From 3c3d7ddb4c5f5af739b99c83b99b16c31c3decb0 Mon Sep 17 00:00:00 2001 From: shefali kamal <50231567+shefalikamal@users.noreply.github.com> Date: Thu, 14 Nov 2024 10:28:48 +0530 Subject: [PATCH] Adding validation for request id (#81) --- examples/tdx_token/tdx_token.c | 6 ++++++ src/connector/api.h | 7 +++++++ src/connector/connector.c | 23 +++++++++++++++++++++++ tests/connector_test.cpp | 14 ++++++++++++++ 4 files changed, 50 insertions(+) diff --git a/examples/tdx_token/tdx_token.c b/examples/tdx_token/tdx_token.c index c259f08..bd37bcf 100644 --- a/examples/tdx_token/tdx_token.c +++ b/examples/tdx_token/tdx_token.c @@ -208,6 +208,12 @@ int main(int argc, char *argv[]) return 1; } + if (0 != validate_request_id(request_id)) + { + ERROR("ERROR: Request ID should be atmost 128 characters long and should contain only alphanumeric characters, _, space, -, ., / or \\"); + return 1; + } + char *ids[] = {policy_id}; policies.ids = ids; policies.count = 1; diff --git a/src/connector/api.h b/src/connector/api.h index f0fa408..c29da9e 100644 --- a/src/connector/api.h +++ b/src/connector/api.h @@ -50,6 +50,13 @@ extern "C" */ TRUST_AUTHORITY_STATUS validate_and_get_policy_must_match(const char *input, bool *policy_must_match); + /** + * Verifies if request_id is correct i.e. atmost 128 char long and contain only alphanumeric characters,_,space,-,.,/or\ + * @param request_id input string + * @return int containing status + */ + int validate_request_id(const char *request_id); + #ifdef __cplusplus } diff --git a/src/connector/connector.c b/src/connector/connector.c index 55fc7a1..a6eefe9 100644 --- a/src/connector/connector.c +++ b/src/connector/connector.c @@ -303,6 +303,7 @@ int is_valid_uuid(const char *uuid_str) return ret; } + TRUST_AUTHORITY_STATUS is_valid_token_sigining_alg(const char *input) { if (input == NULL) @@ -332,6 +333,28 @@ TRUST_AUTHORITY_STATUS validate_and_get_policy_must_match(const char *input, boo return STATUS_OK; } +int validate_request_id(const char *req_id) +{ + // Define the regex pattern for allowed characters + regex_t regex; + int ret = regcomp(®ex, "^[a-zA-Z0-9_ \\/.-]{1,128}$", REG_EXTENDED); + if (ret) { + ERROR("Error: Could not compile regex\n"); + return ret; + } + + // Execute the regex + ret = regexec(®ex, req_id, 0, NULL, 0); + regfree(®ex); + if (ret) + { + ERROR("Error: Invalid REQUEST_ID\n"); + return ret; + } + + return ret; +} + // Validate format of api_key TRUST_AUTHORITY_STATUS is_valid_api_key(const char *api_key) { diff --git a/tests/connector_test.cpp b/tests/connector_test.cpp index bbc3a30..33f87f9 100644 --- a/tests/connector_test.cpp +++ b/tests/connector_test.cpp @@ -558,3 +558,17 @@ TEST(PolicyMustMatchTest, InvalidInput) int result = validate_and_get_policy_must_match("invalid", &policy_must_match); ASSERT_NE(result, 0); } + +TEST(RequestIdTest, InvalidRequestId) +{ + const char* request_id = "Hello#1234"; + int ret = validate_request_id(request_id); + ASSERT_NE(ret, 0); +} + +TEST(RequestIdTest, ValidRequestId) +{ + const char* request_id = "Hello 1234"; + int ret = validate_request_id(request_id); + ASSERT_EQ(ret, 0); +}