Fixed a bug in the subject compare function for identity subjects, that
could cause using the incorrect permission grant in case multiple grants
are provided in the permissions configuration of the access control plugin.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Remove duplicated code in authentication plugin
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fix build warnings
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fix memory leak and call create_validate_asymmetrical_signature directly from create_validate_signature_impl
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fix refcount issue (assert in openssl) for identity cert in hs remote info
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Refactoring of validate_handshake_token function
Co-authored-by: Erik Boasson <eb@ilities.com>
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fix code formatting, fix for memory leak in validate_handshake_reply_token and
make error handling and return values more consistent with the other two
plugins.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Processed review comments: fixed memory leaks and more consistent error handling and function returns
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fix trusted ca dir max exceeded
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Security plugins are built but not installed. Add target to CMakeLists.txt
for three security plugins.
Signed-off-by: Sid Faber <sid.faber@canonical.com>
Isolate domains by using unique tags when running tests that are using security handshake.
And updated coding style and some minor refactoring in fsm and timed_cb tests.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Trusted CA dir in security configuration is optional, but participant
creation currently fails if no or empty dir is provided. This commit
fixes this issue and adds some tests for various trusted_ca_dir values.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
updated plugin loading tests to use these instead of specific wrappers per test. Added
test for securing communication ad handshake fail (using different identity CAs)
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Implement trigger of certificate and permission expiries using the timed callbacks.
Implement directory operations such that trusted CA can be read.
This implements OS abstraction functions such as opendir and stat.
Signed-off-by: Stefan Kimmer <skimmer@s2e-systems.com>
This commit adds the build-in Access Control plugin that is part of the
DDS Security implementation for Cyclone.
The Access Control Plugin API defines the types and operations necessary
to support an access control mechanism for DDS Domain Participants.
Similar to other builtin plugins, the DDS Security access control plugin
is built as a shared library to allow dynamic library loading on runtime.
This enables DDS participants to use specific plugin implementations with
different configurations.
This commit includes some basic tests for the access control functions.
This initial version of the plugin does not support permissions expiry
(not-valid-after date in permissions configuration).
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Process review comments for access control plugin
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Part 2 of processing review changes for access control
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Add test for topicname dcps, add comment for xml date parser
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Fixed an bug in leap year count for year 2200, changed the rounding for sub-ns fraction and added an additional overflow test in DDS_Security_parse_xml_date
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Dispatchers are added to a custom linked list while each dispatcher owns a
fibheap of callbacks that are ordered by expiry timestamp. A seperate
fibheap is use for each dispatcher to allow disabling and enabling of
each dispatcher. A new and free function is added that creates a
timed_cd_data object that is used by every public function. A thread is
initialized at object creation instead of using a counter. Add
a protection for the terminate flag.
Signed-off-by: Joao Rebelo <jrebelo@s2e-systems.com>
A generic FSM has been added to DDS Security Core component to realize authentication handshake process.
The list of the states and the transitions are given in the creation and the FSM is started with a start call.
Passing arguments to transition funstions is possible.
Timeout transitions are possible.
Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
Security plugin loading with the given configuration has been added.
The configuration can be given by either the Cyclone DDS configuration file or ParticipantQoS during participant creation.
ParticipantQoS is required by DDS Security spec. However, the configuration file is an additional useful feature that helps the user to add security to the DDS application without changing the binary.
If ParticipantQoS has a Property starting with the name "dds.sec", then the configuration file is ignored.
If the participant is the first participant, the security component is initialized. If the participant is the last active participant, then the security component is de-initialized.
Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
* DDS Security built-in Cryptographic plugin
This commit adds the built-in Cryptographic plugin that is part of the
DDS Security implementation for Cyclone.
The Cryptographic plugin defines the types and operations necessary
to support encryption, digest, message authentication codes, and key
exchange for DDS DomainParticipants, DataWriters and DDS DataReaders.
Similar to other builtin plugins, the DDS Security cryptographic plugin
is built as a shared library to allow dynamic library loading on runtime.
This enables DDS participants to use specific plugin implementations
with different configurations.
Although I think this initial version is a reasonable starting point to be
merged in the security branch, some parts of the code will need refactoring:
* crypto_key_factory.c: crypto_factory_get_endpoint_relation returns
arbitrary local-remote relation if no specific key for remote is found,
which will not work in Cyclone because participants can have different
security settings
* performance of encoding data can be improved by not copying
plain_rtps_message to a new buffer (to enable this, crypto_cipher_encrypt_data
should allow encrypting parts of a message)
* when decoding a message the message is split in several parts (header, body,
footer, etc) and for this memory is allocated which is probably not necessary.
Performance should be improved by removing these allocations and use pointers
to the data instead.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP processing crypto plugin review comments
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP more refactoring based on review comments
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP fixing crypto plugin support for 128 bit key size
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP refactored master key storage to reduce memory usage when using 128 bit keys
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP fixing windows build linker issue
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP refactored crypto key types, avoid returning pointers to released ref-counted object
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fixed bug in test decode_datareader_submessage.invalid_data
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fixed issues from review: use correct constant for hashing and handle different src/dst keysize correctly
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Builtin authentication plugin of DDS Security implementation was added.
This plugin is the first implementation and it also contains the functions that are used initially in the secure communication sequence.
The builtin authentication plugin implements authentication using a trusted Certificate Authority (CA). It performs mutual authentication between discovered participants using the RSA or ECDSA Digital Signature Algorithms and establishes a shared secret using Diffie-Hellman (DH) or Elliptic Curve Diffie-Hellman (ECDH) Key Agreement Methods.
DDS Security core component is introduced with this commit. DDSI and other builtin plugins will also use the security core.
Like all builtin plugins, dds security authentication plugin is a shared library for providing dynamic library loading on runtime. So that, dds participants can use different plugin implementations with different configurations.
Authentication plugin uses ddsrt functions. ddsrt is not expected to be a shared library and statically adding ddsrt objects to authentication library produces linkage errors in windows. So, dynamically linking authentication plugin to ddc library is decided. Another decision should be taken for the platforms that are not supporting dynamic libraries later.
Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
This API consists of only header files which are grabbed from spec IDL. The dynamically loaded plugins should implement API functions.
Built-in plugins will be added to the repository later. Third party plugins will also be able to be integrated.
Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
