diff --git a/src/policy_provider/SamplePolicyProvider.c b/src/policy_provider/SamplePolicyProvider.c index a0c18bdc..2e79475c 100644 --- a/src/policy_provider/SamplePolicyProvider.c +++ b/src/policy_provider/SamplePolicyProvider.c @@ -27,12 +27,24 @@ */ #include #include - -#include +#include #include +#include +#include #include "SamplePolicyProvider.h" +/** @struct BSLP_SecOperPtrList_t + * Defines a basic list of ::BSL_SecOper_t pointers. + */ +/// @cond Doxygen_Suppress +// NOLINTBEGIN +// GCOV_EXCL_START +M_ARRAY_DEF(BSLP_SecOperPtrList, BSL_SecOper_t *, M_PTR_OPLIST) +// GCOV_EXCL_STOP +// NOLINTEND +/// @endcond + static bool BSLP_PolicyProvider_IsConsistent(const BSLP_PolicyProvider_t *self) { ASSERT_ARG_NONNULL(self); @@ -164,15 +176,15 @@ int BSLP_QueryPolicy(const void *user_data, BSL_SecurityActionSet_t *output_acti const BSLP_PolicyRule_t *rule = &self->rules[index]; if (!BSLP_PolicyRule_IsConsistent(rule)) { - BSL_LOG_ERR("Rule `%s` is not consistent", m_string_get_cstr(rule->description)); + BSL_LOG_ERR("Rule `%s` is not consistent", rule->description); continue; } - BSL_LOG_DEBUG("Evaluating against rule `%s`", m_string_get_cstr(rule->description)); + BSL_LOG_DEBUG("Evaluating against rule `%s`", rule->description); if (!BSLP_PolicyPredicate_IsMatch(rule->predicate, location, primary_block.field_src_node_id, primary_block.field_dest_eid)) { - BSL_LOG_DEBUG("Rule `%s` not a match", m_string_get_cstr(rule->description)); + BSL_LOG_DEBUG("Rule `%s` not a match", rule->description); continue; } @@ -258,7 +270,7 @@ int BSLP_QueryPolicy(const void *user_data, BSL_SecurityActionSet_t *output_acti BSL_LOG_INFO("append to end"); BSLP_SecOperPtrList_push_back(secops, sec_oper); } - BSL_LOG_INFO("Created sec operation for rule `%s`", m_string_get_cstr(rule->description)); + BSL_LOG_INFO("Created sec operation for rule `%s`", rule->description); } BSL_PrimaryBlock_deinit(&primary_block); @@ -408,7 +420,12 @@ int BSLP_PolicyRule_Init(BSLP_PolicyRule_t *self, const char *desc, BSLP_PolicyP { ASSERT_ARG_NONNULL(self); memset(self, 0, sizeof(*self)); - string_init_set_str(self->description, desc); + + size_t desc_sz = strnlen(desc, BSLP_POLICYPREDICATE_ARRAY_CAPACITY); + self->description = BSL_MALLOC(desc_sz + 1); + strncpy(self->description, desc, desc_sz); + self->description[desc_sz] = '\0'; + self->sec_block_type = sec_block_type; self->target_block_type = target_block_type; self->predicate = predicate; @@ -424,9 +441,8 @@ int BSLP_PolicyRule_Init(BSLP_PolicyRule_t *self, const char *desc, BSLP_PolicyP void BSLP_PolicyRule_Deinit(BSLP_PolicyRule_t *self) { ASSERT_ARG_EXPR(BSLP_PolicyRule_IsConsistent(self)); - BSL_LOG_INFO("BSLP_PolicyRule_Deinit: %s, nparams=%zu", m_string_get_cstr(self->description), - BSLB_SecParamList_size(self->params)); - string_clear(self->description); + BSL_LOG_INFO("BSLP_PolicyRule_Deinit: %s, nparams=%zu", self->description, BSLB_SecParamList_size(self->params)); + BSL_FREE(self->description); BSLB_SecParamList_clear(self->params); memset(self, 0, sizeof(*self)); } @@ -486,7 +502,7 @@ int BSLP_PolicyRule_EvaluateAsSecOper(const BSLP_PolicyRule_t *self, BSL_SecOper const BSL_SecParam_t *param = BSLB_SecParamList_cref(pit); BSL_SecOper_AppendParam(sec_oper, param); } - BSL_LOG_INFO("Created sec operation for rule `%s`", m_string_get_cstr(self->description)); + BSL_LOG_INFO("Created sec operation for rule `%s`", self->description); return BSL_SUCCESS; } diff --git a/src/policy_provider/SamplePolicyProvider.h b/src/policy_provider/SamplePolicyProvider.h index e6d60efb..49f75a9a 100644 --- a/src/policy_provider/SamplePolicyProvider.h +++ b/src/policy_provider/SamplePolicyProvider.h @@ -29,22 +29,9 @@ #define BSLP_SAMPLE_POLICY_PROVIDER_H #include -#include -#include #include #include -/** @struct BSLP_SecOperPtrList_t - * Defines a basic