niklas/cyclonedds
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DDS Security dynamic plugin loading

Browse source 
Security plugin loading with the given configuration has been added.

The configuration can be given by either the Cyclone DDS configuration file or ParticipantQoS during participant creation.
ParticipantQoS is required by DDS Security spec. However, the configuration file is an additional useful feature that helps the user to add security to the DDS application without changing the binary.
If ParticipantQoS has a Property starting with the name "dds.sec", then the configuration file is ignored.

If the participant is the first participant, the security component is initialized. If the participant is the last active participant, then the security component is de-initialized.

Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
This commit is contained in:
Kurtulus Oksuztepe 2019-11-20 16:54:28 +01:00 committed by eboasson
parent b561cb821f
commit b81ef4042b
43 changed files with 8709 additions and 615 deletions
Download patch file Download diff file Expand all files Collapse all files

32
src/core/ddsc/tests/CMakeLists.txt
View file

@ -74,10 +74,40 @@ set(CUnit_ddsc_config_simple_udp_uri "file://${CUnit_ddsc_config_simple_udp_file
set(CUnit_ddsc_config_simple_udp_max_participants "0")
set(CUnit_ddsc_config_simple_udp_env "${PROJECT_NAME_CAPS}_URI=${CUnit_ddsc_config_simple_udp_uri};MAX_PARTICIPANTS=${CUnit_ddsc_config_simple_udp_max_participants};${CUnit_ddsc_config_simple_udp_env}")
unset(test_lib_tests)
# Let the cunit application know the location and name of the security mock libraries.
#file(TO_NATIVE_PATH "${CMAKE_CURRENT_BINARY_DIR}/../../../security/core/tests/plugin_loading" test_lib_native_dir)
file(TO_NATIVE_PATH "${PROJECT_BINARY_DIR}/src/security/core/tests/plugin_loading" test_lib_native_dir)
file(TO_NATIVE_PATH "/" test_lib_sep)
string(REPLACE "\\" "\\\\" test_lib_dir ${test_lib_native_dir})
string(REPLACE "\\" "\\\\" test_lib_sep ${test_lib_sep})
process_cunit_source_file("config.c" test_lib_header test_lib_suites test_lib_tests)
foreach(libtest ${test_lib_tests})
string(REPLACE ":" ";" libtest ${libtest})
list(GET libtest 0 suite)
list(GET libtest 1 test)
set(libtestname "CUnit_${suite}_${test}")
if("${CMAKE_HOST_SYSTEM}" MATCHES ".*Windows.*")
set_property(TEST ${libtestname} APPEND PROPERTY ENVIRONMENT "${test_lib_native_dir}")
else()
set_property(TEST ${libtestname} APPEND PROPERTY ENVIRONMENT "LD_LIBRARY_PATH=${test_lib_native_dir};$ENV{LD_LIBRARY_PATH}")
endif()
endforeach()
set_tests_properties(
CUnit_ddsc_config_simple_udp
PROPERTIES
REQUIRED_FILES ${CUnit_ddsc_config_simple_udp_file}
ENVIRONMENT "${CUnit_ddsc_config_simple_udp_env}")
configure_file("config_env.h.in" "config_env.h")
configure_file("config_env.h.in" "config_env.h" @ONLY)

284
src/core/ddsc/tests/config.c
View file

@ -22,6 +22,10 @@
#include "dds/ddsi/q_misc.h"
#include "dds/ddsi/q_xqos.h"
#ifdef DDSI_INCLUDE_SECURITY
#include "dds/security/dds_security_api_defs.h"
#endif
#define FORCE_ENV
#define URI_VARIABLE DDS_PROJECT_NAME_NOSPACE_CAPS"_URI"
@ -124,6 +128,8 @@ CU_Test(ddsc_config, security_non, .init = ddsrt_init, .fini = ddsrt_fini) {
ddsrt_setenv(URI_VARIABLE, "");
CU_ASSERT_FATAL(participant > 0);
dds_delete(participant);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
/* No security traces should have been provided. */
CU_ASSERT_FATAL(found == 0x0);
@ -156,6 +162,8 @@ CU_Test(ddsc_config, security_empty, .init = ddsrt_init, .fini = ddsrt_fini) {
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
CU_ASSERT_FATAL(participant < 0);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
/* All traces should have been provided. */
#ifndef DDSI_INCLUDE_SECURITY
@ -184,16 +192,16 @@ CU_Test(ddsc_config, security_missing, .init = ddsrt_init, .fini = ddsrt_fini) {
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_auth\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate></IdentityCertificate>"
"<PrivateKey></PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_crypto\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_ac\" initFunction=\"init_ac\" finalizeFunction=\"finalize_ac\"/>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
@ -214,7 +222,8 @@ CU_Test(ddsc_config, security_missing, .init = ddsrt_init, .fini = ddsrt_fini) {
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
CU_ASSERT_FATAL(participant < 0);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
/* All traces should have been provided. */
#ifndef DDSI_INCLUDE_SECURITY
CU_ASSERT_FATAL(found == 0x1);
@ -230,8 +239,8 @@ CU_Test(ddsc_config, security_all, .init = ddsrt_init, .fini = ddsrt_fini) {
#ifndef DDSI_INCLUDE_SECURITY
"config: //CycloneDDS/Domain: DDSSecurity: unknown element*",
#else
"config: Domain/DDSSecurity/Authentication/Library/#text: dds_security_auth*",
"config: Domain/DDSSecurity/Authentication/Library[@path]: dds_security_auth*",
"config: Domain/DDSSecurity/Authentication/Library/#text: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Authentication/Library[@path]: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Authentication/Library[@initFunction]: init_authentication*",
"config: Domain/DDSSecurity/Authentication/Library[@finalizeFunction]: finalize_authentication*",
"config: Domain/DDSSecurity/Authentication/IdentityCertificate/#text: testtext_IdentityCertificate_testtext*",
@ -239,30 +248,46 @@ CU_Test(ddsc_config, security_all, .init = ddsrt_init, .fini = ddsrt_fini) {
"config: Domain/DDSSecurity/Authentication/PrivateKey/#text: testtext_PrivateKey_testtext*",
"config: Domain/DDSSecurity/Authentication/Password/#text: testtext_Password_testtext*",
"config: Domain/DDSSecurity/Authentication/TrustedCADirectory/#text: testtext_Dir_testtext*",
"config: Domain/DDSSecurity/AccessControl/Library/#text: dds_security_ac*",
"config: Domain/DDSSecurity/AccessControl/Library[@path]: dds_security_ac*",
"config: Domain/DDSSecurity/AccessControl/Library[@initFunction]: init_ac*",
"config: Domain/DDSSecurity/AccessControl/Library[@finalizeFunction]: finalize_ac*",
"config: Domain/DDSSecurity/AccessControl/Library/#text: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/AccessControl/Library[@path]: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/AccessControl/Library[@initFunction]: init_access_control*",
"config: Domain/DDSSecurity/AccessControl/Library[@finalizeFunction]: finalize_access_control*",
"config: Domain/DDSSecurity/AccessControl/PermissionsCA/#text: file:Permissions_CA.pem*",
"config: Domain/DDSSecurity/AccessControl/Governance/#text: file:Governance.p7s*",
"config: Domain/DDSSecurity/AccessControl/Permissions/#text: file:Permissions.p7s*",
"config: Domain/DDSSecurity/Cryptographic/Library/#text: dds_security_crypto*",
"config: Domain/DDSSecurity/Cryptographic/Library[@path]: dds_security_crypto*",
"config: Domain/DDSSecurity/Cryptographic/Library/#text: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Cryptographic/Library[@path]: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Cryptographic/Library[@initFunction]: init_crypto*",
"config: Domain/DDSSecurity/Cryptographic/Library[@finalizeFunction]: finalize_crypto*",
/* The config should have been parsed into the participant QoS. */
"PARTICIPANT * QOS={*property_list={value={{dds.sec.auth.identity_ca,testtext_IdentityCA_testtext,0},{dds.sec.auth.private_key,testtext_PrivateKey_testtext,0},{dds.sec.auth.identity_certificate,testtext_IdentityCertificate_testtext,0},{dds.sec.access.permissions_ca,file:Permissions_CA.pem,0},{dds.sec.access.governance,file:Governance.p7s,0},{dds.sec.access.permissions,file:Permissions.p7s,0},{dds.sec.auth.password,testtext_Password_testtext,0},{dds.sec.auth.trusted_ca_dir,testtext_Dir_testtext,0}}binary_value={}}*}*",
"PARTICIPANT * QOS={*property_list={value={{dds.sec.auth.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.auth.library.init,init_authentication,0},"
"{dds.sec.auth.library.finalize,finalize_authentication,0},"
"{dds.sec.crypto.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.crypto.library.init,init_crypto,0},"
"{dds.sec.crypto.library.finalize,finalize_crypto,0},"
"{dds.sec.access.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.access.library.init,init_access_control,0},"
"{dds.sec.access.library.finalize,finalize_access_control,0},"
"{dds.sec.auth.identity_ca,testtext_IdentityCA_testtext,0},"
"{dds.sec.auth.private_key,testtext_PrivateKey_testtext,0},"
"{dds.sec.auth.identity_certificate,testtext_IdentityCertificate_testtext,0},"
"{dds.sec.access.permissions_ca,file:Permissions_CA.pem,0},"
"{dds.sec.access.governance,file:Governance.p7s,0},"
"{dds.sec.access.permissions,file:Permissions.p7s,0},"
"{dds.sec.auth.password,testtext_Password_testtext,0},"
"{dds.sec.auth.trusted_ca_dir,testtext_Dir_testtext,0}}binary_value={}}*}*",
#endif
NULL
};
const char *sec_config =
"<"DDS_PROJECT_NAME">"
"<Domain id=\"any\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_auth\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
@ -270,10 +295,10 @@ CU_Test(ddsc_config, security_all, .init = ddsrt_init, .fini = ddsrt_fini) {
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_crypto\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_ac\" initFunction=\"init_ac\" finalizeFunction=\"finalize_ac\"/>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
@ -283,6 +308,7 @@ CU_Test(ddsc_config, security_all, .init = ddsrt_init, .fini = ddsrt_fini) {
"</"DDS_PROJECT_NAME">";
dds_entity_t participant;
/* Set up the trace sinks to detect the config parsing. */
@ -296,6 +322,8 @@ CU_Test(ddsc_config, security_all, .init = ddsrt_init, .fini = ddsrt_fini) {
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
dds_delete(participant);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
/* All traces should have been provided. */
#ifndef DDSI_INCLUDE_SECURITY
@ -312,8 +340,8 @@ CU_Test(ddsc_config, security, .init = ddsrt_init, .fini = ddsrt_fini) {
#ifndef DDSI_INCLUDE_SECURITY
"config: //CycloneDDS/Domain: DDSSecurity: unknown element*",
#else
"config: Domain/DDSSecurity/Authentication/Library/#text: dds_security_auth*",
"config: Domain/DDSSecurity/Authentication/Library[@path]: dds_security_auth*",
"config: Domain/DDSSecurity/Authentication/Library/#text: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Authentication/Library[@path]: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Authentication/Library[@initFunction]: init_authentication*",
"config: Domain/DDSSecurity/Authentication/Library[@finalizeFunction]: finalize_authentication*",
"config: Domain/DDSSecurity/Authentication/IdentityCertificate/#text: testtext_IdentityCertificate_testtext*",
@ -321,19 +349,35 @@ CU_Test(ddsc_config, security, .init = ddsrt_init, .fini = ddsrt_fini) {
"config: Domain/DDSSecurity/Authentication/PrivateKey/#text: testtext_PrivateKey_testtext*",
"config: Domain/DDSSecurity/Authentication/Password/#text: {}*",
"config: Domain/DDSSecurity/Authentication/TrustedCADirectory/#text: {}*",
"config: Domain/DDSSecurity/AccessControl/Library/#text: dds_security_ac*",
"config: Domain/DDSSecurity/AccessControl/Library[@path]: dds_security_ac*",
"config: Domain/DDSSecurity/AccessControl/Library[@initFunction]: init_ac*",
"config: Domain/DDSSecurity/AccessControl/Library[@finalizeFunction]: finalize_ac*",
"config: Domain/DDSSecurity/AccessControl/Library/#text: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/AccessControl/Library[@path]: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/AccessControl/Library[@initFunction]: init_access_control*",
"config: Domain/DDSSecurity/AccessControl/Library[@finalizeFunction]: finalize_access_control*",
"config: Domain/DDSSecurity/AccessControl/PermissionsCA/#text: file:Permissions_CA.pem*",
"config: Domain/DDSSecurity/AccessControl/Governance/#text: file:Governance.p7s*",
"config: Domain/DDSSecurity/AccessControl/Permissions/#text: file:Permissions.p7s*",
"config: Domain/DDSSecurity/Cryptographic/Library/#text: dds_security_crypto*",
"config: Domain/DDSSecurity/Cryptographic/Library[@path]: dds_security_crypto*",
"config: Domain/DDSSecurity/Cryptographic/Library/#text: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Cryptographic/Library[@path]: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Cryptographic/Library[@initFunction]: init_crypto*",
"config: Domain/DDSSecurity/Cryptographic/Library[@finalizeFunction]: finalize_crypto*",
/* The config should have been parsed into the participant QoS. */
"PARTICIPANT * QOS={*property_list={value={{dds.sec.auth.identity_ca,testtext_IdentityCA_testtext,0},{dds.sec.auth.private_key,testtext_PrivateKey_testtext,0},{dds.sec.auth.identity_certificate,testtext_IdentityCertificate_testtext,0},{dds.sec.access.permissions_ca,file:Permissions_CA.pem,0},{dds.sec.access.governance,file:Governance.p7s,0},{dds.sec.access.permissions,file:Permissions.p7s,0}}binary_value={}}*}*",
"PARTICIPANT * QOS={*property_list={value={{dds.sec.auth.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.auth.library.init,init_authentication,0},"
"{dds.sec.auth.library.finalize,finalize_authentication,0},"
"{dds.sec.crypto.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.crypto.library.init,init_crypto,0},"
"{dds.sec.crypto.library.finalize,finalize_crypto,0},"
"{dds.sec.access.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.access.library.init,init_access_control,0},"
"{dds.sec.access.library.finalize,finalize_access_control,0},"
"{dds.sec.auth.identity_ca,testtext_IdentityCA_testtext,0},"
"{dds.sec.auth.private_key,testtext_PrivateKey_testtext,0},"
"{dds.sec.auth.identity_certificate,testtext_IdentityCertificate_testtext,0},"
"{dds.sec.access.permissions_ca,file:Permissions_CA.pem,0},"
"{dds.sec.access.governance,file:Governance.p7s,0},"
"{dds.sec.access.permissions,file:Permissions.p7s,0},"
"{dds.sec.auth.password,,0},"
"{dds.sec.auth.trusted_ca_dir,,0}}binary_value={}}*}*",
#endif
NULL
};
@ -342,16 +386,16 @@ CU_Test(ddsc_config, security, .init = ddsrt_init, .fini = ddsrt_fini) {
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_auth\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_crypto\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_ac\" initFunction=\"init_ac\" finalizeFunction=\"finalize_ac\"/>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
@ -372,6 +416,8 @@ CU_Test(ddsc_config, security, .init = ddsrt_init, .fini = ddsrt_fini) {
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
dds_delete(participant);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
/* All traces should have been provided. */
#ifndef DDSI_INCLUDE_SECURITY
@ -388,8 +434,8 @@ CU_Test(ddsc_config, security_deprecated, .init = ddsrt_init, .fini = ddsrt_fini
#ifndef DDSI_INCLUDE_SECURITY
"config: //CycloneDDS/Domain: DDSSecurity: unknown element*",
#else
"config: Domain/DDSSecurity/Authentication/Library/#text: dds_security_auth*",
"config: Domain/DDSSecurity/Authentication/Library[@path]: dds_security_auth*",
"config: Domain/DDSSecurity/Authentication/Library/#text: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Authentication/Library[@path]: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Authentication/Library[@initFunction]: init_authentication*",
"config: Domain/DDSSecurity/Authentication/Library[@finalizeFunction]: finalize_authentication*",
"config: Domain/DDSSecurity/Authentication/IdentityCertificate/#text: testtext_IdentityCertificate_testtext*",
@ -397,19 +443,34 @@ CU_Test(ddsc_config, security_deprecated, .init = ddsrt_init, .fini = ddsrt_fini
"config: Domain/DDSSecurity/Authentication/PrivateKey/#text: testtext_PrivateKey_testtext*",
"config: Domain/DDSSecurity/Authentication/Password/#text: testtext_Password_testtext*",
"config: Domain/DDSSecurity/Authentication/TrustedCADirectory/#text: testtext_Dir_testtext*",
"config: Domain/DDSSecurity/AccessControl/Library/#text: dds_security_ac*",
"config: Domain/DDSSecurity/AccessControl/Library[@path]: dds_security_ac*",
"config: Domain/DDSSecurity/AccessControl/Library[@initFunction]: init_ac*",
"config: Domain/DDSSecurity/AccessControl/Library[@finalizeFunction]: finalize_ac*",
"config: Domain/DDSSecurity/AccessControl/Library/#text: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/AccessControl/Library[@path]: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/AccessControl/Library[@initFunction]: init_access_control*",
"config: Domain/DDSSecurity/AccessControl/Library[@finalizeFunction]: finalize_access_control*",
"config: Domain/DDSSecurity/AccessControl/PermissionsCA/#text: file:Permissions_CA.pem*",
"config: Domain/DDSSecurity/AccessControl/Governance/#text: file:Governance.p7s*",
"config: Domain/DDSSecurity/AccessControl/Permissions/#text: file:Permissions.p7s*",
"config: Domain/DDSSecurity/Cryptographic/Library/#text: dds_security_crypto*",
"config: Domain/DDSSecurity/Cryptographic/Library[@path]: dds_security_crypto*",
"config: Domain/DDSSecurity/Cryptographic/Library/#text: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Cryptographic/Library[@path]: "CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"*",
"config: Domain/DDSSecurity/Cryptographic/Library[@initFunction]: init_crypto*",
"config: Domain/DDSSecurity/Cryptographic/Library[@finalizeFunction]: finalize_crypto*",
/* The config should have been parsed into the participant QoS. */
"PARTICIPANT * QOS={*property_list={value={{dds.sec.auth.identity_ca,testtext_IdentityCA_testtext,0},{dds.sec.auth.private_key,testtext_PrivateKey_testtext,0},{dds.sec.auth.identity_certificate,testtext_IdentityCertificate_testtext,0},{dds.sec.access.permissions_ca,file:Permissions_CA.pem,0},{dds.sec.access.governance,file:Governance.p7s,0},{dds.sec.access.permissions,file:Permissions.p7s,0},{dds.sec.auth.password,testtext_Password_testtext,0},{dds.sec.auth.trusted_ca_dir,testtext_Dir_testtext,0}}binary_value={}}*}*",
"PARTICIPANT * QOS={*property_list={value={"
"{dds.sec.auth.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.auth.library.init,init_authentication,0},"
"{dds.sec.auth.library.finalize,finalize_authentication,0},"
"{dds.sec.crypto.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.crypto.library.init,init_crypto,0},"
"{dds.sec.crypto.library.finalize,finalize_crypto,0},"
"{dds.sec.access.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.access.library.init,init_access_control,0},{dds.sec.access.library.finalize,finalize_access_control,0},{dds.sec.auth.identity_ca,testtext_IdentityCA_testtext,0},"
"{dds.sec.auth.private_key,testtext_PrivateKey_testtext,0},"
"{dds.sec.auth.identity_certificate,testtext_IdentityCertificate_testtext,0},"
"{dds.sec.access.permissions_ca,file:Permissions_CA.pem,0},"
"{dds.sec.access.governance,file:Governance.p7s,0},"
"{dds.sec.access.permissions,file:Permissions.p7s,0},"
"{dds.sec.auth.password,testtext_Password_testtext,0},"
"{dds.sec.auth.trusted_ca_dir,testtext_Dir_testtext,0}}binary_value={}}*}*",
#endif
NULL
};
@ -422,7 +483,7 @@ CU_Test(ddsc_config, security_deprecated, .init = ddsrt_init, .fini = ddsrt_fini
"<DDSI2E>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_auth\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
@ -430,10 +491,10 @@ CU_Test(ddsc_config, security_deprecated, .init = ddsrt_init, .fini = ddsrt_fini
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_crypto\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_ac\" initFunction=\"init_ac\" finalizeFunction=\"finalize_ac\"/>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
@ -443,7 +504,6 @@ CU_Test(ddsc_config, security_deprecated, .init = ddsrt_init, .fini = ddsrt_fini
"</DDSI2E>"
"</"DDS_PROJECT_NAME">";
dds_entity_t participant;
/* Set up the trace sinks to detect the config parsing. */
@ -457,6 +517,8 @@ CU_Test(ddsc_config, security_deprecated, .init = ddsrt_init, .fini = ddsrt_fini
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
dds_delete(participant);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
/* All traces should have been provided. */
#ifndef DDSI_INCLUDE_SECURITY
@ -480,8 +542,16 @@ CU_Test(ddsc_config, security_qos, .init = ddsrt_init, .fini = ddsrt_fini)
"{dds.sec.access.governance,file:Governance.p7s,0},"
"{dds.sec.access.permissions,file:Permissions.p7s,0},"
"{dds.sec.auth.password,testtext_Password_testtext,0},"
"{dds.sec.auth.trusted_ca_dir,file:/test/dir,0}"
"}binary_value={}}*}*",
"{dds.sec.auth.trusted_ca_dir,file:/test/dir,0},"
"{dds.sec.auth.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.auth.library.init,init_authentication,0},"
"{dds.sec.auth.library.finalize,finalize_authentication,0},"
"{dds.sec.crypto.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.crypto.library.init,init_crypto,0},"
"{dds.sec.crypto.library.finalize,finalize_crypto,0},"
"{dds.sec.access.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.access.library.init,init_access_control,0},"
"{dds.sec.access.library.finalize,finalize_access_control,0}}binary_value={}}*}*",
#endif
NULL
};
@ -504,6 +574,15 @@ CU_Test(ddsc_config, security_qos, .init = ddsrt_init, .fini = ddsrt_fini)
dds_qset_prop(qos, "dds.sec.access.permissions", "file:Permissions.p7s");
dds_qset_prop(qos, "dds.sec.auth.password", "testtext_Password_testtext");
dds_qset_prop(qos, "dds.sec.auth.trusted_ca_dir", "file:/test/dir");
dds_qset_prop(qos, "dds.sec.auth.library.path", ""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"");
dds_qset_prop(qos, "dds.sec.auth.library.init", "init_authentication");
dds_qset_prop(qos, "dds.sec.auth.library.finalize", "finalize_authentication");
dds_qset_prop(qos, "dds.sec.crypto.library.path", ""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"");
dds_qset_prop(qos, "dds.sec.crypto.library.init", "init_crypto");
dds_qset_prop(qos, "dds.sec.crypto.library.finalize", "finalize_crypto");
dds_qset_prop(qos, "dds.sec.access.library.path", ""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"");
dds_qset_prop(qos, "dds.sec.access.library.init", "init_access_control");
dds_qset_prop(qos, "dds.sec.access.library.finalize", "finalize_access_control");
/* Create participant with security config in qos. */
found = 0;
@ -512,6 +591,8 @@ CU_Test(ddsc_config, security_qos, .init = ddsrt_init, .fini = ddsrt_fini)
ddsrt_setenv(URI_VARIABLE, "");
dds_delete(participant);
dds_delete_qos(qos);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
/* All traces should have been provided. */
#ifndef DDSI_INCLUDE_SECURITY
@ -537,8 +618,18 @@ CU_Test(ddsc_config, security_qos_props, .init = ddsrt_init, .fini = ddsrt_fini)
"{dds.sec.access.permissions,file:Permissions.p7s,0},"
"{dds.sec.auth.password,testtext_Password_testtext,0},"
"{dds.sec.auth.trusted_ca_dir,file:/test/dir,0},"
"{dds.sec.auth.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.auth.library.init,init_authentication,0},"
"{dds.sec.auth.library.finalize,finalize_authentication,0},"
"{dds.sec.crypto.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.crypto.library.init,init_crypto,0},"
"{dds.sec.crypto.library.finalize,finalize_crypto,0},"
"{dds.sec.access.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.access.library.init,init_access_control,0},"
"{dds.sec.access.library.finalize,finalize_access_control,0},"
"{test.prop2,testtext_value2_testtext,0}}"
"binary_value={{test.bprop1,(3,*),0}}}*}*",
#endif
NULL
};
@ -563,17 +654,35 @@ CU_Test(ddsc_config, security_qos_props, .init = ddsrt_init, .fini = ddsrt_fini)
dds_qset_prop(qos, "dds.sec.access.permissions", "file:Permissions.p7s");
dds_qset_prop(qos, "dds.sec.auth.password", "testtext_Password_testtext");
dds_qset_prop(qos, "dds.sec.auth.trusted_ca_dir", "file:/test/dir");
dds_qset_prop(qos, "dds.sec.auth.library.path", ""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"");
dds_qset_prop(qos, "dds.sec.auth.library.init", "init_authentication");
dds_qset_prop(qos, "dds.sec.auth.library.finalize", "finalize_authentication");
dds_qset_prop(qos, "dds.sec.crypto.library.path", ""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"");
dds_qset_prop(qos, "dds.sec.crypto.library.init", "init_crypto");
dds_qset_prop(qos, "dds.sec.crypto.library.finalize", "finalize_crypto");
dds_qset_prop(qos, "dds.sec.access.library.path", ""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"");
dds_qset_prop(qos, "dds.sec.access.library.init", "init_access_control");
dds_qset_prop(qos, "dds.sec.access.library.finalize", "finalize_access_control");
dds_qset_prop(qos, "test.prop2", "testtext_value2_testtext");
dds_qset_prop(qos, "dds.sec.auth.identity_ca", "testtext_IdentityCA_testtext");
dds_qset_bprop(qos, "test.bprop1", bvalue, 3);
/* Create participant with security config in qos. */
found = 0;
ddsrt_setenv(URI_VARIABLE, "<Tracing><Verbosity>finest</></>");
CU_ASSERT_FATAL ((participant = dds_create_participant(DDS_DOMAIN_DEFAULT, qos, NULL)) > 0);
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, qos, NULL);
CU_ASSERT_FATAL(participant > 0);
ddsrt_setenv(URI_VARIABLE, "");
dds_delete(participant);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
dds_delete_qos(qos);
/* All traces should have been provided. */
#ifndef DDSI_INCLUDE_SECURITY
CU_ASSERT_FATAL(found == 0);
@ -590,14 +699,23 @@ CU_Test(ddsc_config, security_config_qos, .init = ddsrt_init, .fini = ddsrt_fini
"config: //CycloneDDS/Domain: DDSSecurity: unknown element*",
#else
/* The security settings from qos properties should have been parsed into the participant QoS. */
"new_participant(*): using security settings from QoS, ignoring security configuration*",
"new_participant(*): using security settings from QoS*",
"PARTICIPANT * QOS={*property_list={value={"
"{dds.sec.auth.identity_ca,testtext_QOS_IdentityCA_testtext,0},"
"{dds.sec.auth.private_key,testtext_QOS_PrivateKey_testtext,0},"
"{dds.sec.auth.identity_certificate,testtext_QOS_IdentityCertificate_testtext,0},"
"{dds.sec.access.permissions_ca,file:QOS_Permissions_CA.pem,0},"
"{dds.sec.access.governance,file:QOS_Governance.p7s,0},"
"{dds.sec.access.permissions,file:QOS_Permissions.p7s,0}"
"{dds.sec.access.permissions,file:QOS_Permissions.p7s,0},"
"{dds.sec.auth.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.auth.library.init,init_authentication,0},"
"{dds.sec.auth.library.finalize,finalize_authentication,0},"
"{dds.sec.crypto.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.crypto.library.init,init_crypto,0},"
"{dds.sec.crypto.library.finalize,finalize_crypto,0},"
"{dds.sec.access.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.access.library.init,init_access_control,0},"
"{dds.sec.access.library.finalize,finalize_access_control,0}"
"}binary_value={}}*}*",
#endif
NULL
@ -628,7 +746,17 @@ CU_Test(ddsc_config, security_config_qos, .init = ddsrt_init, .fini = ddsrt_fini
dds_qset_prop(qos, "dds.sec.access.permissions_ca", "file:QOS_Permissions_CA.pem");
dds_qset_prop(qos, "dds.sec.access.governance", "file:QOS_Governance.p7s");
dds_qset_prop(qos, "dds.sec.access.permissions", "file:QOS_Permissions.p7s");
#ifdef DDSI_INCLUDE_SECURITY /*for using with constants coming from API */
dds_qset_prop(qos, DDS_SEC_PROP_AUTH_LIBRARY_PATH, ""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"");
dds_qset_prop(qos, DDS_SEC_PROP_AUTH_LIBRARY_INIT, "init_authentication");
dds_qset_prop(qos, DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE, "finalize_authentication");
dds_qset_prop(qos, DDS_SEC_PROP_CRYPTO_LIBRARY_PATH, ""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"");
dds_qset_prop(qos, DDS_SEC_PROP_CRYPTO_LIBRARY_INIT, "init_crypto");
dds_qset_prop(qos, DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE, "finalize_crypto");
dds_qset_prop(qos, DDS_SEC_PROP_ACCESS_LIBRARY_PATH, ""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"");
dds_qset_prop(qos, DDS_SEC_PROP_ACCESS_LIBRARY_INIT, "init_access_control");
dds_qset_prop(qos, DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE, "finalize_access_control");
#endif
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_FATAL | DDS_LC_ERROR | DDS_LC_WARNING | DDS_LC_CONFIG);
dds_set_log_sink(&logger, (void*)log_expected);
@ -640,6 +768,8 @@ CU_Test(ddsc_config, security_config_qos, .init = ddsrt_init, .fini = ddsrt_fini
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, qos, NULL);
ddsrt_setenv(URI_VARIABLE, "");
dds_delete(participant);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
dds_delete_qos(qos);
/* All traces should have been provided. */
@ -659,15 +789,24 @@ CU_Test(ddsc_config, security_other_prop, .init = ddsrt_init, .fini = ddsrt_fini
"config: //CycloneDDS/Domain: DDSSecurity: unknown element*",
#else
/* The security settings from config should have been parsed into the participant QoS. */
"PARTICIPANT * QOS={*property_list={value={"
"{test.dds.sec.prop1,testtext_value1_testtext,0},"
"PARTICIPANT * QOS={*property_list={value={{test.dds.sec.prop1,testtext_value1_testtext,0},"
"{dds.sec.auth.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.auth.library.init,init_authentication,0},"
"{dds.sec.auth.library.finalize,finalize_authentication,0},"
"{dds.sec.crypto.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.crypto.library.init,init_crypto,0},"
"{dds.sec.crypto.library.finalize,finalize_crypto,0},"
"{dds.sec.access.library.path,"CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX",0},"
"{dds.sec.access.library.init,init_access_control,0},"
"{dds.sec.access.library.finalize,finalize_access_control,0},"
"{dds.sec.auth.identity_ca,testtext_IdentityCA_testtext,0},"
"{dds.sec.auth.private_key,testtext_PrivateKey_testtext,0},"
"{dds.sec.auth.identity_certificate,testtext_IdentityCertificate_testtext,0},"
"{dds.sec.access.permissions_ca,file:Permissions_CA.pem,0},"
"{dds.sec.access.governance,file:Governance.p7s,0},"
"{dds.sec.access.permissions,file:Permissions.p7s,0}"
"}binary_value={}}*}*",
"{dds.sec.access.permissions,file:Permissions.p7s,0},"
"{dds.sec.auth.password,testtext_Password_testtext,0},"
"{dds.sec.auth.trusted_ca_dir,testtext_Dir_testtext,0}}binary_value={}}*}*",
#endif
NULL
};
@ -676,11 +815,18 @@ CU_Test(ddsc_config, security_other_prop, .init = ddsrt_init, .fini = ddsrt_fini
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_authentication_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_cryptography_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\""CONFIG_PLUGIN_MOCK_DIR""CONFIG_LIB_SEP""CONFIG_LIB_PREFIX"dds_security_access_control_all_ok"CONFIG_LIB_SUFFIX"\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
@ -704,6 +850,8 @@ CU_Test(ddsc_config, security_other_prop, .init = ddsrt_init, .fini = ddsrt_fini
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, qos, NULL);
ddsrt_setenv(URI_VARIABLE, "");
dds_delete(participant);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
dds_delete_qos(qos);
/* All traces should have been provided. */
@ -722,20 +870,22 @@ CU_Test(ddsc_config, security_qos_invalid, .init = ddsrt_init, .fini = ddsrt_fin
"config: //CycloneDDS/Domain: DDSSecurity: unknown element*",
#else
/* The config should have been parsed into the participant QoS. */
"PARTICIPANT * QOS={*property_list={value={"
"{dds.sec.auth.identity_ca,testtext_IdentityCA_testtext,0},"
"{dds.sec.auth.private_key,testtext_PrivateKey_testtext,0},"
"{dds.sec.auth.identity_certificate,testtext_IdentityCertificate_testtext,0},"
"{dds.sec.access.permissions_ca,file:Permissions_CA.pem,0},"
"{dds.sec.access.governance,file:Governance.p7s,0},"
"{dds.sec.access.permissions,file:Permissions.p7s,0}"
"}binary_value={}}*}*",
"new_participant(*): required security property "DDS_SEC_PROP_AUTH_IDENTITY_CA" missing in Property QoS*",
"new_participant(*): required security property "DDS_SEC_PROP_AUTH_PRIV_KEY" missing in Property QoS*",
"new_participant(*): required security property "DDS_SEC_PROP_AUTH_IDENTITY_CERT" missing in Property QoS*",
"new_participant(*): required security property "DDS_SEC_PROP_ACCESS_PERMISSIONS_CA" missing in Property QoS*",
"new_participant(*): required security property "DDS_SEC_PROP_ACCESS_GOVERNANCE" missing in Property QoS*",
"new_participant(*): required security property "DDS_SEC_PROP_ACCESS_PERMISSIONS" missing in Property QoS*",
"new_participant(*): using security settings from QoS*",
"new_participant(*): required security property dds.sec.auth.identity_ca missing in Property QoS*",
"new_participant(*): required security property dds.sec.auth.private_key missing in Property QoS*",
"new_participant(*): required security property dds.sec.auth.identity_certificate missing in Property QoS*",
"new_participant(*): required security property dds.sec.access.permissions_ca missing in Property QoS*",
"new_participant(*): required security property dds.sec.access.governance missing in Property QoS*",
"new_participant(*): required security property dds.sec.access.permissions missing in Property QoS*",
"new_participant(*): required security property dds.sec.auth.library.path missing in Property QoS*",
"new_participant(*): required security property dds.sec.auth.library.init missing in Property QoS*",
"new_participant(*): required security property dds.sec.auth.library.finalize missing in Property QoS*",
"new_participant(*): required security property dds.sec.crypto.library.path missing in Property QoS*",
"new_participant(*): required security property dds.sec.crypto.library.init missing in Property QoS*",
"new_participant(*): required security property dds.sec.crypto.library.finalize missing in Property QoS*",
"new_participant(*): required security property dds.sec.access.library.path missing in Property QoS*",
"new_participant(*): required security property dds.sec.access.library.init missing in Property QoS*",
"new_participant(*): required security property dds.sec.access.library.finalize missing in Property QoS*",
#endif
NULL
};
@ -783,7 +933,7 @@ CU_Test(ddsc_config, security_qos_invalid, .init = ddsrt_init, .fini = ddsrt_fin
#ifndef DDSI_INCLUDE_SECURITY
CU_ASSERT_FATAL(found == 0x01);
#else
CU_ASSERT_FATAL(found == 0x7e);
CU_ASSERT_FATAL(found == 0xffff);
#endif
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);

