning True.)
Complete implementation for BCB acceptor.
Function Documentation
◆ BSL_ExecBCBAcceptor()
|
static |
References BSL_CanonicalBlock_t::block_num, BSL_AbsSecBlock_DecodeFromCBOR(), BSL_AbsSecBlock_Deinit(), BSL_AbsSecBlock_InitEmpty(), BSL_AbsSecBlock_IsConsistent(), BSL_AbsSecBlock_IsEmpty(), BSL_AbsSecBlock_StripResults(), BSL_BundleCtx_GetBlockMetadata(), BSL_BundleCtx_ReadBTSD(), BSL_BundleCtx_RemoveBlock(), BSL_Data_Deinit(), BSL_Data_InitBuffer(), BSL_ERR_DECODING, BSL_ERR_FAILURE, BSL_ERR_HOST_CALLBACK_FAILED, BSL_ERR_SECURITY_OPERATION_FAILED, BSL_LOG_ERR, BSL_SecOper_GetTargetBlockNum(), BSL_SecOper_IsRoleAcceptor(), BSL_SecParam_InitBytestr(), BSL_SecParam_IsConsistent(), BSL_SECPARAM_TYPE_AUTH_TAG, BSL_SecResult_GetAsBytestr(), BSL_SeqReader_Destroy(), BSL_SeqReader_Get(), BSL_SUCCESS, BSL_TLM_ASB_DECODE_BYTES, BSL_TLM_ASB_DECODE_COUNT, BSL_TLM_SECOP_ACCEPTOR_COUNT, BSL_TLM_SECOP_FAIL_COUNT, BSL_TlmCounters_IncrementCounter(), BSL_CanonicalBlock_t::btsd_len, CHK_ARG_NONNULL, CHK_PROPERTY, Encode_ASB(), BSL_Data_t::len, and BSL_Data_t::ptr.
Referenced by BSL_SecCtx_ExecutePolicyActionSet().
◆ BSL_ExecBCBSource()
|
static |
References BSL_CanonicalBlock_t::block_num, BSL_AbsSecBlock_AddParam(), BSL_AbsSecBlock_AddResult(), BSL_AbsSecBlock_AddTarget(), BSL_AbsSecBlock_Deinit(), BSL_AbsSecBlock_Init(), BSL_BundleCtx_CreateBlock(), BSL_BundleCtx_GetBlockMetadata(), BSL_ERR_HOST_CALLBACK_FAILED, BSL_ERR_SECURITY_OPERATION_FAILED, BSL_Host_GetSecSrcEID(), BSL_HostEID_Init(), BSL_LOG_ERR, BSL_LOG_INFO, BSL_SECBLOCKTYPE_BCB, BSL_SecOutcome_CountParams(), BSL_SecOutcome_CountResults(), BSL_SecOutcome_GetParamAt(), BSL_SecOutcome_GetResultAtIndex(), BSL_SUCCESS, BSL_TLM_SECOP_FAIL_COUNT, BSL_TLM_SECOP_SOURCE_COUNT, BSL_TlmCounters_IncrementCounter(), CHK_ARG_NONNULL, and Encode_ASB().
Referenced by BSL_SecCtx_ExecutePolicyActionSet().
◆ BSL_ExecBIBAccept()
|
static |
References BSL_CanonicalBlock_t::block_num, BSL_AbsSecBlock_DecodeFromCBOR(), BSL_AbsSecBlock_Deinit(), BSL_AbsSecBlock_InitEmpty(), BSL_AbsSecBlock_IsConsistent(), BSL_AbsSecBlock_IsEmpty(), BSL_AbsSecBlock_StripResults(), BSL_BundleCtx_GetBlockMetadata(), BSL_BundleCtx_ReadBTSD(), BSL_BundleCtx_RemoveBlock(), BSL_Data_Deinit(), BSL_Data_InitBuffer(), BSL_ERR_DECODING, BSL_ERR_FAILURE, BSL_ERR_HOST_CALLBACK_FAILED, BSL_ERR_SECURITY_OPERATION_FAILED, BSL_LOG_ERR, BSL_LOG_INFO, BSL_SecOper_GetTargetBlockNum(), BSL_SecOper_IsConsistent(), BSL_SecOper_IsRoleAcceptor(), BSL_SecOutcome_IsConsistent(), BSL_SecOutcome_IsInAbsSecBlock(), BSL_SecParam_IsConsistent(), BSL_SeqReader_Destroy(), BSL_SeqReader_Get(), BSL_SUCCESS, BSL_TLM_ASB_DECODE_BYTES, BSL_TLM_ASB_DECODE_COUNT, BSL_TLM_SECOP_ACCEPTOR_COUNT, BSL_TLM_SECOP_FAIL_COUNT, BSL_TlmCounters_IncrementCounter(), BSL_CanonicalBlock_t::btsd_len, CHK_ARG_NONNULL, CHK_PRECONDITION, CHK_PROPERTY, Encode_ASB(), BSL_Data_t::len, and BSL_Data_t::ptr.
