diff --git a/docs/api/dictionary.txt b/docs/api/dictionary.txt index 90eb3b47..237fa91b 100644 --- a/docs/api/dictionary.txt +++ b/docs/api/dictionary.txt @@ -46,6 +46,8 @@ bytestream bytestring bytestrings callee's +calloc +CALLOC Carsten CBOR cek @@ -169,6 +171,11 @@ RTEMS ruleset sc SCs +SecOper +SecParam +SecResult +SecurityAction +SecurityActionSet SHA sipos speciality diff --git a/mock-bpa-test/requirements_tests.py b/mock-bpa-test/requirements_tests.py index 83a71029..6c4d1879 100644 --- a/mock-bpa-test/requirements_tests.py +++ b/mock-bpa-test/requirements_tests.py @@ -45,7 +45,7 @@ def __init__(self): [7, 0, 0, [2, [1, 2]], [2, [2, 1]], [2, [2, 1]], [0, 40], 1000000], [1, 1, 0, 0, bytes.fromhex('526561647920746F2067656E657261746520612033322D62797465207061796C6F6164')] ], - policy_config='0x186,0x187', + policy_config='0x1A6,0x1A7', is_implemented=True, is_working=True, expect_success=True, diff --git a/src/BPSecLib_Private.h b/src/BPSecLib_Private.h index bdce3c41..d9a27484 100644 --- a/src/BPSecLib_Private.h +++ b/src/BPSecLib_Private.h @@ -774,17 +774,18 @@ typedef struct BSL_SecOper_s BSL_SecOper_t; size_t BSL_SecOper_Sizeof(void); -/** Populate a pre-allocated Security Operation with the given values. +/** Initialize a newly allocated structure. * - * @param[in,out] self Non-NULL pointer to this security operation. - * @param[in] context_id ID of the security context - * @param[in] target_block_num Block ID of security target block - * @param[in] sec_block_num Block ID of security block. - * @param[in] sec_type Member of ::BSL_SecBlockType_e enum indicating BIB or BCB - * @param[in] sec_role Member of ::BSL_SecRole_e enum indicating role. + * @param[in,out] self Non-NULL pointer to this security operation + */ +void BSL_SecOper_Init(BSL_SecOper_t *self); + +/** Initialize from a copy. + * + * @param[in,out] self Non-NULL pointer to this security operation + * @param[in] src Non-NULL pointer to this source to copy from. */ -void BSL_SecOper_Init(BSL_SecOper_t *self, uint64_t context_id, uint64_t target_block_num, uint64_t sec_block_num, - BSL_SecBlockType_e sec_type, BSL_SecRole_e sec_role, BSL_PolicyAction_e failure_code); +void BSL_SecOper_InitSet(BSL_SecOper_t *self, const BSL_SecOper_t *src); /** Empty and release any resources used internally by this structure. * @@ -795,6 +796,25 @@ void BSL_SecOper_Init(BSL_SecOper_t *self, uint64_t context_id, uint64_t target_ */ void BSL_SecOper_Deinit(BSL_SecOper_t *self); +/** Set from a copy. + * + * @param[in,out] self Non-NULL pointer to this security operation + * @param[in] src Non-NULL pointer to this source to copy from. + */ +void BSL_SecOper_Set(BSL_SecOper_t *self, const BSL_SecOper_t *src); + +/** Populate an initialized Security Operation with the given values. + * + * @param[in,out] self Non-NULL pointer to this security operation. + * @param[in] context_id ID of the security context + * @param[in] target_block_num Block ID of security target block + * @param[in] sec_block_num Block ID of security block. + * @param[in] sec_type Member of ::BSL_SecBlockType_e enum indicating BIB or BCB + * @param[in] sec_role Member of ::BSL_SecRole_e enum indicating role. + */ +void BSL_SecOper_Populate(BSL_SecOper_t *self, uint64_t context_id, uint64_t target_block_num, uint64_t sec_block_num, + BSL_SecBlockType_e sec_type, BSL_SecRole_e sec_role, BSL_PolicyAction_e failure_code); + /** Returns true if internal consistency and sanity checks pass * * @todo Formalize invariants @@ -857,6 +877,20 @@ bool BSL_SecOper_IsRoleAcceptor(const BSL_SecOper_t *self); */ bool BSL_SecOper_IsBIB(const BSL_SecOper_t *self); +/** + * Retrieve the conclusion state of a security operation + * @param[in] self The security operation + * @return the conclusion state + */ +BSL_SecOper_ConclusionState_e BSL_SecOper_GetConclusion(const BSL_SecOper_t *self); + +/** + * Set the security operation conclusion state + * @param[in,out] self security operation to change conclusion state of + * @param[in] new_conclusion new conclusion to set to + */ +void BSL_SecOper_SetConclusion(BSL_SecOper_t *self, BSL_SecOper_ConclusionState_e new_conclusion); + /// Forward declaration of this struct typedef struct BSL_AbsSecBlock_s BSL_AbsSecBlock_t; @@ -1032,6 +1066,11 @@ void BSL_SecOutcome_AppendParam(BSL_SecOutcome_t *self, const BSL_SecParam_t *pa */ size_t BSL_SecOutcome_CountParams(const BSL_SecOutcome_t *self); +/** Get the security parameter from the security outcome at the provided index + * @param[in] self security outcome + * @param[in] index index to retrieve security parameter from + * @return Security parameter + */ const BSL_SecParam_t *BSL_SecOutcome_GetParamAt(const BSL_SecOutcome_t *self, size_t index); /// @brief Returns true if this (the parameters and results) is contained within the given ASK @@ -1041,28 +1080,80 @@ const BSL_SecParam_t *BSL_SecOutcome_GetParamAt(const BSL_SecOutcome_t *self, si /// @return bool BSL_SecOutcome_IsInAbsSecBlock(const BSL_SecOutcome_t *self, const BSL_AbsSecBlock_t *abs_sec_block); -/// @brief Returns size of the struct, helpful for dynamic allocation. -/// @return Size of the struct -size_t BSL_SecurityActionSet_Sizeof(void); +/** + * @return size of security operation + */ +size_t BSL_SecurityAction_Sizeof(void); -/** @brief Initialize a new security action set +/** + * @return true if security action @param self is consistent + */ +bool BSL_SecurityAction_IsConsistent(const BSL_SecurityAction_t *self); + +/** + * Initialize security action + * @param[out] self security action + */ +void BSL_SecurityAction_Init(BSL_SecurityAction_t *self); + +/** Initialize from a copy. * - * @param[in,out] self This pre-allocated action set + * @param[out] self security action + * @param[in] src The source of the copy. */ -void BSL_SecurityActionSet_Init(BSL_SecurityActionSet_t *self); +void BSL_SecurityAction_InitSet(BSL_SecurityAction_t *self, const BSL_SecurityAction_t *src); + +/** + * De-initialize security action + * @param[in,out] self security action + */ +void BSL_SecurityAction_Deinit(BSL_SecurityAction_t *self); + +/** + * Add security operation to security action, with deterministic ordering + * @param[in,out] self action to add security operation to + * @param[in,out] sec_oper new security operation to add and move from. + * @return 0 if successful + */ +int BSL_SecurityAction_AppendSecOper(BSL_SecurityAction_t *self, BSL_SecOper_t *sec_oper); + +/** Order the Security operations such that execution will be successful + * @param[in, out] self action to sort + */ +int BSL_SecurityAction_OrderSecOps(BSL_SecurityAction_t *self); + +/** + * @return number of security operation in the @param[in] self action + */ +size_t BSL_SecurityAction_CountSecOpers(const BSL_SecurityAction_t *self); + +/** + * @return the security operation at @param[in] index index in @param[in] self security action + */ +BSL_SecOper_t *BSL_SecurityAction_GetSecOperAtIndex(const BSL_SecurityAction_t *self, size_t index); /** @brief Increment a security failure for this action set * * @param[in,out] self Pointer to this security action set. */ -void BSL_SecurityActionSet_IncrError(BSL_SecurityActionSet_t *self); +void BSL_SecurityAction_IncrError(BSL_SecurityAction_t *self); -/** @brief Returns count of failures after processing this action set +/** @brief Returns count of failures after processing this action * - * @param[in] self Pointer to this security action set. + * @param[in] self Pointer to this security action. * @return Count of errors. */ -size_t BSL_SecurityActionSet_CountErrors(const BSL_SecurityActionSet_t *self); +size_t BSL_SecurityAction_CountErrors(const BSL_SecurityAction_t *self); + +/// @brief Returns size of the struct, helpful for dynamic allocation. +/// @return Size of the struct +size_t BSL_SecurityActionSet_Sizeof(void); + +/** @brief Initialize a new security action set + * + * @param[in,out] self This pre-allocated action set + */ +void BSL_SecurityActionSet_Init(BSL_SecurityActionSet_t *self); /** Zeroize, clear, and release itself and any owned resources. * @@ -1073,10 +1164,10 @@ void BSL_SecurityActionSet_Deinit(BSL_SecurityActionSet_t *self); /** @brief Append a security operation to the security action set * * @param[in,out] self This security action set. - * @param[in] sec_oper Security operation to include. + * @param[in] action Action to include. * @return 0 on success, negative on error */ -int BSL_SecurityActionSet_AppendSecOper(BSL_SecurityActionSet_t *self, const BSL_SecOper_t *sec_oper); +int BSL_SecurityActionSet_AppendAction(BSL_SecurityActionSet_t *self, const BSL_SecurityAction_t *action); /** Return true if internal sanity and consistency checks pass * @@ -1085,27 +1176,32 @@ int BSL_SecurityActionSet_AppendSecOper(BSL_SecurityActionSet_t *self, const BSL */ bool BSL_SecurityActionSet_IsConsistent(const BSL_SecurityActionSet_t *self); +/** + * @return the total number of