Skip to content

Commit

Permalink
Merge branch 'develop'
Browse files Browse the repository at this point in the history
  • Loading branch information
richiware committed May 3, 2018
2 parents ede9287 + 15ea504 commit dccee7f
Show file tree
Hide file tree
Showing 115 changed files with 10,562 additions and 2,688 deletions.
1 change: 1 addition & 0 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,7 @@ option(SECURITY "Activate security" OFF)

if(SECURITY)
find_package(OpenSSL REQUIRED)
find_package(fastcdr REQUIRED)
endif()

###############################################################################
Expand Down
19 changes: 10 additions & 9 deletions examples/C++/SecureHelloWorldExample/HelloWorldPublisher.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,9 @@ bool HelloWorldPublisher::init()
{
m_Hello.index(0);
m_Hello.message("HelloWorld");
ParticipantAttributes PParam;
ParticipantAttributes PParam;

PropertyPolicy participant_property_policy;
PropertyPolicy participant_property_policy;
participant_property_policy.properties().emplace_back("dds.sec.auth.plugin",
"builtin.PKI-DH");
participant_property_policy.properties().emplace_back("dds.sec.auth.builtin.PKI-DH.identity_ca",
Expand All @@ -50,9 +50,16 @@ bool HelloWorldPublisher::init()
"file://certs/mainpubcert.pem");
participant_property_policy.properties().emplace_back("dds.sec.auth.builtin.PKI-DH.private_key",
"file://certs/mainpubkey.pem");
participant_property_policy.properties().emplace_back(Property("dds.sec.access.plugin",
"builtin.Access-Permissions"));
participant_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions_ca",
"file://certs/maincacert.pem"));
participant_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance",
"file://certs/governance.smime"));
participant_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions",
"file://certs/permissions.smime"));
participant_property_policy.properties().emplace_back("dds.sec.crypto.plugin",
"builtin.AES-GCM-GMAC");
participant_property_policy.properties().emplace_back("rtps.participant.rtps_protection_kind", "ENCRYPT");
PParam.rtps.properties = participant_property_policy;

mp_participant = Domain::createParticipant(PParam);
Expand All @@ -76,12 +83,6 @@ bool HelloWorldPublisher::init()
Wparam.times.heartbeatPeriod.fraction = 200*1000*1000;
Wparam.qos.m_reliability.kind = RELIABLE_RELIABILITY_QOS;

PropertyPolicy publisher_property_policy;
publisher_property_policy.properties().emplace_back("rtps.endpoint.submessage_protection_kind", "ENCRYPT");
publisher_property_policy.properties().emplace_back("rtps.endpoint.payload_protection_kind", "ENCRYPT");

Wparam.properties = publisher_property_policy;

mp_publisher = Domain::createPublisher(mp_participant,Wparam,(PublisherListener*)&m_listener);
if(mp_publisher == nullptr)
return false;
Expand Down
15 changes: 8 additions & 7 deletions examples/C++/SecureHelloWorldExample/HelloWorldSubscriber.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,16 @@ bool HelloWorldSubscriber::init()
"file://certs/mainsubcert.pem");
participant_property_policy.properties().emplace_back("dds.sec.auth.builtin.PKI-DH.private_key",
"file://certs/mainsubkey.pem");
participant_property_policy.properties().emplace_back(Property("dds.sec.access.plugin",
"builtin.Access-Permissions"));
participant_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions_ca",
"file://certs/maincacert.pem"));
participant_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance",
"file://certs/governance.smime"));
participant_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions",
"file://certs/permissions.smime"));
participant_property_policy.properties().emplace_back("dds.sec.crypto.plugin",
"builtin.AES-GCM-GMAC");
participant_property_policy.properties().emplace_back("rtps.participant.rtps_protection_kind", "ENCRYPT");
PParam.rtps.properties = participant_property_policy;

mp_participant = Domain::createParticipant(PParam);
Expand All @@ -69,12 +76,6 @@ bool HelloWorldSubscriber::init()
Rparam.topic.resourceLimitsQos.allocated_samples = 20;
Rparam.qos.m_reliability.kind = RELIABLE_RELIABILITY_QOS;

PropertyPolicy subscriber_property_policy;
subscriber_property_policy.properties().emplace_back("rtps.endpoint.submessage_protection_kind", "ENCRYPT");
subscriber_property_policy.properties().emplace_back("rtps.endpoint.payload_protection_kind", "ENCRYPT");

Rparam.properties = subscriber_property_policy;

mp_subscriber = Domain::createSubscriber(mp_participant,Rparam,(SubscriberListener*)&m_listener);

if(mp_subscriber == nullptr)
Expand Down
71 changes: 71 additions & 0 deletions examples/C++/SecureHelloWorldExample/certs/governance.smime
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----F43F382375A0826FABA8FE7FAAB5A1CB"

