Document new transmit_algorithms_as_legacy on builtin security plug…

…ins (#974) * Refs #19925. Add documentation of new property in PKIDH. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #19925. Add documentation of new property in Permissions. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Apply suggestions from code review Co-authored-by: Mario Domínguez López <116071334+Mario-DL@users.noreply.github.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Mario Domínguez López <116071334+Mario-DL@users.noreply.github.com> (cherry picked from commit cc95496)
eProsima · Feb 12, 2025 · df0b7d3 · df0b7d3
1 parent 2208e89
commit df0b7d3
Show file tree

Hide file tree

Showing 5 changed files with 25 additions and 2 deletions.
diff --git a/code/DDSCodeTester.cpp b/code/DDSCodeTester.cpp
@@ -645,6 +645,9 @@ void dds_domain_examples()
         pqos.properties().properties().emplace_back(
             "dds.sec.auth.builtin.PKI-DH.preferred_key_agreement",
             "ECDH");
+        pqos.properties().properties().emplace_back(
+            "dds.sec.auth.builtin.PKI-DH.transmit_algorithms_as_legacy",
+            "true");
         //!--
     }
     {
@@ -680,6 +683,9 @@ void dds_domain_examples()
         pqos.properties().properties().emplace_back(
             "dds.sec.access.builtin.Access-Permissions.permissions",
             "file://certs/permissions.smime");
+        pqos.properties().properties().emplace_back(
+            "dds.sec.access.builtin.Access-Permissions.transmit_algorithms_as_legacy",
+            "true");
         //!--
     }
     {

diff --git a/code/XMLTester.xml b/code/XMLTester.xml
@@ -3054,6 +3054,10 @@
                     <name>dds.sec.auth.builtin.PKI-DH.preferred_key_agreement</name>
                     <value>ECDH</value>
                 </property>
+                <property>
+                    <name>dds.sec.auth.builtin.PKI-DH.transmit_algorithms_as_legacy</name>
+                    <value>true</value>
+                </property>
             </properties>
         </propertiesPolicy>
     </rtps>
@@ -3106,6 +3110,10 @@
                     <name>dds.sec.access.builtin.Access-Permissions.permissions</name>
                     <value>file://permissions.smime</value>
                 </property>
+                <property>
+                    <name>dds.sec.access.builtin.Access-Permissions.transmit_algorithms_as_legacy</name>
+                    <value>true</value>
+                </property>
             </properties>
         </propertiesPolicy>
     </rtps>

diff --git a/docs/fastdds/property_policies/security.rst b/docs/fastdds/property_policies/security.rst
@@ -48,7 +48,10 @@ The following table outlines the properties used for the :ref:`DDS\:Auth\:PKI-DH
        a) ``DH``, ``DH+MODP-2048-256`` for  Diffie-Hellman Ephemeral with 2048-bit MODP Group parameters. |br|
        b) ``ECDH``, ``ECDH+prime256v1-CEUM`` for Elliptic Curve Diffie-Hellman Ephemeral with the NIST P-256 curve. |br|
        c) ``AUTO`` for selecting the key agreement based on the signature algorithm in the Identity CA's certificate. |br|
-       Will default to ``DH`` if the property is not present.
+       Will default to ``AUTO`` if the property is not present.
+   * - ``transmit_algorithms_as_legacy`` *(optional)*
+     - Whether to transmit algorithm identifiers in non-standard legacy format. |br|
+       Will default to ``false`` if the property is not present.
 
 .. note::
   All properties listed above have the ``dds.sec.auth.builtin.PKI-DH."`` prefix.

diff --git a/docs/fastdds/security/access_control_plugin/access_control_plugin.rst b/docs/fastdds/security/access_control_plugin/access_control_plugin.rst
@@ -55,6 +55,9 @@ The following table outlines the properties used for the DDS\:Access\:Permission
    * - permissions
      - URI to the Participant permissions document signed by the |br| Permissions CA in S/MIME format. |br|
        Supported URI schemes: file.
+   * - transmit_algorithms_as_legacy *(optional)*
+     - Whether to transmit algorithm identifiers in non-standard legacy format. |br|
+       Will default to ``false`` if the property is not present.
 
 .. note::
   All listed properties have "dds.sec.access.builtin.Access-Permissions." prefix.

diff --git a/docs/fastdds/security/auth_plugin/auth_plugin.rst b/docs/fastdds/security/auth_plugin/auth_plugin.rst
@@ -63,7 +63,10 @@ The following table outlines the properties used for the DDS:\Auth\:PKI-DH plugi
        a) ``DH``, ``DH+MODP-2048-256`` for  Diffie-Hellman Ephemeral with 2048-bit MODP Group parameters. |br|
        b) ``ECDH``, ``ECDH+prime256v1-CEUM`` for Elliptic Curve Diffie-Hellman Ephemeral with the NIST P-256 curve. |br|
        c) ``AUTO`` for selecting the key agreement based on the signature algorithm in the Identity CA's certificate. |br|
-       Will default to ``DH`` if the property is not present.
+       Will default to ``AUTO`` if the property is not present.
+   * - transmit_algorithms_as_legacy *(optional)*
+     - Whether to transmit algorithm identifiers in non-standard legacy format. |br|
+       Will default to ``false`` if the property is not present.
 
 .. note::
   All listed properties have "dds.sec.auth.builtin.PKI-DH." prefix.