operations within each of the actions of @param self action set + */ +size_t BSL_SecurityActionSet_CountOperations(const BSL_SecurityActionSet_t *self); + /** Count number of security operations present in this policy action set. * * @param[in] self This action set. - * @return Number of operations, 0 indicates no policy matched. + * @return Number of actions, 0 indicates no policy matched. */ -size_t BSL_SecurityActionSet_CountSecOpers(const BSL_SecurityActionSet_t *self); +size_t BSL_SecurityActionSet_CountActions(const BSL_SecurityActionSet_t *self); /** Returns the Security Operation at the given index. * * @param[in] self This action set * @param[in] index index - * @return pointer to security operation at given index, asserting false if not in bound + * @return pointer to action at given index, asserting false if not in bound */ -const BSL_SecOper_t *BSL_SecurityActionSet_GetSecOperAtIndex(const BSL_SecurityActionSet_t *self, size_t index); +const BSL_SecurityAction_t *BSL_SecurityActionSet_GetActionAtIndex(const BSL_SecurityActionSet_t *self, size_t index); -/** Get the error code after querying (inspecting) policy actions. Non-zero indicates error +/** @brief Returns count of failures after processing this action set * - * @param[in] self this action set - * @return Anomaly on non-zero + * @param[in] self Pointer to this security action set. + * @return Count of errors. */ -int BSL_SecurityActionSet_GetErrCode(const BSL_SecurityActionSet_t *self); +size_t BSL_SecurityActionSet_CountErrors(const BSL_SecurityActionSet_t *self); /// @brief Returns size of this struct type size_t BSL_SecurityResponseSet_Sizeof(void); @@ -1232,4 +1328,4 @@ struct BSL_SecCtxDesc_s BSL_SecCtx_Execute_f execute; }; -#endif /* BSL_BPSECLIB_PRIVATE_H_ */ \ No newline at end of file +#endif /* BSL_BPSECLIB_PRIVATE_H_ */ diff --git a/src/BPSecLib_Public.h b/src/BPSecLib_Public.h index 95bc2a17..0e17f762 100644 --- a/src/BPSecLib_Public.h +++ b/src/BPSecLib_Public.h @@ -51,9 +51,13 @@ typedef struct BSL_LibCtx_s BSL_LibCtx_t; /// process the Bundle. typedef struct BSL_SecurityResponseSet_s BSL_SecurityResponseSet_t; -/// @brief Forward declaration of ::BSL_SecurityActionSet_s, which contains information for BSL to process the Bundle. +/// @brief Forward declaration of ::BSL_SecurityActionSet_s, which contains actions for BSL to process the Bundle. typedef struct BSL_SecurityActionSet_s BSL_SecurityActionSet_t; +/// @brief Forward declaration of ::BSL_SecurityAction_s, which contains security operations for BSL to process the +/// Bundle. +typedef struct BSL_SecurityAction_s BSL_SecurityAction_t; + /// @brief Forward-declaration for structure containing callbacks to a security context. typedef struct BSL_SecCtxDesc_s BSL_SecCtxDesc_t; @@ -79,6 +83,21 @@ typedef enum BSL_POLICYLOCATION_CLOUT } BSL_PolicyLocation_e; +/** + * @brief Indicates the conclusion state of a security operation + */ +typedef enum +{ + /// @brief Security operation is still pending action + BSL_SECOP_CONCLUSION_PENDING = 1, + /// @brief Security operation has concluded and succeeded + BSL_SECOP_CONCLUSION_SUCCESS, + /// @brief Security operation is invalid + BSL_SECOP_CONCLUSION_INVALID, + /// @brief Security operation has concluded and failed + BSL_SECOP_CONCLUSION_FAILURE +} BSL_SecOper_ConclusionState_e; + /** Block CRC types. * Defined in Section 4.2.1 of RFC 9171 @cite rfc9171. */ diff --git a/src/BSLConfig.h.in b/src/BSLConfig.h.in index b92e7910..a69bc0f2 100644 --- a/src/BSLConfig.h.in +++ b/src/BSLConfig.h.in @@ -67,6 +67,12 @@ const char * bsl_version(void); #define BSL_FREE free #endif /* BSL_FREE */ +#ifndef BSL_CALLOC +/** Uses the same function signature as C99 calloc(). + */ +#define BSL_CALLOC calloc +#endif /* BSL_CALLOC */ + /** Define to override value/struct allocation. * See m-core.h for details. */ diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 98cc1765..edfe4812 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -110,6 +110,7 @@ set_target_properties(bsl_sample_pp SOVERSION ${CMAKE_PROJECT_VERSION_MAJOR} ) target_link_libraries(bsl_sample_pp PUBLIC bsl_front) +target_link_libraries(bsl_sample_pp PUBLIC MLIB::mlib) # Dynamic backend library set(BSL_DYNAMIC_H @@ -128,6 +129,7 @@ set(BSL_DYNAMIC_C ${CMAKE_CURRENT_SOURCE_DIR}/backend/SecOutcome.c ${CMAKE_CURRENT_SOURCE_DIR}/backend/SecParam.c ${CMAKE_CURRENT_SOURCE_DIR}/backend/SecResult.c + ${CMAKE_CURRENT_SOURCE_DIR}/backend/SecurityAction.c ${CMAKE_CURRENT_SOURCE_DIR}/backend/SecurityActionSet.c ${CMAKE_CURRENT_SOURCE_DIR}/backend/SecurityContext.c ${CMAKE_CURRENT_SOURCE_DIR}/backend/SecurityResultSet.c diff --git a/src/backend/AbsSecBlock.c b/src/backend/AbsSecBlock.c index 51b3c852..3933e41e 100644 --- a/src/backend/AbsSecBlock.c +++ b/src/backend/AbsSecBlock.c @@ -120,7 +120,7 @@ bool BSL_AbsSecBlock_ContainsTarget(const BSL_AbsSecBlock_t *self, uint64_t targ { ASSERT_PRECONDITION(BSL_AbsSecBlock_IsConsistent(self)); for - M_EACH(target_num, self->targets, LIST_OPLIST(uint64_list)) + M_EACH(target_num, self->targets, M_ARRAY_OPLIST(uint64_list)) { if (*target_num == target_block_num) { diff --git a/src/backend/AbsSecBlock.h b/src/backend/AbsSecBlock.h index cf48c1b5..7ea37686 100644 --- a/src/backend/AbsSecBlock.h +++ b/src/backend/AbsSecBlock.h @@ -48,6 +48,7 @@ // NOLINTBEGIN /// @cond Doxygen_Suppress M_ARRAY_DEF(uint64_list, uint64_t) +/// @endcond // NOLINTEND /** Represents the Abstract Security Block as defined in RFC9172 diff --git a/src/backend/PublicInterfaceImpl.c b/src/backend/PublicInterfaceImpl.c index 5ab72465..7f82d7f7 100644 --- a/src/backend/PublicInterfaceImpl.c +++ b/src/backend/PublicInterfaceImpl.c @@ -129,30 +129,36 @@ int BSL_API_QuerySecurity(const BSL_LibCtx_t *bsl, BSL_SecurityActionSet_t *outp BSL_LOG_WARNING("Failed to get block number %lu", blocks_array[i]); continue; } - for (size_t sec_op_index = 0; sec_op_index < output_action_set->sec_operations_count; sec_op_index++) + BSL_SecActionList_it_t act_it; + for (BSL_SecActionList_it(act_it, output_action_set->actions); !BSL_SecActionList_end_p(act_it); + BSL_SecActionList_next(act_it)) { - BSL_SecOper_t *sec_oper = &output_action_set->sec_operations[sec_op_index]; - if (block.type_code != sec_oper->_service_type) + BSL_SecurityAction_t *act = BSL_SecActionList_ref(act_it); + for (size_t j = 0; j < BSL_SecurityAction_CountSecOpers(act); j++) { - continue; - } - // Now set it's sec_block - BSL_AbsSecBlock_t *abs_sec_block = calloc(1, BSL_AbsSecBlock_Sizeof()); - BSL_Data_t block_btsd = { 0 }; - BSL_Data_InitView(&block_btsd, block.btsd_len, block.btsd); - if (BSL_AbsSecBlock_DecodeFromCBOR(abs_sec_block, block_btsd) == 0) - { - if (BSL_AbsSecBlock_ContainsTarget(abs_sec_block, sec_oper->target_block_num)) + BSL_SecOper_t *sec_oper = BSL_SecurityAction_GetSecOperAtIndex(act, j); + if (block.type_code != sec_oper->_service_type) { - sec_oper->sec_block_num = block.block_num; + continue; } + // Now set it's sec_block + BSL_AbsSecBlock_t *abs_sec_block = calloc(1, BSL_AbsSecBlock_Sizeof()); + BSL_Data_t block_btsd = { 0 }; + BSL_Data_InitView(&block_btsd, block.btsd_len, block.btsd); + if (BSL_AbsSecBlock_DecodeFromCBOR(abs_sec_block, block_btsd) == 0) + { + if (BSL_AbsSecBlock_ContainsTarget(abs_sec_block, sec_oper->target_block_num)) + { + sec_oper->sec_block_num = block.block_num; + } + } + else + { + BSL_LOG_WARNING("Failed to parse ASB from BTSD"); + } + BSL_AbsSecBlock_Deinit(abs_sec_block); + free(abs_sec_block); } - else - { - BSL_LOG_WARNING("Failed to parse ASB from BTSD"); - } - BSL_AbsSecBlock_Deinit(abs_sec_block); - free(abs_sec_block); } } @@ -188,60 +194,65 @@ int BSL_API_ApplySecurity(const BSL_LibCtx_t *bsl, BSL_SecurityResponseSet_t *re return BSL_ERR_HOST_CALLBACK_FAILED; } - // There should be as many responses as there were sec operations - ASSERT_PROPERTY(response_output->total_operations == policy_actions->sec_operations_count); - int finalize_status = BSL_PolicyRegistry_FinalizeActions(bsl, policy_actions, bundle, response_output); BSL_LOG_INFO("Completed finalize: status=%d", finalize_status); bool must_drop = false; - for (size_t oper_index = 0; oper_index < policy_actions->sec_operations_count; oper_index++) - { - // First, get the error code for the security operation () - int block_err_code = response_output->results[oper_index]; - BSL_PolicyAction_e err_action_code = policy_actions->sec_operations[oper_index].failure_code; - // When the operation was a success, there's nothing further to do. - if (block_err_code == BSL_SUCCESS) + BSL_SecActionList_it_t act_it; + for (BSL_SecActionList_it(act_it, policy_actions->actions); !BSL_SecActionList_end_p(act_it); + BSL_SecActionList_next(act_it)) + { + BSL_SecurityAction_t *act = BSL_SecActionList_ref(act_it); + for (size_t i = 0; i < BSL_SecurityAction_CountSecOpers(act); i++) { - BSL_LOG_DEBUG("Security operation [%lu] success, target block num = %lu", oper_index, - policy_actions->sec_operations[oper_index].target_block_num); - continue; - } + BSL_SecOper_t *sec_oper = BSL_SecurityAction_GetSecOperAtIndex(act, i); - // Now handle a specific error - switch (err_action_code) - { - case BSL_POLICYACTION_NOTHING: + BSL_SecOper_ConclusionState_e conclusion = BSL_SecOper_GetConclusion(sec_oper); + + // When the operation was a success, there's nothing further to do. + if (conclusion == BSL_SECOP_CONCLUSION_SUCCESS) { - // Do nothing, per policy (Indicate in telemetry.) - BSL_LOG_WARNING("Instructed to do nothing for failed security operation"); - break; + BSL_LOG_DEBUG("Security operation success, target block num = %lu", sec_oper->target_block_num); + continue; } - case BSL_POLICYACTION_DROP_BLOCK: + + BSL_PolicyAction_e err_action_code = sec_oper->failure_code; + + // Now handle a specific error + switch (err_action_code) { - // Drop the failed target block, but otherwise continue - BSL_LOG_WARNING("***** Dropping block over which security operation failed *******"); - BSL_BundleCtx_RemoveBlock(bundle, policy_actions->sec_operations[oper_index].target_block_num); - break; + case BSL_POLICYACTION_NOTHING: + { + // Do nothing, per policy (Indicate in telemetry.) + BSL_LOG_WARNING("Instructed to do nothing for failed security operation"); + break; + } + case BSL_POLICYACTION_DROP_BLOCK: + { + // Drop the failed target block, but otherwise continue + BSL_LOG_WARNING("***** Dropping block over which security operation failed *******"); + BSL_BundleCtx_RemoveBlock(bundle, sec_oper->target_block_num); + break; + } + case BSL_POLICYACTION_DROP_BUNDLE: + { + BSL_LOG_WARNING("Deleting bundle due to block target num %lu security failure", + sec_oper->target_block_num); + must_drop = true; + break; + } + case BSL_POLICYACTION_UNDEFINED: + default: + { + BSL_LOG_ERR("Unhandled policy action: %lu", err_action_code); + } } - case BSL_POLICYACTION_DROP_BUNDLE: + + if (must_drop) { - BSL_LOG_WARNING("Deleting bundle due to block target num %lu security failure", - policy_actions->sec_operations[oper_index].target_block_num); - must_drop = true; break; } - case BSL_POLICYACTION_UNDEFINED: - default: - { - BSL_LOG_ERR("Unhandled policy action: %lu", err_action_code); - } - } - - if (must_drop) - { - break; } } diff --git a/src/backend/SecOperation.c b/src/backend/SecOperation.c index 0ed0e9fb..398a53e8 100644 --- a/src/backend/SecOperation.c +++ b/src/backend/SecOperation.c @@ -32,19 +32,30 @@ size_t BSL_SecOper_Sizeof(void) return sizeof(BSL_SecOper_t); } -void BSL_SecOper_Init(BSL_SecOper_t *self, uint64_t context_id, uint64_t target_block_num, uint64_t sec_block_num, - BSL_SecBlockType_e sec_type, BSL_SecRole_e sec_role, BSL_PolicyAction_e failure_code) +void BSL_SecOper_Init(BSL_SecOper_t *self) { ASSERT_ARG_NONNULL(self); memset(self, 0, sizeof(*self)); BSLB_SecParamList_init(self->_param_list); - self->context_id = context_id; - self->target_block_num = target_block_num; - self->sec_block_num = sec_block_num; - self->failure_code = failure_code; - self->_service_type = sec_type; - self->_role = sec_role; + + ASSERT_POSTCONDITION(BSL_SecOper_IsConsistent(self)); +} + +void BSL_SecOper_InitSet(BSL_SecOper_t *self, const BSL_SecOper_t *src) +{ + ASSERT_ARG_NONNULL(self); + ASSERT_ARG_NONNULL(src); + + memset(self, 0, sizeof(*self)); + self->context_id = src->context_id; + self->target_block_num = src->target_block_num; + self->sec_block_num = src->sec_block_num; + self->failure_code = src->failure_code; + self->conclusion = src->conclusion; + self->_role = src->_role; + self->_service_type = src->_service_type; + BSLB_SecParamList_init_set(self->_param_list, src->_param_list); ASSERT_POSTCONDITION(BSL_SecOper_IsConsistent(self)); } @@ -53,7 +64,35 @@ void BSL_SecOper_Deinit(BSL_SecOper_t *self) { ASSERT_PRECONDITION(BSL_SecOper_IsConsistent(self)); BSLB_SecParamList_clear(self->_param_list); - memset(self, 0, sizeof(*self)); +} + +void BSL_SecOper_Set(BSL_SecOper_t *self, const BSL_SecOper_t *src) +{ + ASSERT_PRECONDITION(BSL_SecOper_IsConsistent(self)); + + self->context_id = src->context_id; + self->target_block_num = src->target_block_num; + self->sec_block_num = src->sec_block_num; + self->failure_code = src->failure_code; + self->conclusion = src->conclusion; + self->_role = src->_role; + self->_service_type = src->_service_type; + BSLB_SecParamList_set(self->_param_list, src->_param_list); +} + +void BSL_SecOper_Populate(BSL_SecOper_t *self, uint64_t context_id, uint64_t target_block_num, uint64_t sec_block_num, + BSL_SecBlockType_e sec_type, BSL_SecRole_e sec_role, BSL_PolicyAction_e failure_code) +{ + ASSERT_ARG_NONNULL(self); + self->context_id = context_id; + self->target_block_num = target_block_num; + self->sec_block_num = sec_block_num; + self->failure_code = failure_code; + self->_service_type = sec_type; + self->_role = sec_role; + self->conclusion = BSL_SECOP_CONCLUSION_PENDING; + + ASSERT_POSTCONDITION(BSL_SecOper_IsConsistent(self)); } size_t BSL_SecOper_CountParams(const BSL_SecOper_t *self) @@ -74,6 +113,7 @@ bool BSL_SecOper_IsConsistent(const BSL_SecOper_t *self) CHK_AS_BOOL(self->_role == BSL_SECROLE_ACCEPTOR || self->_role == BSL_SECROLE_VERIFIER || self->_role == BSL_SECROLE_SOURCE); CHK_AS_BOOL(BSLB_SecParamList_size(self->_param_list) < 1000); + CHK_AS_BOOL(self->conclusion >= BSL_SECOP_CONCLUSION_PENDING && self->conclusion <= BSL_SECOP_CONCLUSION_FAILURE); // NOLINTEND return true; } @@ -112,24 +152,37 @@ const BSL_SecParam_t *BSL_SecOper_GetParamAt(const BSL_SecOper_t *self, size_t i bool BSL_SecOper_IsRoleSource(const BSL_SecOper_t *self) { - ASSERT_PRECONDITION(self != NULL); + ASSERT_PRECONDITION(BSL_SecOper_IsConsistent(self)); return self->_role == BSL_SECROLE_SOURCE; } bool BSL_SecOper_IsRoleAcceptor(const BSL_SecOper_t *self) { - ASSERT_PRECONDITION(self != NULL); + ASSERT_PRECONDITION(BSL_SecOper_IsConsistent(self)); return self->_role == BSL_SECROLE_ACCEPTOR; } bool BSL_SecOper_IsRoleVerifier(const BSL_SecOper_t *self) { - ASSERT_PRECONDITION(self != NULL); + ASSERT_PRECONDITION(BSL_SecOper_IsConsistent(self)); return self->_role == BSL_SECROLE_VERIFIER; } bool BSL_SecOper_IsBIB(const BSL_SecOper_t *self) { - ASSERT_PRECONDITION(self != NULL); + ASSERT_PRECONDITION(BSL_SecOper_IsConsistent(self)); return self->_service_type == BSL_SECBLOCKTYPE_BIB; } + +BSL_SecOper_ConclusionState_e BSL_SecOper_GetConclusion(const BSL_SecOper_t *self) +{ + ASSERT_PRECONDITION(BSL_SecOper_IsConsistent(self)); + return self->conclusion; +} + +void BSL_SecOper_SetConclusion(BSL_SecOper_t *self, BSL_SecOper_ConclusionState_e new_conclusion) +{ + ASSERT_PRECONDITION(BSL_SecOper_IsConsistent(self)); + self->conclusion = new_conclusion; + ASSERT_POSTCONDITION(BSL_SecOper_IsConsistent(self)); +} diff --git a/src/backend/SecOperation.h b/src/backend/SecOperation.h index db2ec7cf..99403d6e 100644 --- a/src/backend/SecOperation.h +++ b/src/backend/SecOperation.h @@ -28,11 +28,7 @@ #define BSLB_SECOPERATIONS_H_ #include - -#include - #include - #include "SecParam.h" struct BSL_SecOper_s @@ -49,15 +45,13 @@ struct BSL_SecOper_s /// @brief Code for handing what to do to the block or bundle if security processing fails. BSL_PolicyAction_e failure_code; + /// @brief Conclusion state of security operation processing + BSL_SecOper_ConclusionState_e conclusion; + /// @brief Private enumeration indicating the role (e.g., acceptor vs verifier) BSL_SecRole_e _role; BSL_SecBlockType_e _service_type; BSLB_SecParamList_t _param_list; }; -// NOLINTBEGIN -/// @todo - replace with forward declaration. Use new policy structure. -LIST_DEF(BSLB_SecOperList, BSL_SecOper_t, M_POD_OPLIST) -// NOLINTEND - #endif /* BSLB_SECOPERATIONS_H_ */ diff --git a/src/backend/SecParam.c b/src/backend/SecParam.c index c63360e0..d659a1b3 100644 --- a/src/backend/SecParam.c +++ b/src/backend/SecParam.c @@ -107,7 +107,7 @@ bool BSL_SecParam_IsConsistent(const BSL_SecParam_t *self) { CHK_AS_BOOL(self != NULL); CHK_AS_BOOL(self->param_id > 0); - CHK_AS_BOOL(self->_type > BSL_SECPARAM_TYPE_UNKNOWN && self->_type <= BSL_SECPARAM_TYPE_BYTESTR); + CHK_AS_BOOL(self->_type > BSL_SECPARAM_TYPE_UNKNOWN && self->_type <= BSL_SECPARAM_TYPE_STR); if (self->_type == BSL_SECPARAM_TYPE_INT64) { diff --git a/src/backend/SecParam.h b/src/backend/SecParam.h index 823fcc71..e0691a31 100644 --- a/src/backend/SecParam.h +++ b/src/backend/SecParam.h @@ -58,7 +58,7 @@ #include -#include +#include #include @@ -81,11 +81,13 @@ struct BSL_SecParam_s size_t _bytelen; }; -// NOLINTBEGIN -/** - * Defines a MLib basic list of Security Parameters. +/** @struct BSLB_SecParamList_t + * Defines a basic list of Security Parameters (::BSL_SecParam_t). */ -LIST_DEF(BSLB_SecParamList, BSL_SecParam_t, M_POD_OPLIST) +// NOLINTBEGIN +/// @cond Doxygen_Suppress +M_ARRAY_DEF(BSLB_SecParamList, BSL_SecParam_t, M_POD_OPLIST) +/// @endcond // NOLINTEND #endif /* BSLB_SECPARAM_H_ */ diff --git