4
src/core/ddsc/tests/config_env.h.in
View file

@ -14,5 +14,9 @@
#define CONFIG_ENV_SIMPLE_UDP "@CUnit_ddsc_config_simple_udp_uri@"
#define CONFIG_ENV_MAX_PARTICIPANTS "@CUnit_ddsc_config_simple_udp_max_participants@"
#define CONFIG_PLUGIN_MOCK_DIR "@test_lib_dir@"
#define CONFIG_LIB_SUFFIX "@CMAKE_SHARED_LIBRARY_SUFFIX@"
#define CONFIG_LIB_PREFIX "@CMAKE_SHARED_LIBRARY_PREFIX@"
#define CONFIG_LIB_SEP "@test_lib_sep@"
#endif /* CONFIG_ENV_H */

57
src/core/ddsi/include/dds/ddsi/ddsi_security_omg.h
View file

@ -17,6 +17,10 @@
#include "dds/ddsi/q_globals.h"
#include "dds/ddsi/q_radmin.h"
#include "dds/ddsi/q_xmsg.h"
#include "dds/ddsrt/retcode.h"
#include "dds/ddsrt/types.h"
#include "dds/ddsrt/sync.h"
#if defined (__cplusplus)
extern "C" {
@ -30,6 +34,9 @@ typedef enum {
#ifdef DDSI_INCLUDE_SECURITY
#include "dds/security/dds_security_api.h"
#include "dds/security/core/dds_security_plugins.h"
typedef struct nn_msg_sec_info {
int64_t src_pp_handle;
int64_t dst_pp_handle;
@ -37,14 +44,7 @@ typedef struct nn_msg_sec_info {
} nn_msg_sec_info_t;
/**
* @brief Check if any participant has security enabled.
*
* @returns bool
* @retval true Some participant is secure
* @retval false No participant is not secure
*/
bool q_omg_security_enabled(void);
/**
* @brief Check if security is enabled for the participant.
@ -501,6 +501,30 @@ secure_conn_write(
nn_msg_sec_info_t *sec_info,
ddsi_tran_write_fn_t conn_write_cb);
/**
* @brief Loads the security plugins with the given configuration.
* This function tries to load the plugins only once. Returns the same
* result on subsequent calls.
* It logs the reason and returns error if can not load a plugin.
*
* @param[in] qos Participant qos which owns the Property list
* that contains security configurations and
* plugin properties that are required for loading libraries
* @returns dds_return_t
* @retval DDS_RETCODE_OK All plugins are successfully loaded
* @retval DDS_RETCODE_ERROR One or more security plugins are not loaded.
*/
dds_return_t q_omg_security_load( struct dds_security_context *security_context, const dds_qos_t *qos );
void q_omg_security_init( struct dds_security_context **sc);
void q_omg_security_deinit( struct dds_security_context **sc);
bool q_omg_is_security_loaded( struct dds_security_context *sc );
/**
* @brief Check if the participant and the proxy participant
* have compatible security info settings.
@ -694,12 +718,6 @@ bool q_omg_security_match_remote_reader_enabled(struct writer *wr, struct proxy_
#include "dds/ddsi/q_unused.h"
inline bool
q_omg_security_enabled(void)
{
return false;
}
inline bool
q_omg_participant_is_secure(
UNUSED_ARG(const struct participant *pp))
@ -895,6 +913,17 @@ decode_rtps_message(
return NN_RTPS_MSG_STATE_PLAIN;
}
inline dds_return_t q_omg_security_load( UNUSED_ARG( struct dds_security_context *security_context ), UNUSED_ARG( const dds_qos_t *property_seq) )
{
return DDS_RETCODE_ERROR;
}
inline void q_omg_security_init( UNUSED_ARG( struct dds_security_context *sc) ) {}
inline void q_omg_security_deinit( UNUSED_ARG( struct dds_security_context *sc) ) {}
inline bool q_omg_is_security_loaded( UNUSED_ARG( struct dds_security_context *sc )) { return false; }
#endif /* DDSI_INCLUDE_SECURITY */
#if defined (__cplusplus)

1
src/core/ddsi/include/dds/ddsi/q_entity.h
View file

@ -220,6 +220,7 @@ struct participant
int64_t local_identity_handle; /* OMG DDS Security related member */
int64_t permissions_handle; /* OMG DDS Security related member */
struct participant_sec_attributes *sec_attr;
nn_security_info_t security_info;
#endif
};

7
src/core/ddsi/include/dds/ddsi/q_globals.h
View file

@ -46,6 +46,7 @@ struct ddsi_tran_factory;
struct ddsrt_thread_pool_s;
struct debug_monitor;
struct ddsi_tkmap;
struct dds_security_context;
typedef struct config_in_addr_node {
nn_locator_t loc;
@ -296,6 +297,12 @@ struct q_globals {
struct ddsi_builtin_topic_interface *builtin_topic_interface;
struct nn_group_membership *mship;
/* security globals */
#ifdef DDSI_INCLUDE_SECURITY
struct dds_security_context *security_context;
#endif
};
#if defined (__cplusplus)

13
src/core/ddsi/include/dds/ddsi/q_xqos.h
View file

@ -321,21 +321,14 @@ DDS_EXPORT uint64_t nn_xqos_delta (const dds_qos_t *a, const dds_qos_t *b, uint6
DDS_EXPORT void nn_xqos_addtomsg (struct nn_xmsg *m, const dds_qos_t *xqos, uint64_t wanted);
DDS_EXPORT void nn_log_xqos (uint32_t cat, const struct ddsrt_log_cfg *logcfg, const dds_qos_t *xqos);
DDS_EXPORT dds_qos_t *nn_xqos_dup (const dds_qos_t *src);
DDS_EXPORT bool nn_xqos_has_prop (const dds_qos_t *xqos, const char *pname, bool startswith);
DDS_EXPORT bool nn_xqos_has_prop (const dds_qos_t *xqos, const char *pname, bool startswith, bool check_non_empty);
#ifdef DDSI_INCLUDE_SECURITY
#define DDS_SEC_PROP_AUTH_IDENTITY_CA "dds.sec.auth.identity_ca"
#define DDS_SEC_PROP_AUTH_PRIV_KEY "dds.sec.auth.private_key"
#define DDS_SEC_PROP_AUTH_IDENTITY_CERT "dds.sec.auth.identity_certificate"
#define DDS_SEC_PROP_AUTH_PASSWORD "dds.sec.auth.password"
#define DDS_SEC_PROP_ACCESS_PERMISSIONS_CA "dds.sec.access.permissions_ca"
#define DDS_SEC_PROP_ACCESS_GOVERNANCE "dds.sec.access.governance"
#define DDS_SEC_PROP_ACCESS_PERMISSIONS "dds.sec.access.permissions"
#define DDS_SEC_PROP_ACCESS_TRUSTED_CA_DIR "dds.sec.auth.trusted_ca_dir"
struct omg_security_configuration_type;
DDS_EXPORT bool nn_xqos_mergein_security_config (dds_qos_t *xqos, const struct omg_security_configuration_type *cfg);
DDS_EXPORT void nn_xqos_mergein_security_config (dds_qos_t *xqos, const struct omg_security_configuration_type *cfg);
#endif
#if defined (__cplusplus)

255
src/core/ddsi/src/ddsi_security_omg.c
View file

@ -20,12 +20,43 @@
#include "dds/ddsrt/process.h"
#include "dds/ddsi/q_bswap.h"
#include "dds/ddsi/q_unused.h"
#include "dds/ddsi/q_radmin.h"
#include "dds/ddsi/ddsi_entity_index.h"
#include "dds/ddsi/ddsi_security_omg.h"
#include "dds/ddsi/ddsi_sertopic.h"
#include "dds/ddsi/q_config.h"
#include "dds/ddsi/q_log.h"
#include "dds/ddsrt/sync.h"
#include "dds/security/dds_security_api.h"
#include "dds/security/core/dds_security_utils.h"
#include "dds/security/core/dds_security_plugins.h"
#include "dds/ddsrt/hopscotch.h"
#include "dds/ddsi/q_entity.h"
#include "dds/ddsi/q_xevent.h"
#include "dds/ddsi/q_plist.h"
#define AUTH_NAME "Authentication"
#define AC_NAME "Access Control"
#define CRYPTO_NAME "Cryptographic"
#define SECURITY_EXCEPTION_INIT {NULL, 0, 0}
struct dds_security_context {
dds_security_plugin auth_plugin;
dds_security_plugin ac_plugin;
dds_security_plugin crypto_plugin;
dds_security_authentication *authentication_context;
dds_security_cryptography *crypto_context;
dds_security_access_control *access_control_context;
ddsrt_mutex_t omg_security_lock;
uint32_t next_plugin_id;
};
typedef struct dds_security_context dds_security_context;
static bool
@ -34,6 +65,7 @@ q_omg_writer_is_payload_protected(
static bool endpoint_is_DCPSParticipantSecure(const ddsi_guid_t *guid)
{
return ((guid->entityid.u == NN_ENTITYID_SPDP_RELIABLE_BUILTIN_PARTICIPANT_SECURE_WRITER) ||
@ -76,11 +108,209 @@ static bool endpoint_is_DCPSParticipantVolatileMessageSecure(const ddsi_guid_t *
#endif
}
bool
q_omg_security_enabled(void)
{
bool q_omg_is_security_loaded( dds_security_context *sc ){
if( sc->crypto_context == NULL && sc->authentication_context == NULL && sc->access_control_context == NULL){
return false;
} else {
return true;
}
}
void q_omg_security_init( dds_security_context **sc )
{
*sc = ddsrt_malloc( sizeof( dds_security_context));
memset( *sc, 0, sizeof( dds_security_context));
//if( participant_reference_count == 0 ){
(*sc)->auth_plugin.name = AUTH_NAME;
(*sc)->ac_plugin.name = AC_NAME;
(*sc)->crypto_plugin.name = CRYPTO_NAME;
(void)ddsrt_mutex_init(&(*sc)->omg_security_lock);
DDS_LOG(DDS_LC_TRACE,"DDS Security init\n");
#if HANDSHAKE_IMPLEMENTED
//remote_participant_crypto_handle_list_init();
#endif
//}
//participant_reference_count++;
}
/**
* Releases all plugins
*/
static void release_plugins( dds_security_context *security_context )
{
#if HANDSHAKE_IMPLEMENTED
q_handshake_terminate();
#endif
if (dds_security_plugin_release( &security_context->auth_plugin, security_context->authentication_context )) {
DDS_ERROR("Error occured releasing %s plugin", security_context->auth_plugin.name);
}
if (dds_security_plugin_release( &security_context->crypto_plugin, security_context->crypto_context )) {
DDS_ERROR("Error occured releasing %s plugin", security_context->crypto_plugin.name);
}
if (dds_security_plugin_release( &security_context->ac_plugin, security_context->access_control_context )) {
DDS_ERROR("Error occured releasing %s plugin", security_context->ac_plugin.name);
}
security_context->authentication_context = NULL;
security_context->access_control_context = NULL;
security_context->crypto_context = NULL;
}
void q_omg_security_deinit( struct dds_security_context **security_context) {
assert( security_context != NULL );
assert( *security_context != NULL );
#if HANDSHAKE_IMPLEMENTED
//remote_participant_crypto_handle_list_deinit();
#endif
if( (*security_context)->authentication_context != NULL && (*security_context)->access_control_context != NULL && (*security_context)->crypto_context != NULL ){
release_plugins( *security_context );
}
ddsrt_mutex_destroy(&(*security_context)->omg_security_lock);
ddsrt_free( *security_context );
*security_context = NULL;
DDS_LOG(DDS_LC_TRACE,"DDS Security deinit\n");
}
static void
dds_qos_to_security_plugin_configuration(
const dds_qos_t *qos,
dds_security_plugin_suite_config *suite_config)
{
uint32_t i;
#define CHECK_SECURITY_PROPERTY( security_property, target ) \
if(strcmp (qos->property.value.props[i].name, security_property) == 0){ \
target = ddsrt_strdup( qos->property.value.props[i].value ); \
}
for (i = 0; i < qos->property.value.n; i++) {
CHECK_SECURITY_PROPERTY( DDS_SEC_PROP_AUTH_LIBRARY_PATH, suite_config->authentication.library_path )
else CHECK_SECURITY_PROPERTY( DDS_SEC_PROP_AUTH_LIBRARY_INIT, suite_config->authentication.library_init )
else CHECK_SECURITY_PROPERTY( DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE, suite_config->authentication.library_finalize )
else CHECK_SECURITY_PROPERTY( DDS_SEC_PROP_CRYPTO_LIBRARY_PATH, suite_config->cryptography.library_path )
else CHECK_SECURITY_PROPERTY( DDS_SEC_PROP_CRYPTO_LIBRARY_INIT, suite_config->cryptography.library_init )
else CHECK_SECURITY_PROPERTY( DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE, suite_config->cryptography.library_finalize )
else CHECK_SECURITY_PROPERTY( DDS_SEC_PROP_ACCESS_LIBRARY_PATH, suite_config->access_control.library_path )
else CHECK_SECURITY_PROPERTY( DDS_SEC_PROP_ACCESS_LIBRARY_INIT, suite_config->access_control.library_init )
else CHECK_SECURITY_PROPERTY( DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE, suite_config->access_control.library_finalize )
}
#undef CHECK_SECURITY_PROPERTY
}
static void deinit_plugin_config(dds_security_plugin_config *plugin_config){
ddsrt_free( plugin_config->library_path );
ddsrt_free( plugin_config->library_init );
ddsrt_free( plugin_config->library_finalize );
}
static void deinit_plugin_suite_config(dds_security_plugin_suite_config *suite_config ){
deinit_plugin_config( &suite_config->access_control );
deinit_plugin_config( &suite_config->authentication );
deinit_plugin_config( &suite_config->cryptography );
}
dds_return_t q_omg_security_load( dds_security_context *security_context,
const dds_qos_t *qos)
{
dds_return_t ret = DDS_RETCODE_ERROR;
ddsrt_mutex_lock(&security_context->omg_security_lock);
dds_security_plugin_suite_config plugin_suite_config;
memset ( &plugin_suite_config, 0, sizeof(dds_security_plugin_suite_config));
/* Get plugin information */
dds_qos_to_security_plugin_configuration( qos, &plugin_suite_config);
/* Check configuration content */
if( dds_security_check_plugin_configuration( &plugin_suite_config ) == DDS_RETCODE_OK ){
if (dds_security_load_security_library(
&(plugin_suite_config.authentication), &security_context->auth_plugin,
(void**) &security_context->authentication_context) == DDS_RETCODE_OK) {
if (dds_security_load_security_library(
&(plugin_suite_config.access_control), &security_context->ac_plugin,
(void**) &security_context->access_control_context) == DDS_RETCODE_OK ) {
if (dds_security_load_security_library(
&(plugin_suite_config.cryptography), &security_context->crypto_plugin,
(void**) &security_context->crypto_context) == DDS_RETCODE_OK ) {
/* now check if all plugin functions are implemented */
if( dds_security_verify_plugin_functions(
security_context->authentication_context,&security_context->auth_plugin,
security_context->crypto_context,&security_context->crypto_plugin,
security_context->access_control_context, &security_context->ac_plugin) == DDS_RETCODE_OK){
/* Add listeners */
#if LISTENERS_IMPLEMENTED
if ( access_control_context->set_listener(access_control_context, &listener_ac, &ex)) {
if ( authentication_context->set_listener(authentication_context, &listener_auth, &ex)) {
#if HANDSHAKE_IMPLEMENTED
(void)q_handshake_initialize();
#endif
} else {
DDS_ERROR("Could not set authentication listener: %s\n",
ex.message ? ex.message : "<unknown error>");
}
} else {
DDS_ERROR("Could not set access_control listener: %s\n",
ex.message ? ex.message : "<unknown error>");
}
#endif //LISTENERS_IMPLEMENTED
//tried_to_load = true;
//ret = last_load_result = DDS_RETCODE_OK;
ret = DDS_RETCODE_OK;
//omg_security_plugin_loaded = true;
DDS_INFO( "DDS Security plugins have been loaded\n" );
} else {
release_plugins( security_context );
}
} else{
DDS_ERROR("Could not load %s library\n", security_context->crypto_plugin.name);
}
}else{
DDS_ERROR("Could not load %s library\n", security_context->ac_plugin.name);
}
}
else{
DDS_ERROR("Could not load %s plugin.\n", security_context->auth_plugin.name);
}
}
deinit_plugin_suite_config( &plugin_suite_config );
ddsrt_mutex_unlock( &security_context->omg_security_lock );
return ret;
}
bool
@ -796,12 +1026,14 @@ encode_datareader_submsg(
struct nn_xmsg_marker sm_marker,
struct proxy_writer *pwr,
const struct ddsi_guid *rd_guid)
{
/* Only encode when needed. */
if (q_omg_security_enabled())
{
struct reader *rd = entidx_lookup_reader_guid(pwr->e.gv->entity_index, rd_guid);
if (rd)
struct participant *pp = NULL;
/* Only encode when needed. */
if( rd != NULL ){
pp = rd->c.pp;
}
if (!pp && q_omg_participant_is_secure( pp ))
{
if (q_omg_reader_is_submessage_protected(rd))
{
@ -833,8 +1065,6 @@ encode_datareader_submsg(
}
}
}
}
void
encode_datawriter_submsg(
@ -842,8 +1072,9 @@ encode_datawriter_submsg(
struct nn_xmsg_marker sm_marker,
struct writer *wr)
{
struct participant *pp = wr->c.pp;
/* Only encode when needed. */
if (q_omg_security_enabled())
if (q_omg_participant_is_secure( pp ))
{
if (q_omg_writer_is_submessage_protected(wr))
{

65
src/core/ddsi/src/q_entity.c
View file

@ -698,44 +698,77 @@ dds_return_t new_participant_guid (const ddsi_guid_t *ppguid, struct q_globals *
nn_plist_mergein_missing (pp->plist, &gv->default_local_plist_pp, ~(uint64_t)0, ~(uint64_t)0);
#ifdef DDSI_INCLUDE_SECURITY
if (gv->config.omg_security_configuration)
{
/* For security, configuration can be provided through the configuration.
* However, the specification (and the plugins) expect it to be in the QoS. */
if (!nn_xqos_mergein_security_config(&pp->plist->qos, &gv->config.omg_security_configuration->cfg))
/*
* if there there are security properties check them .
* if there are no security properties, then merge from security configuration if there is
*/
/* check for existing security properties (name starts with dds.sec. conform DDS Security spec 7.2.4.1)
* and return if any is found */
{
bool ready_to_load_security = false;
if (nn_xqos_has_prop(&pp->plist->qos, "dds.sec.", true, false)) {
char *req[] = {DDS_SEC_PROP_AUTH_IDENTITY_CA,
DDS_SEC_PROP_AUTH_PRIV_KEY,
DDS_SEC_PROP_AUTH_IDENTITY_CERT,
DDS_SEC_PROP_ACCESS_PERMISSIONS_CA,
DDS_SEC_PROP_ACCESS_GOVERNANCE,
DDS_SEC_PROP_ACCESS_PERMISSIONS };
DDS_SEC_PROP_ACCESS_PERMISSIONS,
GVLOGDISC ("new_participant("PGUIDFMT"): using security settings from QoS, ignoring security configuration\n", PGUID (*ppguid));
DDS_SEC_PROP_AUTH_LIBRARY_PATH,
DDS_SEC_PROP_AUTH_LIBRARY_INIT,
DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE,
DDS_SEC_PROP_CRYPTO_LIBRARY_PATH,
DDS_SEC_PROP_CRYPTO_LIBRARY_INIT,
DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE,
DDS_SEC_PROP_ACCESS_LIBRARY_PATH,
DDS_SEC_PROP_ACCESS_LIBRARY_INIT,
DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE};
GVLOGDISC ("new_participant("
PGUIDFMT
"): using security settings from QoS\n", PGUID(*ppguid));
/* check if all required security properties exist in qos */
for (size_t i = 0; i < sizeof(req) / sizeof(req[0]); i++)
{
if (!nn_xqos_has_prop (&pp->plist->qos, req[i], false))
{
GVERROR ("new_participant("PGUIDFMT"): required security property %s missing in Property QoS\n", PGUID (*ppguid), req[i]);
for (size_t i = 0; i < sizeof(req) / sizeof(req[0]); i++) {
if (!nn_xqos_has_prop(&pp->plist->qos, req[i], false, true)) {
GVERROR ("new_participant("
PGUIDFMT
"): required security property %s missing in Property QoS\n", PGUID(*ppguid), req[i]);
ret = DDS_RETCODE_PRECONDITION_NOT_MET;
}
}
if (ret != DDS_RETCODE_OK)
if (ret == DDS_RETCODE_OK) {
ready_to_load_security = true;
} else {
goto new_pp_err_secprop;
}
} else if (gv->config.omg_security_configuration) {
/* For security, configuration can be provided through the configuration.
* However, the specification (and the plugins) expect it to be in the QoS. */
GVLOGDISC ("new_participant("
PGUIDFMT
"): using security settings from configuration\n", PGUID(*ppguid));
nn_xqos_mergein_security_config(&pp->plist->qos, &gv->config.omg_security_configuration->cfg);
ready_to_load_security = true;
}
if( q_omg_is_security_loaded( gv->security_context ) == false ){
if (ready_to_load_security && q_omg_security_load(gv->security_context, &pp->plist->qos) < 0) {
GVERROR("Could not load security\n");
ret = DDS_RETCODE_NOT_ALLOWED_BY_SECURITY;
goto new_pp_err_secprop;
}
} else {
GVLOGDISC ("new_participant("
PGUIDFMT
"): security is already loaded for this domain\n", PGUID(*ppguid));
}
if (nn_xqos_has_prop (&pp->plist->qos, "dds.sec.", true))
{
if (!q_omg_security_check_create_participant (pp, gv->config.domainId))
{
ret = DDS_RETCODE_NOT_ALLOWED_BY_SECURITY;
goto not_allowed;
}
}
#endif
if (gv->logconfig.c.mask & DDS_LC_DISCOVERY)

8
src/core/ddsi/src/q_init.c
View file

@ -62,6 +62,8 @@
#include "dds__whc.h"
#include "dds/ddsi/ddsi_iid.h"
#include "dds/ddsi/ddsi_security_omg.h"
static void add_peer_addresses (const struct q_globals *gv, struct addrset *as, const struct config_peer_listelem *list)
{
while (list)
@ -1081,6 +1083,8 @@ int rtps_init (struct q_globals *gv)
* the entities (see DDS Security spec chapter 8.8.8.1). */
add_property_to_xqos(&gv->builtin_volatile_xqos_rd, "dds.sec.builtin_endpoint_name", "BuiltinParticipantVolatileMessageSecureReader");
add_property_to_xqos(&gv->builtin_volatile_xqos_wr, "dds.sec.builtin_endpoint_name", "BuiltinParticipantVolatileMessageSecureWriter");
q_omg_security_init( &gv->security_context );
#endif
make_special_topics (gv);
@ -1420,6 +1424,8 @@ err_unicast_sockets:
nn_xqos_fini (&gv->builtin_stateless_xqos_rd);
nn_xqos_fini (&gv->builtin_volatile_xqos_wr);
nn_xqos_fini (&gv->builtin_volatile_xqos_rd);
q_omg_security_deinit( &gv->security_context );
#endif
nn_xqos_fini (&gv->builtin_endpoint_xqos_wr);
nn_xqos_fini (&gv->builtin_endpoint_xqos_rd);
@ -1764,6 +1770,8 @@ void rtps_fini (struct q_globals *gv)
nn_xqos_fini (&gv->builtin_stateless_xqos_rd);
nn_xqos_fini (&gv->builtin_volatile_xqos_wr);
nn_xqos_fini (&gv->builtin_volatile_xqos_rd);
q_omg_security_deinit( &gv->security_context);
#endif
nn_xqos_fini (&gv->builtin_endpoint_xqos_wr);
nn_xqos_fini (&gv->builtin_endpoint_xqos_rd);

