KeyID as text string (#7)

jeronstone · BrianSipos · web-flow · commit 6b49cc4ae01f · 2025-07-25T09:59:41.000-04:00
* keyid as text string

* update conventions

* apply formatting

* explicit in-out params

* final PR updates

* apply format

* Formatting on CI platform

---------

Co-authored-by: Brian Sipos &lt;brian.sipos@jhuapl.edu&gt;
diff --git a/docs/api/Developer_Guide.md b/docs/api/Developer_Guide.md
@@ -104,6 +104,8 @@ More notes forthcoming.
  * The C standard library does not provide containers. Arrays is all we have, so that's what we have to work with.
  * Third party libraries providing containers may be more hassle and risk than they are worth.
 
+#### &raquo; M\*Lib structures should not be referenced in the Frontend API
+ * Keep M\*Lib usage to the BSL backend, and use standard/primative structs for frontend API. The frontend should not include any M\*Lib headers.
 
 # Documentation
 
diff --git a/src/BPSecLib_Private.h b/src/BPSecLib_Private.h
diff --git a/src/CryptoInterface.h b/src/CryptoInterface.h
@@ -141,7 +141,7 @@ void BSL_CryptoDeinit(void);
  * @return 0 if successful
  */
 BSL_REQUIRE_CHECK
-int BSL_AuthCtx_Init(BSL_AuthCtx_t *hmac_ctx, uint64_t keyid, BSL_CryptoCipherSHAVariant_e sha_var);
+int BSL_AuthCtx_Init(BSL_AuthCtx_t *hmac_ctx, const char *keyid, BSL_CryptoCipherSHAVariant_e sha_var);
 
 /**
  * Input data to HMAC sign to context
@@ -180,13 +180,13 @@ int BSL_AuthCtx_Deinit(BSL_AuthCtx_t *hmac_ctx);
 /**
  * @todo Doxygen
  */
-int BSL_Crypto_UnwrapKey(BSL_Data_t *unwrapped_key_output, BSL_Data_t wrapped_key_plaintext, size_t key_id,
+int BSL_Crypto_UnwrapKey(BSL_Data_t *unwrapped_key_output, BSL_Data_t wrapped_key_plaintext, const char *key_id,
                          size_t aes_variant);
 
 /**
  * @todo Doxygen
  */
-int BSL_Crypto_WrapKey(BSL_Data_t *wrapped_key, BSL_Data_t cek, size_t content_key_id, size_t aes_variant);
+int BSL_Crypto_WrapKey(BSL_Data_t *wrapped_key, BSL_Data_t cek, const char *content_key_id, size_t aes_variant);
 
 /**
  * Initialize crypto context resources and set as encoding or decoding
@@ -208,7 +208,7 @@ int BSL_Cipher_Init(BSL_Cipher_t *cipher_ctx, BSL_CipherMode_e enc, BSL_CryptoCi
  * @param[out] secret_len Pointer to the stored secret length, if successful.
  * @return Zero upon success.
  */
-int BSLB_Crypto_GetRegistryKey(uint64_t keyid, const uint8_t **secret, size_t *secret_len);
+int BSLB_Crypto_GetRegistryKey(const char *keyid, const uint8_t **secret, size_t *secret_len);
 
 /**
  * Add additional authenticated data (AAD) to cipher context
@@ -284,7 +284,7 @@ int BSL_Crypto_GenIV(void *buf, int size);
  * @param secret_len length of raw key
  * @return Zero upon success.
  */
-int BSL_Crypto_AddRegistryKey(uint64_t keyid, const uint8_t *secret, size_t secret_len);
+int BSL_Crypto_AddRegistryKey(const char *keyid, const uint8_t *secret, size_t secret_len);
 
 #ifdef __cplusplus
 } // extern C
diff --git a/src/backend/AbsSecBlock.c b/src/backend/AbsSecBlock.c
@@ -410,7 +410,7 @@ int BSL_AbsSecBlock_DecodeFromCBOR(BSL_AbsSecBlock_t *self, BSL_Data_t encoded_c
                 // This is a failure case - should more clearly return?
                 BSL_LOG_ERR("Unhandled case");
                 // NOLINTNEXTLINE
-                exit(1);
+                return BSL_ERR_DECODING;
             }
 
             const size_t item_end = QCBORDecode_Tell(&asbdec);
diff --git a/src/backend/SecParam.c b/src/backend/SecParam.c
@@ -31,6 +31,20 @@ size_t BSL_SecParam_Sizeof(void)
     return sizeof(BSL_SecParam_t);
 }
 