a/src/backend/SecResult.h b/src/backend/SecResult.h index fb343052..caaf5448 100644 --- a/src/backend/SecResult.h +++ b/src/backend/SecResult.h @@ -71,7 +71,7 @@ #include -#include +#include #include @@ -93,9 +93,13 @@ struct BSL_SecResult_s size_t _bytelen; }; -// TODO(BVB) - Doxygen suppress and annotate. +/** @struct BSLB_SecResultList_t + * Defines a basic list of Security Results (::BSL_SecResult_t). + */ // NOLINTBEGIN -LIST_DEF(BSLB_SecResultList, BSL_SecResult_t, M_POD_OPLIST) +/// @cond Doxygen_Suppress +M_ARRAY_DEF(BSLB_SecResultList, BSL_SecResult_t, M_POD_OPLIST) +/// @endcond // NOLINTEND #endif /* BSLB_SECRESULT_H_ */ diff --git a/src/backend/SecurityAction.c b/src/backend/SecurityAction.c new file mode 100644 index 00000000..9e3afcd8 --- /dev/null +++ b/src/backend/SecurityAction.c @@ -0,0 +1,92 @@ +/* + * Copyright (c) 2025 The Johns Hopkins University Applied Physics + * Laboratory LLC. + * + * This file is part of the Bundle Protocol Security Library (BSL). + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * http://www.apache.org/licenses/LICENSE-2.0 + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This work was performed for the Jet Propulsion Laboratory, California + * Institute of Technology, sponsored by the United States Government under + * the prime contract 80NM0018D0004 between the Caltech and NASA under + * subcontract 1700763. + */ +#include "SecurityAction.h" + +size_t BSL_SecurityAction_Sizeof(void) +{ + return sizeof(BSL_SecurityAction_t); +} + +bool BSL_SecurityAction_IsConsistent(const BSL_SecurityAction_t *self) +{ + (void)self; + return true; +} + +void BSL_SecurityAction_Init(BSL_SecurityAction_t *self) +{ + ASSERT_ARG_NONNULL(self); + + BSL_SecOperList_init(self->sec_op_list); + self->err_ct = 0; +} + +void BSL_SecurityAction_InitSet(BSL_SecurityAction_t *self, const BSL_SecurityAction_t *src) +{ + ASSERT_ARG_NONNULL(self); + + BSL_SecOperList_init_set(self->sec_op_list, src->sec_op_list); + self->err_ct = src->err_ct; +} + +void BSL_SecurityAction_Deinit(BSL_SecurityAction_t *self) +{ + ASSERT_ARG_NONNULL(self); + + BSL_SecOperList_clear(self->sec_op_list); +} + +void BSL_SecurityAction_IncrError(BSL_SecurityAction_t *self) +{ + ASSERT_ARG_NONNULL(self); + self->err_ct++; +} + +size_t BSL_SecurityAction_CountErrors(const BSL_SecurityAction_t *self) +{ + ASSERT_ARG_NONNULL(self); + return self->err_ct; +} + +int BSL_SecurityAction_AppendSecOper(BSL_SecurityAction_t *self, BSL_SecOper_t *sec_oper) +{ + ASSERT_ARG_NONNULL(self); + ASSERT_ARG_NONNULL(sec_oper); + + BSL_SecOperList_push_move(self->sec_op_list, sec_oper); + + return BSL_SUCCESS; +} + +size_t BSL_SecurityAction_CountSecOpers(const BSL_SecurityAction_t *self) +{ + ASSERT_ARG_NONNULL(self); + ASSERT_ARG_NONNULL(self->sec_op_list); + return BSL_SecOperList_size(self->sec_op_list); +} + +BSL_SecOper_t *BSL_SecurityAction_GetSecOperAtIndex(const BSL_SecurityAction_t *self, size_t index) +{ + ASSERT_ARG_NONNULL(self); + ASSERT_ARG_NONNULL(self->sec_op_list); + return BSL_SecOperList_get(self->sec_op_list, index); +} diff --git a/src/backend/SecurityAction.h b/src/backend/SecurityAction.h new file mode 100644 index 00000000..e20dd859 --- /dev/null +++ b/src/backend/SecurityAction.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2025 The Johns Hopkins University Applied Physics + * Laboratory LLC. + * + * This file is part of the Bundle Protocol Security Library (BSL). + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * http://www.apache.org/licenses/LICENSE-2.0 + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This work was performed for the Jet Propulsion Laboratory, California + * Institute of Technology, sponsored by the United States Government under + * the prime contract 80NM0018D0004 between the Caltech and NASA under + * subcontract 1700763. + */ +#include +#include +#include "SecOperation.h" + +/// OPLIST for ::BSL_SecOper_t +#define M_OPL_BSL_SecOper_t() \ + (INIT(API_2(BSL_SecOper_Init)), INIT_SET(API_6(BSL_SecOper_InitSet)), SET(API_6(BSL_SecOper_Set)), \ + CLEAR(API_2(BSL_SecOper_Deinit))) + +// NOLINTBEGIN +M_ARRAY_DEF(BSL_SecOperList, BSL_SecOper_t, M_OPL_BSL_SecOper_t()) +// NOLINTEND + +struct BSL_SecurityAction_s +{ + BSL_SecOperList_t sec_op_list; + size_t err_ct; +}; diff --git a/src/backend/SecurityActionSet.c b/src/backend/SecurityActionSet.c index 9c9b51bd..aee8f673 100644 --- a/src/backend/SecurityActionSet.c +++ b/src/backend/SecurityActionSet.c @@ -27,24 +27,7 @@ bool BSL_SecurityActionSet_IsConsistent(const BSL_SecurityActionSet_t *self) { - CHK_AS_BOOL(self != NULL); - CHK_AS_BOOL(self->sec_operations_count <= self->arrays_capacity); - if (self->arrays_capacity > 0) - { - CHK_AS_BOOL(self->arrays_capacity == sizeof(self->sec_operations) / sizeof(BSL_SecOper_t)); - } - - // Make sure the arrays are in sync (have equal lengths) - // 0 means unused. - for (size_t i = 0; i < self->arrays_capacity; i++) - { - if (self->new_block_ids[i] == 0) - { - CHK_AS_BOOL(self->new_block_types[i] == 0); - } - } - // TODO, make sure every element in the array that - // is not a sec oper is set to all zeros. + (void)self; return true; } @@ -56,70 +39,52 @@ size_t BSL_SecurityActionSet_Sizeof(void) void BSL_SecurityActionSet_Init(BSL_SecurityActionSet_t *self) { ASSERT_ARG_NONNULL(self); - - memset(self, 0, sizeof(*self)); - self->arrays_capacity = sizeof(self->sec_operations) / sizeof(BSL_SecOper_t); - - ASSERT_POSTCONDITION(BSL_SecurityActionSet_IsConsistent(self)); -} - -void BSL_SecurityActionSet_IncrError(BSL_SecurityActionSet_t *self) -{ - ASSERT_PRECONDITION(BSL_SecurityActionSet_IsConsistent(self)); - self->err_code++; -} - -size_t BSL_SecurityActionSet_CountErrors(const BSL_SecurityActionSet_t *self) -{ - ASSERT_PRECONDITION(BSL_SecurityActionSet_IsConsistent(self)); - - return self->err_code; + BSL_SecActionList_init(self->actions); + self->action_count = 0; + self->err_count = 0; } void BSL_SecurityActionSet_Deinit(BSL_SecurityActionSet_t *self) { - ASSERT_PRECONDITION(BSL_SecurityActionSet_IsConsistent(self)); - - for (size_t operation_index = 0; operation_index < self->arrays_capacity; operation_index++) - { - BSL_SecOper_Deinit(&(self->sec_operations[operation_index])); - } - memset(self, 0, sizeof(*self)); + ASSERT_ARG_NONNULL(self); + BSL_SecActionList_clear(self->actions); + self->err_count = 0; + self->action_count = 0; + self->operation_count = 0; } -int BSL_SecurityActionSet_AppendSecOper(BSL_SecurityActionSet_t *self, const BSL_SecOper_t *sec_oper) +int BSL_SecurityActionSet_AppendAction(BSL_SecurityActionSet_t *self, const BSL_SecurityAction_t *action) { - CHK_PRECONDITION(BSL_SecurityActionSet_IsConsistent(self)); - CHK_PRECONDITION(BSL_SecOper_IsConsistent(sec_oper)); - CHK_PRECONDITION(self->sec_operations_count < self->arrays_capacity - 1); - - self->sec_operations[self->sec_operations_count++] = *sec_oper; + ASSERT_ARG_NONNULL(self); + ASSERT_ARG_NONNULL(action); + BSL_SecActionList_push_back(self->actions, *action); + self->err_count += action->err_ct; + self->action_count++; + self->operation_count += BSL_SecurityAction_CountSecOpers(action); - CHK_POSTCONDITION(BSL_SecurityActionSet_IsConsistent(self)); return BSL_SUCCESS; } -size_t BSL_SecurityActionSet_CountSecOpers(const BSL_SecurityActionSet_t *self) +size_t BSL_SecurityActionSet_CountActions(const BSL_SecurityActionSet_t *self) { - ASSERT_PRECONDITION(BSL_SecurityActionSet_IsConsistent(self)); - return self->sec_operations_count; + ASSERT_ARG_NONNULL(self); + return self->action_count; } -const BSL_SecOper_t *BSL_SecurityActionSet_GetSecOperAtIndex(const BSL_SecurityActionSet_t *self, size_t index) +size_t BSL_SecurityActionSet_CountOperations(const BSL_SecurityActionSet_t *self) { - ASSERT_PRECONDITION(BSL_SecurityActionSet_IsConsistent(self)); - ASSERT_PRECONDITION(index < BSL_SecurityActionSet_CountSecOpers(self)); - ASSERT_PRECONDITION(index < self->arrays_capacity); - - const BSL_SecOper_t *sec_oper = &self->sec_operations[index]; + ASSERT_ARG_NONNULL(self); + return self->operation_count; +} - // The return security operation should be valid - ASSERT_POSTCONDITION(BSL_SecOper_IsConsistent(sec_oper)); - return sec_oper; +const BSL_SecurityAction_t *BSL_SecurityActionSet_GetActionAtIndex(const BSL_SecurityActionSet_t *self, size_t index) +{ + ASSERT_ARG_NONNULL(self); + return BSL_SecActionList_cget(self->actions, index); } -int BSL_SecurityActionSet_GetErrCode(const BSL_SecurityActionSet_t *self) +size_t BSL_SecurityActionSet_CountErrors(const BSL_SecurityActionSet_t *self) { - CHK_PRECONDITION(BSL_SecurityActionSet_IsConsistent(self)); - return self->err_code; + ASSERT_ARG_NONNULL(self); + return self->err_count; } diff --git a/src/backend/SecurityActionSet.h b/src/backend/SecurityActionSet.h index e3dd7c10..e01fc0bb 100644 --- a/src/backend/SecurityActionSet.h +++ b/src/backend/SecurityActionSet.h @@ -27,22 +27,20 @@ #define BSLB_SECACTIONSET_H_ #include +#include "SecurityAction.h" -#include "SecOperation.h" - -#define BSL_SECURITYACTIONSET_MAX_OPS (10) +M_ARRAY_DEF(BSL_SecActionList, BSL_SecurityAction_t, + (INIT(API_2(BSL_SecurityAction_Init)), INIT_SET(API_6(BSL_SecurityAction_InitSet)), SET(0), + CLEAR(API_2(BSL_SecurityAction_Deinit)))) /// @brief Contains the populated security operations for this bundle. /// @note This is intended to be a write-once, read-only struct struct BSL_SecurityActionSet_s { - BSL_SecOper_t sec_operations[BSL_SECURITYACTIONSET_MAX_OPS]; ///< Fixed array of security operations (for simpler - ///< mem management) - size_t sec_operations_count; ///< Count of sec_operations - uint64_t new_block_ids[BSL_SECURITYACTIONSET_MAX_OPS]; ///< Array for IDs of blocks to be created - uint64_t new_block_types[BSL_SECURITYACTIONSET_MAX_OPS]; ///< Array for block type codes of blocks to be created. - size_t arrays_capacity; ///< Capacity of sec_operations - int err_code; ///< General error code + BSL_SecActionList_t actions; + size_t action_count; + size_t err_count; + size_t operation_count; }; #endif /* BSLB_SECACTIONSET_H_ */ diff --git a/src/backend/SecurityContext.c b/src/backend/SecurityContext.c index 382084fc..cc814780 100644 --- a/src/backend/SecurityContext.c +++ b/src/backend/SecurityContext.c @@ -32,6 +32,7 @@ #include "AbsSecBlock.h" #include "PublicInterfaceImpl.h" #include "SecOperation.h" +#include "SecurityActionSet.h" #include "SecurityResultSet.h" static int BSL_ExecBIBSource(BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t *lib, BSL_BundleRef_t *bundle, @@ -352,6 +353,7 @@ static int BSL_ExecBCBSource(BSL_SecCtx_Execute_f sec_context_fn, BSL_LibCtx_t * BSL_SecOper_t *sec_oper, BSL_SecOutcome_t *outcome) { (void)lib; + CHK_ARG_NONNULL(sec_context_fn); CHK_ARG_NONNULL(bundle); CHK_ARG_NONNULL(sec_oper); @@ -463,7 +465,7 @@ int BSL_SecCtx_ExecutePolicyActionSet(BSL_LibCtx_t *lib, BSL_SecurityResponseSet CHK_PRECONDITION(BSL_SecurityActionSet_IsConsistent(action_set)); // NOLINTEND - BSL_SecurityResponseSet_Init(output_response, BSL_SecurityActionSet_CountSecOpers(action_set), 0); + BSL_SecurityResponseSet_Init(output_response, BSL_SecurityActionSet_CountOperations(action_set), 0); /** * Notes: * - It should evaluate every security operation, even if earlier ones failed. @@ -473,44 +475,51 @@ int BSL_SecCtx_ExecutePolicyActionSet(BSL_LibCtx_t *lib, BSL_SecurityResponseSet */ size_t fail_count = 0; BSL_SecOutcome_t *outcome = calloc(BSL_SecOutcome_Sizeof(), 1); - for (size_t sec_oper_index = 0; sec_oper_index < BSL_SecurityActionSet_CountSecOpers(action_set); sec_oper_index++) + + BSL_SecActionList_it_t act_it; + for (BSL_SecActionList_it(act_it, action_set->actions); !BSL_SecActionList_end_p(act_it); + BSL_SecActionList_next(act_it)) { - memset(outcome, 0, BSL_SecOutcome_Sizeof()); - // TODO Const correctness below - BSL_SecOper_t *sec_oper = (BSL_SecOper_t *)BSL_SecurityActionSet_GetSecOperAtIndex(action_set, sec_oper_index); - const BSL_SecCtxDesc_t *sec_ctx = BSL_SecCtxDict_cget(lib->sc_reg, sec_oper->context_id); - ASSERT_PROPERTY(sec_ctx != NULL); + BSL_SecurityAction_t *act = BSL_SecActionList_ref(act_it); + for (size_t i = 0; i < BSL_SecurityAction_CountSecOpers(act); i++) + { + memset(outcome, 0, BSL_SecOutcome_Sizeof()); - // TODO: This is not even used, it does not need to be allocated - BSL_SecOutcome_Init(outcome, sec_oper, 100000); + BSL_SecOper_t *sec_oper = BSL_SecurityAction_GetSecOperAtIndex(act, i); + const BSL_SecCtxDesc_t *sec_ctx = BSL_SecCtxDict_cget(lib->sc_reg, sec_oper->context_id); + ASSERT_PROPERTY(sec_ctx != NULL); - int errcode = -1; - if (BSL_SecOper_IsBIB(sec_oper)) - { - errcode = BSL_SecOper_IsRoleSource(sec_oper) == true - ? BSL_ExecBIBSource(sec_ctx->execute, lib, bundle, sec_oper, outcome) - : BSL_ExecBIBAccept(sec_ctx->execute, lib, bundle, sec_oper, outcome); - } - else - { - if (BSL_SecOper_IsRoleSource(sec_oper)) + BSL_SecOutcome_Init(outcome, sec_oper, 100000); + + int errcode = -1; + if (BSL_SecOper_IsBIB(sec_oper)) { - errcode = BSL_ExecBCBSource(sec_ctx->execute, lib, bundle, sec_oper, outcome); + errcode = BSL_SecOper_IsRoleSource(sec_oper) == true + ? BSL_ExecBIBSource(sec_ctx->execute, lib, bundle, sec_oper, outcome) + : BSL_ExecBIBAccept(sec_ctx->execute, lib, bundle, sec_oper, outcome); } else { - errcode = BSL_ExecBCBAcceptor(sec_ctx->execute, lib, bundle, sec_oper, outcome); + if (BSL_SecOper_IsRoleSource(sec_oper)) + { + errcode = BSL_ExecBCBSource(sec_ctx->execute, lib, bundle, sec_oper, outcome); + } + else + { + errcode = BSL_ExecBCBAcceptor(sec_ctx->execute, lib, bundle, sec_oper, outcome); + } } - } - BSL_SecOutcome_Deinit(outcome); + BSL_SecOutcome_Deinit(outcome); - if (errcode != 0) - { - fail_count += 1; - BSL_LOG_ERR("Security Op failed: %d", errcode); - output_response->results[sec_oper_index] = -1; - continue; + if (errcode != 0) + { + fail_count += 1; + BSL_LOG_ERR("Security Op failed: %d", errcode); + BSL_SecOper_SetConclusion(sec_oper, BSL_SECOP_CONCLUSION_FAILURE); + continue; + } + BSL_SecOper_SetConclusion(sec_oper, BSL_SECOP_CONCLUSION_SUCCESS); } } free(outcome); diff --git a/src/backend/SecurityResultSet.h b/src/backend/SecurityResultSet.h index ea48967a..09ca3d70 100644 --- a/src/backend/SecurityResultSet.h +++ b/src/backend/SecurityResultSet.h @@ -35,7 +35,7 @@ /// @note This struct is still in-concept struct BSL_SecurityResponseSet_s { - /// @brief This maps to the BSL_SecurityActionSet_s::sec_operations, + /// @brief This maps to the Security Action sec_op_list, /// and contains the result code of that security operation. int results[BSL_SECURITYRESPONSESET_ARRAYLEN]; char err_msg[BSL_SECURITYRESPONSESET_STRLEN]; diff --git a/src/policy_provider/SamplePolicyProvider.c b/src/policy_provider/SamplePolicyProvider.c index f22320d5..a7d25b0b 100644 --- a/src/policy_provider/SamplePolicyProvider.c +++ b/src/policy_provider/SamplePolicyProvider.c @@ -102,8 +102,12 @@ int BSLP_QueryPolicy(const void *user_data, BSL_SecurityActionSet_t *output_acti } BSL_SecurityActionSet_Init(output_action_set); - const size_t capacity = sizeof(self->rules) / sizeof(BSLP_PolicyRule_t); + BSL_SecurityAction_t *action = BSL_CALLOC(BSL_SecurityAction_Sizeof(), 1); + BSLP_SecOperPtrList_t secops; + BSLP_SecOperPtrList_init(secops); + + const size_t capacity = sizeof(self->rules) / sizeof(BSLP_PolicyRule_t); for (size_t index = 0; index < self->rule_count && index < capacity; index++) { const BSLP_PolicyRule_t *rule = &self->rules[index]; @@ -121,23 +125,97 @@ int BSLP_QueryPolicy(const void *user_data, BSL_SecurityActionSet_t *output_acti if (target_block_num == 0 && rule->target_block_type != BSL_BLOCK_TYPE_PRIMARY) { BSL_LOG_WARNING("Cannot find target block type = %lu", rule->target_block_type); - BSL_SecurityActionSet_IncrError(output_action_set); continue; } - BSL_SecOper_t *sec_oper = calloc(BSL_SecurityActionSet_Sizeof(), 1); + BSL_SecOper_t *sec_oper = BSL_CALLOC(BSL_SecOper_Sizeof(), 1); + BSL_SecOper_Init(sec_oper); if (BSLP_PolicyRule_EvaluateAsSecOper(rule, sec_oper, bundle, location) < 0) { - BSL_SecurityActionSet_IncrError(output_action_set); + BSL_SecurityAction_IncrError(action); } else { - BSL_SecurityActionSet_AppendSecOper(output_action_set, sec_oper); + size_t i; + for (i = 0; i < BSLP_SecOperPtrList_size(secops); i++) + { + BSL_SecOper_t **comp = BSLP_SecOperPtrList_get(secops, i); + BSL_LOG_INFO("NEW SECOP (tgt=%d)(bib?=%d)(secblk=%d)", BSL_SecOper_GetTargetBlockNum(sec_oper), + BSL_SecOper_IsBIB(sec_oper), BSL_SecOper_GetSecurityBlockNum(sec_oper)); + BSL_LOG_INFO("comp SECOP (tgt=%d)(bib?=%d)(secblk=%d)", BSL_SecOper_GetTargetBlockNum(*comp), + BSL_SecOper_IsBIB(*comp), BSL_SecOper_GetSecurityBlockNum(*comp)); + if (BSL_SecOper_GetTargetBlockNum(*comp) == BSL_SecOper_GetTargetBlockNum(sec_oper)) + { + // Both BIBs or BCBs + if (!