40
src/core/ddsi/src/q_plist.c
View file

@ -40,6 +40,7 @@
#include "dds/ddsi/q_misc.h" /* for vendor_is_... */
#include "dds/ddsi/ddsi_plist_generic.h"
#include "dds/ddsi/ddsi_security_omg.h"
/* I am tempted to change LENGTH_UNLIMITED to 0 in the API (with -1
supported for backwards compatibility) ... on the wire however
@ -2884,17 +2885,17 @@ dds_qos_t * nn_xqos_dup (const dds_qos_t *src)
return dst;
}
bool nn_xqos_has_prop (const dds_qos_t *xqos, const char *pname, bool startswith)
bool nn_xqos_has_prop (const dds_qos_t *xqos, const char *pname, bool startswith, bool check_non_empty)
{
if (!(xqos->present & QP_PROPERTY_LIST))
return false;
for (uint32_t i = 0; i < xqos->property.value.n; i++)
{
if (startswith && (strncmp (xqos->property.value.props[i].name, pname, strlen (pname)) == 0))
return true;
else if (!startswith && (strcmp (xqos->property.value.props[i].name, pname) == 0))
return true;
for (uint32_t i = 0; i < xqos->property.value.n; i++) {
if (startswith && (strncmp(xqos->property.value.props[i].name, pname, strlen(pname)) == 0)) {
return !check_non_empty || strlen(xqos->property.value.props[i].value) != 0;
} else if (!startswith && (strcmp(xqos->property.value.props[i].name, pname) == 0)) {
return !check_non_empty || strlen(xqos->property.value.props[i].value) != 0;
}
}
return false;
}
@ -2912,7 +2913,7 @@ static void fill_property(dds_property_t *prop, const char *name, const char *va
* plugins to get their proper settings. If security properties are already present in
* the QoS, the settings from configuration are ignored.
*/
bool nn_xqos_mergein_security_config (dds_qos_t *xqos, const struct omg_security_configuration_type *cfg)
void nn_xqos_mergein_security_config (dds_qos_t *xqos, const struct omg_security_configuration_type *cfg)
{
assert(cfg != NULL);
@ -2925,24 +2926,29 @@ bool nn_xqos_mergein_security_config (dds_qos_t *xqos, const struct omg_security
xqos->present |= QP_PROPERTY_LIST;
}
/* check for existing security properties (name starts with dds.sec. conform DDS Security spec 7.2.4.1)
* and return if any is found */
if (nn_xqos_has_prop (xqos, "dds.sec.", true))
return false;
/* assume that no security properties exist in qos: fill QoS properties with values from configuration */
xqos->property.value.props = ddsrt_realloc (xqos->property.value.props, xqos->property.value.n + 18 /* max */ * sizeof (dds_property_t));
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_AUTH_LIBRARY_PATH, cfg->authentication_plugin.library_path);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_AUTH_LIBRARY_INIT, cfg->authentication_plugin.library_init);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE, cfg->authentication_plugin.library_finalize);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_CRYPTO_LIBRARY_PATH, cfg->cryptography_plugin.library_path);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_CRYPTO_LIBRARY_INIT, cfg->cryptography_plugin.library_init);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE, cfg->cryptography_plugin.library_finalize);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_ACCESS_LIBRARY_PATH, cfg->access_control_plugin.library_path);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_ACCESS_LIBRARY_INIT, cfg->access_control_plugin.library_init);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE, cfg->access_control_plugin.library_finalize);
/* no security properties exist in qos: fill QoS properties with values from configuration */
xqos->property.value.props = ddsrt_realloc (xqos->property.value.props, xqos->property.value.n + 8 /* max */ * sizeof (dds_property_t));
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_AUTH_IDENTITY_CA, cfg->authentication_properties.identity_ca);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_AUTH_PRIV_KEY, cfg->authentication_properties.private_key);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_AUTH_IDENTITY_CERT, cfg->authentication_properties.identity_certificate);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_ACCESS_PERMISSIONS_CA, cfg->access_control_properties.permissions_ca);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_ACCESS_GOVERNANCE, cfg->access_control_properties.governance);
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_ACCESS_PERMISSIONS, cfg->access_control_properties.permissions);
if (cfg->authentication_properties.password && (strlen(cfg->authentication_properties.password) != 0))
if (cfg->authentication_properties.password )
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_AUTH_PASSWORD, cfg->authentication_properties.password);
if (cfg->authentication_properties.trusted_ca_dir && (strlen(cfg->authentication_properties.trusted_ca_dir) != 0))
if (cfg->authentication_properties.trusted_ca_dir )
fill_property(&(xqos->property.value.props[xqos->property.value.n++]), DDS_SEC_PROP_ACCESS_TRUSTED_CA_DIR, cfg->authentication_properties.trusted_ca_dir);
return true;
}
#endif /* DDSI_INCLUDE_SECURITY */

3
src/core/ddsi/src/q_xevent.c
View file

@ -977,12 +977,9 @@ static void handle_xevk_acknack (struct nn_xpack *xp, struct xevent *ev, nn_mtim
seqno_t nack_seq;
struct participant *pp = NULL;
if (q_omg_security_enabled())
{
struct reader *rd = entidx_lookup_reader_guid(pwr->e.gv->entity_index, &ev->u.acknack.rd_guid);
if (rd)
pp = rd->c.pp;
}
if ((msg = nn_xmsg_new (gv->xmsgpool, &ev->u.acknack.rd_guid, pp, ACKNACK_SIZE_MAX, NN_XMSG_KIND_CONTROL)) == NULL)
goto outofmem;

1
src/ddsrt/src/dynlib/posix/dynlib.c
View file

@ -44,6 +44,7 @@ dds_return_t ddsrt_dlopen(const char *name, bool translate,
*handle = dlopen(name, RTLD_GLOBAL | RTLD_NOW);
}
if (*handle != NULL) {
retcode = DDS_RETCODE_OK;
} else {

1
src/security/CMakeLists.txt
View file

@ -12,6 +12,7 @@
cmake_minimum_required(VERSION 3.7)
if( ENABLE_SECURITY )
add_definitions(-DDDSI_INCLUDE_SECURITY)
add_subdirectory(api)
add_subdirectory(core)

24
src/security/api/include/dds/security/dds_security_api_defs.h
View file

@ -183,6 +183,30 @@ typedef enum {
#define DDS_SECURITY_MASTER_RECEIVER_SPECIFIC_KEY_SIZE_128 16
#define DDS_SECURITY_MASTER_RECEIVER_SPECIFIC_KEY_SIZE_256 32
/**************************************************************************
* *
* Security Property Key Names *
* *
*************************************************************************/
#define DDS_SEC_PROP_AUTH_LIBRARY_PATH "dds.sec.auth.library.path"
#define DDS_SEC_PROP_AUTH_LIBRARY_INIT "dds.sec.auth.library.init"
#define DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE "dds.sec.auth.library.finalize"
#define DDS_SEC_PROP_CRYPTO_LIBRARY_PATH "dds.sec.crypto.library.path"
#define DDS_SEC_PROP_CRYPTO_LIBRARY_INIT "dds.sec.crypto.library.init"
#define DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE "dds.sec.crypto.library.finalize"
#define DDS_SEC_PROP_ACCESS_LIBRARY_PATH "dds.sec.access.library.path"
#define DDS_SEC_PROP_ACCESS_LIBRARY_INIT "dds.sec.access.library.init"
#define DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE "dds.sec.access.library.finalize"
#define DDS_SEC_PROP_AUTH_IDENTITY_CA "dds.sec.auth.identity_ca"
#define DDS_SEC_PROP_AUTH_PRIV_KEY "dds.sec.auth.private_key"
#define DDS_SEC_PROP_AUTH_IDENTITY_CERT "dds.sec.auth.identity_certificate"
#define DDS_SEC_PROP_AUTH_PASSWORD "dds.sec.auth.password"
#define DDS_SEC_PROP_ACCESS_PERMISSIONS_CA "dds.sec.access.permissions_ca"
#define DDS_SEC_PROP_ACCESS_GOVERNANCE "dds.sec.access.governance"
#define DDS_SEC_PROP_ACCESS_PERMISSIONS "dds.sec.access.permissions"
#define DDS_SEC_PROP_ACCESS_TRUSTED_CA_DIR "dds.sec.auth.trusted_ca_dir"
#if defined (__cplusplus)
}

2
src/security/builtin_plugins/authentication/src/auth_utils.c
View file

@ -79,7 +79,7 @@ get_openssl_error_message(
char *
get_certificate_subject_name(
const X509 *cert,
X509 *cert,
DDS_Security_SecurityException *ex)
{
X509_NAME *name;

2
src/security/builtin_plugins/authentication/src/auth_utils.h
View file

@ -61,7 +61,7 @@ get_openssl_error_message(
*/
char*
get_certificate_subject_name(
const X509 *cert,
X509 *cert,
DDS_Security_SecurityException *ex);
/* Return the expiry date of contained in a X509 certificate

9
src/security/builtin_plugins/authentication/src/authentication.c
View file

@ -199,7 +199,6 @@ typedef struct HandshakeInfo {
typedef struct dds_security_authentication_impl {
dds_security_authentication base;
int id; //sample internal member
ddsrt_mutex_t lock;
struct ddsrt_hh *objectHash;
struct ddsrt_hh *remoteGuidHash;
@ -969,8 +968,6 @@ validate_local_identity(
goto err_bad_param;
}
implementation->id = 2;
identityCertPEM = DDS_Security_Property_get_value(&participant_qos->property.value, PROPERTY_IDENTITY_CERT);
if (!identityCertPEM) {
result = DDS_SECURITY_VALIDATION_FAILED;
@ -3387,7 +3384,8 @@ DDS_Security_boolean return_sharedsecret_handle(
return true;
}
int32_t init_authentication( const char *argument, void **context)
int32_t
init_authentication( const char *argument, void **context)
{
dds_security_authentication_impl *authentication;
@ -3442,9 +3440,6 @@ int32_t init_authentication( const char *argument, void **context)
authentication->base.return_sharedsecret_handle = &return_sharedsecret_handle;
//prepare implementation wrapper
authentication->id = 1;
ddsrt_mutex_init(&authentication->lock);
authentication->objectHash = ddsrt_hh_new(32, security_object_hash, security_object_equal);

5
src/security/builtin_plugins/tests/CMakeLists.txt
View file

@ -50,9 +50,10 @@ set(security_crypto_test_sources
add_cunit_executable(cunit_security_plugins ${security_auth_test_sources} ${security_crypto_test_sources})
if(OPENSSL_FOUND)
target_link_libraries(cunit_security_plugins PRIVATE ddsc dds_security_crypto)
target_link_libraries(cunit_security_plugins PRIVATE OpenSSL::SSL)
else()
message(FATAL_ERROR "To build without openssl support, set DDSC_ENABLE_OPENSSL to OFF")
message(FATAL_ERROR "To build with openssl support, set ENABLE_OPENSSL to ON")
endif()
target_include_directories(
@ -65,7 +66,7 @@ target_include_directories(
"$<BUILD_INTERFACE:${CMAKE_CURRENT_BINARY_DIR}>"
)
target_link_libraries(cunit_security_plugins PRIVATE ddsc security_api dds_security_crypto)
set(CUnit_builtin_plugins_tests_dir "${CMAKE_CURRENT_LIST_DIR}")

14
src/security/core/CMakeLists.txt
View file

@ -12,19 +12,23 @@
PREPEND(srcs_security_core "${CMAKE_CURRENT_LIST_DIR}/src"
dds_security_serialize.c
dds_security_utils.c
dds_security_plugins.c
shared_secret.c
)
PREPEND(hdrs_public_security_core "${CMAKE_CURRENT_LIST_DIR}/include/security/core"
dds_security_core_if.h
dds_security_serialize.h
dds_security_types.h
dds_security_utils.h
dds_security_plugins.h
shared_secret.h
)
if(NOT WIN32)
set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIC" )
set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC" )
endif()
add_library(security_core INTERFACE)
@ -48,10 +52,4 @@ install(
DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/dds/security/core/"
COMPONENT dev)
#install(
# TARGETS security_core
# EXPORT "${PROJECT_NAME}"
# RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}" COMPONENT lib
# LIBRARY DESTINATION "${CMAKE_INSTALL_LIBDIR}" COMPONENT lib
# ARCHIVE DESTINATION "${CMAKE_INSTALL_LIBDIR}" COMPONENT lib
#)
add_subdirectory(tests/plugin_loading)

65
src/security/core/include/dds/security/core/dds_security_plugins.h Normal file
View file

@ -0,0 +1,65 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#ifndef SECURITY_CORE_PLUGINS_H_
#define SECURITY_CORE_PLUGINS_H_
#include "dds/export.h"
#include "dds/ddsrt/retcode.h"
#include "dds/ddsrt/dynlib.h"
#include <stdint.h>
#include "dds/security/dds_security_api.h"
typedef struct dds_security_plugin {
ddsrt_dynlib_t lib_handle;
plugin_init func_init;
plugin_finalize func_finalize;
char *name;
} dds_security_plugin;
/* we are using our own security plugin configuration (not certificates etc)
* because we do not want to depend on DDSI configuration data types.
*
* A configuration data type is needed because there are traverses to properties several times
*/
typedef struct dds_security_plugin_config {
char *library_path;
char *library_init;
char *library_finalize;
} dds_security_plugin_config;
typedef struct dds_security_plugin_suite_config{
dds_security_plugin_config authentication;
dds_security_plugin_config cryptography;
dds_security_plugin_config access_control;
} dds_security_plugin_suite_config;
DDS_EXPORT dds_return_t dds_security_plugin_release(
const dds_security_plugin *security_plugin,
void *context );
DDS_EXPORT dds_return_t dds_security_check_plugin_configuration(
const dds_security_plugin_suite_config *security_suite_config );
DDS_EXPORT dds_return_t dds_security_load_security_library(
const dds_security_plugin_config *plugin_config,
dds_security_plugin *security_plugin, void **security_plugin_context);
DDS_EXPORT dds_return_t dds_security_verify_plugin_functions(
dds_security_authentication *authentication_context, dds_security_plugin *auth_plugin,
dds_security_cryptography *crypto_context, dds_security_plugin *crypto_plugin,
dds_security_access_control *access_control_context, dds_security_plugin *ac_plugin);
#endif /* SECURITY_CORE_PLUGINS_H_ */

404
src/security/core/src/dds_security_plugins.c Normal file
View file

@ -0,0 +1,404 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include <string.h>
#include "dds/ddsrt/misc.h"
#include "dds/security/core/dds_security_utils.h"
#include "dds/security/core/dds_security_plugins.h"
#include "dds/security/dds_security_api.h"
#include "dds/ddsi/q_unused.h"
#include "dds/ddsi/ddsi_security_msg.h"
#include "dds/ddsi/ddsi_security_omg.h"
#include "dds/ddsi/q_config.h"
#include "dds/ddsi/q_log.h"
#include "dds/ddsrt/atomics.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/dynlib.h"
#include "dds/ddsrt/process.h"
#include "dds/ddsrt/string.h"
#include "dds/ddsrt/sync.h"
#include "dds/ddsrt/hopscotch.h"
#include "dds/ddsi/q_entity.h"
#include "dds/ddsi/q_bswap.h"
#include "dds/ddsi/q_xevent.h"
#include "dds/ddsi/q_time.h"
#include "dds/ddsi/q_plist.h"
#include "dds/ddsrt/io.h"
#define AUTH_NAME "Authentication"
#define AC_NAME "Access Control"
#define CRYPTO_NAME "Cryptographic"
dds_return_t dds_security_check_plugin_configuration(
const dds_security_plugin_suite_config *security_suite_config )
{
dds_return_t result = DDS_RETCODE_ERROR;
if (security_suite_config->access_control.library_path == NULL) {
DDS_ERROR("AccessControl security plugin library path is not defined");
} else if (strlen(security_suite_config->access_control.library_path)
== 0) {
DDS_ERROR("AccessControl security plugin library path is empty ");
} else if (security_suite_config->access_control.library_init == NULL) {
DDS_ERROR("AccessControl security plugin init function is not defined");
} else if (strlen(security_suite_config->access_control.library_init)
== 0) {
DDS_ERROR("AccessControl security plugin init function is empty ");
} else if (security_suite_config->access_control.library_finalize == NULL) {
DDS_ERROR(
"AccessControl security plugin finalize function is not defined ");
} else if (strlen(security_suite_config->access_control.library_finalize)
== 0) {
DDS_ERROR("AccessControl security plugin finalize function is empty");
} else if (security_suite_config->authentication.library_path == NULL) {
DDS_ERROR(
"Authentication security plugin library path is not defined in the configuration ");
} else if (strlen(security_suite_config->authentication.library_path)
== 0) {
DDS_ERROR("Authentication security plugin library path is empty ");
} else if (security_suite_config->authentication.library_init == NULL) {
DDS_ERROR("Authentication security plugin init function is not defined ");
} else if (strlen(security_suite_config->authentication.library_init)
== 0) {
DDS_ERROR("Authentication security plugin init function is empty ");
} else if (security_suite_config->authentication.library_finalize == NULL) {
DDS_ERROR(
"Authentication security plugin finalize function is not defined ");
} else if (strlen(security_suite_config->authentication.library_finalize)
== 0) {
DDS_ERROR("Authentication security plugin finalize function is empty");
} else if (security_suite_config->cryptography.library_path == NULL) {
DDS_ERROR(
"Cryptography security plugin library path is not defined in the configuration ");
} else if (strlen(security_suite_config->cryptography.library_path)
== 0) {
DDS_ERROR("Cryptography security plugin library path is empty ");
} else if (security_suite_config->cryptography.library_init == NULL) {
DDS_ERROR("Cryptography security plugin init function is not defined ");
} else if (strlen(security_suite_config->cryptography.library_init)
== 0) {
DDS_ERROR("Cryptography security plugin init function is empty ");
} else if (security_suite_config->cryptography.library_finalize == NULL) {
DDS_ERROR("Cryptography security plugin finalize function is not defined ");
} else if (strlen(security_suite_config->cryptography.library_finalize)
== 0) {
DDS_ERROR("Cryptography security plugin finalize function is empty");
} else {
result = DDS_RETCODE_OK;
}
return result;
}
/*
* checks the function pointer value and CHANGES the out-result value if it is NULL
*/
static bool verify_function(void *function_ptr, dds_security_plugin *plugin,
const char *function_name)
{
if ( function_ptr == NULL ) {
DDS_ERROR("Could not find the function for %s: %s \n", plugin->name,
function_name);
return false;
}
else {
return true;
}
}
dds_return_t dds_security_verify_plugin_functions(
dds_security_authentication *authentication_context, dds_security_plugin *auth_plugin,
dds_security_cryptography *crypto_context, dds_security_plugin *crypto_plugin,
dds_security_access_control *access_control_context, dds_security_plugin *ac_plugin)
{
if(
verify_function(authentication_context->validate_local_identity, auth_plugin,
"validate_local_identity" ) &&
verify_function(authentication_context->get_identity_token, auth_plugin,
"get_identity_token" ) &&
verify_function(authentication_context->get_identity_status_token,
auth_plugin, "get_identity_status_token" ) &&
verify_function(authentication_context->set_permissions_credential_and_token,
auth_plugin, "set_permissions_credential_and_token" ) &&
verify_function(authentication_context->validate_remote_identity,
auth_plugin, "validate_remote_identity" ) &&
verify_function(authentication_context->begin_handshake_request, auth_plugin,
"begin_handshake_request" ) &&
verify_function(authentication_context->begin_handshake_reply, auth_plugin,
"begin_handshake_reply" ) &&
verify_function(authentication_context->process_handshake, auth_plugin,
"process_handshake" ) &&
verify_function(authentication_context->get_shared_secret, auth_plugin,
"get_shared_secret" ) &&
verify_function(
authentication_context->get_authenticated_peer_credential_token,
auth_plugin, "get_authenticated_peer_credential_token" ) &&
verify_function(authentication_context->set_listener, auth_plugin,
"set_listener" ) &&
verify_function(authentication_context->return_identity_token, auth_plugin,
"return_identity_token" ) &&
verify_function(authentication_context->return_identity_status_token,
auth_plugin, "return_identity_status_token" ) &&
verify_function(
authentication_context->return_authenticated_peer_credential_token,
auth_plugin, "return_authenticated_peer_credential_token" ) &&
verify_function(authentication_context->return_handshake_handle, auth_plugin,
"return_handshake_handle" ) &&
verify_function(authentication_context->return_identity_handle, auth_plugin,
"return_identity_handle" ) &&
verify_function(authentication_context->return_sharedsecret_handle,
auth_plugin, "return_sharedsecret_handle" ) &&
verify_function(access_control_context->validate_local_permissions,
ac_plugin, "validate_local_permissions" ) &&
verify_function(access_control_context->validate_remote_permissions,
ac_plugin, "validate_remote_permissions" ) &&
verify_function(access_control_context->check_create_participant, ac_plugin,
"check_create_participant" ) &&
verify_function(access_control_context->check_create_datawriter, ac_plugin,
"check_create_datawriter" ) &&
verify_function(access_control_context->check_create_datareader, ac_plugin,
"check_create_datareader" ) &&
verify_function(access_control_context->check_create_topic, ac_plugin,
"check_create_topic" ) &&
verify_function(
access_control_context->check_local_datawriter_register_instance,
ac_plugin, "check_local_datawriter_register_instance" ) &&
verify_function(
access_control_context->check_local_datawriter_dispose_instance,
ac_plugin, "check_local_datawriter_dispose_instance" ) &&
verify_function(access_control_context->check_remote_participant, ac_plugin,
"check_remote_participant" ) &&
verify_function(access_control_context->check_remote_datawriter, ac_plugin,
"check_remote_datawriter" ) &&
verify_function(access_control_context->check_remote_datareader, ac_plugin,
"check_remote_datareader" ) &&
verify_function(access_control_context->check_remote_topic, ac_plugin,
"check_remote_topic" ) &&
verify_function(access_control_context->check_local_datawriter_match,
ac_plugin, "check_local_datawriter_match" ) &&
verify_function(access_control_context->check_local_datareader_match,
ac_plugin, "check_local_datareader_match" ) &&
verify_function(
access_control_context->check_remote_datawriter_register_instance,
ac_plugin, "check_remote_datawriter_register_instance" ) &&
verify_function(
access_control_context->check_remote_datawriter_dispose_instance,
ac_plugin, "check_remote_datawriter_dispose_instance" ) &&
verify_function(access_control_context->get_permissions_token, ac_plugin,
"get_permissions_token" ) &&
verify_function(access_control_context->get_permissions_credential_token,
ac_plugin, "get_permissions_credential_token" ) &&
verify_function(access_control_context->set_listener, ac_plugin,
"set_listener" ) &&
verify_function(access_control_context->return_permissions_token, ac_plugin,
"return_permissions_token" ) &&
verify_function(access_control_context->return_permissions_credential_token,
ac_plugin, "return_permissions_credential_token" ) &&
verify_function(access_control_context->get_participant_sec_attributes,
ac_plugin, "get_participant_sec_attributes" ) &&
verify_function(access_control_context->get_topic_sec_attributes, ac_plugin,
"get_topic_sec_attributes" ) &&
verify_function(access_control_context->get_datawriter_sec_attributes,
ac_plugin, "get_datawriter_sec_attributes" ) &&
verify_function(access_control_context->get_datareader_sec_attributes,
ac_plugin, "get_datareader_sec_attributes" ) &&
verify_function(access_control_context->return_participant_sec_attributes,
ac_plugin, "return_participant_sec_attributes" ) &&
verify_function(access_control_context->return_datawriter_sec_attributes,
ac_plugin, "return_datawriter_sec_attributes" ) &&
verify_function(access_control_context->return_datareader_sec_attributes,
ac_plugin, "return_datareader_sec_attributes" ) &&
verify_function(access_control_context->return_permissions_handle,
ac_plugin, "return_permissions_handle" ) &&
verify_function(
crypto_context->crypto_key_factory->register_local_participant,
crypto_plugin, "register_local_participant" ) &&
verify_function(
crypto_context->crypto_key_factory->register_matched_remote_participant,
crypto_plugin, "register_matched_remote_participant" ) &&
verify_function(crypto_context->crypto_key_factory->register_local_datawriter,
crypto_plugin, "register_local_datawriter" ) &&
verify_function(
crypto_context->crypto_key_factory->register_matched_remote_datareader,
crypto_plugin, "register_matched_remote_datareader" ) &&
verify_function(crypto_context->crypto_key_factory->register_local_datareader,
crypto_plugin, "register_local_datareader" ) &&
verify_function(
crypto_context->crypto_key_factory->register_matched_remote_datawriter,
crypto_plugin, "register_matched_remote_datawriter" ) &&
verify_function(crypto_context->crypto_key_factory->unregister_participant,
crypto_plugin, "unregister_participant" ) &&
verify_function(crypto_context->crypto_key_factory->unregister_datawriter,
crypto_plugin, "unregister_datawriter" ) &&
verify_function(crypto_context->crypto_key_factory->unregister_datareader,
crypto_plugin, "unregister_datareader" ) &&
verify_function(
crypto_context->crypto_key_exchange->create_local_participant_crypto_tokens,
crypto_plugin, "create_local_participant_crypto_tokens" ) &&
verify_function(
crypto_context->crypto_key_exchange->set_remote_participant_crypto_tokens,
crypto_plugin, "set_remote_participant_crypto_tokens" ) &&
verify_function(
crypto_context->crypto_key_exchange->create_local_datawriter_crypto_tokens,
crypto_plugin, "create_local_datawriter_crypto_tokens" ) &&
verify_function(
crypto_context->crypto_key_exchange->set_remote_datawriter_crypto_tokens,
crypto_plugin, "set_remote_datawriter_crypto_tokens" ) &&
verify_function(
crypto_context->crypto_key_exchange->create_local_datareader_crypto_tokens,
crypto_plugin, "create_local_datareader_crypto_tokens" ) &&
verify_function(
crypto_context->crypto_key_exchange->set_remote_datareader_crypto_tokens,
crypto_plugin, "set_remote_datareader_crypto_tokens" ) &&
verify_function(crypto_context->crypto_key_exchange->return_crypto_tokens,
crypto_plugin, "return_crypto_tokens" ) &&
verify_function(crypto_context->crypto_transform->encode_serialized_payload,
crypto_plugin, "encode_serialized_payload" ) &&
verify_function(
crypto_context->crypto_transform->encode_datawriter_submessage,
crypto_plugin, "encode_datawriter_submessage" ) &&
verify_function(
crypto_context->crypto_transform->encode_datareader_submessage,
crypto_plugin, "encode_datareader_submessage" ) &&
verify_function(crypto_context->crypto_transform->encode_rtps_message,
crypto_plugin, "encode_rtps_message" ) &&
verify_function(crypto_context->crypto_transform->decode_rtps_message,
crypto_plugin, "decode_rtps_message" ) &&
verify_function(crypto_context->crypto_transform->preprocess_secure_submsg,
crypto_plugin, "preprocess_secure_submsg" ) &&
verify_function(
crypto_context->crypto_transform->decode_datawriter_submessage,
crypto_plugin, "decode_datawriter_submessage" ) &&
verify_function(
crypto_context->crypto_transform->decode_datareader_submessage,
crypto_plugin, "decode_datareader_submessage" ) &&
verify_function(crypto_context->crypto_transform->decode_serialized_payload,
crypto_plugin, "decode_serialized_payload" ) ){
return DDS_RETCODE_OK;
}
else {
return DDS_RETCODE_ERROR;
}
}
/**
* All fields of the library properties are supposed to be non-empty
*/
dds_return_t dds_security_load_security_library(
const dds_security_plugin_config *plugin_config,
dds_security_plugin *security_plugin,
void **security_plugin_context)
{
dds_return_t ret = DDS_RETCODE_ERROR;
dds_return_t lib_ret = DDS_RETCODE_ERROR;
char * init_parameters = "";
char *library_str;
assert( plugin_config->library_path );
assert( plugin_config->library_init );
assert( plugin_config->library_finalize );
if ( strlen(plugin_config->library_path) > 0 ) {
//library_str = ddsrt_malloc(strlen(plugin_config->library_path) + 1);
if (strncmp(plugin_config->library_path, "file://", 7) == 0) {
(void)ddsrt_asprintf(&library_str, "%s", &plugin_config->library_path[7]);
} else {
(void)ddsrt_asprintf(&library_str, "%s", plugin_config->library_path);
}
lib_ret = ddsrt_dlopen( library_str, true, &security_plugin->lib_handle);
ddsrt_free(library_str);
if( lib_ret == DDS_RETCODE_OK && security_plugin->lib_handle){
/* Get init and fini functions . */
if ( ddsrt_dlsym(security_plugin->lib_handle, plugin_config->library_init, (void **)&security_plugin->func_init) == DDS_RETCODE_OK){
if ( ddsrt_dlsym(security_plugin->lib_handle, plugin_config->library_finalize, (void **)&security_plugin->func_finalize) == DDS_RETCODE_OK){
/* Initialize plugin. */
if ( security_plugin->func_init != NULL) {
lib_ret = security_plugin->func_init(init_parameters, (void **) security_plugin_context);
if (lib_ret == DDS_RETCODE_OK){ /* error occured on init */
return DDS_RETCODE_OK;
} else{
DDS_ERROR("Error occured while initializing %s plugin\n",
security_plugin->name);
goto library_error;
}
}
}
else {
DDS_ERROR("Could not find the function: %s\n", plugin_config->library_finalize);
goto library_error;
}
}
else{
DDS_ERROR("Could not find the function: %s\n",plugin_config->library_init);
goto library_error;
}
} else {
char buffer[256];
ddsrt_dlerror(buffer, sizeof(buffer));
DDS_ERROR("Could not load %s library: %s\n", security_plugin->name, buffer);
goto load_error;
}
return ret;
}
library_error:
ddsrt_dlclose(security_plugin->lib_handle);
security_plugin->lib_handle = NULL;
load_error:
return ret;
}
dds_return_t dds_security_plugin_release( const dds_security_plugin *security_plugin, void *context ){
dds_return_t result= DDS_RETCODE_OK;
assert( security_plugin->lib_handle );
assert( security_plugin->func_finalize );
/* if get error from either finalize OR close, return error */
if( security_plugin->func_finalize( context ) != DDS_RETCODE_OK){
DDS_ERROR("Error occured while finaizing %s plugin", security_plugin->name);
result = DDS_RETCODE_ERROR;
}
if( ddsrt_dlclose( security_plugin->lib_handle ) != DDS_RETCODE_OK){
result = DDS_RETCODE_ERROR;
}
return result;
}