+int BSL_SecParam_InitStr(BSL_SecParam_t *self, uint64_t param_id, const char *value)
+{
+    CHK_ARG_NONNULL(self);
+    CHK_ARG_EXPR(value != NULL);
+
+    memset(self, 0, sizeof(*self));
+    self->param_id = param_id;
+    self->_type    = BSL_SECPARAM_TYPE_STR;
+    self->_bytelen = strlen(value);
+    memcpy(self->_bytes, value, strlen(value));
+
+    return BSL_SUCCESS;
+}
+
 int BSL_SecParam_InitBytestr(BSL_SecParam_t *self, uint64_t param_id, BSL_Data_t value)
 {
     CHK_ARG_NONNULL(self);
diff --git a/src/crypto/CryptoInterface.c b/src/crypto/CryptoInterface.c
@@ -27,6 +27,7 @@
 #include <CryptoInterface.h>
 
 #include <m-dict.h>
+#include <m-string.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
 
@@ -53,7 +54,7 @@ static int BSLB_CryptoKey_Deinit(BSLB_CryptoKey_t *key)
 /// @cond Doxygen_Suppress
 #define M_OPL_BSLB_CryptoKey_t() M_OPEXTEND(M_POD_OPLIST, CLEAR(API_2(BSLB_CryptoKey_Deinit)))
 /// Stable dict of crypto keys (key: key ID | value: key)
-DICT_DEF2(BSLB_CryptoKeyDict, uint64_t, M_BASIC_OPLIST, BSLB_CryptoKey_t, M_OPL_BSLB_CryptoKey_t())
+DICT_DEF2(BSLB_CryptoKeyDict, string_t, STRING_OPLIST, BSLB_CryptoKey_t, M_OPL_BSLB_CryptoKey_t())
 /// @endcond
 
 /// Crypto key registry
@@ -71,7 +72,7 @@ void BSL_CryptoDeinit(void)
     BSLB_CryptoKeyDict_clear(StaticKeyRegistry);
 }
 
-int BSL_Crypto_UnwrapKey(BSL_Data_t *unwrapped_key_output, BSL_Data_t wrapped_key_plaintext, size_t key_id,
+int BSL_Crypto_UnwrapKey(BSL_Data_t *unwrapped_key_output, BSL_Data_t wrapped_key_plaintext, const char *key_id,
                          size_t aes_variant)
 {
     const EVP_CIPHER *cipher = (aes_variant == BSL_CRYPTO_AES_128) ? EVP_aes_128_wrap() : EVP_aes_256_wrap();
@@ -117,7 +118,7 @@ int BSL_Crypto_UnwrapKey(BSL_Data_t *unwrapped_key_output, BSL_Data_t wrapped_ke
     return 0;
 }
 
-int BSL_Crypto_WrapKey(BSL_Data_t *wrapped_key, BSL_Data_t cek, size_t content_key_id, size_t aes_variant)
+int BSL_Crypto_WrapKey(BSL_Data_t *wrapped_key, BSL_Data_t cek, const char *content_key_id, size_t aes_variant)
 {
     const EVP_CIPHER *cipher = (aes_variant == BSL_CRYPTO_AES_128) ? EVP_aes_128_wrap() : EVP_aes_256_wrap();
     EVP_CIPHER_CTX   *ctx    = EVP_CIPHER_CTX_new();
@@ -166,7 +167,7 @@ int BSL_Crypto_WrapKey(BSL_Data_t *wrapped_key, BSL_Data_t cek, size_t content_k
     return 0;
 }
 
-int BSL_AuthCtx_Init(BSL_AuthCtx_t *hmac_ctx, uint64_t keyid, BSL_CryptoCipherSHAVariant_e sha_var)
+int BSL_AuthCtx_Init(BSL_AuthCtx_t *hmac_ctx, const char *keyid, BSL_CryptoCipherSHAVariant_e sha_var)
 {
     CHK_ARG_NONNULL(hmac_ctx);
 
