Builtin authentication plugin for DDS Security

Builtin authentication plugin of DDS Security implementation was added. This plugin is the first implementation and it also contains the functions that are used initially in the secure communication sequence. The builtin authentication plugin implements authentication using a trusted Certificate Authority (CA). It performs mutual authentication between discovered participants using the RSA or ECDSA Digital Signature Algorithms and establishes a shared secret using Diffie-Hellman (DH) or Elliptic Curve Diffie-Hellman (ECDH) Key Agreement Methods. DDS Security core component is introduced with this commit. DDSI and other builtin plugins will also use the security core. Like all builtin plugins, dds security authentication plugin is a shared library for providing dynamic library loading on runtime. So that, dds participants can use different plugin implementations with different configurations. Authentication plugin uses ddsrt functions. ddsrt is not expected to be a shared library and statically adding ddsrt objects to authentication library produces linkage errors in windows. So, dynamically linking authentication plugin to ddc library is decided. Another decision should be taken for the platforms that are not supporting dynamic libraries later. Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
2019-10-30 11:41:00 +01:00 · 2019-10-30 11:41:00 +01:00 · 2c1d3010d0
commit 2c1d3010d0
parent aa3b95ee7f
109 changed files with 20998 additions and 66 deletions
--- a/src/security/api/CMakeLists.txt
+++ b/src/security/api/CMakeLists.txt
@ -1,5 +1,5 @@
 #
-# Copyright(c) 2006 to 2018 ADLINK Technology Limited and others
+# Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
 #
 # This program and the accompanying materials are made available under the
 # terms of the Eclipse Public License v. 2.0 which is available at
@ -15,7 +15,9 @@ add_library(security_api INTERFACE)

 target_include_directories(
  security_api INTERFACE
-    "$<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>")
+    "$<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>"
+    "$<BUILD_INTERFACE:${CMAKE_CURRENT_BINARY_DIR}/include>"
+)

 install(
  DIRECTORY "${CMAKE_CURRENT_LIST_DIR}/include/"
--- a/src/security/api/include/dds/security/dds_security_api.h
+++ b/src/security/api/include/dds/security/dds_security_api.h
@ -1,5 +1,5 @@
 /*
- * Copyright(c) 2006 to 2018 ADLINK Technology Limited and others
+ * Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0 which is available at
--- a/src/security/api/include/dds/security/dds_security_api_access_control.h
+++ b/src/security/api/include/dds/security/dds_security_api_access_control.h
@ -1,5 +1,5 @@
 /*
- * Copyright(c) 2006 to 2018 ADLINK Technology Limited and others
+ * Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0 which is available at
--- a/src/security/api/include/dds/security/dds_security_api_authentication.h
+++ b/src/security/api/include/dds/security/dds_security_api_authentication.h
@ -1,5 +1,5 @@
 /*
- * Copyright(c) 2006 to 2018 ADLINK Technology Limited and others
+ * Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0 which is available at
--- a/src/security/api/include/dds/security/dds_security_api_cryptography.h
+++ b/src/security/api/include/dds/security/dds_security_api_cryptography.h
@ -1,5 +1,5 @@
 /*
- * Copyright(c) 2006 to 2018 ADLINK Technology Limited and others
+ * Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0 which is available at
--- a/src/security/api/include/dds/security/dds_security_api_defs.h
+++ b/src/security/api/include/dds/security/dds_security_api_defs.h
@ -1,5 +1,5 @@
 /*
- * Copyright(c) 2006 to 2018 ADLINK Technology Limited and others
+ * Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0 which is available at
--- a/src/security/api/include/dds/security/dds_security_api_err.h
+++ b/src/security/api/include/dds/security/dds_security_api_err.h
@ -1,5 +1,5 @@
 /*
- * Copyright(c) 2006 to 2018 ADLINK Technology Limited and others
+ * Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0 which is available at
@ -47,13 +47,13 @@ extern "C" {
 #define DDS_SECURITY_ERR_INVALID_TRUSTED_CA_DIR_MESSAGE "Can not open trusted CA directory"
 #define DDS_SECURITY_ERR_CA_NOT_TRUSTED_CODE 121
 #define DDS_SECURITY_ERR_CA_NOT_TRUSTED_MESSAGE "Identity CA is not trusted"
-#define DDS_SECURITY_ERR_CERT_STARTDATE_INVALID_CODE 122
-#define DDS_SECURITY_ERR_CERT_STARTDATE_INVALID_MESSAGE "Certificate start date is in the future"
+#define DDS_SECURITY_ERR_CERT_STARTDATE_IN_FUTURE_CODE 122
+#define DDS_SECURITY_ERR_CERT_STARTDATE_IN_FUTURE_MESSAGE "Certificate start date is in the future"
 #define DDS_SECURITY_ERR_CERT_EXPIRED_CODE 123
 #define DDS_SECURITY_ERR_CERT_EXPIRED_MESSAGE "Certificate expired"
 #define DDS_SECURITY_ERR_INVALID_CRYPTO_RECEIVER_SIGN_CODE 124
-#define DDS_SECURITY_ERR_CERT_AUTHENTICATION_ALGO_KIND_UNKNOWN_CODE 125
-#define DDS_SECURITY_ERR_CERT_AUTHENTICATION_ALGO_KIND_UNKNOWN_MESSAGE "Certificate authentication algorithm unknown"
+#define DDS_SECURITY_ERR_CERT_AUTH_ALGO_KIND_UNKNOWN_CODE 125
+#define DDS_SECURITY_ERR_CERT_AUTH_ALGO_KIND_UNKNOWN_MESSAGE "Certificate authentication algorithm unknown"
 #define DDS_SECURITY_ERR_ALLOCATION_FAILED_CODE 126
 #define DDS_SECURITY_ERR_ALLOCATION_FAILED_MESSAGE "Failed to allocate internal structure"
 #define DDS_SECURITY_ERR_INVALID_SMIME_DOCUMENT_CODE 127
--- a/src/security/api/include/dds/security/dds_security_api_types.h
+++ b/src/security/api/include/dds/security/dds_security_api_types.h
@ -1,5 +1,5 @@
 /*
- * Copyright(c) 2006 to 2018 ADLINK Technology Limited and others
+ * Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0 which is available at
@ -20,8 +20,6 @@
 extern "C" {
 #endif

-
-
 /**************************************************************************
 *                                                                        *
 * Primitive types.                                                       *