129
src/security/core/tests/plugin_loading/CMakeLists.txt Normal file
View file

@ -0,0 +1,129 @@
#
# Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
#
# This program and the accompanying materials are made available under the
# terms of the Eclipse Public License v. 2.0 which is available at
# http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
# v. 1.0 which is available at
# http://www.eclipse.org/org/documents/edl-v10.php.
#
# SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
#
include (GenerateExportHeader)
include (CUnit)
set(security_plugin_loading_test_sources
"plugin_loading.c"
)
add_cunit_executable(cunit_security_plugin_loading ${security_plugin_loading_test_sources})
target_include_directories(
cunit_security_plugin_loading PRIVATE
"$<BUILD_INTERFACE:${CMAKE_BINARY_DIR}/src/include/>"
"$<BUILD_INTERFACE:$<TARGET_PROPERTY:ddsrt,INTERFACE_INCLUDE_DIRECTORIES>>"
"$<BUILD_INTERFACE:$<TARGET_PROPERTY:ddsc,INTERFACE_INCLUDE_DIRECTORIES>>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_LIST_DIR}>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_BINARY_DIR}>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_LIST_DIR}/../../../../core/ddsi/include>"
)
target_link_libraries(cunit_security_plugin_loading PRIVATE ddsc security_api)
target_include_directories(cunit_security_plugin_loading PRIVATE "${CMAKE_CURRENT_BINARY_DIR}")
set(CUnit_plugin_mock_dir ".")
configure_file("config_env.h.in" "config_env.h")
# Let the cunit application know the location and name of the library.
file(TO_NATIVE_PATH "${CMAKE_CURRENT_BINARY_DIR}" test_lib_native_dir)
file(TO_NATIVE_PATH "." test_lib_sep)
string(REPLACE "\\" "\\\\" test_lib_dir ${test_lib_native_dir})
string(REPLACE "\\" "\\\\" test_lib_sep ${test_lib_sep})
configure_file("config_env.h.in" "${CMAKE_CURRENT_BINARY_DIR}/include/config_env.h" @ONLY)
# Let ctest set the proper library path when executing library tests.
unset(test_lib_tests)
process_cunit_source_file("plugin_loading.c" test_lib_header test_lib_suites test_lib_tests)
foreach(libtest ${test_lib_tests})
string(REPLACE ":" ";" libtest ${libtest})
list(GET libtest 0 suite)
list(GET libtest 1 test)
set(libtestname "CUnit_${suite}_${test}")
if("${CMAKE_HOST_SYSTEM}" MATCHES ".*Windows.*")
set_property(TEST ${libtestname} APPEND PROPERTY ENVIRONMENT "${test_lib_native_dir}")
else()
set_property(TEST ${libtestname} APPEND PROPERTY ENVIRONMENT "LD_LIBRARY_PATH=${test_lib_native_dir};$ENV{LD_LIBRARY_PATH}")
endif()
endforeach()
function( add_mock libname casename )
PREPEND(srcs_mock_authentication_all_ok "${CMAKE_CURRENT_LIST_DIR}/plugin_mock/${casename}"
"mock_${libname}.c"
)
# PREPEND(hdrs_private_authentication_all_ok "${CMAKE_CURRENT_LIST_DIR}/plugin_mock/${casename}"
# "mock_${libname}.h"
# )
#
add_library("dds_security_${casename}" SHARED "")
generate_export_header(
"dds_security_${casename}"
BASE_NAME SECURITY
EXPORT_FILE_NAME "${CMAKE_CURRENT_BINARY_DIR}/include/dds/security/${casename}_export.h"
)
set_target_properties(
"dds_security_${casename}"
PROPERTIES
RUNTIME_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
RUNTIME_OUTPUT_DIRECTORY_DEBUG ${CMAKE_CURRENT_BINARY_DIR}
RUNTIME_OUTPUT_DIRECTORY_RELEASE ${CMAKE_CURRENT_BINARY_DIR}
RUNTIME_OUTPUT_DIRECTORY_RELWITHDEBINFO ${CMAKE_CURRENT_BINARY_DIR}
RUNTIME_OUTPUT_DIRECTORY_MINSIZEREL ${CMAKE_CURRENT_BINARY_DIR}
LIBRARY_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
LIBRARY_OUTPUT_DIRECTORY_DEBUG ${CMAKE_CURRENT_BINARY_DIR}
LIBRARY_OUTPUT_DIRECTORY_RELEASE ${CMAKE_CURRENT_BINARY_DIR}
LIBRARY_OUTPUT_DIRECTORY_RELWITHDEBINFO ${CMAKE_CURRENT_BINARY_DIR}
LIBRARY_OUTPUT_DIRECTORY_MINSIZEREL ${CMAKE_CURRENT_BINARY_DIR} )
#find_package(OpenSSL )
target_link_libraries("dds_security_${casename}" PUBLIC ddsc)
#target_link_libraries("dds_security_${casename}" PUBLIC OpenSSL::SSL)
target_sources("dds_security_${casename}"
PRIVATE
${srcs_mock_authentication_all_ok}
)
target_include_directories("dds_security_${casename}"
PUBLIC
"$<BUILD_INTERFACE:$<TARGET_PROPERTY:security_api,INTERFACE_INCLUDE_DIRECTORIES>>"
"$<BUILD_INTERFACE:$<TARGET_PROPERTY:security_core,INTERFACE_INCLUDE_DIRECTORIES>>"
"$<BUILD_INTERFACE:$<TARGET_PROPERTY:ddsrt,INTERFACE_INCLUDE_DIRECTORIES>>"
"$<BUILD_INTERFACE:${CMAKE_CURRENT_BINARY_DIR}/include>"
)
endfunction()
#PLUGIN MOCKS
add_mock( authentication authentication_all_ok )
add_mock( authentication authentication_all_ok_other )
add_mock( authentication authentication_missing_function )
add_mock( authentication authentication_finalize_error )
add_mock( access_control access_control_all_ok )
add_mock( access_control access_control_missing_function )
add_mock( cryptography cryptography_all_ok )
add_mock( cryptography cryptography_missing_function )
add_mock( authentication authentication_init_error )

21
src/security/core/tests/plugin_loading/config_env.h.in Normal file
View file

@ -0,0 +1,21 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#ifndef CONFIG_ENV_H
#define CONFIG_ENV_H
#define CONFIG_ENV_PLUGIN_MOCK_DIR "@CUnit_plugin_mock_dir@"
#define TEST_LIB_DIR "@test_lib_dir@"
#define TEST_LIB_SEP "@test_lib_sep@"
#define TEST_LIB_SUFFIX "@CMAKE_SHARED_LIBRARY_SUFFIX@"
#define TEST_LIB_PREFIX "@CMAKE_SHARED_LIBRARY_PREFIX@"
#endif /* CONFIG_ENV_H */

910
src/security/core/tests/plugin_loading/plugin_loading.c Normal file
View file

@ -0,0 +1,910 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include <stdlib.h>
#include <dds/security/dds_security_api_defs.h>
#include "dds/dds.h"
#include "CUnit/Test.h"
#include "config_env.h"
#include "dds/version.h"
#include "dds/ddsrt/cdtors.h"
#include "dds/ddsrt/environ.h"
#include "dds/ddsrt/heap.h"
//#include "dds/ddsi/ddsi_security_omg.h"
#define FORCE_ENV
#define URI_VARIABLE DDS_PROJECT_NAME_NOSPACE_CAPS"_URI"
#define MAX_PARTICIPANTS_VARIABLE "MAX_PARTICIPANTS"
static bool print_log=true;
static int patmatch (const char *pat, const char *str)
{
while (*pat)
{
if (*pat == '?')
{
/* any character will do */
if (*str++ == 0)
{
return 0;
}
pat++;
}
else if (*pat == '*')
{
/* collapse a sequence of wildcards, requiring as many
characters in str as there are ?s in the sequence */
while (*pat == '*' || *pat == '?')
{
if (*pat == '?' && *str++ == 0)
{
return 0;
}
pat++;
}
/* try matching on all positions where str matches pat */
while (*str)
{
if (*str == *pat && patmatch (pat+1, str+1))
{
return 1;
}
str++;
}
return *pat == 0;
}
else
{
/* only an exact match */
if (*str++ != *pat++)
{
return 0;
}
}
}
return *str == 0;
}
/*
* The 'found' variable will contain flags related to the expected log
* messages that were received.
* Using flags will allow to show that when message isn't received,
* which one it was.
*/
static uint32_t found;
static void logger(void *ptr, const dds_log_data_t *data) {
char **expected = (char **) ptr;
if (print_log) {
printf("%s\n", data->message);
}
for (uint32_t i = 0; expected[i] != NULL; i++) {
if (patmatch(expected[i], data->message)) {
found |= (uint32_t)(1 << i);
}
}
}
CU_Test(ddssec_security_plugin_loading, all_ok, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"DDS Security plugins have been loaded*",
NULL
};
const char *sec_config =
"<"DDS_PROJECT_NAME">"
"<Domain id=\"any\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_authentication_all_ok\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_cryptography_all_ok\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_access_control_all_ok\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
"</AccessControl>"
"</DDSSecurity>"
"</Domain>"
"</"DDS_PROJECT_NAME">";
dds_entity_t participant;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_FATAL|DDS_LC_ERROR|DDS_LC_WARNING|DDS_LC_INFO| DDS_LC_TRACE);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create participant with security elements. */
found = 0;
ddsrt_setenv(URI_VARIABLE, sec_config);
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
dds_set_log_sink(NULL,NULL);
dds_set_trace_sink(NULL,NULL);
ddsrt_setenv(URI_VARIABLE, "");
CU_ASSERT_FATAL(found == 0x1);
dds_delete(participant);
}
CU_Test(ddssec_security_plugin_loading, missing_finalize, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"Could not find the function: finalize_authentication*",
"Could not load Authentication plugin*",
NULL
};
const char *sec_config =
"<"DDS_PROJECT_NAME">"
"<Domain id=\"any\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_authentication_finalize_error\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_cryptography_all_ok\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_access_control_all_ok\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
"</AccessControl>"
"</DDSSecurity>"
"</Domain>"
"</"DDS_PROJECT_NAME">";
dds_entity_t participant;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_FATAL|DDS_LC_ERROR|DDS_LC_WARNING|DDS_LC_CONFIG);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create participant with security elements. */
found = 0;
ddsrt_setenv(URI_VARIABLE, sec_config);
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
dds_set_log_sink( NULL, NULL );
dds_set_trace_sink(NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant == DDS_RETCODE_ERROR );
#else
dds_delete(participant);
#endif
CU_ASSERT_FATAL(found == 0x3);
}
CU_Test(ddssec_security_plugin_loading, authentication_missing_function, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"Could not find the function for Authentication: get_shared_secret*",
"Could not load security*",
NULL
};
const char *sec_config =
"<"DDS_PROJECT_NAME">"
"<Domain id=\"any\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_authentication_missing_function\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_cryptography_all_ok\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_access_control_all_ok\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
"</AccessControl>"
"</DDSSecurity>"
"</Domain>"
"</"DDS_PROJECT_NAME">";
dds_entity_t participant;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_ERROR);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create participant with security elements. */
found = 0;
ddsrt_setenv(URI_VARIABLE, sec_config);
print_log = true;
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant == DDS_RETCODE_ERROR );
#else
dds_delete(participant);
#endif
CU_ASSERT_FATAL(found == 0x3);
}
CU_Test(ddssec_security_plugin_loading, access_control_missing_function, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"Could not find the function for Access Control: check_create_datareader*",
"Could not load security*",
NULL
};
const char *sec_config =
"<"DDS_PROJECT_NAME">"
"<Domain id=\"any\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_authentication_all_ok\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_cryptography_all_ok\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_access_control_missing_function\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
"</AccessControl>"
"</DDSSecurity>"
"</Domain>"
"</"DDS_PROJECT_NAME">";
dds_entity_t participant;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_FATAL|DDS_LC_ERROR);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create participant with security elements. */
found = 0;
ddsrt_setenv(URI_VARIABLE, sec_config);
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant == DDS_RETCODE_ERROR );
#else
dds_delete(participant);
#endif
CU_ASSERT_FATAL(found == 0x3);
}
CU_Test(ddssec_security_plugin_loading, cryptography_missing_function, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"Could not find the function for Cryptographic: set_remote_participant_crypto_tokens*",
"Could not load security*",
NULL
};
const char *sec_config =
"<"DDS_PROJECT_NAME">"
"<Domain id=\"any\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_authentication_all_ok\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_cryptography_missing_function\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_access_control_all_ok\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
"</AccessControl>"
"</DDSSecurity>"
"</Domain>"
"</"DDS_PROJECT_NAME">";
dds_entity_t participant;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_FATAL|DDS_LC_ERROR|DDS_LC_WARNING);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create participant with security elements. */
found = 0;
ddsrt_setenv(URI_VARIABLE, sec_config);
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant == DDS_RETCODE_ERROR );
#else
dds_delete(participant);
#endif
CU_ASSERT_FATAL(found == 0x3);
}
CU_Test(ddssec_security_plugin_loading, no_library_in_path, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"Could not load Authentication library: no_library_in_path: cannot open shared object file: No such file or directory*",
"Could not load Authentication library: *not*found*",
"Could not load Authentication plugin*",
"Could not load security*",
NULL
};
const char *sec_config =
"<"DDS_PROJECT_NAME">"
"<Domain id=\"any\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"no_library_in_path\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_cryptography_all_ok\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_access_control_all_ok\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
"</AccessControl>"
"</DDSSecurity>"
"</Domain>"
"</"DDS_PROJECT_NAME">";
dds_entity_t participant;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_FATAL|DDS_LC_ERROR|DDS_LC_WARNING|DDS_LC_INFO| DDS_LC_TRACE);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create participant with security elements. */
found = 0;
ddsrt_setenv(URI_VARIABLE, sec_config);
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant == DDS_RETCODE_ERROR );
#else
dds_delete(participant);
#endif
CU_ASSERT_FATAL(found == 0xd || found == 0xe);
dds_delete(participant);
}
CU_Test(ddssec_security_plugin_loading, init_error, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"Error occured while initializing Authentication plugin*",
"Could not load Authentication plugin*",
"Could not load security*",
NULL
};
const char *sec_config =
"<"DDS_PROJECT_NAME">"
"<Domain id=\"any\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_authentication_init_error\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_cryptography_all_ok\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_access_control_all_ok\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
"</AccessControl>"
"</DDSSecurity>"
"</Domain>"
"</"DDS_PROJECT_NAME">";
dds_entity_t participant;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_FATAL|DDS_LC_ERROR|DDS_LC_WARNING|DDS_LC_INFO| DDS_LC_TRACE);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create participant with security elements. */
found = 0;
ddsrt_setenv(URI_VARIABLE, sec_config);
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant == DDS_RETCODE_ERROR );
#else
dds_delete(participant);
#endif
CU_ASSERT_FATAL(found == 0x7);
dds_delete(participant);
}
CU_Test(ddssec_security_plugin_loading, all_ok_with_props, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"DDS Security plugins have been loaded*",
NULL
};
dds_entity_t participant;
dds_qos_t * qos;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_INFO);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create the qos */
unsigned char bvalue[3] = { 0x01, 0x02, 0x03 };
CU_ASSERT_FATAL ((qos = dds_create_qos()) != NULL);
dds_qset_prop (qos, "test.prop1", "testtext_value1_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PRIV_KEY, "testtext_PrivateKey_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CERT, "testtext_IdentityCertificate_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS_CA, "file:Permissions_CA.pem");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_GOVERNANCE, "file:Governance.p7s");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS, "file:Permissions.p7s");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PASSWORD, "testtext_Password_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_TRUSTED_CA_DIR, "file:/test/dir");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_PATH, "dds_security_authentication_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_INIT, "init_authentication");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE, "finalize_authentication");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_PATH, "dds_security_cryptography_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_INIT, "init_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE, "finalize_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_PATH, "dds_security_access_control_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_INIT, "init_access_control");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE, "finalize_access_control");
dds_qset_prop (qos, "test.prop2", "testtext_value2_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_bprop (qos, "test.bprop1", bvalue, 3);
/* Create participant with security config in qos. */
found = 0;
ddsrt_setenv(URI_VARIABLE, "<Tracing><Verbosity>finest</></>");
CU_ASSERT_FATAL ((participant = dds_create_participant(DDS_DOMAIN_DEFAULT, qos, NULL)) > 0);
ddsrt_setenv(URI_VARIABLE, "");
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
dds_delete(participant);
dds_delete_qos(qos);
CU_ASSERT_FATAL(found == 0x1);
}
CU_Test(ddssec_security_plugin_loading, missing_plugin_property_with_props, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"*using security settings from QoS*",
"*required security property dds.sec.auth.library.init missing in Property QoS*",
NULL
};
dds_entity_t participant;
dds_qos_t * qos;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_INFO|DDS_LC_ERROR);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create the qos */
unsigned char bvalue[3] = { 0x01, 0x02, 0x03 };
CU_ASSERT_FATAL ((qos = dds_create_qos()) != NULL);
dds_qset_prop (qos, "test.prop1", "testtext_value1_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PRIV_KEY, "testtext_PrivateKey_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CERT, "testtext_IdentityCertificate_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS_CA, "file:Permissions_CA.pem");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_GOVERNANCE, "file:Governance.p7s");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS, "file:Permissions.p7s");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PASSWORD, "testtext_Password_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_TRUSTED_CA_DIR, "file:/test/dir");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_PATH, "dds_security_authentication_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE, "finalize_authentication");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_PATH, "dds_security_cryptography_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_INIT, "init_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE, "finalize_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_PATH, "dds_security_access_control_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_INIT, "init_access_control");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE, "finalize_access_control");
dds_qset_prop (qos, "test.prop2", "testtext_value2_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_bprop (qos, "test.bprop1", bvalue, 3);
/* Create participant with security config in qos. */
found = 0;
ddsrt_setenv(URI_VARIABLE, "<Tracing><Verbosity>finest</></>");
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, qos, NULL);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant == DDS_RETCODE_ERROR );
#else
dds_delete(participant);
#endif
CU_ASSERT_FATAL(found == 0x3);
dds_delete_qos(qos);
}
CU_Test(ddssec_security_plugin_loading, empty_plugin_property_with_props, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"*using security settings from QoS*",
"*required security property dds.sec.auth.library.finalize missing in Property QoS*",
NULL
};
dds_entity_t participant;
dds_qos_t * qos;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_INFO|DDS_LC_ERROR);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create the qos */
unsigned char bvalue[3] = { 0x01, 0x02, 0x03 };
CU_ASSERT_FATAL ((qos = dds_create_qos()) != NULL);
dds_qset_prop (qos, "test.prop1", "testtext_value1_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PRIV_KEY, "testtext_PrivateKey_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CERT, "testtext_IdentityCertificate_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS_CA, "file:Permissions_CA.pem");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_GOVERNANCE, "file:Governance.p7s");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS, "file:Permissions.p7s");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PASSWORD, "testtext_Password_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_TRUSTED_CA_DIR, "file:/test/dir");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_PATH, "dds_security_authentication_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_INIT, "init_authentication");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE, "");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_PATH, "dds_security_cryptography_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_INIT, "init_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE, "finalize_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_PATH, "dds_security_access_control_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_INIT, "init_access_control");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE, "finalize_access_control");
dds_qset_prop (qos, "test.prop2", "testtext_value2_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_bprop (qos, "test.bprop1", bvalue, 3);
/* Create participant with security config in qos. */
found = 0;
ddsrt_setenv(URI_VARIABLE, "<Tracing><Verbosity>finest</></>");
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, qos, NULL);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant == DDS_RETCODE_ERROR );
#else
dds_delete(participant);
#endif
CU_ASSERT_FATAL(found == 0x3);
dds_delete_qos(qos);
}
CU_Test(ddssec_security_plugin_loading, missing_security_property_with_props, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"*using security settings from QoS*",
"*required security property dds.sec.access.permissions missing in Property QoS*",
NULL
};
dds_entity_t participant;
dds_qos_t * qos;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_INFO|DDS_LC_ERROR);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create the qos */
unsigned char bvalue[3] = { 0x01, 0x02, 0x03 };
CU_ASSERT_FATAL ((qos = dds_create_qos()) != NULL);
dds_qset_prop (qos, "test.prop1", "testtext_value1_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PRIV_KEY, "testtext_PrivateKey_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CERT, "testtext_IdentityCertificate_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS_CA, "file:Permissions_CA.pem");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_GOVERNANCE, "file:Governance.p7s");
/* we ignore permissions for testing
//dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS, "file:Permissions.p7s"); */
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PASSWORD, "testtext_Password_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_TRUSTED_CA_DIR, "file:/test/dir");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_PATH, "dds_security_authentication_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_INIT, "init_authentication");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE, "finalize_authentication");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_PATH, "dds_security_cryptography_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_INIT, "init_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE, "finalize_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_PATH, "dds_security_access_control_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_INIT, "init_access_control");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE, "finalize_access_control");
dds_qset_prop (qos, "test.prop2", "testtext_value2_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_bprop (qos, "test.bprop1", bvalue, 3);
/* Create participant with security config in qos. */
found = 0;
ddsrt_setenv(URI_VARIABLE, "<Tracing><Verbosity>finest</></>");
participant = dds_create_participant(DDS_DOMAIN_DEFAULT, qos, NULL);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant == DDS_RETCODE_ERROR );
#else
dds_delete(participant);
#endif
CU_ASSERT_FATAL(found == 0x3);
dds_delete_qos(qos);
}
CU_Test(ddssec_security_plugin_loading, multiple_domains_different_config, .init = ddsrt_init, .fini = ddsrt_fini) {
/* Expected traces when creating participant with the security elements. */
const char *log_expected[] = {
"*using security settings from configuration*",
"*using security settings from QoS*",
"DDS Security plugins have been loaded*",
"*security is already loaded for this domain*",
NULL
};
const char *sec_config =
"<"DDS_PROJECT_NAME">"
"<Domain id=\"1\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_authentication_all_ok\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_cryptography_all_ok\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_access_control_all_ok\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
"</AccessControl>"
"</DDSSecurity>"
"</Domain>"
"<Domain id=\"2\">"
"<Tracing><Verbosity>finest</></>"
"<DDSSecurity>"
"<Authentication>"
"<Library path=\"dds_security_authentication_invalid\" initFunction=\"init_authentication\" finalizeFunction=\"finalize_authentication\" />"
"<IdentityCertificate>testtext_IdentityCertificate_testtext</IdentityCertificate>"
"<IdentityCA>testtext_IdentityCA_testtext</IdentityCA>"
"<PrivateKey>testtext_PrivateKey_testtext</PrivateKey>"
"<Password>testtext_Password_testtext</Password>"
"<TrustedCADirectory>testtext_Dir_testtext</TrustedCADirectory>"
"</Authentication>"
"<Cryptographic>"
"<Library path=\"dds_security_cryptography_invalid\" initFunction=\"init_crypto\" finalizeFunction=\"finalize_crypto\"/>"
"</Cryptographic>"
"<AccessControl>"
"<Library path=\"dds_security_access_control_invalid\" initFunction=\"init_access_control\" finalizeFunction=\"finalize_access_control\"/>"
"<Governance>file:Governance.p7s</Governance>"
"<PermissionsCA>file:Permissions_CA.pem</PermissionsCA>"
"<Permissions>file:Permissions.p7s</Permissions>"
"</AccessControl>"
"</DDSSecurity>"
"</Domain>"
"</"DDS_PROJECT_NAME">";
dds_entity_t participant1, participant2, participant3;
dds_qos_t * qos;
/* Set up the trace sinks to detect the config parsing. */
dds_set_log_mask(DDS_LC_INFO|DDS_LC_ERROR);
dds_set_log_sink(&logger, (void*)log_expected);
dds_set_trace_sink(&logger, (void*)log_expected);
/* Create the qos */
unsigned char bvalue[3] = { 0x01, 0x02, 0x03 };
CU_ASSERT_FATAL ((qos = dds_create_qos()) != NULL);
dds_qset_prop (qos, "test.prop1", "testtext_value1_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PRIV_KEY, "testtext_PrivateKey_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CERT, "testtext_IdentityCertificate_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS_CA, "file:Permissions_CA.pem");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_GOVERNANCE, "file:Governance.p7s");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_PERMISSIONS, "file:Permissions.p7s");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_PASSWORD, "testtext_Password_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_TRUSTED_CA_DIR, "file:/test/dir");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_PATH, "dds_security_authentication_all_ok_other");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_INIT, "init_authentication");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_LIBRARY_FINALIZE, "finalize_authentication");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_PATH, "dds_security_cryptography_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_INIT, "init_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_CRYPTO_LIBRARY_FINALIZE, "finalize_crypto");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_PATH, "dds_security_access_control_all_ok");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_INIT, "init_access_control");
dds_qset_prop (qos, DDS_SEC_PROP_ACCESS_LIBRARY_FINALIZE, "finalize_access_control");
dds_qset_prop (qos, "test.prop2", "testtext_value2_testtext");
dds_qset_prop (qos, DDS_SEC_PROP_AUTH_IDENTITY_CA, "testtext_IdentityCA_testtext");
dds_qset_bprop (qos, "test.bprop1", bvalue, 3);
/* Create participant with security config in qos. */
found = 0;
print_log = true;
ddsrt_setenv(URI_VARIABLE, sec_config);
participant1 = dds_create_participant(1, NULL, NULL);
participant2 = dds_create_participant(2, qos, NULL);
participant3 = dds_create_participant(2, NULL, NULL);
dds_set_log_sink(NULL, NULL);
dds_set_trace_sink(NULL, NULL);
ddsrt_setenv(URI_VARIABLE, "");
#ifdef PR304_MERGED
/* It is better dds to return DDS_RETCODE_NOT_ALLOWED_BY_SECURITY instead of DDS_RETCODE_ERROR
CU_ASSERT_FATAL( participant1 == DDS_RETCODE_NOT_ALLOWED_BY_SECURITY ); */
CU_ASSERT_FATAL( participant1 == DDS_RETCODE_ERROR );
#else
dds_delete(participant1);
dds_delete(participant2);
dds_delete(participant3);
#endif
CU_ASSERT_FATAL(found == 0xf);
dds_delete_qos(qos);
}

597
src/security/core/tests/plugin_loading/plugin_mock/access_control_all_ok/mock_access_control.c Normal file
View file

@ -0,0 +1,597 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include "dds/security/dds_security_api.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/misc.h"
#include "mock_access_control.h"
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_access_control_impl {
dds_security_access_control base;
int member;
} dds_security_access_control_impl;
/**
* Function implementations
*/
DDS_Security_PermissionsHandle validate_local_permissions(
dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle identity,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(auth_plugin);
DDSRT_UNUSED_ARG(auth_plugin);
DDSRT_UNUSED_ARG(identity);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_qos);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return 1;
}
DDS_Security_PermissionsHandle validate_remote_permissions(
dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityHandle remote_identity_handle,
const DDS_Security_PermissionsToken *remote_permissions_token,
const DDS_Security_AuthenticatedPeerCredentialToken *remote_credential_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(auth_plugin);
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(remote_identity_handle);
DDSRT_UNUSED_ARG(remote_permissions_token);
DDSRT_UNUSED_ARG(remote_credential_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return 0;
}
DDS_Security_boolean check_create_participant( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id, const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_qos);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_create_datawriter( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id, const char *topic_name,
const DDS_Security_Qos *writer_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(writer_qos);
DDSRT_UNUSED_ARG(partition);
DDSRT_UNUSED_ARG(data_tag);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_create_datareader( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id, const char *topic_name,
const DDS_Security_Qos *reader_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(reader_qos);
DDSRT_UNUSED_ARG(partition);
DDSRT_UNUSED_ARG(data_tag);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_create_topic( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id, const char *topic_name,
const DDS_Security_Qos *qos, DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(qos);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_local_datawriter_register_instance(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer, const DDS_Security_DynamicData *key,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(writer);
DDSRT_UNUSED_ARG(key);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_local_datawriter_dispose_instance(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer, const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(writer);
DDSRT_UNUSED_ARG(key);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_participant( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_ParticipantBuiltinTopicDataSecure *participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_datawriter( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(publication_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_datareader( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_boolean *relay_only, DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(subscription_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
*relay_only = false;
return true;
}
DDS_Security_boolean check_remote_topic( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_TopicBuiltinTopicData *topic_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(topic_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_local_datawriter_match(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(writer_permissions_handle);
DDSRT_UNUSED_ARG(reader_permissions_handle);
DDSRT_UNUSED_ARG(publication_data);
DDSRT_UNUSED_ARG(subscription_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_local_datareader_match(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(reader_permissions_handle);
DDSRT_UNUSED_ARG(writer_permissions_handle);
DDSRT_UNUSED_ARG(subscription_data);
DDSRT_UNUSED_ARG(publication_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_datawriter_register_instance(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
const DDS_Security_InstanceHandle instance_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(reader);
DDSRT_UNUSED_ARG(publication_handle);
DDSRT_UNUSED_ARG(key);
DDSRT_UNUSED_ARG(instance_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_datawriter_dispose_instance(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(reader);
DDSRT_UNUSED_ARG(publication_handle);
DDSRT_UNUSED_ARG(key);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_permissions_token( dds_security_access_control *instance,
DDS_Security_PermissionsToken *permissions_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_permissions_credential_token(
dds_security_access_control *instance,
DDS_Security_PermissionsCredentialToken *permissions_credential_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_credential_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_listener( dds_security_access_control *instance,
const dds_security_access_control_listener *listener,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(listener);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_permissions_token( dds_security_access_control *instance,
const DDS_Security_PermissionsToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_permissions_credential_token(
dds_security_access_control *instance,
const DDS_Security_PermissionsCredentialToken *permissions_credential_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_credential_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_participant_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_topic_sec_attributes( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const char *topic_name,
DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_datawriter_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(partition);
DDSRT_UNUSED_ARG(data_tag);
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_datareader_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(partition);
DDSRT_UNUSED_ARG(data_tag);
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_participant_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_topic_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_datawriter_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_datareader_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_permissions_handle(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
int32_t init_access_control( const char *argument, void **context)
{
dds_security_access_control *access_control;
DDSRT_UNUSED_ARG(argument);
//allocate new instance
access_control = ddsrt_malloc(sizeof(dds_security_access_control));
memset(access_control, 0, sizeof(dds_security_access_control));
//assign the interface functions
access_control->validate_local_permissions = &validate_local_permissions;
access_control->validate_remote_permissions = &validate_remote_permissions;
access_control->check_create_participant = &check_create_participant;
access_control->check_create_datawriter = &check_create_datawriter;
access_control->check_create_datareader = &check_create_datareader;
access_control->check_create_topic = &check_create_topic;
access_control->check_local_datawriter_register_instance =
&check_local_datawriter_register_instance;
access_control->check_local_datawriter_dispose_instance =
&check_local_datawriter_dispose_instance;
access_control->check_remote_participant = &check_remote_participant;
access_control->check_remote_datawriter = &check_remote_datawriter;
access_control->check_remote_datareader = &check_remote_datareader;
access_control->check_remote_topic = &check_remote_topic;
access_control->check_local_datawriter_match = &check_local_datawriter_match;
access_control->check_local_datareader_match = &check_local_datareader_match;
access_control->check_remote_datawriter_register_instance =
&check_remote_datawriter_register_instance;
access_control->check_remote_datawriter_dispose_instance =
&check_remote_datawriter_dispose_instance;
access_control->get_permissions_token = &get_permissions_token;
access_control->get_permissions_credential_token =
&get_permissions_credential_token;
access_control->set_listener = &set_listener;
access_control->return_permissions_token = &return_permissions_token;
access_control->return_permissions_credential_token =
&return_permissions_credential_token;
access_control->get_participant_sec_attributes =
&get_participant_sec_attributes;
access_control->get_topic_sec_attributes = &get_topic_sec_attributes;
access_control->get_datawriter_sec_attributes =
&get_datawriter_sec_attributes;
access_control->get_datareader_sec_attributes =
&get_datareader_sec_attributes;
access_control->return_participant_sec_attributes =
&return_participant_sec_attributes;
access_control->return_topic_sec_attributes =
&return_topic_sec_attributes;
access_control->return_datawriter_sec_attributes =
&return_datawriter_sec_attributes;
access_control->return_datareader_sec_attributes =
&return_datareader_sec_attributes;
access_control->return_permissions_handle =
&return_permissions_handle;
//return the instance
*context = access_control;
return 0;
}
int32_t finalize_access_control( void *context)
{
DDSRT_UNUSED_ARG(context);
ddsrt_free((dds_security_access_control*) context);
return 0;
}