@@ -192,8 +193,11 @@ int BSL_AuthCtx_Init(BSL_AuthCtx_t *hmac_ctx, uint64_t keyid, BSL_CryptoCipherSH
             return BSL_ERR_FAILURE;
     }
 
+    string_t keyid_str;
+    string_init_set_str(keyid_str, keyid);
+
     pthread_mutex_lock(&StaticCryptoMutex);
-    const BSLB_CryptoKey_t *key_info = BSLB_CryptoKeyDict_cget(StaticKeyRegistry, keyid);
+    const BSLB_CryptoKey_t *key_info = BSLB_CryptoKeyDict_cget(StaticKeyRegistry, keyid_str);
     if (key_info == NULL)
     {
         // Special case which should not happen
@@ -430,7 +434,7 @@ int BSL_Crypto_GenIV(void *buf, int size)
     return 0;
 }
 
-int BSL_Crypto_AddRegistryKey(uint64_t keyid, const uint8_t *secret, size_t secret_len)
+int BSL_Crypto_AddRegistryKey(const char *keyid, const uint8_t *secret, size_t secret_len)
 {
     CHK_ARG_NONNULL(secret);
     CHK_ARG_EXPR(secret_len > 0);
@@ -452,20 +456,26 @@ int BSL_Crypto_AddRegistryKey(uint64_t keyid, const uint8_t *secret, size_t secr
         return ecode;
     }
 
+    string_t keyid_str;
+    string_init_set_str(keyid_str, keyid);
+
     pthread_mutex_lock(&StaticCryptoMutex);
-    BSLB_CryptoKeyDict_set_at(StaticKeyRegistry, keyid, key);
+    BSLB_CryptoKeyDict_set_at(StaticKeyRegistry, keyid_str, key);
     pthread_mutex_unlock(&StaticCryptoMutex);
 
     return 0;
 }
 
-int BSLB_Crypto_GetRegistryKey(uint64_t keyid, const uint8_t **secret, size_t *secret_len)
+int BSLB_Crypto_GetRegistryKey(const char *keyid, const uint8_t **secret, size_t *secret_len)
 {
     CHK_ARG_NONNULL(secret);
     // CHK_ARG_NONNULL(secret_len); // Note: secret_len CAN be NULL - this maybe should be fixed.
 
+    string_t keyid_str;
+    string_init_set_str(keyid_str, keyid);
+
     pthread_mutex_lock(&StaticCryptoMutex);
-    const BSLB_CryptoKey_t *found = BSLB_CryptoKeyDict_cget(StaticKeyRegistry, keyid);
+    const BSLB_CryptoKey_t *found = BSLB_CryptoKeyDict_cget(StaticKeyRegistry, keyid_str);
 
     if (!found)
     {
diff --git a/src/security_context/BCB_AES_GCM.c b/src/security_context/BCB_AES_GCM.c
@@ -105,7 +105,7 @@ static int BSLX_BCB_Decrypt(BSLX_BCB_t *bcb_context)
     CHK_PRECONDITION(bcb_context->aad.len > 0);
 
     // Key must have been set (this feeds the key encryption key)
-    CHK_PRECONDITION(bcb_context->key_id > 0);
+    CHK_PRECONDITION(bcb_context->key_id);
 
     // BTSD replacement is not yet allocated
     CHK_PRECONDITION(bcb_context->btsd_replacement.ptr != NULL);
@@ -224,7 +224,7 @@ int BSLX_BCB_Encrypt(BSLX_BCB_t *bcb_context)
     CHK_PRECONDITION(bcb_context->aad.len > 0);
 
     // Must have a key ID from the security operation parameters
-    CHK_PRECONDITION(bcb_context->key_id > 0);
+    CHK_PRECONDITION(bcb_context->key_id);
 
