DDS Security dynamic plugin loading

Security plugin loading with the given configuration has been added. The configuration can be given by either the Cyclone DDS configuration file or ParticipantQoS during participant creation. ParticipantQoS is required by DDS Security spec. However, the configuration file is an additional useful feature that helps the user to add security to the DDS application without changing the binary. If ParticipantQoS has a Property starting with the name "dds.sec", then the configuration file is ignored. If the participant is the first participant, the security component is initialized. If the participant is the last active participant, then the security component is de-initialized. Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
2019-11-20 16:54:28 +01:00 · 2019-11-20 16:54:28 +01:00 · b81ef4042b
commit b81ef4042b
parent b561cb821f
43 changed files with 8709 additions and 615 deletions
--- a/src/security/api/include/dds/security/dds_security_api_defs.h
+++ b/src/security/api/include/dds/security/dds_security_api_defs.h
@ -183,6 +183,30 @@ typedef enum {
 #define DDS_SECURITY_MASTER_RECEIVER_SPECIFIC_KEY_SIZE_128 16
 #define DDS_SECURITY_MASTER_RECEIVER_SPECIFIC_KEY_SIZE_256 32

+/**************************************************************************
+ *                                                                        *
+ * Security Property Key Names                                                     *
+ *                                                                        *
+ *************************************************************************/
+#define DDS_SEC_PROP_AUTH_LIBRARY_PATH "dds.sec.auth.library.path"
+#define DDS_SEC_PROP_AUTH_LIBRARY_INIT "dds.sec.auth.library.init"
+#define DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE "dds.sec.auth.library.finalize"
+#define DDS_SEC_PROP_CRYPTO_LIBRARY_PATH "dds.sec.crypto.library.path"
+#define DDS_SEC_PROP_CRYPTO_LIBRARY_INIT "dds.sec.crypto.library.init"
+#define DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE "dds.sec.crypto.library.finalize"
+#define DDS_SEC_PROP_ACCESS_LIBRARY_PATH "dds.sec.access.library.path"
+#define DDS_SEC_PROP_ACCESS_LIBRARY_INIT "dds.sec.access.library.init"
+#define DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE "dds.sec.access.library.finalize"
+
+#define DDS_SEC_PROP_AUTH_IDENTITY_CA "dds.sec.auth.identity_ca"
+#define DDS_SEC_PROP_AUTH_PRIV_KEY "dds.sec.auth.private_key"
+#define DDS_SEC_PROP_AUTH_IDENTITY_CERT "dds.sec.auth.identity_certificate"
+#define DDS_SEC_PROP_AUTH_PASSWORD "dds.sec.auth.password"
+#define DDS_SEC_PROP_ACCESS_PERMISSIONS_CA "dds.sec.access.permissions_ca"
+#define DDS_SEC_PROP_ACCESS_GOVERNANCE "dds.sec.access.governance"
+#define DDS_SEC_PROP_ACCESS_PERMISSIONS "dds.sec.access.permissions"
+#define DDS_SEC_PROP_ACCESS_TRUSTED_CA_DIR "dds.sec.auth.trusted_ca_dir"
+

 #if defined (__cplusplus)
 }