281
src/security/core/tests/plugin_loading/plugin_mock/access_control_all_ok/mock_access_control.h Normal file
View file

@ -0,0 +1,281 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#ifndef SECURITY_ACCESS_CONTROL_ALLOK_H_
#define SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#include "dds/security/access_control_all_ok_export.h"
#include "dds/security/dds_security_api.h"
SECURITY_EXPORT int32_t
init_access_control(const char *argument, void **context);
SECURITY_EXPORT int32_t
finalize_access_control(void *context);
/**
* AccessControl Interface
*/
DDS_Security_PermissionsHandle
validate_local_permissions
( dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle identity,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex);
DDS_Security_PermissionsHandle
validate_remote_permissions
( dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityHandle remote_identity_handle,
const DDS_Security_PermissionsToken *remote_permissions_token,
const DDS_Security_AuthenticatedPeerCredentialToken *remote_credential_token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_create_participant
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_create_datawriter
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *writer_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_create_datareader
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *reader_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_create_topic
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *topic_qos,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_local_datawriter_register_instance
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer,
const DDS_Security_DynamicData *key,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_local_datawriter_dispose_instance
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_participant
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_ParticipantBuiltinTopicDataSecure *participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_datawriter
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_datareader
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_boolean *relay_only,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_topic
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_TopicBuiltinTopicData *topic_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_local_datawriter_match
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_local_datareader_match
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_datawriter_register_instance
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
const DDS_Security_InstanceHandle instance_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_datawriter_dispose_instance
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_permissions_token
( dds_security_access_control *instance,
DDS_Security_PermissionsToken *permissions_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_permissions_credential_token
( dds_security_access_control *instance,
DDS_Security_PermissionsCredentialToken *permissions_credential_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
set_listener
( dds_security_access_control *instance,
const dds_security_access_control_listener *listener,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_permissions_token
( dds_security_access_control *instance,
const DDS_Security_PermissionsToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_permissions_credential_token
( dds_security_access_control *instance,
const DDS_Security_PermissionsCredentialToken *permissions_credential_token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_participant_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_topic_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_datawriter_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_datareader_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_participant_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_topic_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_datawriter_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_datareader_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_permissions_handle
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_SecurityException *ex);
#endif /* SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_ */

600
src/security/core/tests/plugin_loading/plugin_mock/access_control_missing_function/mock_access_control.c Normal file
View file

@ -0,0 +1,600 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include "dds/security/dds_security_api.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/misc.h"
#include "mock_access_control.h"
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_access_control_impl {
dds_security_access_control base;
int member;
} dds_security_access_control_impl;
/**
* Function implementations
*/
DDS_Security_PermissionsHandle validate_local_permissions(
dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle identity,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(auth_plugin);
DDSRT_UNUSED_ARG(auth_plugin);
DDSRT_UNUSED_ARG(identity);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_qos);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return 1;
}
DDS_Security_PermissionsHandle validate_remote_permissions(
dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityHandle remote_identity_handle,
const DDS_Security_PermissionsToken *remote_permissions_token,
const DDS_Security_AuthenticatedPeerCredentialToken *remote_credential_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(auth_plugin);
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(remote_identity_handle);
DDSRT_UNUSED_ARG(remote_permissions_token);
DDSRT_UNUSED_ARG(remote_credential_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return 0;
}
DDS_Security_boolean check_create_participant( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id, const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_qos);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_create_datawriter( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id, const char *topic_name,
const DDS_Security_Qos *writer_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(writer_qos);
DDSRT_UNUSED_ARG(partition);
DDSRT_UNUSED_ARG(data_tag);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_create_datareader( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id, const char *topic_name,
const DDS_Security_Qos *reader_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(reader_qos);
DDSRT_UNUSED_ARG(partition);
DDSRT_UNUSED_ARG(data_tag);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_create_topic( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id, const char *topic_name,
const DDS_Security_Qos *qos, DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(qos);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_local_datawriter_register_instance(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer, const DDS_Security_DynamicData *key,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(writer);
DDSRT_UNUSED_ARG(key);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_local_datawriter_dispose_instance(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer, const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(writer);
DDSRT_UNUSED_ARG(key);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_participant( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_ParticipantBuiltinTopicDataSecure *participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_datawriter( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(publication_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_datareader( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_boolean *relay_only, DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(subscription_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
*relay_only = false;
return true;
}
DDS_Security_boolean check_remote_topic( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_TopicBuiltinTopicData *topic_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(topic_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_local_datawriter_match(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(writer_permissions_handle);
DDSRT_UNUSED_ARG(reader_permissions_handle);
DDSRT_UNUSED_ARG(publication_data);
DDSRT_UNUSED_ARG(subscription_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_local_datareader_match(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(reader_permissions_handle);
DDSRT_UNUSED_ARG(writer_permissions_handle);
DDSRT_UNUSED_ARG(subscription_data);
DDSRT_UNUSED_ARG(publication_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_datawriter_register_instance(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
const DDS_Security_InstanceHandle instance_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(reader);
DDSRT_UNUSED_ARG(publication_handle);
DDSRT_UNUSED_ARG(key);
DDSRT_UNUSED_ARG(instance_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean check_remote_datawriter_dispose_instance(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(reader);
DDSRT_UNUSED_ARG(publication_handle);
DDSRT_UNUSED_ARG(key);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_permissions_token( dds_security_access_control *instance,
DDS_Security_PermissionsToken *permissions_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_permissions_credential_token(
dds_security_access_control *instance,
DDS_Security_PermissionsCredentialToken *permissions_credential_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_credential_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_listener( dds_security_access_control *instance,
const dds_security_access_control_listener *listener,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(listener);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_permissions_token( dds_security_access_control *instance,
const DDS_Security_PermissionsToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_permissions_credential_token(
dds_security_access_control *instance,
const DDS_Security_PermissionsCredentialToken *permissions_credential_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_credential_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_participant_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_topic_sec_attributes( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const char *topic_name,
DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_datawriter_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(partition);
DDSRT_UNUSED_ARG(data_tag);
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean get_datareader_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(topic_name);
DDSRT_UNUSED_ARG(partition);
DDSRT_UNUSED_ARG(data_tag);
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_participant_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_topic_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_datawriter_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_datareader_sec_attributes(
dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(attributes);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_permissions_handle(
dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(permissions_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
int32_t init_access_control( const char *argument, void **context)
{
dds_security_access_control *access_control;
DDSRT_UNUSED_ARG(argument);
//allocate new instance
access_control = ddsrt_malloc(sizeof(dds_security_access_control));
memset(access_control, 0, sizeof(dds_security_access_control));
//assign the interface functions
access_control->validate_local_permissions = &validate_local_permissions;
access_control->validate_remote_permissions = &validate_remote_permissions;
access_control->check_create_participant = &check_create_participant;
access_control->check_create_datawriter = &check_create_datawriter;
/* removed the function assignment
access_control->check_create_datareader = &check_create_datareader;
*/
access_control->check_create_topic = &check_create_topic;
access_control->check_local_datawriter_register_instance =
&check_local_datawriter_register_instance;
access_control->check_local_datawriter_dispose_instance =
&check_local_datawriter_dispose_instance;
access_control->check_remote_participant = &check_remote_participant;
access_control->check_remote_datawriter = &check_remote_datawriter;
access_control->check_remote_datareader = &check_remote_datareader;
access_control->check_remote_topic = &check_remote_topic;
access_control->check_local_datawriter_match = &check_local_datawriter_match;
access_control->check_local_datareader_match = &check_local_datareader_match;
access_control->check_remote_datawriter_register_instance =
&check_remote_datawriter_register_instance;
access_control->check_remote_datawriter_dispose_instance =
&check_remote_datawriter_dispose_instance;
access_control->get_permissions_token = &get_permissions_token;
access_control->get_permissions_credential_token =
&get_permissions_credential_token;
access_control->set_listener = &set_listener;
access_control->return_permissions_token = &return_permissions_token;
access_control->return_permissions_credential_token =
&return_permissions_credential_token;
access_control->get_participant_sec_attributes =
&get_participant_sec_attributes;
access_control->get_topic_sec_attributes = &get_topic_sec_attributes;
access_control->get_datawriter_sec_attributes =
&get_datawriter_sec_attributes;
access_control->get_datareader_sec_attributes =
&get_datareader_sec_attributes;
access_control->return_participant_sec_attributes =
&return_participant_sec_attributes;
access_control->return_topic_sec_attributes =
&return_topic_sec_attributes;
access_control->return_datawriter_sec_attributes =
&return_datawriter_sec_attributes;
access_control->return_datareader_sec_attributes =
&return_datareader_sec_attributes;
access_control->return_permissions_handle =
&return_permissions_handle;
//return the instance
*context = access_control;
return 0;
}
int32_t finalize_access_control( void *context)
{
DDSRT_UNUSED_ARG(context);
ddsrt_free((dds_security_access_control*) context);
return 0;
}

280
src/security/core/tests/plugin_loading/plugin_mock/access_control_missing_function/mock_access_control.h Normal file
View file

@ -0,0 +1,280 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#ifndef SECURITY_ACCESS_CONTROL_ALLOK_H_
#define SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#include "dds/security/access_control_missing_function_export.h"
#include "dds/security/dds_security_api.h"
SECURITY_EXPORT int32_t
init_access_control(const char *argument, void **context);
SECURITY_EXPORT int32_t
finalize_access_control(void *context);
/**
* AccessControl Interface
*/
DDS_Security_PermissionsHandle
validate_local_permissions
( dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle identity,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex);
DDS_Security_PermissionsHandle
validate_remote_permissions
( dds_security_access_control *instance,
const dds_security_authentication *auth_plugin,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityHandle remote_identity_handle,
const DDS_Security_PermissionsToken *remote_permissions_token,
const DDS_Security_AuthenticatedPeerCredentialToken *remote_credential_token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_create_participant
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_create_datawriter
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *writer_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_create_datareader
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *reader_qos,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTags *data_tag,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_create_topic
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_char *topic_name,
const DDS_Security_Qos *topic_qos,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_local_datawriter_register_instance
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer,
const DDS_Security_DynamicData *key,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_local_datawriter_dispose_instance
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *writer,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_participant
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_ParticipantBuiltinTopicDataSecure *participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_datawriter
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_datareader
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_boolean *relay_only,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_topic
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_DomainId domain_id,
const DDS_Security_TopicBuiltinTopicData *topic_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_local_datawriter_match
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_local_datareader_match
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle reader_permissions_handle,
const DDS_Security_PermissionsHandle writer_permissions_handle,
const DDS_Security_SubscriptionBuiltinTopicDataSecure *subscription_data,
const DDS_Security_PublicationBuiltinTopicDataSecure *publication_data,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_datawriter_register_instance
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
const DDS_Security_InstanceHandle instance_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
check_remote_datawriter_dispose_instance
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_Entity *reader,
const DDS_Security_InstanceHandle publication_handle,
const DDS_Security_DynamicData key,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_permissions_token
( dds_security_access_control *instance,
DDS_Security_PermissionsToken *permissions_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_permissions_credential_token
( dds_security_access_control *instance,
DDS_Security_PermissionsCredentialToken *permissions_credential_token,
const DDS_Security_PermissionsHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
set_listener
( dds_security_access_control *instance,
const dds_security_access_control_listener *listener,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_permissions_token
( dds_security_access_control *instance,
const DDS_Security_PermissionsToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_permissions_credential_token
( dds_security_access_control *instance,
const DDS_Security_PermissionsCredentialToken *permissions_credential_token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_participant_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_topic_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_datawriter_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_datareader_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
const DDS_Security_char *topic_name,
const DDS_Security_PartitionQosPolicy *partition,
const DDS_Security_DataTagQosPolicy *data_tag,
DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_participant_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_ParticipantSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_topic_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_TopicSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_datawriter_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_datareader_sec_attributes
( dds_security_access_control *instance,
const DDS_Security_EndpointSecurityAttributes *attributes,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_permissions_handle
( dds_security_access_control *instance,
const DDS_Security_PermissionsHandle permissions_handle,
DDS_Security_SecurityException *ex);
#endif /* SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_ */

396
src/security/core/tests/plugin_loading/plugin_mock/authentication_all_ok/mock_authentication.c Normal file
View file

@ -0,0 +1,396 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include "dds/security/dds_security_api.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/misc.h"
#include "mock_authentication.h"
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_authentication_impl {
dds_security_authentication base;
int id; //sample internal member
} dds_security_authentication_impl;
DDS_Security_ValidationResult_t validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex)
{
unsigned i;
DDS_Security_ValidationResult_t result=DDS_SECURITY_VALIDATION_OK;
dds_security_authentication_impl *implementation =
(dds_security_authentication_impl *) instance;
char *identity_ca = NULL;
char *identity_certificate = NULL;
char *private_key = NULL;
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(adjusted_participant_guid);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_qos);
DDSRT_UNUSED_ARG(candidate_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
implementation->id = 2;
memcpy(adjusted_participant_guid, candidate_participant_guid, sizeof(DDS_Security_GUID_t));
for( i=0; i< participant_qos->property.value._length; i++)
{
//printf("%s: %s",participant_qos->property.value._buffer[i].name, participant_qos->property.value._buffer[i].value);
printf("%s\n",participant_qos->property.value._buffer[i].name);
if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.private_key") == 0)
{
private_key = participant_qos->property.value._buffer[i].value;
} else if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.identity_ca") == 0)
{
identity_ca = participant_qos->property.value._buffer[i].value;
} else if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.identity_certificate") == 0)
{
identity_certificate = participant_qos->property.value._buffer[i].value;
}
}
if( strcmp(identity_certificate, test_identity_certificate) != 0){
result = DDS_SECURITY_VALIDATION_FAILED;
printf("FAILED: Could not get identity_certificate value properly\n");
}
else if( strcmp(identity_ca, test_ca_certificate) != 0){
printf("FAILED: Could not get identity_ca value properly\n");
result = DDS_SECURITY_VALIDATION_FAILED;
}else if( strcmp(private_key, test_privatekey) != 0){
printf("FAILED: Could not get private_key value properly\n");
result = DDS_SECURITY_VALIDATION_FAILED;
}
if( result == DDS_SECURITY_VALIDATION_OK )
{
printf("DDS_SECURITY_VALIDATION_OK\n");
}
return result;
}
DDS_Security_boolean get_identity_token(dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
memset(identity_token, 0, sizeof(*identity_token));
return true;
}
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_status_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(permissions_credential);
DDSRT_UNUSED_ARG(permissions_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_ValidationResult_t validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(remote_identity_handle);
DDSRT_UNUSED_ARG(local_auth_request_token);
DDSRT_UNUSED_ARG(remote_auth_request_token);
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(remote_identity_token);
DDSRT_UNUSED_ARG(remote_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return 0;
}
DDS_Security_boolean get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_listener(dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(listener);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_token(dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_handshake_handle(dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_handle(dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(sharedsecret_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
int32_t init_authentication( const char *argument, void **context)
{
dds_security_authentication_impl *authentication;
DDSRT_UNUSED_ARG(argument);
//allocate implementation wrapper
authentication = (dds_security_authentication_impl*) ddsrt_malloc(
sizeof(dds_security_authentication_impl));
memset(authentication, 0, sizeof(dds_security_authentication_impl));
//assign the interface functions
authentication->base.validate_local_identity = &validate_local_identity;
authentication->base.get_identity_token = &get_identity_token;
authentication->base.get_identity_status_token = &get_identity_status_token;
authentication->base.set_permissions_credential_and_token =
&set_permissions_credential_and_token;
authentication->base.validate_remote_identity = &validate_remote_identity;
authentication->base.begin_handshake_request = &begin_handshake_request;
authentication->base.begin_handshake_reply = &begin_handshake_reply;
authentication->base.process_handshake = &process_handshake;
authentication->base.get_shared_secret = &get_shared_secret;
authentication->base.get_authenticated_peer_credential_token =
&get_authenticated_peer_credential_token;
authentication->base.set_listener = &set_listener;
authentication->base.return_identity_token = &return_identity_token;
authentication->base.return_identity_status_token =
&return_identity_status_token;
authentication->base.return_authenticated_peer_credential_token =
&return_authenticated_peer_credential_token;
authentication->base.return_handshake_handle = &return_handshake_handle;
authentication->base.return_identity_handle = &return_identity_handle;
authentication->base.return_sharedsecret_handle = &return_sharedsecret_handle;
//prepare implementation wrapper
authentication->id = 1;
//return the instance
*context = authentication;
return 0;
}
int32_t finalize_authentication(void *instance)
{
ddsrt_free((dds_security_authentication_impl*) instance);
return 0;
}

213
src/security/core/tests/plugin_loading/plugin_mock/authentication_all_ok/mock_authentication.h Normal file
View file

@ -0,0 +1,213 @@
/*
* authentication.h
*
* Created on: Jan 15, 2018
* Author: kurtulus oksuztepe
*/
#ifndef SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#define SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#include "dds/security/authentication_all_ok_export.h"
SECURITY_EXPORT int32_t
init_authentication(const char *argument, void **context);
SECURITY_EXPORT int32_t
finalize_authentication(void *context);
char *test_identity_certificate="data:,-----BEGIN CERTIFICATE-----\n\
MIIDYDCCAkigAwIBAgIBBDANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJOTDEL\n\
MAkGA1UECBMCT1YxEzARBgNVBAoTCkFETGluayBJU1QxGTAXBgNVBAMTEElkZW50\n\
aXR5IENBIFRlc3QxJjAkBgkqhkiG9w0BCQEWF2luZm9AaXN0LmFkbGlua3RlY2gu\n\
Y29tMB4XDTE4MDMxMjAwMDAwMFoXDTI3MDMxMTIzNTk1OVowdTELMAkGA1UEBhMC\n\
TkwxCzAJBgNVBAgTAk9WMRAwDgYDVQQKEwdBRExpbmsgMREwDwYDVQQLEwhJU1Qg\n\
VGVzdDETMBEGA1UEAxMKQWxpY2UgVGVzdDEfMB0GCSqGSIb3DQEJARYQYWxpY2VA\n\
YWRsaW5rLmlzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBW+tEZ\n\
Baw7EQCEXyzH9n7IkZ8PQIKe8hG1LAOGYOF/oUYQZJO/HxbWoC4rFqOC20+A6is6\n\
kFwr1Zzp/Wurk9CrFXo5Nomi6ActH6LUM57nYqN68w6U38z/XkQxVY/ESZ5dySfD\n\
9Q1C8R+zdE8gwbimdYmwX7ioz336nghM2CoAHPDRthQeJupl8x4V7isOltr9CGx8\n\
+imJXbGr39OK6u87cNLeu23sUkOIC0lSRMIqIQK3oJtHS70J2qecXdqp9MhE7Xky\n\
/GPlI8ptQ1gJ8A3cAOvtI9mtMJMszs2EKWTLfeTcmfJHKKhKjvCgDdh3Jan4x5YP\n\
Yg7HG6H+ceOUkMMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAkvuqZzyJ3Nu4/Eo5\n\
kD0nVgYGBUl7cspu+636q39zPSrxLEDMUWz+u8oXLpyGcgiZ8lZulPTV8dmOn+3C\n\
Vg55c5C+gbnbX3MDyb3wB17296RmxYf6YNul4sFOmj6+g2i+Dw9WH0PBCVKbA84F\n\
jR3Gx2Pfoifor3DvT0YFSsjNIRt090u4dQglbIb6cWEafC7O24t5jFhGPvJ7L9SE\n\
gB0Drh/HmKTVuaqaRkoOKkKaKuWoXsszK1ZFda1DHommnR5LpYPsDRQ2fVM4EuBF\n\
By03727uneuG8HLuNcLEV9H0i7LxtyfFkyCPUQvWG5jehb7xPOz/Ml26NAwwjlTJ\n\
xEEFrw==\n\
-----END CERTIFICATE-----";
char *test_ca_certificate="data:,-----BEGIN CERTIFICATE-----\n\
MIIEKTCCAxGgAwIBAgIBATANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJOTDEL\n\
MAkGA1UECBMCT1YxEzARBgNVBAoTCkFETGluayBJU1QxGTAXBgNVBAMTEElkZW50\n\
aXR5IENBIFRlc3QxJjAkBgkqhkiG9w0BCQEWF2luZm9AaXN0LmFkbGlua3RlY2gu\n\
Y29tMB4XDTE4MDMxMjAwMDAwMFoXDTI3MDMxMTIzNTk1OVowcjELMAkGA1UEBhMC\n\
TkwxCzAJBgNVBAgTAk9WMRMwEQYDVQQKEwpBRExpbmsgSVNUMRkwFwYDVQQDExBJ\n\
ZGVudGl0eSBDQSBUZXN0MSYwJAYJKoZIhvcNAQkBFhdpbmZvQGlzdC5hZGxpbmt0\n\
ZWNoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANa/ENFfGVXg\n\
bPLTzBdDfiZQcp5dWZ//Pb8ErFOJu8uosVHFv8t69dgjHgNHB4OsjmjnR7GfKUZT\n\
0cMvWJnjsC7DDlBwFET9rj4k40n96bbVCH9I7+tNhsoqzc6Eu+5h4sk7VfNGTM2Z\n\
SyCd4GiSZRuA44rRbhXI7/LDpr4hY5J9ZDo5AM9ZyoLAoh774H3CZWD67S35XvUs\n\
72dzE6uKG/vxBbvZ7eW2GLO6ewa9UxlnLVMPfJdpkp/xYXwwcPW2+2YXCge1ujxs\n\
tjrOQJ5HUySh6DkE/kZpx8zwYWm9AaCrsvCIX1thsqgvKy+U5v1FS1L58eGc6s//\n\
9yMgNhU29R0CAwEAAaOByTCBxjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRNVUJN\n\
FzhJPReYT4QSx6dK53CXCTAfBgNVHSMEGDAWgBRNVUJNFzhJPReYT4QSx6dK53CX\n\
CTAPBgNVHQ8BAf8EBQMDB/+AMGUGA1UdJQEB/wRbMFkGCCsGAQUFBwMBBggrBgEF\n\
BQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkGCCsG\n\
AQUFBwMNBggrBgEFBQcDDgYHKwYBBQIDBTANBgkqhkiG9w0BAQsFAAOCAQEAcOLF\n\
ZYdJguj0uxeXB8v3xnUr1AWz9+gwg0URdfNLU2KvF2lsb/uznv6168b3/FcPgezN\n\
Ihl9GqB+RvGwgXS/1UelCGbQiIUdsNxk246P4uOGPIyW32RoJcYPWZcpY+cw11tQ\n\
NOnk994Y5/8ad1DmcxVLLqq5kwpXGWQufV1zOONq8B+mCvcVAmM4vkyF/de56Lwa\n\
sAMpk1p77uhaDnuq2lIR4q3QHX2wGctFid5Q375DRscFQteY01r/dtwBBrMn0wuL\n\
AMNx9ZGD+zAoOUaslpIlEQ+keAxk3jgGMWFMxF81YfhEnXzevSQXWpyek86XUyFL\n\
O9IAQi5pa15gXjSbUg==\n\
-----END CERTIFICATE-----";
char *test_privatekey = "data:,-----BEGIN RSA PRIVATE KEY-----\n\
MIIEowIBAAKCAQEA0Fb60RkFrDsRAIRfLMf2fsiRnw9Agp7yEbUsA4Zg4X+hRhBk\n\
k78fFtagLisWo4LbT4DqKzqQXCvVnOn9a6uT0KsVejk2iaLoBy0fotQznudio3rz\n\
DpTfzP9eRDFVj8RJnl3JJ8P1DULxH7N0TyDBuKZ1ibBfuKjPffqeCEzYKgAc8NG2\n\
FB4m6mXzHhXuKw6W2v0IbHz6KYldsavf04rq7ztw0t67bexSQ4gLSVJEwiohAreg\n\
m0dLvQnap5xd2qn0yETteTL8Y+Ujym1DWAnwDdwA6+0j2a0wkyzOzYQpZMt95NyZ\n\
8kcoqEqO8KAN2HclqfjHlg9iDscbof5x45SQwwIDAQABAoIBAG0dYPeqd0IhHWJ7\n\
8azufbchLMN1pX/D51xG2uptssfnpHuhkkufSZUYi4QipRS2ME6PYhWJ8pmTi6lH\n\
E6cUkbI0KGd/F4U2gPdhNrR9Fxwea5bbifkVF7Gx/ZkRjZJiZ3w9+mCNTQbJDKhh\n\
wITAzzT6WYznhvqbzzBX1fTa6kv0GAQtX7aHKM+XIwkhX2gzU5TU80bvH8aMrT05\n\
tAMGQqkUeRnpo0yucBl4VmTZzd/+X/d2UyXR0my15jE5iH5o+p+E6qTRE9D+MGUd\n\
MQ6Ftj0Untqy1lcog1ZLL6zPlnwcD4jgY5VCYDgvabnrSwymOJapPLsAEdWdq+U5\n\
ec44BMECgYEA/+3qPUrd4XxA517qO3fCGBvf2Gkr7w5ZDeATOTHGuD8QZeK0nxPl\n\
CWhRjdgkqo0fyf1cjczL5XgYayo+YxkO1Z4RUU+8lJAHlVx9izOQo+MTQfkwH4BK\n\
LYlHxMoHJwAOXXoE+dmBaDh5xT0mDUGU750r763L6EFovE4qRBn9hxkCgYEA0GWz\n\
rpOPNxb419WxG9npoQYdCZ5IbmEOGDH3ReggVzWHmW8sqtkqTZm5srcyDpqAc1Gu\n\
paUveMblEBbU+NFJjLWOfwB5PCp8jsrqRgCQSxolShiVkc3Vu3oyzMus9PDge1eo\n\
9mwVGO7ojQKWRu/WVAakENPaAjeyyhv4dqSNnjsCgYEAlwe8yszqoY1k8+U0T0G+\n\
HeIdOCXgkmOiNCj+zyrLvaEhuS6PLq1b5TBVqGJcSPWdQ+MrglbQIKu9pUg5ptt7\n\
wJ5WU+i9PeK9Ruxc/g/BFKYFkFJQjtZzb+nqm3wpul8zGwDN/O/ZiTqCyd3rHbmM\n\
/dZ/viKPCZHIEBAEq0m3LskCgYBndzcAo+5k8ZjWwBfQth5SfhCIp/daJgGzbYtR\n\
P/BenAsY2KOap3tjT8Fsw5usuHSxzIojX6H0Gvu7Qzq11mLn43Q+BeQrRQTWeFRc\n\
MQdy4iZFZXNNEp7dF8yE9VKHwdgSJPGUdxD6chMvf2tRCN6mlS171VLV6wVvZvez\n\
H/vX5QKBgD2Dq/NHpjCpAsECP9awmNF5Akn5WJbRGmegwXIih2mOtgtYYDeuQyxY\n\
ZCrdJFfIUjUVPagshEmUklKhkYMYpzy2PQDVtaVcm6UNFroxT5h+J+KDs1LN1H8G\n\
LsASrzyAg8EpRulwXEfLrWKiu9DKv8bMEgO4Ovgz8zTKJZIFhcac\n\
-----END RSA PRIVATE KEY-----";
DDS_Security_ValidationResult_t
validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_identity_token(dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean set_listener(dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_token(dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_handshake_handle(dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_identity_handle(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex);
#endif /* SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_ */

353
src/security/core/tests/plugin_loading/plugin_mock/authentication_all_ok_other/mock_authentication.c Normal file
View file

@ -0,0 +1,353 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include "dds/security/dds_security_api.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/misc.h"
#include "dds/ddsrt/string.h"
#include "mock_authentication.h"
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_authentication_impl {
dds_security_authentication base;
int id; //sample internal member
} dds_security_authentication_impl;
DDS_Security_ValidationResult_t validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(adjusted_participant_guid);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_qos);
DDSRT_UNUSED_ARG(candidate_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
ex->message = ddsrt_strdup("Certificate expired");
ex->code = DDS_SECURITY_ERR_CERT_EXPIRED_CODE;
ex->minor_code = 0;
return DDS_SECURITY_VALIDATION_FAILED;
}
DDS_Security_boolean get_identity_token(dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
memset(identity_token, 0, sizeof(*identity_token));
return true;
}
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_status_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(permissions_credential);
DDSRT_UNUSED_ARG(permissions_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_ValidationResult_t validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(remote_identity_handle);
DDSRT_UNUSED_ARG(local_auth_request_token);
DDSRT_UNUSED_ARG(remote_auth_request_token);
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(remote_identity_token);
DDSRT_UNUSED_ARG(remote_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return 0;
}
DDS_Security_boolean get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_listener(dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(listener);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_token(dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_handshake_handle(dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_handle(dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(sharedsecret_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
int32_t init_authentication( const char *argument, void **context)
{
dds_security_authentication_impl *authentication;
DDSRT_UNUSED_ARG(argument);
//allocate implementation wrapper
authentication = (dds_security_authentication_impl*) ddsrt_malloc(
sizeof(dds_security_authentication_impl));
memset(authentication, 0, sizeof(dds_security_authentication_impl));
//assign the interface functions
authentication->base.validate_local_identity = &validate_local_identity;
authentication->base.get_identity_token = &get_identity_token;
authentication->base.get_identity_status_token = &get_identity_status_token;
authentication->base.set_permissions_credential_and_token =
&set_permissions_credential_and_token;
authentication->base.validate_remote_identity = &validate_remote_identity;
authentication->base.begin_handshake_request = &begin_handshake_request;
authentication->base.begin_handshake_reply = &begin_handshake_reply;
authentication->base.process_handshake = &process_handshake;
authentication->base.get_shared_secret = &get_shared_secret;
authentication->base.get_authenticated_peer_credential_token =
&get_authenticated_peer_credential_token;
authentication->base.set_listener = &set_listener;
authentication->base.return_identity_token = &return_identity_token;
authentication->base.return_identity_status_token =
&return_identity_status_token;
authentication->base.return_authenticated_peer_credential_token =
&return_authenticated_peer_credential_token;
authentication->base.return_handshake_handle = &return_handshake_handle;
authentication->base.return_identity_handle = &return_identity_handle;
authentication->base.return_sharedsecret_handle = &return_sharedsecret_handle;
//prepare implementation wrapper
authentication->id = 1;
//return the instance
*context = authentication;
return 0;
}
int32_t finalize_authentication(void *instance)
{
ddsrt_free((dds_security_authentication_impl*) instance);
return 0;
}