     // BTSD replacement is not yet allocated
     CHK_PRECONDITION(bcb_context->btsd_replacement.ptr != NULL);
@@ -469,12 +469,13 @@ int BSLX_BCB_GetParams(const BSL_BundleRef_t *bundle, BSLX_BCB_t *bcb_context, c
                 }
                 break;
             }
-            case BSL_SECPARAM_TYPE_INT_KEY_ID:
+            case BSL_SECPARAM_TYPE_KEY_ID:
             {
-                assert(is_int);
-                bcb_context->key_id = BSL_SecParam_GetAsUInt64(param);
-                BSL_LOG_DEBUG("Param[%lu]: KEY_ID value = %lu", param_id, bcb_context->key_id);
-                BSL_LOG_DEBUG("Key ID = %lu", bcb_context->key_id);
+                assert(!is_int);
+                BSL_Data_t res;
+                assert(BSL_SUCCESS == BSL_SecParam_GetAsBytestr(param, &res));
+                bcb_context->key_id = (char *)res.ptr;
+                BSL_LOG_DEBUG("Param[%lu]: KEY_ID value = %s", param_id, bcb_context->key_id);
                 break;
             }
             case BSL_SECPARAM_TYPE_INT_FIXED_KEY:
diff --git a/src/security_context/BIB_HMAC_SHA2.c b/src/security_context/BIB_HMAC_SHA2.c
@@ -111,7 +111,6 @@ int BSLX_BIB_InitFromSecOper(BSLX_BIB_t *self, const BSL_SecOper_t *sec_oper)
     memset(self, 0, sizeof(*self));
     self->sha_variant           = -1;
     self->integrity_scope_flags = -1;
-    self->key_id                = -1;
 
     for (size_t param_index = 0; param_index < BSL_SecOper_CountParams(sec_oper); param_index++)
     {
@@ -124,10 +123,12 @@ int BSLX_BIB_InitFromSecOper(BSLX_BIB_t *self, const BSL_SecOper_t *sec_oper)
             int_val = BSL_SecParam_GetAsUInt64(param);
         }
 
-        if (param_id == BSL_SECPARAM_TYPE_INT_KEY_ID)
+        if (param_id == BSL_SECPARAM_TYPE_KEY_ID)
         {
-            assert(is_int);
-            self->key_id = int_val;
+            assert(!is_int);
+            BSL_Data_t res;
+            BSL_SecParam_GetAsBytestr(param, &res);
+            self->key_id = (char *)res.ptr;
         }
         else if (param_id == BSL_SECPARAM_TYPE_INT_FIXED_KEY)
         {
diff --git a/src/security_context/DefaultSecContext_Private.h b/src/security_context/DefaultSecContext_Private.h
@@ -62,7 +62,8 @@ BSL_Data_t BSLX_Bytestr_AsData(BSLX_Bytestr_t *self);
 
 typedef struct BSLX_BIB_s
 {
-    int64_t              key_id;
+    /// @brief set to external pointer which will outloast BIB context
+    const char          *key_id;
     BSL_PrimaryBlock_t   primary_block;
     BSL_CanonicalBlock_t target_block;
     BSL_CanonicalBlock_t sec_block;
@@ -84,8 +85,8 @@ int BSLX_BIB_GenHMAC(BSLX_BIB_t *self, BSL_Data_t ippt_data);
  */
 typedef struct BSLX_BCB_s
 {
-    size_t   err_count;
-    uint64_t key_id;
+    size_t      err_count;
+    const char *key_id;
 
     // Data wrappers and containers for borrowed and owned/allocated buffers
     // These will ALL be deinitialized at the end, so _Deinit MUST be called.
diff --git a/test/bsl_test_utils.c b/test/bsl_test_utils.c
@@ -39,11 +39,11 @@
     field.len = sizeof(tgt);   \
     field.ptr = (uint8_t *)tgt
 
-void BSL_TestUtils_InitBIB_AppendixA1(BIBTestContext *context, BSL_SecRole_e role, uint64_t key_id)
+void BSL_TestUtils_InitBIB_AppendixA1(BIBTestContext *context, BSL_SecRole_e role, const char *key_id)
 {
     quick_data(context->hmac, ApxA1_HMAC);
 