list of ::BSL_SecOper_t pointers. - */ -/// @cond Doxygen_Suppress -// NOLINTBEGIN -// GCOV_EXCL_START -M_ARRAY_DEF(BSLP_SecOperPtrList, BSL_SecOper_t *, M_PTR_OPLIST) -// GCOV_EXCL_STOP -// NOLINTEND -/// @endcond - /** * THE key function that matches a bundle against a rule to provide the output action and specific parameters to use for * the security operation. @@ -90,6 +77,12 @@ void BSLP_PolicyPredicate_Deinit(BSLP_PolicyPredicate_t *self); bool BSLP_PolicyPredicate_IsMatch(const BSLP_PolicyPredicate_t *self, BSL_PolicyLocation_e location, BSL_HostEID_t src_eid, BSL_HostEID_t dst_eid); +/** + * Maximum string length of a policy rule description; + * Affects ::BSLP_PolicyRule_Init `desc` parameter + */ +#define BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN 100 + /** * @brief Represents a policy rule * @@ -105,7 +98,7 @@ bool BSLP_PolicyPredicate_IsMatch(const BSLP_PolicyPredicate_t *self, BSL_Policy */ typedef struct BSLP_PolicyRule_s { - string_t description; + char *description; BSLP_PolicyPredicate_t *predicate; BSL_SecRole_e role; BSL_BundleBlockTypeCode_e target_block_type; @@ -119,7 +112,8 @@ typedef struct BSLP_PolicyRule_s * @brief Initialize this policy rule * * @param[in] self This policy rule - * @param[in] dest Description of this rule (C-string) + * @param[in] dest Description of this rule (C-string). Will copy characters of parameter from index 0 to + * ::BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN - 1. * @param[in] predicate Predicate used to identify which bundles apply * @param[in] context_id Security context ID * @param[in] role Such as source, acceptor, etc @@ -173,7 +167,6 @@ int BSLP_PolicyRule_EvaluateAsSecOper(const BSLP_PolicyRule_t *self, BSL_SecOper /// @brief Concrete definition of a policy provider typedef struct BSLP_PolicyProvider_s { - string_t name; BSLP_PolicyPredicate_t predicates[BSLP_POLICYPREDICATE_ARRAY_CAPACITY]; size_t predicate_count; BSLP_PolicyRule_t rules[BSLP_POLICYPREDICATE_ARRAY_CAPACITY]; diff --git a/test/test_BackendPolicyProvider.c b/test/test_BackendPolicyProvider.c index deb87c29..9a951905 100644 --- a/test/test_BackendPolicyProvider.c +++ b/test/test_BackendPolicyProvider.c @@ -83,8 +83,6 @@ void tearDown(void) */ void test_PolicyProvider_InspectEmptyRuleset(void) { - BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data; - string_init_set_str(policy->name, "Unit Test Policy Provider!"); TEST_ASSERT_EQUAL(0, BSL_TestUtils_LoadBundleFromCBOR(&LocalTestCtx, RFC9173_TestVectors_AppendixA1.cbor_bundle_bib)); @@ -98,7 +96,6 @@ void test_PolicyProvider_InspectEmptyRuleset(void) TEST_ASSERT_EQUAL(0, BSL_SecurityAction_CountSecOpers(act)); BSL_SecurityActionSet_Deinit(&action_set); - string_clear(policy->name); } /** @@ -110,7 +107,6 @@ void test_PolicyProvider_InspectEmptyRuleset(void) void test_PolicyProvider_InspectSingleBIBRuleset(void) { BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data; - string_init_set_str(policy->name, "Unit Test Policy Provider!"); BSLP_PolicyPredicate_t *predicate = &policy->predicates[policy->predicate_count++]; BSLP_PolicyPredicate_Init(predicate, BSL_POLICYLOCATION_APPIN, BSL_TestUtils_GetEidPatternFromText("*:**"), @@ -131,7 +127,6 @@ void test_PolicyProvider_InspectSingleBIBRuleset(void) TEST_ASSERT_EQUAL(1, BSL_SecurityAction_CountSecOpers(BSL_SecurityActionSet_GetActionAtIndex(&action_set, 0))); BSL_SecurityActionSet_Deinit(&action_set); - string_clear(policy->name); } /** @@ -140,7 +135,6 @@ void test_PolicyProvider_InspectSingleBIBRuleset(void) void test_PolicyProvider_Inspect_RFC9173_BIB(void) { BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data; - string_init_set_str(policy->name, "Unit Test Policy Provider!"); BSLP_PolicyPredicate_t *predicate = &policy->predicates[policy->predicate_count++]; BSLP_PolicyPredicate_Init(predicate, BSL_POLICYLOCATION_APPIN, BSL_TestUtils_GetEidPatternFromText("*:**"), @@ -167,7 +161,6 @@ void test_PolicyProvider_Inspect_RFC9173_BIB(void) TEST_ASSERT_EQUAL(3, BSL_SecOper_CountParams(BSL_SecurityAction_GetSecOperAtIndex(act, 0))); BSL_SecurityActionSet_Deinit(&action_set); - string_clear(policy->name); } // TODO - test with also setting sec pararms and other things and test the RFC 9173 things. @@ -187,11 +180,9 @@ void test_MultiplePolicyProviders(void) BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data; policy->pp_id = BSL_SAMPLE_PP_ID; - string_init_set_str(policy->name, "Unit Test Policy Provider 1!"); BSLP_PolicyProvider_t *policy2 = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID_2)->user_data; policy2->pp_id = BSL_SAMPLE_PP_ID_2; - string_init_set_str(policy2->name, "Unit Test Policy Provider 2!"); BSLP_PolicyPredicate_t *predicate = &policy->predicates[policy->predicate_count++]; BSLP_PolicyPredicate_Init(predicate, BSL_POLICYLOCATION_APPIN, BSL_TestUtils_GetEidPatternFromText("*:**"), @@ -254,6 +245,4 @@ void test_MultiplePolicyProviders(void) BSL_SecurityActionSet_Deinit(&action_set); BSL_FREE(response_set); - string_clear(policy->name); - string_clear(policy2->name); } diff --git a/test/test_PublicInterfaceImpl.c b/test/test_PublicInterfaceImpl.c index a952ae9d..d03d93af 100644 --- a/test/test_PublicInterfaceImpl.c +++ b/test/test_PublicInterfaceImpl.c @@ -135,7 +135,6 @@ void setUp(void) TEST_ASSERT_EQUAL(0, BSL_API_RegisterPolicyProvider(&LocalTestCtx.bsl, BSL_SAMPLE_PP_ID, policy_desc)); BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data; - string_init_set_str(policy->name, "Unit Test Policy Provider!"); policy->pp_id = 1; @@ -569,8 +568,6 @@ void setUp(void) void tearDown(void) { BSL_SecurityActionSet_Deinit(&action_set); - BSLP_PolicyProvider_t *policy = BSL_PolicyDict_get(LocalTestCtx.bsl.policy_reg, BSL_SAMPLE_PP_ID)->user_data; - string_clear(policy->name); mock_bpa_ctr_deinit(&LocalTestCtx.mock_bpa_ctr); BSL_CryptoDeinit(); TEST_ASSERT_EQUAL(0, BSL_API_DeinitLib(&LocalTestCtx.bsl)); diff --git a/test/test_SamplePolicyProvider.c b/test/test_SamplePolicyProvider.c index ca265a8e..0aa515d8 100644 --- a/test/test_SamplePolicyProvider.c +++ b/test/test_SamplePolicyProvider.c @@ -122,4 +122,41 @@ void test_SamplePolicyProvider_WildcardPolicyRuleVerifiesBIB(void) BSLP_PolicyPredicate_Deinit(&predicate); } +TEST_CASE("") +TEST_CASE("1") +TEST_CASE( + "0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789") // 100 char +TEST_CASE( + "01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890") // 101 char +void test_SamplePolicyProvider_PolicyRuleInit_Description(const char *description) +{ + BSLP_PolicyPredicate_t predicate; + BSLP_PolicyPredicate_Init(&predicate, BSL_POLICYLOCATION_APPIN, BSL_TestUtils_GetEidPatternFromText("*:**"), + BSL_TestUtils_GetEidPatternFromText("*:**"), BSL_TestUtils_GetEidPatternFromText("*:**")); + + BSLP_PolicyRule_t rule; + BSLP_PolicyRule_Init(&rule, description, &predicate, 1, BSL_SECROLE_VERIFIER, BSL_SECBLOCKTYPE_BIB, + BSL_BLOCK_TYPE_PAYLOAD, BSL_POLICYACTION_DROP_BUNDLE); + + TEST_ASSERT_LESS_OR_EQUAL(BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN, strlen(rule.description)); + + if (strlen(description) <= BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN) + { + TEST_ASSERT_EQUAL(strlen(description), strlen(rule.description)); + } + else + { + TEST_ASSERT_EQUAL(BSLP_POLICY_RULE_DESCRIPTION_MAX_STRLEN, strlen(rule.description)); + } + + // unity doesn't like TEST_ASSERT_EQUAL_MEMORY call on 0 length buffer + if (strlen(description) > 0) + { + TEST_ASSERT_EQUAL_MEMORY(description, rule.description, strlen(rule.description)); + } + + BSLP_PolicyRule_Deinit(&rule); + BSLP_PolicyPredicate_Deinit(&predicate); +} + // TODO(bvb) more tests with more granular predicates and rules