Adding validation for request id (#81)

intel · Nov 14, 2024 · 3c3d7dd · 3c3d7dd
1 parent 08a1df6
commit 3c3d7dd
Show file tree

Hide file tree

Showing 4 changed files with 50 additions and 0 deletions.
diff --git a/examples/tdx_token/tdx_token.c b/examples/tdx_token/tdx_token.c
@@ -208,6 +208,12 @@ int main(int argc, char *argv[])
 		return 1;
 	}
 
+	if (0 != validate_request_id(request_id))
+	{
+		ERROR("ERROR: Request ID should be atmost 128 characters long and should contain only alphanumeric characters, _, space, -, ., / or \\");
+		return 1;
+	}
+
 	char *ids[] = {policy_id};
 	policies.ids = ids;
 	policies.count = 1;

diff --git a/src/connector/api.h b/src/connector/api.h
@@ -50,6 +50,13 @@ extern "C"
 	*/
 	TRUST_AUTHORITY_STATUS validate_and_get_policy_must_match(const char *input, bool *policy_must_match);
 
+	/**
+	 * Verifies if request_id is correct i.e. atmost 128 char long and contain only alphanumeric characters,_,space,-,.,/or\
+	 * @param request_id input string
+	 * @return int containing status
+	*/
+	int validate_request_id(const char *request_id);
+
 
 #ifdef __cplusplus
 }

diff --git a/src/connector/connector.c b/src/connector/connector.c
@@ -303,6 +303,7 @@ int is_valid_uuid(const char *uuid_str)
 
 	return ret;
 }
+
 TRUST_AUTHORITY_STATUS is_valid_token_sigining_alg(const char *input)
 {
 	if (input == NULL)
@@ -332,6 +333,28 @@ TRUST_AUTHORITY_STATUS validate_and_get_policy_must_match(const char *input, boo
 	return STATUS_OK;
 }
 
+int validate_request_id(const char *req_id)
+{
+	// Define the regex pattern for allowed characters
+	regex_t regex;
+	int ret = regcomp(&regex, "^[a-zA-Z0-9_ \\/.-]{1,128}$", REG_EXTENDED);
+	if (ret) {
+		ERROR("Error: Could not compile regex\n");
+		return ret;
+	}
+
+	// Execute the regex
+	ret = regexec(&regex, req_id, 0, NULL, 0);
+	regfree(&regex);
+	if (ret)
+	{
+		ERROR("Error: Invalid REQUEST_ID\n");
+		return ret;
+	}
+
+	return ret;
+}
+
 // Validate format of api_key
 TRUST_AUTHORITY_STATUS is_valid_api_key(const char *api_key)
 {

diff --git a/tests/connector_test.cpp b/tests/connector_test.cpp
@@ -558,3 +558,17 @@ TEST(PolicyMustMatchTest, InvalidInput)
     int result = validate_and_get_policy_must_match("invalid", &policy_must_match);
     ASSERT_NE(result, 0);
 }
+
+TEST(RequestIdTest, InvalidRequestId)
+{
+	const char* request_id = "Hello#1234";
+	int ret = validate_request_id(request_id);
+	ASSERT_NE(ret, 0);
+}
+
+TEST(RequestIdTest, ValidRequestId)
+{
+	const char* request_id = "Hello 1234";
+	int ret = validate_request_id(request_id);
+	ASSERT_EQ(ret, 0);
+}