Referenced by BSL_SecCtx_ExecutePolicyActionSet().
◆ BSL_ExecBIBSource()
|
static |
References BSL_AbsSecBlock_AddParam(), BSL_AbsSecBlock_AddResult(), BSL_AbsSecBlock_AddTarget(), BSL_AbsSecBlock_Deinit(), BSL_AbsSecBlock_Init(), BSL_BundleCtx_CreateBlock(), BSL_BundleCtx_GetBlockMetadata(), BSL_ERR_BUNDLE_OPERATION_FAILED, BSL_ERR_HOST_CALLBACK_FAILED, BSL_ERR_SECURITY_OPERATION_FAILED, BSL_Host_GetSecSrcEID(), BSL_HostEID_Init(), BSL_LOG_ERR, BSL_SECBLOCKTYPE_BIB, BSL_SecOutcome_CountParams(), BSL_SecOutcome_CountResults(), BSL_SecOutcome_GetParamAt(), BSL_SecOutcome_GetResultAtIndex(), BSL_SUCCESS, BSL_TLM_SECOP_FAIL_COUNT, BSL_TLM_SECOP_SOURCE_COUNT, BSL_TlmCounters_IncrementCounter(), CHK_ARG_NONNULL, CHK_PROPERTY, and Encode_ASB().
Referenced by BSL_SecCtx_ExecutePolicyActionSet().
◆ BSL_SecCtx_ExecutePolicyActionSet()
| int BSL_SecCtx_ExecutePolicyActionSet | ( | BSL_LibCtx_t * | lib, |
| BSL_SecurityResponseSet_t * | output_response, | ||
| BSL_BundleRef_t * | bundle, | ||
| const BSL_SecurityActionSet_t * | action_set | ||
| ) |
Call the underlying security context to perform the given action.
- Parameters
-
[in] lib This BSL context [out] output_response Pointer to allocated, zeroed memory into which the response is populated [in,out] bundle Pointer to bundle, which may be modified. [in] action_set Action containing all params and operations.
- Returns
- 0 on success, negative on failure.
Notes:
- It should evaluate every security operation, even if earlier ones failed.
- The outcome can indicate in the policy action response how exactly it fared (pass, fail, etc)
- BCB will be a special case, since it actively manipulates the BTSD
References action_set, ASSERT_PROPERTY, BSL_calloc(), BSL_ExecBCBAcceptor(), BSL_ExecBCBSource(), BSL_ExecBIBAccept(), BSL_ExecBIBSource(), BSL_free(), BSL_LOG_ERR, BSL_LOG_INFO, BSL_REASONCODE_FAILED_SECOP, BSL_REASONCODE_NO_ADDITIONAL_INFO, BSL_SECOP_CONCLUSION_FAILURE, BSL_SECOP_CONCLUSION_SUCCESS, BSL_SecOper_GetReasonCode(), BSL_SecOper_IsBIB(), BSL_SecOper_IsRoleSource(), BSL_SecOper_SetConclusion(), BSL_SecOper_SetReasonCode(), BSL_SecOutcome_Deinit(), BSL_SecOutcome_Init(), BSL_SecOutcome_Sizeof(), BSL_SecurityAction_CountSecOpers(), BSL_SecurityAction_GetSecOperAtIndex(), BSL_SecurityActionSet_IsConsistent(), BSL_SecurityResponseSet_AppendResult(), BSL_SUCCESS, CHK_ARG_NONNULL, and CHK_PRECONDITION.
Referenced by BSL_API_ApplySecurity(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), test_SecurityContext_BIB_Acceptor(), test_SecurityContext_BIB_Source(), test_SecurityContext_BIB_Verifier(), and test_SecurityContext_BIB_Verifier_Failure().
◆ BSL_SecCtx_ValidatePolicyActionSet()
| bool BSL_SecCtx_ValidatePolicyActionSet | ( | BSL_LibCtx_t * | lib, |
| const BSL_BundleRef_t * | bundle, | ||
| const BSL_SecurityActionSet_t * | action_set | ||
| ) |
◆ Encode_ASB()
|
static |
References BSL_AbsSecBlock_EncodeToCBOR(), BSL_BundleCtx_WriteBTSD(), BSL_Data_Deinit(), BSL_Data_Init(), BSL_Data_InitBuffer(), BSL_ERR_ENCODING, BSL_LOG_ERR, BSL_SeqWriter_Destroy(), BSL_SeqWriter_Put(), BSL_SUCCESS, BSL_TLM_ASB_ENCODE_BYTES, BSL_TLM_ASB_ENCODE_COUNT, BSL_TlmCounters_IncrementCounter(), BSL_Data_t::len, and BSL_Data_t::ptr.
Referenced by BSL_ExecBCBAcceptor(), BSL_ExecBCBSource(), BSL_ExecBIBAccept(), and BSL_ExecBIBSource().
