This page covers the using BSL from the perspective of a developer of a new Policy Provider (PP) for the BSL.

Policy Provider Callback API

The BSL dynamic backend declares a set of functions which are delegated to each PP instance and are registered in the backend using the BSL_PolicyDesc_t. These functions include some bookkeeping of the PP instance itself (associated user data and deinit function).

The operational focus of the PP callbacks are functions used by the BSL to:

Inspect the contents of a bundle and determine if any security operations need to be performed (as BSL_PolicyDesc_s::query_fn). This will likely involve introspecting block-level and field-level data from the bundle via the BPA Callback API.
Finalize (handle the conclusion of) any requested security operations (as BSL_PolicyDesc_s::finalize_fn). This will likely involve bundle or block manipulation depending upon the success or failure of the operation to execute (by its associated Security Context.