Update security documentation

An update for the security documentation that is part of the CycloneDDS
manual:
- added openssl commands for creating a set of CA and identity certificates
- code fragment for setting security by qos and example of xml security config
- commands for signing governance and permissions documents using openssl

Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>

docs/manual/_static/example_governance.xml

@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding=\"utf-8\"?>
+<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://www.omg.org/spec/DDS-SECURITY/20170901/omg_shared_ca_governance.xsd">
+  <domain_access_rules>
+    <domain_rule>
+      <domains>
+        <id_range>
+          <min>0</min>
+          <max>230</max>
+        </id_range>
+      </domains>
+      <allow_unauthenticated_participants>false</allow_unauthenticated_participants>
+      <enable_join_access_control>true</enable_join_access_control>
+      <discovery_protection_kind>NONE</discovery_protection_kind>
+      <liveliness_protection_kind>NONE</liveliness_protection_kind>
+      <rtps_protection_kind>NONE</rtps_protection_kind>
+      <topic_access_rules>
+        <topic_rule>
+          <topic_expression>*</topic_expression>
+          <enable_discovery_protection>true</enable_discovery_protection>
+          <enable_liveliness_protection>true</enable_liveliness_protection>
+          <enable_read_access_control>true</enable_read_access_control>
+          <enable_write_access_control>true</enable_write_access_control>
+          <metadata_protection_kind>SIGN</metadata_protection_kind>
+          <data_protection_kind>ENCRYPT</data_protection_kind>
+        </topic_rule>
+      </topic_access_rules>
+    </domain_rule>
+  </domain_access_rules>
+</dds>

docs/manual/_static/example_permissions.xml

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+     xsi:noNamespaceSchemaLocation="https://www.omg.org/spec/DDS-SECURITY/20170901/omg_shared_ca_permissions.xsd">
+  <permissions>
+    <grant name="default_permissions">
+      <subject_name>emailAddress=alice@cycloneddssecurity.adlinktech.com,CN=Alice Example,O=Example Organization,OU=Organizational Unit Name,L=Locality Name,ST=OV,C=NL</subject_name>
+      <validity>
+        <!-- Format is CCYY-MM-DDThh:mm:ss[Z|(+|-)hh:mm] in GMT -->
+        <not_before>2020-01-01T01:00:00</not_before>
+        <not_after>2120-01-01T01:00:00</not_after>
+      </validity>
+      <allow_rule>
+        <domains>
+          <id_range>
+            <min>0</min>
+            <max>230</max>
+          </id_range>
+        </domains>
+        <publish>
+          <topics>
+            <topic>*</topic>
+          </topics>
+          <partitions>
+            <partition>*</partition>
+          </partitions>
+        </publish>
+        <subscribe>
+          <topics>
+            <topic>*</topic>
+          </topics>
+          <partitions>
+            <partition>*</partition>
+          </partitions>
+        </subscribe>
+      </allow_rule>
+      <default>DENY</default>
+    </grant>
+  </permissions>
+</dds>

docs/manual/_static/security_by_config.xml

@@ -0,0 +1,19 @@
+<Domain id="any">
+  <DDSSecurity>
+    <Authentication>
+      <Library initFunction="init_authentication" finalizeFunction="finalize_authentication" path="dds_security_auth"/>
+      <IdentityCA>file:/path/to/example_id_ca_cert.pem</IdentityCA>
+      <IdentityCertificate>file:/path/to/example_alice_cert.pem</IdentityCertificate>
+      <PrivateKey>file:/path/to/example_alice_priv_key.pem</PrivateKey>
+    </Authentication>
+    <Cryptographic>
+      <Library initFunction="init_crypto" finalizeFunction="finalize_crypto" path="dds_security_crypto"/>
+    </Cryptographic>
+    <AccessControl>
+      <Library initFunction="init_access_control" finalizeFunction="finalize_access_control" path="dds_security_ac"/>
+      <PermissionsCA>file:/path/to/example_perm_ca_cert.pem</PermissionsCA>
+      <Governance>file:/path/to/example_governance.p7s</Governance>
+      <Permissions>file:/path/to/example_permissions.p7s</Permissions>
+    </AccessControl>
+  </DDSSecurity>
+</Domain>

docs/manual/_static/security_by_qos.c

@@ -0,0 +1,21 @@
+dds_qos_t * qos = dds_create_qos();
+
+dds_qset_prop(qos, "dds.sec.auth.library.path", "dds_security_auth");
+dds_qset_prop(qos, "dds.sec.auth.library.init", "init_authentication");
+dds_qset_prop(qos, "dds.sec.auth.library.finalize", "finalize_authentication");
+dds_qset_prop(qos, "dds.sec.auth.identity_ca", "file:/path/to/example_id_ca_cert.pem");
+dds_qset_prop(qos, "dds.sec.auth.private_key", "file:/path/to/example_alice_priv_key.pem");
+dds_qset_prop(qos, "dds.sec.auth.identity_certificate", "file:/path/to/example_alice_cert.pem");
+
+dds_qset_prop(qos, "dds.sec.crypto.library.path", "dds_security_crypto");
+dds_qset_prop(qos, "dds.sec.crypto.library.init", "init_crypto");
+dds_qset_prop(qos, "dds.sec.crypto.library.finalize", "finalize_crypto");
+
+dds_qset_prop(qos, "dds.sec.access.library.path", "dds_security_ac");
+dds_qset_prop(qos, "dds.sec.access.library.init", "init_access_control");
+dds_qset_prop(qos, "dds.sec.access.library.finalize", "finalize_access_control");
+dds_qset_prop(qos, "dds.sec.access.permissions_ca", "file:/path/to/example_perm_ca_cert.pem");
+dds_qset_prop(qos, "dds.sec.access.governance", "file:/path/to/example_governance.p7s");
+dds_qset_prop(qos, "dds.sec.access.permissions", "file:/path/to/example_permissions.p7s");
+
+dds_entity_t participant = dds_create_participant(0, qos, NULL);