(BSL_SecOper_IsBIB(sec_oper) ^ BSL_SecOper_IsBIB(*comp))) + { + BSL_SecOper_SetConclusion(sec_oper, BSL_SECOP_CONCLUSION_INVALID); + } + // SOURCE BIB or ACCEPT BCB should come first + // true if ACC BIB or SRC BCB + if (BSL_SecOper_IsBIB(sec_oper) ^ BSL_SecOper_IsRoleSource(sec_oper)) + { + BSL_LOG_INFO("NEW OP AFTER COMP"); + BSLP_SecOperPtrList_push_at(secops, i + 1, sec_oper); + } + else + { + BSL_LOG_INFO("NEW OP BEFORE COMP"); + BSLP_SecOperPtrList_push_at(secops, i, sec_oper); + } + break; + } + + // security operation in list targets security operation + if (BSL_SecOper_GetTargetBlockNum(*comp) == BSL_SecOper_GetSecurityBlockNum(sec_oper)) + { + BSLP_SecOperPtrList_push_at(secops, i, sec_oper); + break; + } + + // new security operation targets security operation in list + if (BSL_SecOper_GetTargetBlockNum(sec_oper) == BSL_SecOper_GetSecurityBlockNum(*comp)) + { + BSLP_SecOperPtrList_push_at(secops, i + 1, sec_oper); + break; + } + + // same security block number, order by target + if (BSL_SecOper_GetSecurityBlockNum(sec_oper) == BSL_SecOper_GetSecurityBlockNum(*comp)) + { + if (BSL_SecOper_GetTargetBlockNum(*comp) - BSL_SecOper_GetTargetBlockNum(sec_oper)) + { + BSLP_SecOperPtrList_push_at(secops, i, sec_oper); + } + else + { + BSLP_SecOperPtrList_push_at(secops, i + 1, sec_oper); + } + break; + } + } + + if (i >= BSLP_SecOperPtrList_size(secops)) + { + BSL_LOG_INFO("append to end"); + BSLP_SecOperPtrList_push_back(secops, sec_oper); + } } - free(sec_oper); BSL_LOG_INFO("Created sec operation for rule `%s`", rule->description); } + for (size_t i = 0; i < BSLP_SecOperPtrList_size(secops); i++) + { + BSL_SecOper_t **secop = BSLP_SecOperPtrList_get(secops, i); + BSL_SecurityAction_AppendSecOper(action, *secop); + BSL_FREE(*secop); + } + BSLP_SecOperPtrList_clear(secops); + + BSL_SecurityActionSet_AppendAction(output_action_set, action); + BSL_SecurityAction_Deinit(action); + BSL_FREE(action); + CHK_POSTCONDITION(BSL_SecurityActionSet_IsConsistent(output_action_set)); return (int)BSL_SecurityActionSet_CountErrors(output_action_set); } @@ -232,7 +310,7 @@ int BSLP_PolicyRule_Init(BSLP_PolicyRule_t *self, const char *desc, BSLP_PolicyP // TODO(bvb) assert Role in expected range self->failure_action_code = failure_action_code; self->role = role; - self->params = calloc(BSL_SecParam_Sizeof() * 10, 1); + self->params = BSL_CALLOC(BSL_SecParam_Sizeof() * BSL_PP_POLICYRULE_PARAM_MAX_COUNT, 1); self->nparams = 0; assert(BSLP_PolicyRule_IsConsistent(self)); return BSL_SUCCESS; @@ -242,7 +320,7 @@ void BSLP_PolicyRule_Deinit(BSLP_PolicyRule_t *self) { assert(BSLP_PolicyRule_IsConsistent(self)); BSL_LOG_INFO("BSLP_PolicyRule_Deinit: %s, nparams=%lu", self->description, self->nparams); - free(self->params); + BSL_FREE(self->params); memset(self, 0, sizeof(*self)); } @@ -252,7 +330,7 @@ void BSLP_PolicyRule_AddParam(BSLP_PolicyRule_t *self, const BSL_SecParam_t *par assert(BSLP_PolicyRule_IsConsistent(self)); // TODO(bvb) - BOUNDS CHECKING - assert(self->nparams < 10); + assert(self->nparams < BSL_PP_POLICYRULE_PARAM_MAX_COUNT); size_t offset = self->nparams * BSL_SecParam_Sizeof(); memcpy(&((uint8_t *)self->params)[offset], param, BSL_SecParam_Sizeof()); @@ -284,9 +362,9 @@ int BSLP_PolicyRule_EvaluateAsSecOper(const BSLP_PolicyRule_t *self, BSL_SecOper return BSL_ERR_SECURITY_CONTEXT_FAILED; } - // It's found, so initialize the security operation from the rule and bundle. - BSL_SecOper_Init(sec_oper, self->context_id, target_block_num, 0, self->sec_block_type, self->role, - self->failure_action_code); + // It's found, so populate the security operation from the rule and bundle. + BSL_SecOper_Populate(sec_oper, self->context_id, target_block_num, 0, self->sec_block_type, self->role, + self->failure_action_code); // Next, append all the parameters from the matched rule. for (size_t index = 0; index < self->nparams; index++) diff --git a/src/policy_provider/SamplePolicyProvider.h b/src/policy_provider/SamplePolicyProvider.h index a8c972f8..ed1006cb 100644 --- a/src/policy_provider/SamplePolicyProvider.h +++ b/src/policy_provider/SamplePolicyProvider.h @@ -29,9 +29,13 @@ #define BSLP_SAMPLE_POLICY_PROVIDER_H #include - +#include #include +// NOLINTBEGIN +M_ARRAY_DEF(BSLP_SecOperPtrList, BSL_SecOper_t *, M_PTR_OPLIST) +// NOLINTEND + /** * THE key function that matches a bundle against a rule to provide the output action and specific parameters to use for * the security operation. @@ -77,6 +81,8 @@ void BSLP_PolicyPredicate_Deinit(BSLP_PolicyPredicate_t *self); bool BSLP_PolicyPredicate_IsMatch(const BSLP_PolicyPredicate_t *self, BSL_PolicyLocation_e location, BSL_HostEID_t src_eid, BSL_HostEID_t dst_eid); +// FIXME remove hard limit on params +#define BSL_PP_POLICYRULE_PARAM_MAX_COUNT 10 /** * @brief Represents a policy rule * diff --git a/src/security_context/BCB_AES_GCM.c b/src/security_context/BCB_AES_GCM.c index b28a23e9..79470f70 100644 --- a/src/security_context/BCB_AES_GCM.c +++ b/src/security_context/BCB_AES_GCM.c @@ -562,6 +562,7 @@ int BSLX_BCB_Execute(BSL_LibCtx_t *lib, const BSL_BundleRef_t *bundle, const BSL BSL_SecOutcome_t *sec_outcome) { (void)lib; + CHK_ARG_NONNULL(bundle); CHK_ARG_NONNULL(sec_oper); CHK_ARG_NONNULL(sec_outcome); diff --git a/test/bsl_test_utils.c b/test/bsl_test_utils.c index 22e0e0a9..63d5feaa 100644 --- a/test/bsl_test_utils.c +++ b/test/bsl_test_utils.c @@ -39,6 +39,11 @@ field.len = sizeof(tgt); \ field.ptr = (uint8_t *)tgt +void BIBTestContext_Deinit(BIBTestContext *obj) +{ + BSL_SecOper_Deinit(&obj->sec_oper); +} + void BSL_TestUtils_InitBIB_AppendixA1(BIBTestContext *context, BSL_SecRole_e role, const char *key_id) { quick_data(context->hmac, ApxA1_HMAC); @@ -48,7 +53,8 @@ void BSL_TestUtils_InitBIB_AppendixA1(BIBTestContext *context, BSL_SecRole_e rol BSL_SecParam_InitInt64(&context->param_sha_variant, RFC9173_BIB_PARAMID_SHA_VARIANT, RFC9173_BIB_SHA_HMAC512); BSL_SecParam_InitBytestr(&context->param_hmac, BSL_SECPARAM_TYPE_AUTH_TAG, context->hmac); - BSL_SecOper_Init(&context->sec_oper, 1, 1, 2, BSL_SECBLOCKTYPE_BIB, role, BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_Init(&context->sec_oper); + BSL_SecOper_Populate(&context->sec_oper, 1, 1, 2, BSL_SECBLOCKTYPE_BIB, role, BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&context->sec_oper, &context->param_sha_variant); BSL_SecOper_AppendParam(&context->sec_oper, &context->param_scope_flags); @@ -70,7 +76,8 @@ void BSL_TestUtils_InitBCB_Appendix2(BCBTestContext *context, BSL_SecRole_e role BSL_SecParam_InitBytestr(&context->param_auth_tag, BSL_SECPARAM_TYPE_AUTH_TAG, context->auth_tag); BSL_SecParam_InitBytestr(&context->param_wrapped_key, RFC9173_BCB_SECPARAM_WRAPPEDKEY, context->wrapped_key); - BSL_SecOper_Init(&context->sec_oper, 2, 1, 2, BSL_SECBLOCKTYPE_BCB, role, BSL_POLICYACTION_NOTHING); + BSL_SecOper_Init(&context->sec_oper); + BSL_SecOper_Populate(&context->sec_oper, 2, 1, 2, BSL_SECBLOCKTYPE_BCB, role, BSL_POLICYACTION_NOTHING); BSL_SecOper_AppendParam(&context->sec_oper, &context->param_init_vec); BSL_SecOper_AppendParam(&context->sec_oper, &context->param_aes_variant); @@ -84,11 +91,15 @@ void BSL_TestUtils_InitBCB_Appendix2(BCBTestContext *context, BSL_SecRole_e role BSL_SecurityActionSet_t *BSL_TestUtils_InitMallocBIBActionSet(BIBTestContext *bib_context) { BSL_SecurityActionSet_t *action_set = calloc(sizeof(BSL_SecurityActionSet_t), 1); - // Populate a PolicyActionSet with one action, of the appendix A1 BIB - action_set->arrays_capacity = sizeof(action_set->sec_operations) / sizeof(BSL_SecOper_t); - action_set->sec_operations_count = 1; - BSL_SecOper_t *bib_oper = &action_set->sec_operations[0]; - *bib_oper = bib_context->sec_oper; + BSL_SecurityActionSet_Init(action_set); + BSL_SecurityAction_t *act = calloc(sizeof(BSL_SecurityAction_t), 1); + BSL_SecurityAction_Init(act); + BSL_SecurityAction_AppendSecOper(act, &bib_context->sec_oper); + // ensure consistent context state + BSL_SecOper_Init(&bib_context->sec_oper); + BSL_SecurityActionSet_AppendAction(action_set, act); + BSL_SecurityAction_Deinit(act); + free(act); return action_set; } diff --git a/test/bsl_test_utils.h b/test/bsl_test_utils.h index 6c0e74a0..d057b850 100644 --- a/test/bsl_test_utils.h +++ b/test/bsl_test_utils.h @@ -29,7 +29,6 @@ #include #include #include - #include /// @brief Key ID for the Appendix A1 key in OpenSSL @@ -86,6 +85,8 @@ typedef struct BSL_SecOper_t sec_oper; } BIBTestContext; +void BIBTestContext_Deinit(BIBTestContext *obj); + void BSL_TestUtils_InitBIB_AppendixA1(BIBTestContext *context, BSL_SecRole_e role, const char *key_id); static const uint8_t ApxA2_InitVec[] = { 0x54, 0x77, 0x65, 0x6c, 0x76, 0x65, 0x31, 0x32, 0x31, 0x32, 0x31, 0x32 }; diff --git a/test/test_BackendPolicyProvider.c b/test/test_BackendPolicyProvider.c index ec8085c5..bad7617c 100644 --- a/test/test_BackendPolicyProvider.c +++ b/test/test_BackendPolicyProvider.c @@ -83,8 +83,11 @@ void test_PolicyProvider_InspectEmptyRuleset(void) TEST_ASSERT_EQUAL(0, BSL_PolicyRegistry_InspectActions(&LocalTestCtx.bsl, &action_set, &LocalTestCtx.mock_bpa_ctr.bundle_ref, BSL_POLICYLOCATION_APPIN)); - TEST_ASSERT_EQUAL(0, BSL_SecurityActionSet_CountSecOpers(&action_set)); - TEST_ASSERT_EQUAL(0, BSL_SecurityActionSet_GetErrCode(&action_set)); + TEST_ASSERT_EQUAL(1, BSL_SecurityActionSet_CountActions(&action_set)); + const BSL_SecurityAction_t *act = BSL_SecurityActionSet_GetActionAtIndex(&action_set, 0); + TEST_ASSERT_EQUAL(0, BSL_SecurityAction_CountSecOpers(act)); + + BSL_SecurityActionSet_Deinit(&action_set); } /** @@ -116,8 +119,10 @@ void test_PolicyProvider_InspectSingleBIBRuleset(void) TEST_ASSERT_EQUAL(0, BSL_PolicyRegistry_InspectActions(&LocalTestCtx.bsl, &action_set, &LocalTestCtx.mock_bpa_ctr.bundle_ref, BSL_POLICYLOCATION_APPIN)); - TEST_ASSERT_EQUAL(1, BSL_SecurityActionSet_CountSecOpers(&action_set)); - TEST_ASSERT_EQUAL(0, BSL_SecurityActionSet_GetErrCode(&action_set)); + TEST_ASSERT_EQUAL(1, BSL_SecurityActionSet_CountActions(&action_set)); + TEST_ASSERT_EQUAL(1, BSL_SecurityAction_CountSecOpers(BSL_SecurityActionSet_GetActionAtIndex(&action_set, 