136
src/security/core/tests/plugin_loading/plugin_mock/authentication_all_ok_other/mock_authentication.h Normal file
View file

@ -0,0 +1,136 @@
/*
* authentication.h
*
* Created on: Jan 15, 2018
* Author: kurtulus oksuztepe
*/
#ifndef SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#define SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#include "dds/security/authentication_all_ok_other_export.h"
SECURITY_EXPORT int32_t
init_authentication(const char *argument, void **context);
SECURITY_EXPORT int32_t
finalize_authentication(void *context);
DDS_Security_ValidationResult_t
validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_identity_token(dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean set_listener(dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_token(dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_handshake_handle(dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_identity_handle(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex);
#endif /* SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_ */

388
src/security/core/tests/plugin_loading/plugin_mock/authentication_finalize_error/mock_authentication.c Normal file
View file

@ -0,0 +1,388 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include "dds/security/dds_security_api.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/misc.h"
#include "mock_authentication.h"
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_authentication_impl {
dds_security_authentication base;
int id; //sample internal member
} dds_security_authentication_impl;
DDS_Security_ValidationResult_t validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex)
{
unsigned i;
DDS_Security_ValidationResult_t result=DDS_SECURITY_VALIDATION_OK;
dds_security_authentication_impl *implementation =
(dds_security_authentication_impl *) instance;
char *identity_ca=NULL;
char *identity_certificate=NULL;
char *private_key=NULL;
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(adjusted_participant_guid);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_qos);
DDSRT_UNUSED_ARG(candidate_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
implementation->id = 2;
for( i=0; i< participant_qos->property.value._length; i++)
{
printf("%s: %s",participant_qos->property.value._buffer[i].name, participant_qos->property.value._buffer[i].value);
if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.private_key") == 0)
{
private_key = participant_qos->property.value._buffer[i].value;
} else if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.identity_ca") == 0)
{
identity_ca = participant_qos->property.value._buffer[i].value;
} else if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.identity_certificate") == 0)
{
identity_certificate = participant_qos->property.value._buffer[i].value;
}
}
if( strcmp(identity_certificate, test_identity_certificate) != 0){
result = DDS_SECURITY_VALIDATION_FAILED;
printf("FAILED: Could not get identity_certificate value properly\n");
}
else if( strcmp(identity_ca, test_ca_certificate) != 0){
printf("FAILED: Could not get identity_ca value properly\n");
result = DDS_SECURITY_VALIDATION_FAILED;
}else if( strcmp(private_key, test_privatekey) != 0){
printf("FAILED: Could not get private_key value properly\n");
result = DDS_SECURITY_VALIDATION_FAILED;
}
return result;
}
DDS_Security_boolean get_identity_token( dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
memset(identity_token, 0, sizeof(*identity_token));
return true;
}
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_status_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(permissions_credential);
DDSRT_UNUSED_ARG(permissions_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_ValidationResult_t validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(remote_identity_handle);
DDSRT_UNUSED_ARG(local_auth_request_token);
DDSRT_UNUSED_ARG(remote_auth_request_token);
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(remote_identity_token);
DDSRT_UNUSED_ARG(remote_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return 0;
}
DDS_Security_boolean get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_listener( dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(listener);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_token( dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_handshake_handle( dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_handle( dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(sharedsecret_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
int32_t init_authentication( const char *argument, void **context)
{
dds_security_authentication_impl *authentication;
DDSRT_UNUSED_ARG(argument);
//allocate implementation wrapper
authentication = (dds_security_authentication_impl*) ddsrt_malloc(
sizeof(dds_security_authentication_impl));
memset(authentication, 0, sizeof(dds_security_authentication_impl));
//assign the interface functions
authentication->base.validate_local_identity = &validate_local_identity;
authentication->base.get_identity_token = &get_identity_token;
authentication->base.get_identity_status_token = &get_identity_status_token;
authentication->base.set_permissions_credential_and_token =
&set_permissions_credential_and_token;
authentication->base.validate_remote_identity = &validate_remote_identity;
authentication->base.begin_handshake_request = &begin_handshake_request;
authentication->base.begin_handshake_reply = &begin_handshake_reply;
authentication->base.process_handshake = &process_handshake;
authentication->base.get_shared_secret = &get_shared_secret;
authentication->base.get_authenticated_peer_credential_token =
&get_authenticated_peer_credential_token;
authentication->base.set_listener = &set_listener;
authentication->base.return_identity_token = &return_identity_token;
authentication->base.return_identity_status_token =
&return_identity_status_token;
authentication->base.return_authenticated_peer_credential_token =
&return_authenticated_peer_credential_token;
authentication->base.return_handshake_handle = &return_handshake_handle;
authentication->base.return_identity_handle = &return_identity_handle;
authentication->base.return_sharedsecret_handle = &return_sharedsecret_handle;
//prepare implementation wrapper
authentication->id = 1;
//return the instance
*context = authentication;
return 0;
}
/* wrong finalize function name for test purposes */
int32_t finalize_authentication_WRONG_NAME( void *instance)
{
ddsrt_free((dds_security_authentication_impl*) instance);
return 0;
}

264
src/security/core/tests/plugin_loading/plugin_mock/authentication_finalize_error/mock_authentication.h Normal file
View file

@ -0,0 +1,264 @@
/*
* authentication.h
*
* Created on: Jan 15, 2018
* Author: kurtulus oksuztepe
*/
#ifndef SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#define SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#include "dds/security/authentication_finalize_error_export.h"
SECURITY_EXPORT int32_t
init_authentication(const char *argument, void **context);
SECURITY_EXPORT int32_t
finalize_authentication_WRONG_NAME(void *context);
char *test_identity_certificate="data:,-----BEGIN CERTIFICATE-----\n\
MIIGJzCCBA+gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBsjELMAkGA1UEBhMCRlIx\n\
DzANBgNVBAgMBkFsc2FjZTETMBEGA1UEBwwKU3RyYXNib3VyZzEYMBYGA1UECgwP\n\
d3d3LmZyZWVsYW4ub3JnMRAwDgYDVQQLDAdmcmVlbGFuMS0wKwYDVQQDDCRGcmVl\n\
bGFuIFNhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxIjAgBgkqhkiG9w0BCQEW\n\
E2NvbnRhY3RAZnJlZWxhbi5vcmcwHhcNMTIwNDI3MTAzMTE4WhcNMjIwNDI1MTAz\n\
MTE4WjB+MQswCQYDVQQGEwJGUjEPMA0GA1UECAwGQWxzYWNlMRgwFgYDVQQKDA93\n\
d3cuZnJlZWxhbi5vcmcxEDAOBgNVBAsMB2ZyZWVsYW4xDjAMBgNVBAMMBWFsaWNl\n\
MSIwIAYJKoZIhvcNAQkBFhNjb250YWN0QGZyZWVsYW4ub3JnMIICIjANBgkqhkiG\n\
9w0BAQEFAAOCAg8AMIICCgKCAgEA3W29+ID6194bH6ejLrIC4hb2Ugo8v6ZC+Mrc\n\
k2dNYMNPjcOKABvxxEtBamnSaeU/IY7FC/giN622LEtV/3oDcrua0+yWuVafyxmZ\n\
yTKUb4/GUgafRQPf/eiX9urWurtIK7XgNGFNUjYPq4dSJQPPhwCHE/LKAykWnZBX\n\
RrX0Dq4XyApNku0IpjIjEXH+8ixE12wH8wt7DEvdO7T3N3CfUbaITl1qBX+Nm2Z6\n\
q4Ag/u5rl8NJfXg71ZmXA3XOj7zFvpyapRIZcPmkvZYn7SMCp8dXyXHPdpSiIWL2\n\
uB3KiO4JrUYvt2GzLBUThp+lNSZaZ/Q3yOaAAUkOx+1h08285Pi+P8lO+H2Xic4S\n\
vMq1xtLg2bNoPC5KnbRfuFPuUD2/3dSiiragJ6uYDLOyWJDivKGt/72OVTEPAL9o\n\
6T2pGZrwbQuiFGrGTMZOvWMSpQtNl+tCCXlT4mWqJDRwuMGrI4DnnGzt3IKqNwS4\n\
Qyo9KqjMIPwnXZAmWPm3FOKe4sFwc5fpawKO01JZewDsYTDxVj+cwXwFxbE2yBiF\n\
z2FAHwfopwaH35p3C6lkcgP2k/zgAlnBluzACUI+MKJ/G0gv/uAhj1OHJQ3L6kn1\n\
SpvQ41/ueBjlunExqQSYD7GtZ1Kg8uOcq2r+WISE3Qc9MpQFFkUVllmgWGwYDuN3\n\
Zsez95kCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNT\n\
TCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFFlfyRO6G8y5qEFKikl5\n\
ajb2fT7XMB8GA1UdIwQYMBaAFCNsLT0+KV14uGw+quK7Lh5sh/JTMA0GCSqGSIb3\n\
DQEBBQUAA4ICAQAT5wJFPqervbja5+90iKxi1d0QVtVGB+z6aoAMuWK+qgi0vgvr\n\
mu9ot2lvTSCSnRhjeiP0SIdqFMORmBtOCFk/kYDp9M/91b+vS+S9eAlxrNCB5VOf\n\
PqxEPp/wv1rBcE4GBO/c6HcFon3F+oBYCsUQbZDKSSZxhDm3mj7pb67FNbZbJIzJ\n\
70HDsRe2O04oiTx+h6g6pW3cOQMgIAvFgKN5Ex727K4230B0NIdGkzuj4KSML0NM\n\
slSAcXZ41OoSKNjy44BVEZv0ZdxTDrRM4EwJtNyggFzmtTuV02nkUj1bYYYC5f0L\n\
ADr6s0XMyaNk8twlWYlYDZ5uKDpVRVBfiGcq0uJIzIvemhuTrofh8pBQQNkPRDFT\n\
Rq1iTo1Ihhl3/Fl1kXk1WR3jTjNb4jHX7lIoXwpwp767HAPKGhjQ9cFbnHMEtkro\n\
RlJYdtRq5mccDtwT0GFyoJLLBZdHHMHJz0F9H7FNk2tTQQMhK5MVYwg+LIaee586\n\
CQVqfbscp7evlgjLW98H+5zylRHAgoH2G79aHljNKMp9BOuq6SnEglEsiWGVtu2l\n\
hnx8SB3sVJZHeer8f/UQQwqbAO+Kdy70NmbSaqaVtp8jOxLiidWkwSyRTsuU6D8i\n\
DiH5uEqBXExjrj0FslxcVKdVj5glVcSmkLwZKbEU1OKwleT/iXFhvooWhQ==\n\
-----END CERTIFICATE-----";
char *test_ca_certificate="data:,-----BEGIN CERTIFICATE-----\n\
MIIGOTCCBCGgAwIBAgIJAOE/vJd8EB24MA0GCSqGSIb3DQEBBQUAMIGyMQswCQYD\n\
VQQGEwJGUjEPMA0GA1UECAwGQWxzYWNlMRMwEQYDVQQHDApTdHJhc2JvdXJnMRgw\n\
FgYDVQQKDA93d3cuZnJlZWxhbi5vcmcxEDAOBgNVBAsMB2ZyZWVsYW4xLTArBgNV\n\
BAMMJEZyZWVsYW4gU2FtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTEiMCAGCSqG\n\
SIb3DQEJARYTY29udGFjdEBmcmVlbGFuLm9yZzAeFw0xMjA0MjcxMDE3NDRaFw0x\n\
MjA1MjcxMDE3NDRaMIGyMQswCQYDVQQGEwJGUjEPMA0GA1UECAwGQWxzYWNlMRMw\n\
EQYDVQQHDApTdHJhc2JvdXJnMRgwFgYDVQQKDA93d3cuZnJlZWxhbi5vcmcxEDAO\n\
BgNVBAsMB2ZyZWVsYW4xLTArBgNVBAMMJEZyZWVsYW4gU2FtcGxlIENlcnRpZmlj\n\
YXRlIEF1dGhvcml0eTEiMCAGCSqGSIb3DQEJARYTY29udGFjdEBmcmVlbGFuLm9y\n\
ZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAODp+8oQcK+MTuWPZVxJ\n\
ZR75paK4zcUngupYXWSGWFXPTV7vssFk6vInePArTL+T9KwHfiZ29Pp3UbzDlysY\n\
Kz9f9Ae50jGD6xVPwXgQ/VI979GyFXzhiEMtSYykF04tBJiDl2/FZxbHPpNxC39t\n\
14kwuDqBin9N/ZbT5+45tbbS8ziXS+QgL5hD2q2eYCWayrGEt1Y+jDAdHDHmGnZ8\n\
d4hbgILJAs3IInOCDjC4c1gwHFb8G4QHHTwVhjhqpkq2hQHgzWBC1l2Dku/oDYev\n\
Zu/pfpTo3z6+NOYBrUWseQmIuG+DGMQA9KOuSQveyTywBm4G4vZKn0sCu1/v2+9T\n\
BGv41tgS/Yf6oeeQVrbS4RFY1r9qTK6DW9wkTTesa4xoDKQrWjSJ7+aa8tvBXLGX\n\
x2xdRNWLeRMuGBSOihwXmDr+rCJRauT7pItN5X+uWNTX1ofNksQSUMaFJ5K7L0LU\n\
iQqU2Yyt/8UphdVZL4EFkGSA13UDWtb9mM1hY0h65LlSYwCchEphrtI9cuV+ITrS\n\
NcN6cP/dqDx1/jWd6dqjNu7+dugwX5elQS9uUYCFmugR5s1m2eeBg3QuC7gZLE0N\n\
NbgS7oSxKJe9KeOcw68jHWfBKsCfBfQ4fU2t/ntMybT3hCdEMQu4dgM5Tyw/UeFq\n\
0SaJyTl+G1bTzS0FW6uUp6NLAgMBAAGjUDBOMB0GA1UdDgQWBBQjbC09PildeLhs\n\
Pqriuy4ebIfyUzAfBgNVHSMEGDAWgBQjbC09PildeLhsPqriuy4ebIfyUzAMBgNV\n\
HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQCwRJpJCgp7S+k9BT6X3kBefonE\n\
EOYtyWXBPpuyG3Qlm1rdhc66DCGForDmTxjMmHYtNmAVnM37ILW7MoflWrAkaY19\n\
gv88Fzwa5e6rWK4fTSpiEOc5WB2A3HPN9wJnhQXt1WWMDD7jJSLxLIwFqkzpDbDE\n\
9122TtnIbmKNv0UQpzPV3Ygbqojy6eZHUOT05NaOT7vviv5QwMAH5WeRfiCys8CG\n\
Sno/o830OniEHvePTYswLlX22LyfSHeoTQCCI8pocytl7IwARKCvBgeFqvPrMiqP\n\
ch16FiU9II8KaMgpebrUSz3J1BApOOd1LBd42BeTAkNSxjRvbh8/lDWfnE7ODbKc\n\
b6Ad3V9flFb5OBZH4aTi6QfrDnBmbLgLL8o/MLM+d3Kg94XRU9LjC2rjivQ6MC53\n\
EnWNobcJFY+soXsJokGtFxKgIx8XrhF5GOsT2f1pmMlYL4cjlU0uWkPOOkhq8tIp\n\
R8cBYphzXu1v6h2AaZLRq184e30ZO98omKyQoQ2KAm5AZayRrZZtjvEZPNamSuVQ\n\
iPe3o/4tyQGq+jEMAEjLlDECu0dEa6RFntcbBPMBP3wZwE2bI9GYgvyaZd63DNdm\n\
Xd65m0mmfOWYttfrDT3Q95YP54nHpIxKBw1eFOzrnXOqbKVmJ/1FDP2yWeooKVLf\n\
KvbxUcDaVvXB0EU0bg==\n\
-----END CERTIFICATE-----";
char *test_privatekey = "data:,-----BEGIN RSA PRIVATE KEY-----\n\
MIIJKQIBAAKCAgEA3W29+ID6194bH6ejLrIC4hb2Ugo8v6ZC+Mrck2dNYMNPjcOK\n\
ABvxxEtBamnSaeU/IY7FC/giN622LEtV/3oDcrua0+yWuVafyxmZyTKUb4/GUgaf\n\
RQPf/eiX9urWurtIK7XgNGFNUjYPq4dSJQPPhwCHE/LKAykWnZBXRrX0Dq4XyApN\n\
ku0IpjIjEXH+8ixE12wH8wt7DEvdO7T3N3CfUbaITl1qBX+Nm2Z6q4Ag/u5rl8NJ\n\
fXg71ZmXA3XOj7zFvpyapRIZcPmkvZYn7SMCp8dXyXHPdpSiIWL2uB3KiO4JrUYv\n\
t2GzLBUThp+lNSZaZ/Q3yOaAAUkOx+1h08285Pi+P8lO+H2Xic4SvMq1xtLg2bNo\n\
PC5KnbRfuFPuUD2/3dSiiragJ6uYDLOyWJDivKGt/72OVTEPAL9o6T2pGZrwbQui\n\
FGrGTMZOvWMSpQtNl+tCCXlT4mWqJDRwuMGrI4DnnGzt3IKqNwS4Qyo9KqjMIPwn\n\
XZAmWPm3FOKe4sFwc5fpawKO01JZewDsYTDxVj+cwXwFxbE2yBiFz2FAHwfopwaH\n\
35p3C6lkcgP2k/zgAlnBluzACUI+MKJ/G0gv/uAhj1OHJQ3L6kn1SpvQ41/ueBjl\n\
unExqQSYD7GtZ1Kg8uOcq2r+WISE3Qc9MpQFFkUVllmgWGwYDuN3Zsez95kCAwEA\n\
AQKCAgBymEHxouau4z6MUlisaOn/Ej0mVi/8S1JrqakgDB1Kj6nTRzhbOBsWKJBR\n\
PzTrIv5aIqYtvJwQzrDyGYcHMaEpNpg5Rz716jPGi5hAPRH+7pyHhO/Watv4bvB+\n\
lCjO+O+v12+SDC1U96+CaQUFLQSw7H/7vfH4UsJmhvX0HWSSWFzsZRCiklOgl1/4\n\
vlNgB7MU/c7bZLyor3ZuWQh8Q6fgRSQj0kp1T/78RrwDl8r7xG4gW6vj6F6m+9bg\n\
ro5Zayu3qxqJhWVvR3OPvm8pVa4hIJR5J5Jj3yZNOwdOX/Saiv6tEx7MvB5bGQlC\n\
6co5SIEPPZ/FNC1Y/PNOWrb/Q4GW1AScdICZu7wIkKzWAJCo59A8Luv5FV8vm4R2\n\
4JkyB6kXcVfowrjYXqDF/UX0ddDLLGF96ZStte3PXX8PQWY89FZuBkGw6NRZInHi\n\
xinN2V8cm7Cw85d9Ez2zEGB4KC7LI+JgLQtdg3XvbdfhOi06eGjgK2mwfOqT8Sq+\n\
v9POIJXTNEI3fi3dB86af/8OXRtOrAa1mik2msDI1Goi7cKQbC3fz/p1ISQCptvs\n\
YvNwstDDutkA9o9araQy5b0LC6w5k+CSdVNbd8O2EUd0OBOUjblHKvdZ3Voz8EDF\n\
ywYimmNGje1lK8nh2ndpja5q3ipDs1hKg5UujoGfei2gn0ch5QKCAQEA8O+IHOOu\n\
T/lUgWspophE0Y1aUJQPqgK3EiKB84apwLfz2eAPSBff2dCN7Xp6s//u0fo41LE5\n\
P0ds/5eu9PDlNF6HH5H3OYpV/57v5O2OSBQdB/+3TmNmQGYJCSzouIS3YNOUPQ1z\n\
FFvRateN91BW7wKFHr0+M4zG6ezfutAQywWNoce7oGaYTT8z/yWXqmFidDqng5w5\n\
6d8t40ScozIVacGug+lRi8lbTC+3Tp0r+la66h49upged3hFOvGXIOybvYcE98K2\n\
GpNl9cc4q6O1WLdR7QC91ZNflKOKE8fALLZ/stEXL0p2bixbSnbIdxOEUch/iQhM\n\
chxlsRFLjxV1dwKCAQEA60X6LyefIlXzU3PA+gIRYV0g8FOxzxXfvqvYeyOGwDaa\n\
p/Ex50z76jIJK8wlW5Ei7U6xsxxw3E9DLH7Sf3H4KiGouBVIdcv9+IR0LcdYPR9V\n\
oCQ1Mm5a7fjnm/FJwTokdgWGSwmFTH7/jGcNHZ8lumlRFCj6VcLT/nRxM6dgIXSo\n\
w1D9QGC9V+e6KOZ6VR5xK0h8pOtkqoGrbFLu26GPBSuguPJXt0fwJt9PAG+6VvxJ\n\
89NLML/n+g2/jVKXhfTT1Mbb3Fx4lnbLnkP+JrvYIaoQ1PZNggILYCUGJJTLtqOT\n\
gkg1S41/X8EFg671kAB6ZYPbd5WnL14Xp0a9MOB/bwKCAQEA6WVAl6u/al1/jTdA\n\
R+/1ioHB4Zjsa6bhrUGcXUowGy6XnJG+e/oUsS2kr04cm03sDaC1eOSNLk2Euzw3\n\
EbRidI61mtGNikIF+PAAN+YgFJbXYK5I5jjIDs5JJohIkKaP9c5AJbxnpGslvLg/\n\
IDrFXBc22YY9QTa4YldCi/eOrP0eLIANs95u3zXAqwPBnh1kgG9pYsbuGy5Fh4kp\n\
q7WSpLYo1kQo6J8QQAdhLVh4B7QIsU7GQYGm0djCR81Mt2o9nCW1nEUUnz32YVay\n\
ASM/Q0eip1I2kzSGPLkHww2XjjjkD1cZfIhHnYZ+kO3sV92iKo9tbFOLqmbz48l7\n\
RoplFQKCAQEA6i+DcoCL5A+N3tlvkuuQBUw/xzhn2uu5BP/kwd2A+b7gfp6Uv9lf\n\
P6SCgHf6D4UOMQyN0O1UYdb71ESAnp8BGF7cpC97KtXcfQzK3+53JJAWGQsxcHts\n\
Q0foss6gTZfkRx4EqJhXeOdI06aX5Y5ObZj7PYf0dn0xqyyYqYPHKkYG3jO1gelJ\n\
T0C3ipKv3h4pI55Jg5dTYm0kBvUeELxlsg3VM4L2UNdocikBaDvOTVte+Taut12u\n\
OLaKns9BR/OFD1zJ6DSbS5n/4A9p4YBFCG1Rx8lLKUeDrzXrQWpiw+9amunpMsUr\n\
rlJhfMwgXjA7pOR1BjmOapXMEZNWKlqsPQKCAQByVDxIwMQczUFwQMXcu2IbA3Z8\n\
Czhf66+vQWh+hLRzQOY4hPBNceUiekpHRLwdHaxSlDTqB7VPq+2gSkVrCX8/XTFb\n\
SeVHTYE7iy0Ckyme+2xcmsl/DiUHfEy+XNcDgOutS5MnWXANqMQEoaLW+NPLI3Lu\n\
V1sCMYTd7HN9tw7whqLg18wB1zomSMVGT4DkkmAzq4zSKI1FNYp8KA3OE1Emwq+0\n\
wRsQuawQVLCUEP3To6kYOwTzJq7jhiUK6FnjLjeTrNQSVdoqwoJrlTAHgXVV3q7q\n\
v3TGd3xXD9yQIjmugNgxNiwAZzhJs/ZJy++fPSJ1XQxbd9qPghgGoe/ff6G7\n\
-----END RSA PRIVATE KEY-----";
DDS_Security_ValidationResult_t
validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_identity_token(dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean set_listener(dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_token(dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_handshake_handle(dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_identity_handle(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex);
#endif /* SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_ */

347
src/security/core/tests/plugin_loading/plugin_mock/authentication_init_error/mock_authentication.c Normal file
View file

@ -0,0 +1,347 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include "dds/security/dds_security_api.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/misc.h"
#include "mock_authentication.h"
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_authentication_impl {
dds_security_authentication base;
int id; //sample internal member
} dds_security_authentication_impl;
DDS_Security_ValidationResult_t validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex)
{
unsigned i;
DDS_Security_ValidationResult_t result=DDS_SECURITY_VALIDATION_OK;
dds_security_authentication_impl *implementation =
(dds_security_authentication_impl *) instance;
char *identity_ca = NULL;
char *identity_certificate = NULL;
char *private_key = NULL;
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(adjusted_participant_guid);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_qos);
DDSRT_UNUSED_ARG(candidate_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
implementation->id = 2;
memcpy(adjusted_participant_guid, candidate_participant_guid, sizeof(DDS_Security_GUID_t));
for( i=0; i< participant_qos->property.value._length; i++)
{
//printf("%s: %s",participant_qos->property.value._buffer[i].name, participant_qos->property.value._buffer[i].value);
printf("%s\n",participant_qos->property.value._buffer[i].name);
if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.private_key") == 0)
{
private_key = participant_qos->property.value._buffer[i].value;
} else if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.identity_ca") == 0)
{
identity_ca = participant_qos->property.value._buffer[i].value;
} else if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.identity_certificate") == 0)
{
identity_certificate = participant_qos->property.value._buffer[i].value;
}
}
if( strcmp(identity_certificate, test_identity_certificate) != 0){
result = DDS_SECURITY_VALIDATION_FAILED;
printf("FAILED: Could not get identity_certificate value properly\n");
}
else if( strcmp(identity_ca, test_ca_certificate) != 0){
printf("FAILED: Could not get identity_ca value properly\n");
result = DDS_SECURITY_VALIDATION_FAILED;
}else if( strcmp(private_key, test_privatekey) != 0){
printf("FAILED: Could not get private_key value properly\n");
result = DDS_SECURITY_VALIDATION_FAILED;
}
if( result == DDS_SECURITY_VALIDATION_OK )
{
printf("DDS_SECURITY_VALIDATION_OK\n");
}
return result;
}
DDS_Security_boolean get_identity_token(dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
memset(identity_token, 0, sizeof(*identity_token));
return true;
}
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_status_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(permissions_credential);
DDSRT_UNUSED_ARG(permissions_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_ValidationResult_t validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(remote_identity_handle);
DDSRT_UNUSED_ARG(local_auth_request_token);
DDSRT_UNUSED_ARG(remote_auth_request_token);
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(remote_identity_token);
DDSRT_UNUSED_ARG(remote_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return 0;
}
DDS_Security_boolean get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_listener(dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(listener);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_token(dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_handshake_handle(dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_handle(dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(sharedsecret_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
int32_t init_authentication( const char *argument, void **context)
{
DDSRT_UNUSED_ARG(argument);
DDSRT_UNUSED_ARG(context);
/* return error code for test purposes */
return 1;
}
int32_t finalize_authentication(void *instance)
{
ddsrt_free((dds_security_authentication_impl*) instance);
return 0;
}

217
src/security/core/tests/plugin_loading/plugin_mock/authentication_init_error/mock_authentication.h Normal file
View file