This is an S/MIME signed message

------F43F382375A0826FABA8FE7FAAB5A1CB
Content-Type: text/plain

<?xml version="1.0" encoding="utf-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="omg_shared_ca_domain_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
<max>230</max>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>true</enable_join_access_control>
<discovery_protection_kind>ENCRYPT</discovery_protection_kind>
<liveliness_protection_kind>ENCRYPT</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>HelloWorldTopic</topic_expression>
<enable_discovery_protection>true</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>true</enable_read_access_control>
<enable_write_access_control>true</enable_write_access_control>
<metadata_protection_kind>ENCRYPT</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>

------F43F382375A0826FABA8FE7FAAB5A1CB
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"

MIIEeQYJKoZIhvcNAQcCoIIEajCCBGYCAQExDzANBglghkgBZQMEAgEFADALBgkq
hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC
MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu
dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV
BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh
QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa
MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z
MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM
FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw
cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE
3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS
7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT
4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9
SVxpI+3UYs2kV5n0MYIB/TCCAfkCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD
VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h
MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0
IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz
G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc
BgkqhkiG9w0BCQUxDxcNMTgwNDIwMDgyMDQ2WjAvBgkqhkiG9w0BCQQxIgQgeV8j
PJHH8Gg7wfTMPR1+2k6an80T7+wAv/2B5p04GioweQYJKoZIhvcNAQkPMWwwajAL
BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D
BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI
hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiEAvzBGtFCtU3Y4kxT1B/yrEdSzFxgU
pjd1kI2z4Z92BnUCIGacA/Mi9qW5ezSNgL1qMr+F3RP1QVsugFndssz7OdQN

------F43F382375A0826FABA8FE7FAAB5A1CB--

30 changes: 30 additions & 0 deletions examples/C++/SecureHelloWorldExample/certs/governance.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
<?xml version="1.0" encoding="utf-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="omg_shared_ca_domain_governance.xsd">
<domain_access_rules>
<domain_rule>
<domains>
<id_range>
<min>0</min>
<max>230</max>
</id_range>
</domains>
<allow_unauthenticated_participants>false</allow_unauthenticated_participants>
<enable_join_access_control>true</enable_join_access_control>
<discovery_protection_kind>ENCRYPT</discovery_protection_kind>
<liveliness_protection_kind>ENCRYPT</liveliness_protection_kind>
<rtps_protection_kind>ENCRYPT</rtps_protection_kind>
<topic_access_rules>
<topic_rule>
<topic_expression>HelloWorldTopic</topic_expression>
<enable_discovery_protection>true</enable_discovery_protection>
<enable_liveliness_protection>false</enable_liveliness_protection>
<enable_read_access_control>true</enable_read_access_control>
<enable_write_access_control>true</enable_write_access_control>
<metadata_protection_kind>ENCRYPT</metadata_protection_kind>
<data_protection_kind>ENCRYPT</data_protection_kind>
</topic_rule>
</topic_access_rules>
</domain_rule>
</domain_access_rules>
</dds>
5 changes: 5 additions & 0 deletions examples/C++/SecureHelloWorldExample/certs/maincakey.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgRaipe1KYZNzj+35E
N2jvtzjRsQ7n9Me/vm35UKGuVI6hRANCAARi5YQd1kPJdX6VBNw3zqLpQP3Xt/GX
4+4ZqSrTp8Yh9qukSW8IcbyXgO0e5pJgCmiSps8eveQY8ol1Uu2xO74H
-----END PRIVATE KEY-----
88 changes: 88 additions & 0 deletions examples/C++/SecureHelloWorldExample/certs/permissions.smime
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----F47A2A15090FF0128FA1D352597E1AD4"

This is an S/MIME signed message

------F47A2A15090FF0128FA1D352597E1AD4
Content-Type: text/plain

<?xml version="1.0" encoding="utf-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.omg.org/spec/DDS-Security/20170801/omg_shared_ca_permissions.xsd">
<permissions>
<grant name="PublisherPermissions">
<subject_name>emailAddress=mainpub@eprosima.com, CN=Main Publisher, OU=eProsima, O=eProsima, ST=MA, C=ES</subject_name>
<validity>
<not_before>2013-06-01T13:00:00</not_before>
<not_after>2038-06-01T13:00:00</not_after>
</validity>
<allow_rule>
<domains>
<id_range>
<min>0</min>
<max>230</max>
</id_range>
</domains>
<publish>
<topics>
<topic>HelloWorldTopic</topic>
</topics>
</publish>
</allow_rule>
<default>DENY</default>
</grant>
<grant name="SubscriberPermissions">
<subject_name> emailAddress=mainsub@eprosima.com, CN=Main Subscriber, OU=eProsima, O=eProsima, ST=MA, C=ES</subject_name>
<validity>
<not_before>2013-06-01T13:00:00</not_before>
<not_after>2038-06-01T13:00:00</not_after>
</validity>
<allow_rule>
<domains>
<id_range>
<min>0</min>
<max>230</max>
</id_range>
</domains>
<subscribe>
<topics>
<topic>HelloWorldTopic</topic>
</topics>
</subscribe>
</allow_rule>
<default>DENY</default>
</grant>
</permissions>
</dds>