0))); + + BSL_SecurityActionSet_Deinit(&action_set); } /** @@ -147,9 +152,9 @@ void test_PolicyProvider_Inspect_RFC9173_BIB(void) TEST_ASSERT_EQUAL(0, BSL_PolicyRegistry_InspectActions(&LocalTestCtx.bsl, &action_set, &LocalTestCtx.mock_bpa_ctr.bundle_ref, BSL_POLICYLOCATION_APPIN)); - TEST_ASSERT_EQUAL(1, BSL_SecurityActionSet_CountSecOpers(&action_set)); - TEST_ASSERT_EQUAL(0, BSL_SecurityActionSet_GetErrCode(&action_set)); - TEST_ASSERT_EQUAL(3, BSL_SecOper_CountParams(BSL_SecurityActionSet_GetSecOperAtIndex(&action_set, 0))); + const BSL_SecurityAction_t *act = BSL_SecurityActionSet_GetActionAtIndex(&action_set, 0); + TEST_ASSERT_EQUAL(1, BSL_SecurityAction_CountSecOpers(act)); + TEST_ASSERT_EQUAL(3, BSL_SecOper_CountParams(BSL_SecurityAction_GetSecOperAtIndex(act, 0))); BSL_SecurityActionSet_Deinit(&action_set); } diff --git a/test/test_BackendSecurityContext.c b/test/test_BackendSecurityContext.c index cfbe50b0..f6e9ccaf 100644 --- a/test/test_BackendSecurityContext.c +++ b/test/test_BackendSecurityContext.c @@ -110,9 +110,10 @@ void test_SecurityContext_BIB_Source(void) (BSL_TestUtils_IsB16StrEqualTo(RFC9173_TestVectors_AppendixA1.cbor_bundle_bib, mock_bpa_ctr->encoded)); BSL_SecurityResponseSet_Deinit(malloced_responseset); - BSL_SecurityActionSet_Deinit(malloced_actionset); free(malloced_responseset); + BSL_SecurityActionSet_Deinit(malloced_actionset); free(malloced_actionset); + BIBTestContext_Deinit(&bib_test_context); TEST_ASSERT_TRUE(is_expected); } @@ -149,9 +150,10 @@ void test_SecurityContext_BIB_Verifier(void) (BSL_TestUtils_IsB16StrEqualTo(RFC9173_TestVectors_AppendixA1.cbor_bundle_bib, mock_bpa_ctr->encoded)); BSL_SecurityActionSet_Deinit(malloced_actionset); - BSL_SecurityResponseSet_Deinit(malloced_responseset); free(malloced_actionset); + BSL_SecurityResponseSet_Deinit(malloced_responseset); free(malloced_responseset); + BIBTestContext_Deinit(&bib_test_context); TEST_ASSERT_TRUE(is_match); } @@ -190,10 +192,11 @@ void test_SecurityContext_BIB_Verifier_Failure(void) BSL_SecCtx_ExecutePolicyActionSet(&LocalTestCtx.bsl, malloced_responseset, &mock_bpa_ctr->bundle_ref, malloced_actionset)); - BSL_SecurityResponseSet_Deinit(malloced_responseset); BSL_SecurityActionSet_Deinit(malloced_actionset); free(malloced_actionset); + BSL_SecurityResponseSet_Deinit(malloced_responseset); free(malloced_responseset); + BIBTestContext_Deinit(&bib_test_context); } /** @@ -239,10 +242,11 @@ void test_SecurityContext_BIB_Acceptor(void) goto cleanup; cleanup: - BSL_SecurityResponseSet_Deinit(malloced_responseset); BSL_SecurityActionSet_Deinit(malloced_actionset); free(malloced_actionset); + BSL_SecurityResponseSet_Deinit(malloced_responseset); free(malloced_responseset); + BIBTestContext_Deinit(&bib_test_context); TEST_ASSERT_EQUAL(0, sec_context_result); TEST_ASSERT_EQUAL(0, encode_result); @@ -270,26 +274,34 @@ void test_RFC9173_AppendixA_Example3_Acceptor(void) BSL_SecParam_t param_key = { 0 }; BSL_SecParam_InitStr(¶m_key, BSL_SECPARAM_TYPE_KEY_ID, RFC9173_EXAMPLE_A1_KEY); - BSL_SecOper_t bib_oper_primary = { 0 }; - BSL_SecOper_Init(&bib_oper_primary, 1, 0, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_ACCEPTOR, - BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bib_oper_primary; + BSL_SecOper_Init(&bib_oper_primary); + BSL_SecOper_Populate(&bib_oper_primary, 1, 0, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_ACCEPTOR, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bib_oper_primary, ¶m_key); - BSL_SecOper_t bib_oper_ext_block = { 0 }; - BSL_SecOper_Init(&bib_oper_ext_block, 1, 2, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_ACCEPTOR, - BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bib_oper_ext_block; + BSL_SecOper_Init(&bib_oper_ext_block); + BSL_SecOper_Populate(&bib_oper_ext_block, 1, 2, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_ACCEPTOR, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bib_oper_ext_block, ¶m_key); BSL_SecParam_t bcb_param_key = { 0 }; BSL_SecParam_InitStr(&bcb_param_key, BSL_SECPARAM_TYPE_KEY_ID, RFC9173_EXAMPLE_A3_KEY); - BSL_SecOper_t bcb_oper = { 0 }; - BSL_SecOper_Init(&bcb_oper, 2, 1, 4, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_ACCEPTOR, BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bcb_oper; + BSL_SecOper_Init(&bcb_oper); + BSL_SecOper_Populate(&bcb_oper, 2, 1, 4, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_ACCEPTOR, BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bcb_oper, &bcb_param_key); BSL_SecurityActionSet_t *malloced_actionset = calloc(1, BSL_SecurityActionSet_Sizeof()); BSL_SecurityActionSet_Init(malloced_actionset); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bib_oper_primary); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bib_oper_ext_block); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bcb_oper); + + BSL_SecurityAction_t *malloced_action = calloc(1, BSL_SecurityAction_Sizeof()); + BSL_SecurityAction_Init(malloced_action); + BSL_SecurityAction_AppendSecOper(malloced_action, &bib_oper_ext_block); + BSL_SecurityAction_AppendSecOper(malloced_action, &bcb_oper); + BSL_SecurityAction_AppendSecOper(malloced_action, &bib_oper_primary); + + BSL_SecurityActionSet_AppendAction(malloced_actionset, malloced_action); BSL_SecurityResponseSet_t *malloced_responseset = BSL_TestUtils_MallocEmptyPolicyResponse(); @@ -297,10 +309,11 @@ void test_RFC9173_AppendixA_Example3_Acceptor(void) &mock_bpa_ctr->bundle_ref, malloced_actionset); TEST_ASSERT_EQUAL(BSL_SUCCESS, exec_result); - BSL_SecurityResponseSet_Deinit(malloced_responseset); + BSL_SecurityAction_Deinit(malloced_action); + free(malloced_action); BSL_SecurityActionSet_Deinit(malloced_actionset); - free(malloced_actionset); + BSL_SecurityResponseSet_Deinit(malloced_responseset); free(malloced_responseset); } @@ -327,15 +340,18 @@ void test_RFC9173_AppendixA_Example3_Source(void) BSL_SecParam_t param_integ_scope = { 0 }; BSL_SecParam_InitInt64(¶m_integ_scope, RFC9173_BIB_PARAMID_INTEG_SCOPE_FLAG, 0); - BSL_SecOper_t bib_oper_primary = { 0 }; - BSL_SecOper_Init(&bib_oper_primary, 1, 0, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_SOURCE, BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bib_oper_primary; + BSL_SecOper_Init(&bib_oper_primary); + BSL_SecOper_Populate(&bib_oper_primary, 1, 0, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_SOURCE, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bib_oper_primary, ¶m_key); BSL_SecOper_AppendParam(&bib_oper_primary, ¶m_sha_var); BSL_SecOper_AppendParam(&bib_oper_primary, ¶m_integ_scope); - BSL_SecOper_t bib_oper_ext_block = { 0 }; - BSL_SecOper_Init(&bib_oper_ext_block, 1, 2, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_SOURCE, - BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bib_oper_ext_block; + BSL_SecOper_Init(&bib_oper_ext_block); + BSL_SecOper_Populate(&bib_oper_ext_block, 1, 2, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_SOURCE, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bib_oper_ext_block, ¶m_key); BSL_SecOper_AppendParam(&bib_oper_ext_block, ¶m_sha_var); BSL_SecOper_AppendParam(&bib_oper_ext_block, ¶m_integ_scope); @@ -349,17 +365,23 @@ void test_RFC9173_AppendixA_Example3_Source(void) BSL_SecParam_t aes_variant = { 0 }; BSL_SecParam_InitInt64(&aes_variant, RFC9173_BCB_SECPARAM_AESVARIANT, 1); - BSL_SecOper_t bcb_oper = { 0 }; - BSL_SecOper_Init(&bcb_oper, 2, 1, 4, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_SOURCE, BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bcb_oper; + BSL_SecOper_Init(&bcb_oper); + BSL_SecOper_Populate(&bcb_oper, 2, 1, 4, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_SOURCE, BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bcb_oper, &bcb_param_key); BSL_SecOper_AppendParam(&bcb_oper, &bcb_scope); BSL_SecOper_AppendParam(&bcb_oper, &aes_variant); BSL_SecurityActionSet_t *malloced_actionset = calloc(1, BSL_SecurityActionSet_Sizeof()); BSL_SecurityActionSet_Init(malloced_actionset); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bib_oper_primary); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bib_oper_ext_block); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bcb_oper); + + BSL_SecurityAction_t *malloced_action = calloc(1, BSL_SecurityAction_Sizeof()); + BSL_SecurityAction_Init(malloced_action); + BSL_SecurityAction_AppendSecOper(malloced_action, &bib_oper_primary); + BSL_SecurityAction_AppendSecOper(malloced_action, &bib_oper_ext_block); + BSL_SecurityAction_AppendSecOper(malloced_action, &bcb_oper); + + BSL_SecurityActionSet_AppendAction(malloced_actionset, malloced_action); BSL_SecurityResponseSet_t *malloced_responseset = BSL_TestUtils_MallocEmptyPolicyResponse(); @@ -375,10 +397,11 @@ void test_RFC9173_AppendixA_Example3_Source(void) const size_t response_count = BSL_SecurityResponseSet_CountResponses(malloced_responseset); TEST_ASSERT_EQUAL(3, response_count); - BSL_SecurityResponseSet_Deinit(malloced_responseset); + BSL_SecurityAction_Deinit(malloced_action); + free(malloced_action); BSL_SecurityActionSet_Deinit(malloced_actionset); - free(malloced_actionset); + BSL_SecurityResponseSet_Deinit(malloced_responseset); free(malloced_responseset); } @@ -415,15 +438,18 @@ void test_RFC9173_AppendixA_Example4_Acceptor(void) BSL_SecParam_t aes_variant = { 0 }; BSL_SecParam_InitInt64(&aes_variant, RFC9173_BCB_SECPARAM_AESVARIANT, RFC9173_BCB_AES_VARIANT_A256GCM); - BSL_SecOper_t bcb_op_tgt_payload = { 0 }; - BSL_SecOper_Init(&bcb_op_tgt_payload, 2, 1, 2, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_ACCEPTOR, - BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bcb_op_tgt_payload; + BSL_SecOper_Init(&bcb_op_tgt_payload); + BSL_SecOper_Populate(&bcb_op_tgt_payload, 2, 1, 2, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_ACCEPTOR, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bcb_op_tgt_payload, &bcb_param_key); BSL_SecOper_AppendParam(&bcb_op_tgt_payload, &aes_variant); BSL_SecOper_AppendParam(&bcb_op_tgt_payload, &bcb_scope); - BSL_SecOper_t bcb_op_tgt_bib = { 0 }; - BSL_SecOper_Init(&bcb_op_tgt_bib, 2, 3, 2, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_ACCEPTOR, BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bcb_op_tgt_bib; + BSL_SecOper_Init(&bcb_op_tgt_bib); + BSL_SecOper_Populate(&bcb_op_tgt_bib, 2, 3, 2, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_ACCEPTOR, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bcb_op_tgt_bib, &bcb_param_key); BSL_SecOper_AppendParam(&bcb_op_tgt_bib, &aes_variant); BSL_SecOper_AppendParam(&bcb_op_tgt_bib, &bcb_scope); @@ -435,18 +461,24 @@ void test_RFC9173_AppendixA_Example4_Acceptor(void) BSL_SecParam_t scope_flag = { 0 }; BSL_SecParam_InitInt64(&scope_flag, RFC9173_BIB_PARAMID_INTEG_SCOPE_FLAG, 0x07); - BSL_SecOper_t bib_oper_payload = { 0 }; - BSL_SecOper_Init(&bib_oper_payload, 1, 1, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_ACCEPTOR, - BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bib_oper_payload; + BSL_SecOper_Init(&bib_oper_payload); + BSL_SecOper_Populate(&bib_oper_payload, 1, 1, 3, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_ACCEPTOR, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bib_oper_payload, ¶m_key); BSL_SecOper_AppendParam(&bib_oper_payload, &sha_variant); BSL_SecOper_AppendParam(&bib_oper_payload, &scope_flag); BSL_SecurityActionSet_t *malloced_actionset = calloc(1, BSL_SecurityActionSet_Sizeof()); BSL_SecurityActionSet_Init(malloced_actionset); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bcb_op_tgt_payload); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bcb_op_tgt_bib); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bib_oper_payload); + + BSL_SecurityAction_t *malloced_action = calloc(1, BSL_SecurityAction_Sizeof()); + BSL_SecurityAction_Init(malloced_action); + BSL_SecurityAction_AppendSecOper(malloced_action, &bcb_op_tgt_payload); + BSL_SecurityAction_AppendSecOper(malloced_action, &bcb_op_tgt_bib); + BSL_SecurityAction_AppendSecOper(malloced_action, &bib_oper_payload); + + BSL_SecurityActionSet_AppendAction(malloced_actionset, malloced_action); BSL_SecurityResponseSet_t *malloced_responseset = BSL_TestUtils_MallocEmptyPolicyResponse(); @@ -462,10 +494,11 @@ void test_RFC9173_AppendixA_Example4_Acceptor(void) TEST_ASSERT_EQUAL(0, mock_bpa_encode(mock_bpa_ctr)); TEST_ASSERT_TRUE(BSL_TestUtils_IsB16StrEqualTo(expected_processed_bundle, mock_bpa_ctr->encoded)); - BSL_SecurityResponseSet_Deinit(malloced_responseset); + BSL_SecurityAction_Deinit(malloced_action); + free(malloced_action); BSL_SecurityActionSet_Deinit(malloced_actionset); - free(malloced_actionset); + BSL_SecurityResponseSet_Deinit(malloced_responseset); free(malloced_responseset); } @@ -489,8 +522,10 @@ void test_RFC9173_AppendixA_Example4_Source(void) BSL_SecParam_t scope_flag = { 0 }; BSL_SecParam_InitInt64(&scope_flag, RFC9173_BIB_PARAMID_INTEG_SCOPE_FLAG, 0x07); - BSL_SecOper_t bib_oper_payload = { 0 }; - BSL_SecOper_Init(&bib_oper_payload, 1, 1, 2, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_SOURCE, BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bib_oper_payload; + BSL_SecOper_Init(&bib_oper_payload); + BSL_SecOper_Populate(&bib_oper_payload, 1, 1, 2, BSL_SECBLOCKTYPE_BIB, BSL_SECROLE_SOURCE, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bib_oper_payload, ¶m_key); BSL_SecOper_AppendParam(&bib_oper_payload, &sha_variant); BSL_SecOper_AppendParam(&bib_oper_payload, &scope_flag); @@ -502,24 +537,32 @@ void test_RFC9173_AppendixA_Example4_Source(void) BSL_SecParam_t aes_variant = { 0 }; BSL_SecParam_InitInt64(&aes_variant, RFC9173_BCB_SECPARAM_AESVARIANT, RFC9173_BCB_AES_VARIANT_A256GCM); - BSL_SecOper_t bcb_op_tgt_payload = { 0 }; - BSL_SecOper_Init(&bcb_op_tgt_payload, 2, 1, 3, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_SOURCE, - BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bcb_op_tgt_payload; + BSL_SecOper_Init(&bcb_op_tgt_payload); + BSL_SecOper_Populate(&bcb_op_tgt_payload, 2, 1, 3, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_SOURCE, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bcb_op_tgt_payload, &bcb_param_key); BSL_SecOper_AppendParam(&bcb_op_tgt_payload, &aes_variant); BSL_SecOper_AppendParam(&bcb_op_tgt_payload, &bcb_scope); - BSL_SecOper_t bcb_op_tgt_bib = { 0 }; - BSL_SecOper_Init(&bcb_op_tgt_bib, 2, 2, 3, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_SOURCE, BSL_POLICYACTION_DROP_BLOCK); + BSL_SecOper_t bcb_op_tgt_bib; + BSL_SecOper_Init(&bcb_op_tgt_bib); + BSL_SecOper_Populate(&bcb_op_tgt_bib, 2, 2, 3, BSL_SECBLOCKTYPE_BCB, BSL_SECROLE_SOURCE, + BSL_POLICYACTION_DROP_BLOCK); BSL_SecOper_AppendParam(&bcb_op_tgt_bib, &bcb_param_key); BSL_SecOper_AppendParam(&bcb_op_tgt_bib, &aes_variant); BSL_SecOper_AppendParam(&bcb_op_tgt_bib, &bcb_scope); BSL_SecurityActionSet_t *malloced_actionset = calloc(1, BSL_SecurityActionSet_Sizeof()); BSL_SecurityActionSet_Init(malloced_actionset); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bcb_op_tgt_payload); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bcb_op_tgt_bib); - BSL_SecurityActionSet_AppendSecOper(malloced_actionset, &bib_oper_payload); + + BSL_SecurityAction_t *malloced_action = calloc(1, BSL_SecurityAction_Sizeof()); + BSL_SecurityAction_Init(malloced_action); + BSL_SecurityAction_AppendSecOper(malloced_action, &bib_oper_payload); + BSL_SecurityAction_AppendSecOper(malloced_action, &bcb_op_tgt_payload); + BSL_SecurityAction_AppendSecOper(malloced_action, &bcb_op_tgt_bib); + + BSL_SecurityActionSet_AppendAction(malloced_actionset, malloced_action); BSL_SecurityResponseSet_t *malloced_responseset = BSL_TestUtils_MallocEmptyPolicyResponse(); @@ -531,9 +574,10 @@ void test_RFC9173_AppendixA_Example4_Source(void) BSL_BundleCtx_GetBundleMetadata(&mock_bpa_ctr->bundle_ref, &prim_blk); TEST_ASSERT_TRUE(prim_blk.block_count >= 3 && prim_blk.block_count <= 4); - BSL_SecurityResponseSet_Deinit(malloced_responseset); + BSL_SecurityAction_Deinit(malloced_action); + free(malloced_action); BSL_SecurityActionSet_Deinit(malloced_actionset); - free(malloced_actionset); + BSL_SecurityResponseSet_Deinit(malloced_responseset); free(malloced_responseset); } diff --git a/test/test_PublicInterfaceImpl.c b/test/test_PublicInterfaceImpl.c index a6ecfc80..5588f78d 100644 --- a/test/test_PublicInterfaceImpl.c +++ b/test/test_PublicInterfaceImpl.c @@ -149,7 +149,8 @@ void test_SourceSimpleBIB(void) TEST_ASSERT_EQUAL(0, query_result); // We know that it contains one operation (Add a BIB block to payload) - TEST_ASSERT_EQUAL(1, action_set.sec_operations_count); + TEST_ASSERT_EQUAL(1, action_set.action_count); + TEST_ASSERT_EQUAL(1, BSL_SecurityAction_CountSecOpers(BSL_SecurityActionSet_GetActionAtIndex(&action_set, 0))); } { @@ -202,7 +203,8 @@ void test_API_RemoveFailedBlock(void) BSL_POLICYLOCATION_CLIN); TEST_ASSERT_EQUAL(0, query_result); - TEST_ASSERT_EQUAL(1, action_set.sec_operations_count); + TEST_ASSERT_EQUAL(1, action_set.action_count); + TEST_ASSERT_EQUAL(1, BSL_SecurityAction_CountSecOpers(BSL_SecurityActionSet_GetActionAtIndex(&action_set, 0))); // We know that we should expect one failure in the result. BSL_SecurityResponseSet_t response_set = { 0 }; diff --git a/test/test_SamplePolicyProvider.c b/test/test_SamplePolicyProvider.c index f3848946..69940658 100644 --- a/test/test_SamplePolicyProvider.c +++ b/test/test_SamplePolicyProvider.c @@ -94,6 +94,7 @@ void test_SamplePolicyProvider_WildcardPolicyRuleVerifiesBIB(void) // Now evaluate the rule to get as a SecOper // This populates it with actual parameters. BSL_SecOper_t sec_oper; + BSL_SecOper_Init(&sec_oper); TEST_ASSERT_EQUAL(0, BSLP_PolicyRule_EvaluateAsSecOper(&rule, &sec_oper, &LocalTestCtx.mock_bpa_ctr.bundle_ref, BSL_POLICYLOCATION_APPIN));