@ -0,0 +1,217 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#ifndef SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#define SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#include "dds/security/authentication_init_error_export.h"
SECURITY_EXPORT int32_t
init_authentication(const char *argument, void **context);
SECURITY_EXPORT int32_t
finalize_authentication(void *context);
char *test_identity_certificate="data:,-----BEGIN CERTIFICATE-----\n\
MIIDYDCCAkigAwIBAgIBBDANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJOTDEL\n\
MAkGA1UECBMCT1YxEzARBgNVBAoTCkFETGluayBJU1QxGTAXBgNVBAMTEElkZW50\n\
aXR5IENBIFRlc3QxJjAkBgkqhkiG9w0BCQEWF2luZm9AaXN0LmFkbGlua3RlY2gu\n\
Y29tMB4XDTE4MDMxMjAwMDAwMFoXDTI3MDMxMTIzNTk1OVowdTELMAkGA1UEBhMC\n\
TkwxCzAJBgNVBAgTAk9WMRAwDgYDVQQKEwdBRExpbmsgMREwDwYDVQQLEwhJU1Qg\n\
VGVzdDETMBEGA1UEAxMKQWxpY2UgVGVzdDEfMB0GCSqGSIb3DQEJARYQYWxpY2VA\n\
YWRsaW5rLmlzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBW+tEZ\n\
Baw7EQCEXyzH9n7IkZ8PQIKe8hG1LAOGYOF/oUYQZJO/HxbWoC4rFqOC20+A6is6\n\
kFwr1Zzp/Wurk9CrFXo5Nomi6ActH6LUM57nYqN68w6U38z/XkQxVY/ESZ5dySfD\n\
9Q1C8R+zdE8gwbimdYmwX7ioz336nghM2CoAHPDRthQeJupl8x4V7isOltr9CGx8\n\
+imJXbGr39OK6u87cNLeu23sUkOIC0lSRMIqIQK3oJtHS70J2qecXdqp9MhE7Xky\n\
/GPlI8ptQ1gJ8A3cAOvtI9mtMJMszs2EKWTLfeTcmfJHKKhKjvCgDdh3Jan4x5YP\n\
Yg7HG6H+ceOUkMMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAkvuqZzyJ3Nu4/Eo5\n\
kD0nVgYGBUl7cspu+636q39zPSrxLEDMUWz+u8oXLpyGcgiZ8lZulPTV8dmOn+3C\n\
Vg55c5C+gbnbX3MDyb3wB17296RmxYf6YNul4sFOmj6+g2i+Dw9WH0PBCVKbA84F\n\
jR3Gx2Pfoifor3DvT0YFSsjNIRt090u4dQglbIb6cWEafC7O24t5jFhGPvJ7L9SE\n\
gB0Drh/HmKTVuaqaRkoOKkKaKuWoXsszK1ZFda1DHommnR5LpYPsDRQ2fVM4EuBF\n\
By03727uneuG8HLuNcLEV9H0i7LxtyfFkyCPUQvWG5jehb7xPOz/Ml26NAwwjlTJ\n\
xEEFrw==\n\
-----END CERTIFICATE-----";
char *test_ca_certificate="data:,-----BEGIN CERTIFICATE-----\n\
MIIEKTCCAxGgAwIBAgIBATANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJOTDEL\n\
MAkGA1UECBMCT1YxEzARBgNVBAoTCkFETGluayBJU1QxGTAXBgNVBAMTEElkZW50\n\
aXR5IENBIFRlc3QxJjAkBgkqhkiG9w0BCQEWF2luZm9AaXN0LmFkbGlua3RlY2gu\n\
Y29tMB4XDTE4MDMxMjAwMDAwMFoXDTI3MDMxMTIzNTk1OVowcjELMAkGA1UEBhMC\n\
TkwxCzAJBgNVBAgTAk9WMRMwEQYDVQQKEwpBRExpbmsgSVNUMRkwFwYDVQQDExBJ\n\
ZGVudGl0eSBDQSBUZXN0MSYwJAYJKoZIhvcNAQkBFhdpbmZvQGlzdC5hZGxpbmt0\n\
ZWNoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANa/ENFfGVXg\n\
bPLTzBdDfiZQcp5dWZ//Pb8ErFOJu8uosVHFv8t69dgjHgNHB4OsjmjnR7GfKUZT\n\
0cMvWJnjsC7DDlBwFET9rj4k40n96bbVCH9I7+tNhsoqzc6Eu+5h4sk7VfNGTM2Z\n\
SyCd4GiSZRuA44rRbhXI7/LDpr4hY5J9ZDo5AM9ZyoLAoh774H3CZWD67S35XvUs\n\
72dzE6uKG/vxBbvZ7eW2GLO6ewa9UxlnLVMPfJdpkp/xYXwwcPW2+2YXCge1ujxs\n\
tjrOQJ5HUySh6DkE/kZpx8zwYWm9AaCrsvCIX1thsqgvKy+U5v1FS1L58eGc6s//\n\
9yMgNhU29R0CAwEAAaOByTCBxjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRNVUJN\n\
FzhJPReYT4QSx6dK53CXCTAfBgNVHSMEGDAWgBRNVUJNFzhJPReYT4QSx6dK53CX\n\
CTAPBgNVHQ8BAf8EBQMDB/+AMGUGA1UdJQEB/wRbMFkGCCsGAQUFBwMBBggrBgEF\n\
BQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkGCCsG\n\
AQUFBwMNBggrBgEFBQcDDgYHKwYBBQIDBTANBgkqhkiG9w0BAQsFAAOCAQEAcOLF\n\
ZYdJguj0uxeXB8v3xnUr1AWz9+gwg0URdfNLU2KvF2lsb/uznv6168b3/FcPgezN\n\
Ihl9GqB+RvGwgXS/1UelCGbQiIUdsNxk246P4uOGPIyW32RoJcYPWZcpY+cw11tQ\n\
NOnk994Y5/8ad1DmcxVLLqq5kwpXGWQufV1zOONq8B+mCvcVAmM4vkyF/de56Lwa\n\
sAMpk1p77uhaDnuq2lIR4q3QHX2wGctFid5Q375DRscFQteY01r/dtwBBrMn0wuL\n\
AMNx9ZGD+zAoOUaslpIlEQ+keAxk3jgGMWFMxF81YfhEnXzevSQXWpyek86XUyFL\n\
O9IAQi5pa15gXjSbUg==\n\
-----END CERTIFICATE-----";
char *test_privatekey = "data:,-----BEGIN RSA PRIVATE KEY-----\n\
MIIEowIBAAKCAQEA0Fb60RkFrDsRAIRfLMf2fsiRnw9Agp7yEbUsA4Zg4X+hRhBk\n\
k78fFtagLisWo4LbT4DqKzqQXCvVnOn9a6uT0KsVejk2iaLoBy0fotQznudio3rz\n\
DpTfzP9eRDFVj8RJnl3JJ8P1DULxH7N0TyDBuKZ1ibBfuKjPffqeCEzYKgAc8NG2\n\
FB4m6mXzHhXuKw6W2v0IbHz6KYldsavf04rq7ztw0t67bexSQ4gLSVJEwiohAreg\n\
m0dLvQnap5xd2qn0yETteTL8Y+Ujym1DWAnwDdwA6+0j2a0wkyzOzYQpZMt95NyZ\n\
8kcoqEqO8KAN2HclqfjHlg9iDscbof5x45SQwwIDAQABAoIBAG0dYPeqd0IhHWJ7\n\
8azufbchLMN1pX/D51xG2uptssfnpHuhkkufSZUYi4QipRS2ME6PYhWJ8pmTi6lH\n\
E6cUkbI0KGd/F4U2gPdhNrR9Fxwea5bbifkVF7Gx/ZkRjZJiZ3w9+mCNTQbJDKhh\n\
wITAzzT6WYznhvqbzzBX1fTa6kv0GAQtX7aHKM+XIwkhX2gzU5TU80bvH8aMrT05\n\
tAMGQqkUeRnpo0yucBl4VmTZzd/+X/d2UyXR0my15jE5iH5o+p+E6qTRE9D+MGUd\n\
MQ6Ftj0Untqy1lcog1ZLL6zPlnwcD4jgY5VCYDgvabnrSwymOJapPLsAEdWdq+U5\n\
ec44BMECgYEA/+3qPUrd4XxA517qO3fCGBvf2Gkr7w5ZDeATOTHGuD8QZeK0nxPl\n\
CWhRjdgkqo0fyf1cjczL5XgYayo+YxkO1Z4RUU+8lJAHlVx9izOQo+MTQfkwH4BK\n\
LYlHxMoHJwAOXXoE+dmBaDh5xT0mDUGU750r763L6EFovE4qRBn9hxkCgYEA0GWz\n\
rpOPNxb419WxG9npoQYdCZ5IbmEOGDH3ReggVzWHmW8sqtkqTZm5srcyDpqAc1Gu\n\
paUveMblEBbU+NFJjLWOfwB5PCp8jsrqRgCQSxolShiVkc3Vu3oyzMus9PDge1eo\n\
9mwVGO7ojQKWRu/WVAakENPaAjeyyhv4dqSNnjsCgYEAlwe8yszqoY1k8+U0T0G+\n\
HeIdOCXgkmOiNCj+zyrLvaEhuS6PLq1b5TBVqGJcSPWdQ+MrglbQIKu9pUg5ptt7\n\
wJ5WU+i9PeK9Ruxc/g/BFKYFkFJQjtZzb+nqm3wpul8zGwDN/O/ZiTqCyd3rHbmM\n\
/dZ/viKPCZHIEBAEq0m3LskCgYBndzcAo+5k8ZjWwBfQth5SfhCIp/daJgGzbYtR\n\
P/BenAsY2KOap3tjT8Fsw5usuHSxzIojX6H0Gvu7Qzq11mLn43Q+BeQrRQTWeFRc\n\
MQdy4iZFZXNNEp7dF8yE9VKHwdgSJPGUdxD6chMvf2tRCN6mlS171VLV6wVvZvez\n\
H/vX5QKBgD2Dq/NHpjCpAsECP9awmNF5Akn5WJbRGmegwXIih2mOtgtYYDeuQyxY\n\
ZCrdJFfIUjUVPagshEmUklKhkYMYpzy2PQDVtaVcm6UNFroxT5h+J+KDs1LN1H8G\n\
LsASrzyAg8EpRulwXEfLrWKiu9DKv8bMEgO4Ovgz8zTKJZIFhcac\n\
-----END RSA PRIVATE KEY-----";
DDS_Security_ValidationResult_t
validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_identity_token(dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean set_listener(dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_token(dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_handshake_handle(dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_identity_handle(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex);
#endif /* SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_ */

396
src/security/core/tests/plugin_loading/plugin_mock/authentication_missing_function/mock_authentication.c Normal file
View file

@ -0,0 +1,396 @@
/*
* authentication.c
*
* Created on: Jan 12, 2018
* Author: kurtulus oksuztepe
*
* Description: This file implements the Authentication interface for DDS Security 1.2
*
*/
#include "dds/security/dds_security_api.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/misc.h"
#include "mock_authentication.h"
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_authentication_impl {
dds_security_authentication base;
int id; //sample internal member
} dds_security_authentication_impl;
DDS_Security_ValidationResult_t validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex)
{
unsigned i;
DDS_Security_ValidationResult_t result=DDS_SECURITY_VALIDATION_OK;
dds_security_authentication_impl *implementation =
(dds_security_authentication_impl *) instance;
char *identity_ca = NULL;
char *identity_certificate = NULL;
char *private_key = NULL;
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(adjusted_participant_guid);
DDSRT_UNUSED_ARG(domain_id);
DDSRT_UNUSED_ARG(participant_qos);
DDSRT_UNUSED_ARG(candidate_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
implementation->id = 2;
memcpy(adjusted_participant_guid, candidate_participant_guid, sizeof(DDS_Security_GUID_t));
for( i=0; i< participant_qos->property.value._length; i++)
{
//printf("%s: %s",participant_qos->property.value._buffer[i].name, participant_qos->property.value._buffer[i].value);
printf("%s\n",participant_qos->property.value._buffer[i].name);
if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.private_key") == 0)
{
private_key = participant_qos->property.value._buffer[i].value;
} else if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.identity_ca") == 0)
{
identity_ca = participant_qos->property.value._buffer[i].value;
} else if( strcmp(participant_qos->property.value._buffer[i].name, "dds.sec.auth.identity_certificate") == 0)
{
identity_certificate = participant_qos->property.value._buffer[i].value;
}
}
if( strcmp(identity_certificate, test_identity_certificate) != 0){
result = DDS_SECURITY_VALIDATION_FAILED;
printf("FAILED: Could not get identity_certificate value properly\n");
}
else if( strcmp(identity_ca, test_ca_certificate) != 0){
printf("FAILED: Could not get identity_ca value properly\n");
result = DDS_SECURITY_VALIDATION_FAILED;
}else if( strcmp(private_key, test_privatekey) != 0){
printf("FAILED: Could not get private_key value properly\n");
result = DDS_SECURITY_VALIDATION_FAILED;
}
if( result == DDS_SECURITY_VALIDATION_OK )
{
printf("DDS_SECURITY_VALIDATION_OK\n");
}
return result;
}
DDS_Security_boolean get_identity_token(dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
memset(identity_token, 0, sizeof(*identity_token));
return true;
}
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_status_token);
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handle);
DDSRT_UNUSED_ARG(permissions_credential);
DDSRT_UNUSED_ARG(permissions_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_ValidationResult_t validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(remote_identity_handle);
DDSRT_UNUSED_ARG(local_auth_request_token);
DDSRT_UNUSED_ARG(remote_auth_request_token);
DDSRT_UNUSED_ARG(local_identity_handle);
DDSRT_UNUSED_ARG(remote_identity_token);
DDSRT_UNUSED_ARG(remote_participant_guid);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(initiator_identity_handle);
DDSRT_UNUSED_ARG(replier_identity_handle);
DDSRT_UNUSED_ARG(serialized_local_participant_data);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_ValidationResult_t process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_message_out);
DDSRT_UNUSED_ARG(handshake_message_in);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return DDS_SECURITY_VALIDATION_OK;
}
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return 0;
}
DDS_Security_boolean get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean set_listener(dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(listener);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_token(dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(peer_credential_token);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_handshake_handle(dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(handshake_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_identity_handle(dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(identity_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(sharedsecret_handle);
DDSRT_UNUSED_ARG(ex);
DDSRT_UNUSED_ARG(instance);
return true;
}
int32_t init_authentication( const char *argument, void **context)
{
dds_security_authentication_impl *authentication;
DDSRT_UNUSED_ARG(argument);
//allocate implementation wrapper
authentication = (dds_security_authentication_impl*) ddsrt_malloc(
sizeof(dds_security_authentication_impl));
memset(authentication, 0, sizeof(dds_security_authentication_impl));
//assign the interface functions
authentication->base.validate_local_identity = &validate_local_identity;
authentication->base.get_identity_token = &get_identity_token;
authentication->base.get_identity_status_token = &get_identity_status_token;
authentication->base.set_permissions_credential_and_token =
&set_permissions_credential_and_token;
authentication->base.validate_remote_identity = &validate_remote_identity;
authentication->base.begin_handshake_request = &begin_handshake_request;
authentication->base.begin_handshake_reply = &begin_handshake_reply;
authentication->base.process_handshake = &process_handshake;
/* missing function
authentication->base.get_shared_secret = &get_shared_secret;
*/
authentication->base.get_authenticated_peer_credential_token =
&get_authenticated_peer_credential_token;
authentication->base.set_listener = &set_listener;
authentication->base.return_identity_token = &return_identity_token;
authentication->base.return_identity_status_token =
&return_identity_status_token;
authentication->base.return_authenticated_peer_credential_token =
&return_authenticated_peer_credential_token;
authentication->base.return_handshake_handle = &return_handshake_handle;
authentication->base.return_identity_handle = &return_identity_handle;
authentication->base.return_sharedsecret_handle = &return_sharedsecret_handle;
//prepare implementation wrapper
authentication->id = 1;
//return the instance
*context = authentication;
return 0;
}
int32_t finalize_authentication(void *instance)
{
ddsrt_free((dds_security_authentication_impl*) instance);
return 0;
}

218
src/security/core/tests/plugin_loading/plugin_mock/authentication_missing_function/mock_authentication.h Normal file
View file

@ -0,0 +1,218 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#ifndef SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#define SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_
#include "dds/security/authentication_missing_function_export.h"
SECURITY_EXPORT int32_t
init_authentication(const char *argument, void **context);
SECURITY_EXPORT int32_t
finalize_authentication(void *context);
char *test_identity_certificate="data:,-----BEGIN CERTIFICATE-----\n\
MIIDYDCCAkigAwIBAgIBBDANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJOTDEL\n\
MAkGA1UECBMCT1YxEzARBgNVBAoTCkFETGluayBJU1QxGTAXBgNVBAMTEElkZW50\n\
aXR5IENBIFRlc3QxJjAkBgkqhkiG9w0BCQEWF2luZm9AaXN0LmFkbGlua3RlY2gu\n\
Y29tMB4XDTE4MDMxMjAwMDAwMFoXDTI3MDMxMTIzNTk1OVowdTELMAkGA1UEBhMC\n\
TkwxCzAJBgNVBAgTAk9WMRAwDgYDVQQKEwdBRExpbmsgMREwDwYDVQQLEwhJU1Qg\n\
VGVzdDETMBEGA1UEAxMKQWxpY2UgVGVzdDEfMB0GCSqGSIb3DQEJARYQYWxpY2VA\n\
YWRsaW5rLmlzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBW+tEZ\n\
Baw7EQCEXyzH9n7IkZ8PQIKe8hG1LAOGYOF/oUYQZJO/HxbWoC4rFqOC20+A6is6\n\
kFwr1Zzp/Wurk9CrFXo5Nomi6ActH6LUM57nYqN68w6U38z/XkQxVY/ESZ5dySfD\n\
9Q1C8R+zdE8gwbimdYmwX7ioz336nghM2CoAHPDRthQeJupl8x4V7isOltr9CGx8\n\
+imJXbGr39OK6u87cNLeu23sUkOIC0lSRMIqIQK3oJtHS70J2qecXdqp9MhE7Xky\n\
/GPlI8ptQ1gJ8A3cAOvtI9mtMJMszs2EKWTLfeTcmfJHKKhKjvCgDdh3Jan4x5YP\n\
Yg7HG6H+ceOUkMMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAkvuqZzyJ3Nu4/Eo5\n\
kD0nVgYGBUl7cspu+636q39zPSrxLEDMUWz+u8oXLpyGcgiZ8lZulPTV8dmOn+3C\n\
Vg55c5C+gbnbX3MDyb3wB17296RmxYf6YNul4sFOmj6+g2i+Dw9WH0PBCVKbA84F\n\
jR3Gx2Pfoifor3DvT0YFSsjNIRt090u4dQglbIb6cWEafC7O24t5jFhGPvJ7L9SE\n\
gB0Drh/HmKTVuaqaRkoOKkKaKuWoXsszK1ZFda1DHommnR5LpYPsDRQ2fVM4EuBF\n\
By03727uneuG8HLuNcLEV9H0i7LxtyfFkyCPUQvWG5jehb7xPOz/Ml26NAwwjlTJ\n\
xEEFrw==\n\
-----END CERTIFICATE-----";
char *test_ca_certificate="data:,-----BEGIN CERTIFICATE-----\n\
MIIEKTCCAxGgAwIBAgIBATANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJOTDEL\n\
MAkGA1UECBMCT1YxEzARBgNVBAoTCkFETGluayBJU1QxGTAXBgNVBAMTEElkZW50\n\
aXR5IENBIFRlc3QxJjAkBgkqhkiG9w0BCQEWF2luZm9AaXN0LmFkbGlua3RlY2gu\n\
Y29tMB4XDTE4MDMxMjAwMDAwMFoXDTI3MDMxMTIzNTk1OVowcjELMAkGA1UEBhMC\n\
TkwxCzAJBgNVBAgTAk9WMRMwEQYDVQQKEwpBRExpbmsgSVNUMRkwFwYDVQQDExBJ\n\
ZGVudGl0eSBDQSBUZXN0MSYwJAYJKoZIhvcNAQkBFhdpbmZvQGlzdC5hZGxpbmt0\n\
ZWNoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANa/ENFfGVXg\n\
bPLTzBdDfiZQcp5dWZ//Pb8ErFOJu8uosVHFv8t69dgjHgNHB4OsjmjnR7GfKUZT\n\
0cMvWJnjsC7DDlBwFET9rj4k40n96bbVCH9I7+tNhsoqzc6Eu+5h4sk7VfNGTM2Z\n\
SyCd4GiSZRuA44rRbhXI7/LDpr4hY5J9ZDo5AM9ZyoLAoh774H3CZWD67S35XvUs\n\
72dzE6uKG/vxBbvZ7eW2GLO6ewa9UxlnLVMPfJdpkp/xYXwwcPW2+2YXCge1ujxs\n\
tjrOQJ5HUySh6DkE/kZpx8zwYWm9AaCrsvCIX1thsqgvKy+U5v1FS1L58eGc6s//\n\
9yMgNhU29R0CAwEAAaOByTCBxjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRNVUJN\n\
FzhJPReYT4QSx6dK53CXCTAfBgNVHSMEGDAWgBRNVUJNFzhJPReYT4QSx6dK53CX\n\
CTAPBgNVHQ8BAf8EBQMDB/+AMGUGA1UdJQEB/wRbMFkGCCsGAQUFBwMBBggrBgEF\n\
BQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkGCCsG\n\
AQUFBwMNBggrBgEFBQcDDgYHKwYBBQIDBTANBgkqhkiG9w0BAQsFAAOCAQEAcOLF\n\
ZYdJguj0uxeXB8v3xnUr1AWz9+gwg0URdfNLU2KvF2lsb/uznv6168b3/FcPgezN\n\
Ihl9GqB+RvGwgXS/1UelCGbQiIUdsNxk246P4uOGPIyW32RoJcYPWZcpY+cw11tQ\n\
NOnk994Y5/8ad1DmcxVLLqq5kwpXGWQufV1zOONq8B+mCvcVAmM4vkyF/de56Lwa\n\
sAMpk1p77uhaDnuq2lIR4q3QHX2wGctFid5Q375DRscFQteY01r/dtwBBrMn0wuL\n\
AMNx9ZGD+zAoOUaslpIlEQ+keAxk3jgGMWFMxF81YfhEnXzevSQXWpyek86XUyFL\n\
O9IAQi5pa15gXjSbUg==\n\
-----END CERTIFICATE-----";
char *test_privatekey = "data:,-----BEGIN RSA PRIVATE KEY-----\n\
MIIEowIBAAKCAQEA0Fb60RkFrDsRAIRfLMf2fsiRnw9Agp7yEbUsA4Zg4X+hRhBk\n\
k78fFtagLisWo4LbT4DqKzqQXCvVnOn9a6uT0KsVejk2iaLoBy0fotQznudio3rz\n\
DpTfzP9eRDFVj8RJnl3JJ8P1DULxH7N0TyDBuKZ1ibBfuKjPffqeCEzYKgAc8NG2\n\
FB4m6mXzHhXuKw6W2v0IbHz6KYldsavf04rq7ztw0t67bexSQ4gLSVJEwiohAreg\n\
m0dLvQnap5xd2qn0yETteTL8Y+Ujym1DWAnwDdwA6+0j2a0wkyzOzYQpZMt95NyZ\n\
8kcoqEqO8KAN2HclqfjHlg9iDscbof5x45SQwwIDAQABAoIBAG0dYPeqd0IhHWJ7\n\
8azufbchLMN1pX/D51xG2uptssfnpHuhkkufSZUYi4QipRS2ME6PYhWJ8pmTi6lH\n\
E6cUkbI0KGd/F4U2gPdhNrR9Fxwea5bbifkVF7Gx/ZkRjZJiZ3w9+mCNTQbJDKhh\n\
wITAzzT6WYznhvqbzzBX1fTa6kv0GAQtX7aHKM+XIwkhX2gzU5TU80bvH8aMrT05\n\
tAMGQqkUeRnpo0yucBl4VmTZzd/+X/d2UyXR0my15jE5iH5o+p+E6qTRE9D+MGUd\n\
MQ6Ftj0Untqy1lcog1ZLL6zPlnwcD4jgY5VCYDgvabnrSwymOJapPLsAEdWdq+U5\n\
ec44BMECgYEA/+3qPUrd4XxA517qO3fCGBvf2Gkr7w5ZDeATOTHGuD8QZeK0nxPl\n\
CWhRjdgkqo0fyf1cjczL5XgYayo+YxkO1Z4RUU+8lJAHlVx9izOQo+MTQfkwH4BK\n\
LYlHxMoHJwAOXXoE+dmBaDh5xT0mDUGU750r763L6EFovE4qRBn9hxkCgYEA0GWz\n\
rpOPNxb419WxG9npoQYdCZ5IbmEOGDH3ReggVzWHmW8sqtkqTZm5srcyDpqAc1Gu\n\
paUveMblEBbU+NFJjLWOfwB5PCp8jsrqRgCQSxolShiVkc3Vu3oyzMus9PDge1eo\n\
9mwVGO7ojQKWRu/WVAakENPaAjeyyhv4dqSNnjsCgYEAlwe8yszqoY1k8+U0T0G+\n\
HeIdOCXgkmOiNCj+zyrLvaEhuS6PLq1b5TBVqGJcSPWdQ+MrglbQIKu9pUg5ptt7\n\
wJ5WU+i9PeK9Ruxc/g/BFKYFkFJQjtZzb+nqm3wpul8zGwDN/O/ZiTqCyd3rHbmM\n\
/dZ/viKPCZHIEBAEq0m3LskCgYBndzcAo+5k8ZjWwBfQth5SfhCIp/daJgGzbYtR\n\
P/BenAsY2KOap3tjT8Fsw5usuHSxzIojX6H0Gvu7Qzq11mLn43Q+BeQrRQTWeFRc\n\
MQdy4iZFZXNNEp7dF8yE9VKHwdgSJPGUdxD6chMvf2tRCN6mlS171VLV6wVvZvez\n\
H/vX5QKBgD2Dq/NHpjCpAsECP9awmNF5Akn5WJbRGmegwXIih2mOtgtYYDeuQyxY\n\
ZCrdJFfIUjUVPagshEmUklKhkYMYpzy2PQDVtaVcm6UNFroxT5h+J+KDs1LN1H8G\n\
LsASrzyAg8EpRulwXEfLrWKiu9DKv8bMEgO4Ovgz8zTKJZIFhcac\n\
-----END RSA PRIVATE KEY-----";
DDS_Security_ValidationResult_t
validate_local_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *local_identity_handle,
DDS_Security_GUID_t *adjusted_participant_guid,
const DDS_Security_DomainId domain_id,
const DDS_Security_Qos *participant_qos,
const DDS_Security_GUID_t *candidate_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_identity_token(dds_security_authentication *instance,
DDS_Security_IdentityToken *identity_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
set_permissions_credential_and_token(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle handle,
const DDS_Security_PermissionsCredentialToken *permissions_credential,
const DDS_Security_PermissionsToken *permissions_token,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
validate_remote_identity(
dds_security_authentication *instance,
DDS_Security_IdentityHandle *remote_identity_handle,
DDS_Security_AuthRequestMessageToken *local_auth_request_token,
const DDS_Security_AuthRequestMessageToken *remote_auth_request_token,
const DDS_Security_IdentityHandle local_identity_handle,
const DDS_Security_IdentityToken *remote_identity_token,
const DDS_Security_GUID_t *remote_participant_guid,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_request(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
begin_handshake_reply(
dds_security_authentication *instance,
DDS_Security_HandshakeHandle *handshake_handle,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_IdentityHandle initiator_identity_handle,
const DDS_Security_IdentityHandle replier_identity_handle,
const DDS_Security_OctetSeq *serialized_local_participant_data,
DDS_Security_SecurityException *ex);
DDS_Security_ValidationResult_t
process_handshake(
dds_security_authentication *instance,
DDS_Security_HandshakeMessageToken *handshake_message_out,
const DDS_Security_HandshakeMessageToken *handshake_message_in,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_SharedSecretHandle get_shared_secret(
dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
get_authenticated_peer_credential_token(
dds_security_authentication *instance,
DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean get_identity_status_token(
dds_security_authentication *instance,
DDS_Security_IdentityStatusToken *identity_status_token,
const DDS_Security_IdentityHandle handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean set_listener(dds_security_authentication *instance,
const dds_security_authentication_listener *listener,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_token(dds_security_authentication *instance,
const DDS_Security_IdentityToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_identity_status_token(
dds_security_authentication *instance,
const DDS_Security_IdentityStatusToken *token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_authenticated_peer_credential_token(
dds_security_authentication *instance,
const DDS_Security_AuthenticatedPeerCredentialToken *peer_credential_token,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_handshake_handle(dds_security_authentication *instance,
const DDS_Security_HandshakeHandle handshake_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean
return_identity_handle(
dds_security_authentication *instance,
const DDS_Security_IdentityHandle identity_handle,
DDS_Security_SecurityException *ex);
DDS_Security_boolean return_sharedsecret_handle(
dds_security_authentication *instance,
const DDS_Security_SharedSecretHandle sharedsecret_handle,
DDS_Security_SecurityException *ex);
#endif /* SECURITY_BUILTIN_PLUGINS_AUTHENTICATION_H_ */

667
src/security/core/tests/plugin_loading/plugin_mock/cryptography_all_ok/mock_cryptography.c Normal file
View file