------F47A2A15090FF0128FA1D352597E1AD4
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"

MIIEeQYJKoZIhvcNAQcCoIIEajCCBGYCAQExDzANBglghkgBZQMEAgEFADALBgkq
hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC
MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu
dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV
BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh
QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa
MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z
MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM
FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw
cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE
3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS
7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT
4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9
SVxpI+3UYs2kV5n0MYIB/TCCAfkCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD
VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h
MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0
IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz
G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc
BgkqhkiG9w0BCQUxDxcNMTgwNDIwMDgyMjIzWjAvBgkqhkiG9w0BCQQxIgQgILQU
ebFR+2LG5xPwhlrTUf3b8T0MkR3aZjpsi/yptTMweQYJKoZIhvcNAQkPMWwwajAL
BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D
BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI
hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiEA2lSxk6YvQsqrx+LEjVwZI9/V6o5c
ggok/gGrVlbsEq0CIFWg6QFkrgny+OkJV2TNY3rSTr8YOvJa7Hm13pe9NqkP

------F47A2A15090FF0128FA1D352597E1AD4--

47 changes: 47 additions & 0 deletions examples/C++/SecureHelloWorldExample/certs/permissions.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
<?xml version="1.0" encoding="utf-8"?>
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.omg.org/spec/DDS-Security/20170801/omg_shared_ca_permissions.xsd">
<permissions>
<grant name="PublisherPermissions">
<subject_name>emailAddress=mainpub@eprosima.com, CN=Main Publisher, OU=eProsima, O=eProsima, ST=MA, C=ES</subject_name>
<validity>
<not_before>2013-06-01T13:00:00</not_before>
<not_after>2038-06-01T13:00:00</not_after>
</validity>
<allow_rule>
<domains>
<id_range>
<min>0</min>
<max>230</max>
</id_range>
</domains>
<publish>
<topics>
<topic>HelloWorldTopic</topic>
</topics>
</publish>
</allow_rule>
<default>DENY</default>
</grant>
<grant name="SubscriberPermissions">
<subject_name> emailAddress=mainsub@eprosima.com, CN=Main Subscriber, OU=eProsima, O=eProsima, ST=MA, C=ES</subject_name>
<validity>
<not_before>2013-06-01T13:00:00</not_before>
<not_after>2038-06-01T13:00:00</not_after>
</validity>
<allow_rule>
<domains>
<id_range>
<min>0</min>
<max>230</max>
</id_range>
</domains>
<subscribe>
<topics>
<topic>HelloWorldTopic</topic>
</topics>
</subscribe>
</allow_rule>
<default>DENY</default>
</grant>
</permissions>
</dds>
18 changes: 10 additions & 8 deletions include/fastrtps/attributes/PublisherAttributes.h
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,12 @@ namespace fastrtps{
* Class PublisherAttributes, used by the user to define the attributes of a Publisher.
* @ingroup FASTRTPS_ATTRIBUTES_MODULE
*/
class PublisherAttributes {

class PublisherAttributes
{
public:
PublisherAttributes(){

PublisherAttributes()
{
m_userDefinedID = -1;
m_entityID = -1;
historyMemoryPolicy = rtps::PREALLOCATED_MEMORY_MODE;
Expand All @@ -57,14 +59,14 @@ class PublisherAttributes {
//!Unicast locator list
rtps::LocatorList_t unicastLocatorList;
//!Multicast locator list
rtps::LocatorList_t multicastLocatorList;
rtps::LocatorList_t multicastLocatorList;
//!Output locator list
rtps::LocatorList_t outLocatorList;
rtps::LocatorList_t outLocatorList;
//!Throughput controller
rtps::ThroughputControllerDescriptor throughputController;
rtps::ThroughputControllerDescriptor throughputController;
//!Underlying History memory policy
rtps::MemoryManagementPolicy_t historyMemoryPolicy;
rtps::PropertyPolicy properties;
rtps::MemoryManagementPolicy_t historyMemoryPolicy;
rtps::PropertyPolicy properties;

/**
* Get the user defined ID
Expand Down
2 changes: 1 addition & 1 deletion include/fastrtps/attributes/TopicAttributes.h
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ class TopicAttributes
}

//! TopicKind_t, default value NO_KEY.
rtps::TopicKind_t topicKind;
rtps::TopicKind_t topicKind;
//! Topic Name.
std::string topicName;
//!Topic Data Type.
Expand Down
1 change: 1 addition & 0 deletions include/fastrtps/qos/ParameterTypes.h
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ enum ParameterId_t : uint16_t
PID_ENDPOINT_GUID = 0x005a,
//PID_RELATED_SAMPLE_IDENTITY = 0x0083
PID_IDENTITY_TOKEN = 0x1001,
PID_PERMISSIONS_TOKEN = 0x1002,
PID_RELATED_SAMPLE_IDENTITY = 0x800f
};

Expand Down
Loading

0 comments on commit dccee7f

Please sign in to comment.