-    BSL_SecParam_InitInt64(&context->param_test_key, BSL_SECPARAM_TYPE_INT_KEY_ID, key_id);
+    BSL_SecParam_InitStr(&context->param_test_key, BSL_SECPARAM_TYPE_KEY_ID, key_id);
     BSL_SecParam_InitInt64(&context->param_scope_flags, RFC9173_BIB_PARAMID_INTEG_SCOPE_FLAG, 0);
     BSL_SecParam_InitInt64(&context->param_sha_variant, RFC9173_BIB_PARAMID_SHA_VARIANT, RFC9173_BIB_SHA_HMAC512);
     BSL_SecParam_InitBytestr(&context->param_hmac, BSL_SECPARAM_TYPE_AUTH_TAG, context->hmac);
@@ -64,7 +64,7 @@ void BSL_TestUtils_InitBCB_Appendix2(BCBTestContext *context, BSL_SecRole_e role
     quick_data(context->content_enc_key, ApxA2_ContentEncKey);
 
     BSL_SecParam_InitInt64(&context->param_scope_flags, RFC9173_BCB_SECPARAM_AADSCOPE, 0);
-    BSL_SecParam_InitInt64(&context->param_test_key_id, BSL_SECPARAM_TYPE_INT_KEY_ID, RFC9173_EXAMPLE_A2_KEY);
+    BSL_SecParam_InitStr(&context->param_test_key_id, BSL_SECPARAM_TYPE_KEY_ID, RFC9173_EXAMPLE_A2_KEY);
     BSL_SecParam_InitInt64(&context->param_aes_variant, RFC9173_BCB_SECPARAM_AESVARIANT,
                            RFC9173_BCB_AES_VARIANT_A128GCM);
     BSL_SecParam_InitBytestr(&context->param_init_vec, RFC9173_BCB_SECPARAM_IV, context->init_vector);
@@ -220,14 +220,14 @@ BSL_HostEIDPattern_t BSL_TestUtils_GetEidPatternFromText(const char *text)
     return pat;
 }
 
-RFC9173_A1_Params BSL_TestUtils_GetRFC9173_A1Params(uint64_t key_id)
+RFC9173_A1_Params BSL_TestUtils_GetRFC9173_A1Params(const char *key_id)
 {
     RFC9173_A1_Params params = { 0 };
     BSL_SecParam_InitInt64(&params.sha_variant, RFC9173_TestVectors_AppendixA1.bib_asb_sha_variant_key,
                            RFC9173_TestVectors_AppendixA1.bib_asb_sha_variant_value);
     BSL_SecParam_InitInt64(&params.scope_flags, RFC9173_TestVectors_AppendixA1.bib_asb_scope_flags_key,
                            RFC9173_TestVectors_AppendixA1.bib_asb_scope_flags_value);
-    BSL_SecParam_InitInt64(&params.test_key_id, BSL_SECPARAM_TYPE_INT_KEY_ID, key_id);
+    BSL_SecParam_InitStr(&params.test_key_id, BSL_SECPARAM_TYPE_KEY_ID, key_id);
     return params;
 }
 
diff --git a/test/bsl_test_utils.h b/test/bsl_test_utils.h
@@ -33,15 +33,15 @@
 #include <mock_bpa/mock_bpa_ctr.h>
 
 /// @brief Key ID for the Appendix A1 key in OpenSSL
-#define RFC9173_EXAMPLE_A1_KEY (9100)
+#define RFC9173_EXAMPLE_A1_KEY "9100"
 
 /// @brief Key ID for the Appendix A2 key in OpenSSL
-#define RFC9173_EXAMPLE_A2_KEY (9102)
+#define RFC9173_EXAMPLE_A2_KEY "9102"
 
 /// @brief Key ID for the Appendix A3 key in OpenSSL
-#define RFC9173_EXAMPLE_A3_KEY (9103)
+#define RFC9173_EXAMPLE_A3_KEY "9103"
 
-#define RFC9173_EXAMPLE_A4_BCB_KEY (9104)
+#define RFC9173_EXAMPLE_A4_BCB_KEY "9104"
 
 #define quick_data_t(field, tgt) \
     field.len = sizeof(tgt);     \
@@ -86,7 +86,7 @@ typedef struct
     BSL_SecOper_t sec_oper;
 } BIBTestContext;
 