@ -0,0 +1,667 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include "dds/security/dds_security_api.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/misc.h"
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
#include "mock_cryptography.h"
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_cryptography_impl {
dds_security_cryptography base;
int member;
} dds_security_cryptography_impl;
dds_security_crypto_key_exchange* dds_security_crypto_key_exchange__alloc(void);
void dds_security_crypto_key_exchange__dealloc(
dds_security_crypto_key_exchange* instance);
dds_security_crypto_key_factory* dds_security_crypto_key_factory__alloc(void);
void dds_security_crypto_key_factory__dealloc(
dds_security_crypto_key_factory* instance);
/**
* CryptoTransform Interface
*/
/*
* Allocation function for implementer structure (with internal variables) transparently.
*
*/
dds_security_crypto_transform* dds_security_crypto_transform__alloc(void);
void dds_security_crypto_transform__dealloc(
dds_security_crypto_transform* instance);
int32_t init_crypto( const char *argument, void **context)
{
dds_security_cryptography_impl *cryptography;
dds_security_crypto_key_exchange *crypto_key_exchange;
dds_security_crypto_key_factory *crypto_key_factory;
dds_security_crypto_transform *crypto_transform;
DDSRT_UNUSED_ARG(argument);
//allocate new instance
cryptography = (dds_security_cryptography_impl*) ddsrt_malloc(
sizeof(dds_security_cryptography_impl));
//assign the sub components
crypto_key_exchange = dds_security_crypto_key_exchange__alloc();
crypto_key_factory = dds_security_crypto_key_factory__alloc();
crypto_transform = dds_security_crypto_transform__alloc();
cryptography->base.crypto_key_exchange = crypto_key_exchange;
cryptography->base.crypto_key_factory = crypto_key_factory;
cryptography->base.crypto_transform = crypto_transform;
//return the instance
*context = cryptography;
return 0;
}
int32_t finalize_crypto( void *instance)
{
dds_security_cryptography_impl* instance_impl =
(dds_security_cryptography_impl*) instance;
//deallocate components
dds_security_crypto_key_exchange__dealloc(
instance_impl->base.crypto_key_exchange);
dds_security_crypto_key_factory__dealloc(
instance_impl->base.crypto_key_factory);
dds_security_crypto_transform__dealloc(instance_impl->base.crypto_transform);
//deallocate cryptography
ddsrt_free(instance_impl);
return 0;
}
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_crypto_key_exchange_impl {
dds_security_crypto_key_exchange base;
int member;
} dds_security_crypto_key_exchange_impl;
/**
* Function implementations
*/
static DDS_Security_boolean create_local_participant_crypto_tokens(
dds_security_crypto_key_exchange *instance,
DDS_Security_ParticipantCryptoTokenSeq *local_participant_crypto_tokens,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_participant_crypto_tokens);
DDSRT_UNUSED_ARG(local_participant_crypto);
DDSRT_UNUSED_ARG(remote_participant_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean set_remote_participant_crypto_tokens(
dds_security_crypto_key_exchange *instance,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
const DDS_Security_ParticipantCryptoTokenSeq *remote_participant_tokens,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_participant_crypto);
DDSRT_UNUSED_ARG(remote_participant_crypto);
DDSRT_UNUSED_ARG(remote_participant_tokens);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean create_local_datawriter_crypto_tokens(
dds_security_crypto_key_exchange *instance,
DDS_Security_DatawriterCryptoTokenSeq *local_datawriter_crypto_tokens,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle remote_datareader_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datawriter_crypto_tokens);
DDSRT_UNUSED_ARG(local_datawriter_crypto);
DDSRT_UNUSED_ARG(remote_datareader_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean set_remote_datawriter_crypto_tokens(
dds_security_crypto_key_exchange *instance,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle remote_datawriter_crypto,
const DDS_Security_DatawriterCryptoTokenSeq *remote_datawriter_tokens,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datareader_crypto);
DDSRT_UNUSED_ARG(remote_datawriter_crypto);
DDSRT_UNUSED_ARG(remote_datawriter_tokens);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean create_local_datareader_crypto_tokens(
dds_security_crypto_key_exchange *instance,
DDS_Security_DatareaderCryptoTokenSeq *local_datareader_cryto_tokens,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle remote_datawriter_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datareader_cryto_tokens);
DDSRT_UNUSED_ARG(local_datareader_crypto);
DDSRT_UNUSED_ARG(remote_datawriter_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean set_remote_datareader_crypto_tokens(
dds_security_crypto_key_exchange *instance,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle remote_datareader_crypto,
const DDS_Security_DatareaderCryptoTokenSeq *remote_datareader_tokens,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datawriter_crypto);
DDSRT_UNUSED_ARG(remote_datareader_crypto);
DDSRT_UNUSED_ARG(remote_datareader_tokens);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean return_crypto_tokens(
dds_security_crypto_key_exchange *instance,
DDS_Security_CryptoTokenSeq *crypto_tokens,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(crypto_tokens);
DDSRT_UNUSED_ARG(ex);
return true;
}
dds_security_crypto_key_exchange* dds_security_crypto_key_exchange__alloc(void)
{
dds_security_crypto_key_exchange_impl *instance;
instance = (dds_security_crypto_key_exchange_impl*) ddsrt_malloc(
sizeof(dds_security_crypto_key_exchange_impl));
instance->base.create_local_participant_crypto_tokens =
&create_local_participant_crypto_tokens;
instance->base.set_remote_participant_crypto_tokens =
&set_remote_participant_crypto_tokens;
instance->base.create_local_datawriter_crypto_tokens =
&create_local_datawriter_crypto_tokens;
instance->base.set_remote_datawriter_crypto_tokens =
&set_remote_datawriter_crypto_tokens;
instance->base.create_local_datareader_crypto_tokens =
&create_local_datareader_crypto_tokens;
instance->base.set_remote_datareader_crypto_tokens =
&set_remote_datareader_crypto_tokens;
instance->base.return_crypto_tokens = &return_crypto_tokens;
return (dds_security_crypto_key_exchange*) instance;
}
void dds_security_crypto_key_exchange__dealloc(
dds_security_crypto_key_exchange* instance)
{
ddsrt_free((dds_security_crypto_key_exchange_impl*) instance);
}
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_crypto_key_factory_impl {
dds_security_crypto_key_factory base;
int member;
} dds_security_crypto_key_factory_impl;
/**
* Function implementations
*/
static DDS_Security_ParticipantCryptoHandle register_local_participant(
dds_security_crypto_key_factory *instance,
const DDS_Security_IdentityHandle participant_identity,
const DDS_Security_PermissionsHandle participant_permissions,
const DDS_Security_PropertySeq *participant_properties,
const DDS_Security_ParticipantSecurityAttributes *participant_security_attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(participant_identity);
DDSRT_UNUSED_ARG(participant_permissions);
DDSRT_UNUSED_ARG(participant_properties);
DDSRT_UNUSED_ARG(participant_security_attributes);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_ParticipantCryptoHandle register_matched_remote_participant(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto_handle,
const DDS_Security_IdentityHandle remote_participant_identity,
const DDS_Security_PermissionsHandle remote_participant_permissions,
const DDS_Security_SharedSecretHandle shared_secret,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_participant_crypto_handle);
DDSRT_UNUSED_ARG(remote_participant_identity);
DDSRT_UNUSED_ARG(remote_participant_permissions);
DDSRT_UNUSED_ARG(shared_secret);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_DatawriterCryptoHandle register_local_datawriter(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto,
const DDS_Security_PropertySeq *datawriter_properties,
const DDS_Security_EndpointSecurityAttributes *datawriter_security_attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(participant_crypto);
DDSRT_UNUSED_ARG(datawriter_properties);
DDSRT_UNUSED_ARG(datawriter_security_attributes);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_DatareaderCryptoHandle register_matched_remote_datareader(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatawriterCryptoHandle local_datawritert_crypto_handle,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
const DDS_Security_SharedSecretHandle shared_secret,
const DDS_Security_boolean relay_only,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datawritert_crypto_handle);
DDSRT_UNUSED_ARG(remote_participant_crypto);
DDSRT_UNUSED_ARG(shared_secret);
DDSRT_UNUSED_ARG(relay_only);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_DatareaderCryptoHandle register_local_datareader(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto,
const DDS_Security_PropertySeq *datareader_properties,
const DDS_Security_EndpointSecurityAttributes *datareader_security_attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(participant_crypto);
DDSRT_UNUSED_ARG(datareader_properties);
DDSRT_UNUSED_ARG(datareader_security_attributes);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_DatawriterCryptoHandle register_matched_remote_datawriter(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto_handle,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypt,
const DDS_Security_SharedSecretHandle shared_secret,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datareader_crypto_handle);
DDSRT_UNUSED_ARG(remote_participant_crypt);
DDSRT_UNUSED_ARG(shared_secret);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean unregister_participant(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(participant_crypto_handle);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean unregister_datawriter(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatawriterCryptoHandle datawriter_crypto_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(datawriter_crypto_handle);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean unregister_datareader(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatareaderCryptoHandle datareader_crypto_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(datareader_crypto_handle);
DDSRT_UNUSED_ARG(ex);
return true;
}
dds_security_crypto_key_factory* dds_security_crypto_key_factory__alloc(void)
{
dds_security_crypto_key_factory_impl *instance;
instance = (dds_security_crypto_key_factory_impl*) ddsrt_malloc(
sizeof(dds_security_crypto_key_factory_impl));
instance->base.register_local_participant = &register_local_participant;
instance->base.register_matched_remote_participant =
&register_matched_remote_participant;
instance->base.register_local_datawriter = &register_local_datawriter;
instance->base.register_matched_remote_datareader =
&register_matched_remote_datareader;
instance->base.register_local_datareader = &register_local_datareader;
instance->base.register_matched_remote_datawriter =
&register_matched_remote_datawriter;
instance->base.unregister_participant = &unregister_participant;
instance->base.unregister_datawriter = &unregister_datawriter;
instance->base.unregister_datareader = &unregister_datareader;
return (dds_security_crypto_key_factory*) instance;
}
void dds_security_crypto_key_factory__dealloc(
dds_security_crypto_key_factory* instance)
{
ddsrt_free((dds_security_crypto_key_factory_impl*) instance);
}
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_crypto_transform_impl {
dds_security_crypto_transform base;
int member;
} dds_security_crypto_transform_impl;
/**
* Function implementations
*/
static DDS_Security_boolean encode_serialized_payload(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_buffer,
DDS_Security_OctetSeq *extra_inline_qos,
const DDS_Security_OctetSeq *plain_buffer,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(encoded_buffer);
DDSRT_UNUSED_ARG(extra_inline_qos);
DDSRT_UNUSED_ARG(plain_buffer);
DDSRT_UNUSED_ARG(sending_datawriter_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean encode_datawriter_submessage(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandleSeq *receiving_datareader_crypto_list,
int32_t *receiving_datareader_crypto_list_index,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(encoded_rtps_submessage);
DDSRT_UNUSED_ARG(plain_rtps_submessage);
DDSRT_UNUSED_ARG(sending_datawriter_crypto);
DDSRT_UNUSED_ARG(receiving_datareader_crypto_list);
DDSRT_UNUSED_ARG(receiving_datareader_crypto_list_index);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean encode_datareader_submessage(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_DatareaderCryptoHandle sending_datareader_crypto,
const DDS_Security_DatawriterCryptoHandleSeq *receiving_datawriter_crypto_list,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(encoded_rtps_submessage);
DDSRT_UNUSED_ARG(plain_rtps_submessage);
DDSRT_UNUSED_ARG(sending_datareader_crypto);
DDSRT_UNUSED_ARG(receiving_datawriter_crypto_list);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean encode_rtps_message( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_message,
const DDS_Security_OctetSeq *plain_rtps_message,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
const DDS_Security_ParticipantCryptoHandleSeq *receiving_participant_crypto_list,
int32_t *receiving_participant_crypto_list_index,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(encoded_rtps_message);
DDSRT_UNUSED_ARG(plain_rtps_message);
DDSRT_UNUSED_ARG(sending_participant_crypto);
DDSRT_UNUSED_ARG(receiving_participant_crypto_list);
DDSRT_UNUSED_ARG(receiving_participant_crypto_list_index);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean decode_rtps_message( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_buffer, const DDS_Security_OctetSeq *encoded_buffer,
const DDS_Security_ParticipantCryptoHandle receiving_participant_crypto,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(plain_buffer);
DDSRT_UNUSED_ARG(encoded_buffer);
DDSRT_UNUSED_ARG(receiving_participant_crypto);
DDSRT_UNUSED_ARG(sending_participant_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean preprocess_secure_submsg(
dds_security_crypto_transform *instance,
DDS_Security_DatawriterCryptoHandle *datawriter_crypto,
DDS_Security_DatareaderCryptoHandle *datareader_crypto,
DDS_Security_SecureSubmessageCategory_t *secure_submessage_category,
const DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_ParticipantCryptoHandle receiving_participant_crypto,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(datawriter_crypto);
DDSRT_UNUSED_ARG(datareader_crypto);
DDSRT_UNUSED_ARG(secure_submessage_category);
DDSRT_UNUSED_ARG(encoded_rtps_submessage);
DDSRT_UNUSED_ARG(receiving_participant_crypto);
DDSRT_UNUSED_ARG(sending_participant_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean decode_datawriter_submessage(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_DatareaderCryptoHandle receiving_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(plain_rtps_submessage);
DDSRT_UNUSED_ARG(encoded_rtps_submessage);
DDSRT_UNUSED_ARG(receiving_datareader_crypto);
DDSRT_UNUSED_ARG(sending_datawriter_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean decode_datareader_submessage(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_rtps_message,
const DDS_Security_OctetSeq *encoded_rtps_message,
const DDS_Security_DatawriterCryptoHandle receiving_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle sending_datareader_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(plain_rtps_message);
DDSRT_UNUSED_ARG(encoded_rtps_message);
DDSRT_UNUSED_ARG(receiving_datawriter_crypto);
DDSRT_UNUSED_ARG(sending_datareader_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean decode_serialized_payload(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_buffer, const DDS_Security_OctetSeq *encoded_buffer,
const DDS_Security_OctetSeq *inline_qos,
const DDS_Security_DatareaderCryptoHandle receiving_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(plain_buffer);
DDSRT_UNUSED_ARG(encoded_buffer);
DDSRT_UNUSED_ARG(inline_qos);
DDSRT_UNUSED_ARG(receiving_datareader_crypto);
DDSRT_UNUSED_ARG(sending_datawriter_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
dds_security_crypto_transform* dds_security_crypto_transform__alloc(void)
{
dds_security_crypto_transform_impl *instance;
instance = (dds_security_crypto_transform_impl*) ddsrt_malloc(
sizeof(dds_security_crypto_transform_impl));
memset( instance, 0, sizeof(dds_security_crypto_transform_impl));
instance->base.encode_datawriter_submessage = &encode_datawriter_submessage;
instance->base.encode_datareader_submessage = &encode_datareader_submessage;
instance->base.encode_rtps_message = &encode_rtps_message;
instance->base.decode_rtps_message = &decode_rtps_message;
instance->base.preprocess_secure_submsg = &preprocess_secure_submsg;
instance->base.decode_datawriter_submessage = &decode_datawriter_submessage;
instance->base.decode_datareader_submessage = &decode_datareader_submessage;
instance->base.decode_serialized_payload = &decode_serialized_payload;
instance->base.encode_serialized_payload = &encode_serialized_payload;
return (dds_security_crypto_transform*) instance;
}
void dds_security_crypto_transform__dealloc(
dds_security_crypto_transform* instance)
{
ddsrt_free((dds_security_crypto_transform_impl*) instance);
}

21
src/security/core/tests/plugin_loading/plugin_mock/cryptography_all_ok/mock_cryptography.h Normal file
View file

@ -0,0 +1,21 @@
/*
* authentication.h
*
* Created on: Jan 15, 2018
* Author: kurtulus oksuztepe
*/
#ifndef SECURITY_CRYPTO_OK_H_
#define SECURITY_CRYPTO_OK_H_
#include "dds/security/cryptography_all_ok_export.h"
#include "dds/security/dds_security_api.h"
SECURITY_EXPORT int32_t
init_crypto(const char *argument, void **context);
SECURITY_EXPORT int32_t
finalize_crypto(void *context);
#endif /* SECURITY_CRYPTO_OK_H_ */

656
src/security/core/tests/plugin_loading/plugin_mock/cryptography_missing_function/mock_cryptography.c Normal file
View file

@ -0,0 +1,656 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#include "dds/security/dds_security_api.h"
#include "dds/ddsrt/heap.h"
#include "dds/ddsrt/misc.h"
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
#include "mock_cryptography.h"
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_cryptography_impl {
dds_security_cryptography base;
int member;
} dds_security_cryptography_impl;
dds_security_crypto_key_exchange* dds_security_crypto_key_exchange__alloc(void);
void dds_security_crypto_key_exchange__dealloc(
dds_security_crypto_key_exchange* instance);
dds_security_crypto_key_factory* dds_security_crypto_key_factory__alloc(void);
void dds_security_crypto_key_factory__dealloc(
dds_security_crypto_key_factory* instance);
/**
* CryptoTransform Interface
*/
/*
* Allocation function for implementer structure (with internal variables) transparently.
*
*/
dds_security_crypto_transform* dds_security_crypto_transform__alloc(void);
void dds_security_crypto_transform__dealloc(
dds_security_crypto_transform* instance);
int32_t init_crypto( const char *argument, void **context)
{
dds_security_cryptography_impl *cryptography;
dds_security_crypto_key_exchange *crypto_key_exchange;
dds_security_crypto_key_factory *crypto_key_factory;
dds_security_crypto_transform *crypto_transform;
DDSRT_UNUSED_ARG(argument);
//allocate new instance
cryptography = (dds_security_cryptography_impl*) ddsrt_malloc(
sizeof(dds_security_cryptography_impl));
memset( cryptography, 0, sizeof(dds_security_cryptography_impl));
//assign the sub components
crypto_key_exchange = dds_security_crypto_key_exchange__alloc();
crypto_key_factory = dds_security_crypto_key_factory__alloc();
crypto_transform = dds_security_crypto_transform__alloc();
cryptography->base.crypto_key_exchange = crypto_key_exchange;
cryptography->base.crypto_key_factory = crypto_key_factory;
cryptography->base.crypto_transform = crypto_transform;
//return the instance
*context = cryptography;
return 0;
}
int32_t finalize_crypto( void *instance)
{
dds_security_cryptography_impl* instance_impl =
(dds_security_cryptography_impl*) instance;
//deallocate components
dds_security_crypto_key_exchange__dealloc(
instance_impl->base.crypto_key_exchange);
dds_security_crypto_key_factory__dealloc(
instance_impl->base.crypto_key_factory);
dds_security_crypto_transform__dealloc(instance_impl->base.crypto_transform);
//deallocate cryptography
ddsrt_free(instance_impl);
return 0;
}
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_crypto_key_exchange_impl {
dds_security_crypto_key_exchange base;
int member;
} dds_security_crypto_key_exchange_impl;
/**
* Function implementations
*/
static DDS_Security_boolean create_local_participant_crypto_tokens(
dds_security_crypto_key_exchange *instance,
DDS_Security_ParticipantCryptoTokenSeq *local_participant_crypto_tokens,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_participant_crypto_tokens);
DDSRT_UNUSED_ARG(local_participant_crypto);
DDSRT_UNUSED_ARG(remote_participant_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean create_local_datawriter_crypto_tokens(
dds_security_crypto_key_exchange *instance,
DDS_Security_DatawriterCryptoTokenSeq *local_datawriter_crypto_tokens,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle remote_datareader_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datawriter_crypto_tokens);
DDSRT_UNUSED_ARG(local_datawriter_crypto);
DDSRT_UNUSED_ARG(remote_datareader_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean set_remote_datawriter_crypto_tokens(
dds_security_crypto_key_exchange *instance,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle remote_datawriter_crypto,
const DDS_Security_DatawriterCryptoTokenSeq *remote_datawriter_tokens,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datareader_crypto);
DDSRT_UNUSED_ARG(remote_datawriter_crypto);
DDSRT_UNUSED_ARG(remote_datawriter_tokens);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean create_local_datareader_crypto_tokens(
dds_security_crypto_key_exchange *instance,
DDS_Security_DatareaderCryptoTokenSeq *local_datareader_cryto_tokens,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle remote_datawriter_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datareader_cryto_tokens);
DDSRT_UNUSED_ARG(local_datareader_crypto);
DDSRT_UNUSED_ARG(remote_datawriter_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean set_remote_datareader_crypto_tokens(
dds_security_crypto_key_exchange *instance,
const DDS_Security_DatawriterCryptoHandle local_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle remote_datareader_crypto,
const DDS_Security_DatareaderCryptoTokenSeq *remote_datareader_tokens,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datawriter_crypto);
DDSRT_UNUSED_ARG(remote_datareader_crypto);
DDSRT_UNUSED_ARG(remote_datareader_tokens);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean return_crypto_tokens(
dds_security_crypto_key_exchange *instance,
DDS_Security_CryptoTokenSeq *crypto_tokens,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(crypto_tokens);
DDSRT_UNUSED_ARG(ex);
return true;
}
dds_security_crypto_key_exchange* dds_security_crypto_key_exchange__alloc(void)
{
dds_security_crypto_key_exchange_impl *instance;
instance = (dds_security_crypto_key_exchange_impl*) ddsrt_malloc(
sizeof(dds_security_crypto_key_exchange_impl));
memset( instance, 0, sizeof(dds_security_crypto_key_exchange_impl));
instance->base.create_local_participant_crypto_tokens =
&create_local_participant_crypto_tokens;
/* Do not assign it for testing purposes
instance->base.set_remote_participant_crypto_tokens =
&set_remote_participant_crypto_tokens;
*/
instance->base.create_local_datawriter_crypto_tokens =
&create_local_datawriter_crypto_tokens;
instance->base.set_remote_datawriter_crypto_tokens =
&set_remote_datawriter_crypto_tokens;
instance->base.create_local_datareader_crypto_tokens =
&create_local_datareader_crypto_tokens;
instance->base.set_remote_datareader_crypto_tokens =
&set_remote_datareader_crypto_tokens;
instance->base.return_crypto_tokens = &return_crypto_tokens;
return (dds_security_crypto_key_exchange*) instance;
}
void dds_security_crypto_key_exchange__dealloc(
dds_security_crypto_key_exchange* instance)
{
ddsrt_free((dds_security_crypto_key_exchange_impl*) instance);
}
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_crypto_key_factory_impl {
dds_security_crypto_key_factory base;
int member;
} dds_security_crypto_key_factory_impl;
/**
* Function implementations
*/
static DDS_Security_ParticipantCryptoHandle register_local_participant(
dds_security_crypto_key_factory *instance,
const DDS_Security_IdentityHandle participant_identity,
const DDS_Security_PermissionsHandle participant_permissions,
const DDS_Security_PropertySeq *participant_properties,
const DDS_Security_ParticipantSecurityAttributes *participant_security_attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(participant_identity);
DDSRT_UNUSED_ARG(participant_permissions);
DDSRT_UNUSED_ARG(participant_properties);
DDSRT_UNUSED_ARG(participant_security_attributes);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_ParticipantCryptoHandle register_matched_remote_participant(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle local_participant_crypto_handle,
const DDS_Security_IdentityHandle remote_participant_identity,
const DDS_Security_PermissionsHandle remote_participant_permissions,
const DDS_Security_SharedSecretHandle shared_secret,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_participant_crypto_handle);
DDSRT_UNUSED_ARG(remote_participant_identity);
DDSRT_UNUSED_ARG(remote_participant_permissions);
DDSRT_UNUSED_ARG(shared_secret);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_DatawriterCryptoHandle register_local_datawriter(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto,
const DDS_Security_PropertySeq *datawriter_properties,
const DDS_Security_EndpointSecurityAttributes *datawriter_security_attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(participant_crypto);
DDSRT_UNUSED_ARG(datawriter_properties);
DDSRT_UNUSED_ARG(datawriter_security_attributes);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_DatareaderCryptoHandle register_matched_remote_datareader(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatawriterCryptoHandle local_datawritert_crypto_handle,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypto,
const DDS_Security_SharedSecretHandle shared_secret,
const DDS_Security_boolean relay_only,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datawritert_crypto_handle);
DDSRT_UNUSED_ARG(remote_participant_crypto);
DDSRT_UNUSED_ARG(shared_secret);
DDSRT_UNUSED_ARG(relay_only);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_DatareaderCryptoHandle register_local_datareader(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto,
const DDS_Security_PropertySeq *datareader_properties,
const DDS_Security_EndpointSecurityAttributes *datareader_security_attributes,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(participant_crypto);
DDSRT_UNUSED_ARG(datareader_properties);
DDSRT_UNUSED_ARG(datareader_security_attributes);
DDSRT_UNUSED_ARG(ex);
return 0;
}
static DDS_Security_DatawriterCryptoHandle register_matched_remote_datawriter(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatareaderCryptoHandle local_datareader_crypto_handle,
const DDS_Security_ParticipantCryptoHandle remote_participant_crypt,
const DDS_Security_SharedSecretHandle shared_secret,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(local_datareader_crypto_handle);
DDSRT_UNUSED_ARG(remote_participant_crypt);
DDSRT_UNUSED_ARG(shared_secret);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean unregister_participant(
dds_security_crypto_key_factory *instance,
const DDS_Security_ParticipantCryptoHandle participant_crypto_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(participant_crypto_handle);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean unregister_datawriter(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatawriterCryptoHandle datawriter_crypto_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(datawriter_crypto_handle);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean unregister_datareader(
dds_security_crypto_key_factory *instance,
const DDS_Security_DatareaderCryptoHandle datareader_crypto_handle,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(datareader_crypto_handle);
DDSRT_UNUSED_ARG(ex);
return true;
}
dds_security_crypto_key_factory* dds_security_crypto_key_factory__alloc(void)
{
dds_security_crypto_key_factory_impl *instance;
instance = (dds_security_crypto_key_factory_impl*) ddsrt_malloc(
sizeof(dds_security_crypto_key_factory_impl));
memset( instance, 0, sizeof(dds_security_crypto_key_factory_impl));
instance->base.register_local_participant = &register_local_participant;
instance->base.register_matched_remote_participant =
&register_matched_remote_participant;
instance->base.register_local_datawriter = &register_local_datawriter;
instance->base.register_matched_remote_datareader =
&register_matched_remote_datareader;
instance->base.register_local_datareader = &register_local_datareader;
instance->base.register_matched_remote_datawriter =
&register_matched_remote_datawriter;
instance->base.unregister_participant = &unregister_participant;
instance->base.unregister_datawriter = &unregister_datawriter;
instance->base.unregister_datareader = &unregister_datareader;
return (dds_security_crypto_key_factory*) instance;
}
void dds_security_crypto_key_factory__dealloc(
dds_security_crypto_key_factory* instance)
{
ddsrt_free((dds_security_crypto_key_factory_impl*) instance);
}
/**
* Implementation structure for storing encapsulated members of the instance
* while giving only the interface definition to user
*/
typedef struct dds_security_crypto_transform_impl {
dds_security_crypto_transform base;
int member;
} dds_security_crypto_transform_impl;
/**
* Function implementations
*/
static DDS_Security_boolean encode_serialized_payload(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_buffer,
DDS_Security_OctetSeq *extra_inline_qos,
const DDS_Security_OctetSeq *plain_buffer,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(encoded_buffer);
DDSRT_UNUSED_ARG(extra_inline_qos);
DDSRT_UNUSED_ARG(plain_buffer);
DDSRT_UNUSED_ARG(sending_datawriter_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean encode_datawriter_submessage(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandleSeq *receiving_datareader_crypto_list,
int32_t *receiving_datareader_crypto_list_index,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(encoded_rtps_submessage);
DDSRT_UNUSED_ARG(plain_rtps_submessage);
DDSRT_UNUSED_ARG(sending_datawriter_crypto);
DDSRT_UNUSED_ARG(receiving_datareader_crypto_list);
DDSRT_UNUSED_ARG(receiving_datareader_crypto_list_index);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean encode_datareader_submessage(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_DatareaderCryptoHandle sending_datareader_crypto,
const DDS_Security_DatawriterCryptoHandleSeq *receiving_datawriter_crypto_list,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(encoded_rtps_submessage);
DDSRT_UNUSED_ARG(plain_rtps_submessage);
DDSRT_UNUSED_ARG(sending_datareader_crypto);
DDSRT_UNUSED_ARG(receiving_datawriter_crypto_list);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean encode_rtps_message( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *encoded_rtps_message,
const DDS_Security_OctetSeq *plain_rtps_message,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
const DDS_Security_ParticipantCryptoHandleSeq *receiving_participant_crypto_list,
int32_t *receiving_participant_crypto_list_index,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(encoded_rtps_message);
DDSRT_UNUSED_ARG(plain_rtps_message);
DDSRT_UNUSED_ARG(sending_participant_crypto);
DDSRT_UNUSED_ARG(receiving_participant_crypto_list);
DDSRT_UNUSED_ARG(receiving_participant_crypto_list_index);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean decode_rtps_message( dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_buffer, const DDS_Security_OctetSeq *encoded_buffer,
const DDS_Security_ParticipantCryptoHandle receiving_participant_crypto,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(plain_buffer);
DDSRT_UNUSED_ARG(encoded_buffer);
DDSRT_UNUSED_ARG(receiving_participant_crypto);
DDSRT_UNUSED_ARG(sending_participant_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean preprocess_secure_submsg(
dds_security_crypto_transform *instance,
DDS_Security_DatawriterCryptoHandle *datawriter_crypto,
DDS_Security_DatareaderCryptoHandle *datareader_crypto,
DDS_Security_SecureSubmessageCategory_t *secure_submessage_category,
const DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_ParticipantCryptoHandle receiving_participant_crypto,
const DDS_Security_ParticipantCryptoHandle sending_participant_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(datawriter_crypto);
DDSRT_UNUSED_ARG(datareader_crypto);
DDSRT_UNUSED_ARG(secure_submessage_category);
DDSRT_UNUSED_ARG(encoded_rtps_submessage);
DDSRT_UNUSED_ARG(receiving_participant_crypto);
DDSRT_UNUSED_ARG(sending_participant_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean decode_datawriter_submessage(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_rtps_submessage,
const DDS_Security_OctetSeq *encoded_rtps_submessage,
const DDS_Security_DatareaderCryptoHandle receiving_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(plain_rtps_submessage);
DDSRT_UNUSED_ARG(encoded_rtps_submessage);
DDSRT_UNUSED_ARG(receiving_datareader_crypto);
DDSRT_UNUSED_ARG(sending_datawriter_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean decode_datareader_submessage(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_rtps_message,
const DDS_Security_OctetSeq *encoded_rtps_message,
const DDS_Security_DatawriterCryptoHandle receiving_datawriter_crypto,
const DDS_Security_DatareaderCryptoHandle sending_datareader_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(plain_rtps_message);
DDSRT_UNUSED_ARG(encoded_rtps_message);
DDSRT_UNUSED_ARG(receiving_datawriter_crypto);
DDSRT_UNUSED_ARG(sending_datareader_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
static DDS_Security_boolean decode_serialized_payload(
dds_security_crypto_transform *instance,
DDS_Security_OctetSeq *plain_buffer, const DDS_Security_OctetSeq *encoded_buffer,
const DDS_Security_OctetSeq *inline_qos,
const DDS_Security_DatareaderCryptoHandle receiving_datareader_crypto,
const DDS_Security_DatawriterCryptoHandle sending_datawriter_crypto,
DDS_Security_SecurityException *ex)
{
DDSRT_UNUSED_ARG(instance);
DDSRT_UNUSED_ARG(plain_buffer);
DDSRT_UNUSED_ARG(encoded_buffer);
DDSRT_UNUSED_ARG(inline_qos);
DDSRT_UNUSED_ARG(receiving_datareader_crypto);
DDSRT_UNUSED_ARG(sending_datawriter_crypto);
DDSRT_UNUSED_ARG(ex);
return true;
}
dds_security_crypto_transform* dds_security_crypto_transform__alloc(void)
{
dds_security_crypto_transform_impl *instance;
instance = (dds_security_crypto_transform_impl*) ddsrt_malloc(
sizeof(dds_security_crypto_transform_impl));
instance->base.encode_datawriter_submessage = &encode_datawriter_submessage;
instance->base.encode_datareader_submessage = &encode_datareader_submessage;
instance->base.encode_rtps_message = &encode_rtps_message;
instance->base.decode_rtps_message = &decode_rtps_message;
instance->base.preprocess_secure_submsg = &preprocess_secure_submsg;
instance->base.decode_datawriter_submessage = &decode_datawriter_submessage;
instance->base.decode_datareader_submessage = &decode_datareader_submessage;
instance->base.decode_serialized_payload = &decode_serialized_payload;
instance->base.encode_serialized_payload = &encode_serialized_payload;
return (dds_security_crypto_transform*) instance;
}
void dds_security_crypto_transform__dealloc(
dds_security_crypto_transform* instance)
{
ddsrt_free((dds_security_crypto_transform_impl*) instance);
}

26
src/security/core/tests/plugin_loading/plugin_mock/cryptography_missing_function/mock_cryptography.h Normal file
View file

@ -0,0 +1,26 @@
/*
* Copyright(c) 2006 to 2019 ADLINK Technology Limited and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
* v. 1.0 which is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
*/
#ifndef SECURITY_CRYPTO_MISSING_H_
#define SECURITY_CRYPTO_MISSING_H_
#include "dds/security/cryptography_missing_function_export.h"
#include "dds/security/dds_security_api.h"
SECURITY_EXPORT int32_t
init_crypto(const char *argument, void **context);
SECURITY_EXPORT int32_t
finalize_crypto(void *context);
#endif /* SECURITY_CRYPTO_MISSING_H_ */