-void BSL_TestUtils_InitBIB_AppendixA1(BIBTestContext *context, BSL_SecRole_e role, uint64_t key_id);
+void BSL_TestUtils_InitBIB_AppendixA1(BIBTestContext *context, BSL_SecRole_e role, const char *key_id);
 
 static const uint8_t ApxA2_InitVec[]       = { 0x54, 0x77, 0x65, 0x6c, 0x76, 0x65, 0x31, 0x32, 0x31, 0x32, 0x31, 0x32 };
 static const uint8_t ApxA2_AuthTag[]       = { 0xef, 0xa4, 0xb5, 0xac, 0x01, 0x08, 0xe3, 0x81,
@@ -276,7 +276,7 @@ typedef struct
     BSL_SecParam_t test_key_id;
 } RFC9173_A1_Params;
 
-RFC9173_A1_Params BSL_TestUtils_GetRFC9173_A1Params(uint64_t key_id);
+RFC9173_A1_Params BSL_TestUtils_GetRFC9173_A1Params(const char *key_id);
 
 typedef struct
 {
@@ -291,7 +291,7 @@ typedef struct
     uint64_t       scope_flag;
 } RFC9173_AppendixA2_BCB;
 
-RFC9173_A1_Params BSL_TestUtils_GetRFC9173_A2Params(uint64_t key_id);
+RFC9173_A1_Params BSL_TestUtils_GetRFC9173_A2Params(const char *key_id);
 
 typedef struct BSL_TestContext_s
 {
diff --git a/test/test_BackendSecurityContext.c b/test/test_BackendSecurityContext.c
diff --git a/test/test_CryptoInterface.c b/test/test_CryptoInterface.c
diff --git a/test/test_PublicInterfaceImpl.c b/test/test_PublicInterfaceImpl.c

Original file line number	Diff line number	Diff line change
`@@ -410,7 +410,7 @@ int BSL_AbsSecBlock_DecodeFromCBOR(BSL_AbsSecBlock_t *self, BSL_Data_t encoded_c`
`410`	`410`	`// This is a failure case - should more clearly return?`
`411`	`411`	`BSL_LOG_ERR("Unhandled case");`
`412`	`412`	`// NOLINTNEXTLINE`
`413`		`- exit(1);`
	`413`	`+ return BSL_ERR_DECODING;`
`414`	`414`	`}`
`415`	`415`
`416`	`416`	`const size_t item_end = QCBORDecode_Tell(&asbdec);`
Original file line number	Diff line number	Diff line change
`@@ -111,7 +111,6 @@ int BSLX_BIB_InitFromSecOper(BSLX_BIB_t self, const BSL_SecOper_t sec_oper)`
`111`	`111`	`memset(self, 0, sizeof(*self));`
`112`	`112`	`self->sha_variant = -1;`
`113`	`113`	`self->integrity_scope_flags = -1;`
`114`		`- self->key_id = -1;`
`115`	`114`
`116`	`115`	`for (size_t param_index = 0; param_index < BSL_SecOper_CountParams(sec_oper); param_index++)`
`117`	`116`	`{`
`@@ -124,10 +123,12 @@ int BSLX_BIB_InitFromSecOper(BSLX_BIB_t self, const BSL_SecOper_t sec_oper)`
`124`	`123`	`int_val = BSL_SecParam_GetAsUInt64(param);`
`125`	`124`	`}`
`126`	`125`
`127`		`- if (param_id == BSL_SECPARAM_TYPE_INT_KEY_ID)`
	`126`	`+ if (param_id == BSL_SECPARAM_TYPE_KEY_ID)`
`128`	`127`	`{`
`129`		`- assert(is_int);`
`130`		`- self->key_id = int_val;`
	`128`	`+ assert(!is_int);`
	`129`	`+ BSL_Data_t res;`
	`130`	`+ BSL_SecParam_GetAsBytestr(param, &res);`
	`131`	`+ self->key_id = (char *)res.ptr;`
`131`	`132`	`}`
`132`	`133`	`else if (param_id == BSL_SECPARAM_TYPE_INT_FIXED_KEY)`
`133`	`134`	`{`