diff --git a/test/communication/CMakeLists.txt b/test/communication/CMakeLists.txt index 41b690287b8..269046c8260 100644 --- a/test/communication/CMakeLists.txt +++ b/test/communication/CMakeLists.txt @@ -120,6 +120,15 @@ configure_file(${CMAKE_CURRENT_SOURCE_DIR}/secure_submsg_crypto_besteffort_sub.x ${CMAKE_CURRENT_BINARY_DIR}/secure_submsg_crypto_besteffort_sub.xml COPYONLY) configure_file(${CMAKE_CURRENT_SOURCE_DIR}/shm_communication_subscriber_dies_while_processing_message.xml ${CMAKE_CURRENT_BINARY_DIR}/shm_communication_subscriber_dies_while_processing_message.xml COPYONLY) +configure_file(${CMAKE_CURRENT_SOURCE_DIR}/secure_ds_pubsub_secure_crypto_communication.py + ${CMAKE_CURRENT_BINARY_DIR}/secure_ds_pubsub_secure_crypto_communication.py COPYONLY) +configure_file(${CMAKE_CURRENT_SOURCE_DIR}/secure_ds_simple_secure_msg_crypto_pub.xml + ${CMAKE_CURRENT_BINARY_DIR}/secure_ds_simple_secure_msg_crypto_pub.xml COPYONLY) +configure_file(${CMAKE_CURRENT_SOURCE_DIR}/secure_ds_simple_secure_msg_crypto_sub.xml + ${CMAKE_CURRENT_BINARY_DIR}/secure_ds_simple_secure_msg_crypto_sub.xml COPYONLY) +configure_file(${CMAKE_CURRENT_SOURCE_DIR}/secure_simple_ds_server.xml + ${CMAKE_CURRENT_BINARY_DIR}/secure_simple_ds_server.xml COPYONLY) + if(SECURITY) configure_file(${PROJECT_SOURCE_DIR}/test/certs/maincacert.pem ${CMAKE_CURRENT_BINARY_DIR}/maincacert.pem COPYONLY) @@ -301,6 +310,27 @@ if(PYTHONINTERP_FOUND) set_property(TEST SimpleCommunicationSecureSubmsgCryptoBestEffort APPEND PROPERTY ENVIRONMENT "PATH=$\\;$\\;${WIN_PATH}") endif() + + add_test(NAME SecureDiscoverServerSimplePubSubSecureMsgCrypto + COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_BINARY_DIR}/secure_ds_pubsub_secure_crypto_communication.py + --pub $ + --xml-pub secure_ds_simple_secure_msg_crypto_pub.xml + --sub $ + --xml-sub secure_ds_simple_secure_msg_crypto_sub.xml + --samples 10 --wait 2 + --ds $ + --xml-ds secure_simple_ds_server.xml + --server-id 0) + + # Set test with label NoMemoryCheck + set_property(TEST SecureDiscoverServerSimplePubSubSecureMsgCrypto PROPERTY LABELS "NoMemoryCheck") + + if(WIN32) + string(REPLACE ";" "\\;" WIN_PATH "$ENV{PATH}") + set_property(TEST SecureDiscoverServerSimplePubSubSecureMsgCrypto APPEND PROPERTY ENVIRONMENT + "PATH=$\\;$\\;${WIN_PATH}") + endif() + endif() add_test(NAME LivelinessAssertion diff --git a/test/communication/secure_ds_pubsub_secure_crypto_communication.py b/test/communication/secure_ds_pubsub_secure_crypto_communication.py new file mode 100644 index 00000000000..c927ad12f3e --- /dev/null +++ b/test/communication/secure_ds_pubsub_secure_crypto_communication.py @@ -0,0 +1,218 @@ +# Copyright 2020 Proyectos y Sistemas de Mantenimiento SL (eProsima). +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Script to test the secure communication with encrypted RTPS messages +over a secure discovery server.""" + +import argparse +import os +import subprocess +import sys + +class ParseOptions(): + """Parse arguments.""" + + def __init__(self): + """Object constructor.""" + self.args = self.__parse_args() + + def __parse_args(self): + """ + Parse the input arguments. + + :return: A dictionary containing the arguments parsed. + """ + parser = argparse.ArgumentParser( + formatter_class=argparse.ArgumentDefaultsHelpFormatter, + add_help=True, + description=( + 'Script to test the secure communication with encrypted RTPS' + 'messages.'), + ) + parser.add_argument( + '-p', + '--pub', + type=str, + required=True, + help='Path to the Publisher executable.' + ) + parser.add_argument( + '-s', + '--sub', + type=str, + required=True, + help='Path to the Subscriber executable.' + ) + parser.add_argument( + '-ds', + '--ds-server', + required=True, + type=str, + help='Path to the discovery server executable.' + ) + parser.add_argument( + '-P', + '--xml-pub', + type=str, + help='Path to the publisher xml configuration file.' + ) + parser.add_argument( + '-S', + '--xml-sub', + type=str, + help='Path to the subscriber xml configuration file.' + ) + parser.add_argument( + '-DS', + '--xml-ds', + required=True, + type=str, + help='Path to the xml configuration file containing discovery server.' + ) + parser.add_argument( + '-w', + '--wait', + type=int, + help='Time for the publisher to wait for discovery.' + ) + parser.add_argument( + '-a', + '--samples', + type=int, + help='Number of samples sent by the publisher.' + ) + parser.add_argument( + '-i', + '--server-id', + required=True, + type=int, + help='Unique discovery server identifier.' + ) + + return parser.parse_args() + + +def run(args): + """ + Run the publisher, susbcriber and discovery_server. + + :param args: The input parameters. + + :return: The return code resulting from the publisher, subscriber + and discovery server execution. It is the number of failed processes. + """ + pub_command = [] + sub_command = [] + ds_command = [] + + script_dir = os.path.dirname(os.path.realpath(__file__)) + + if not os.path.isfile(args.pub): + print(f'Publisher executable file does not exists: {args.pub}') + sys.exit(1) + + if not os.access(args.pub, os.X_OK): + print( + 'Publisher executable does not have execution permissions:' + f'{args.pub}') + + pub_command.append(args.pub) + + if not os.path.isfile(args.sub): + print(f'Subscriber executable file does not exists: {args.sub}') + sys.exit(1) + + if not os.access(args.sub, os.X_OK): + print( + 'Subscriber executable does not have execution permissions:' + f'{args.sub}') + sys.exit(1) + + sub_command.append(args.sub) + + if not os.path.isfile(args.ds_server): + print(f'Discovery server executable file does not exists: {args.ds_server}') + sys.exit(1) + + if not os.access(args.ds_server, os.X_OK): + print( + 'Discovery server executable does not have execution permissions:' + f'{args.ds_server}') + sys.exit(1) + + ds_command.append(args.ds_server) + + if args.xml_pub and args.xml_sub and args.xml_ds: + if args.xml_pub: + xml_file_pub = os.path.join(script_dir, args.xml_pub) + if args.xml_sub: + xml_file_sub = os.path.join(script_dir, args.xml_sub) + if args.xml_ds: + xml_file_ds = os.path.join(script_dir, args.xml_ds) + else: + print('Not provided xml configuration files.') + sys.exit(1) + + pub_command.extend(['--xmlfile', xml_file_pub]) + sub_command.extend(['--xmlfile', xml_file_sub]) + ds_command.extend(['--xml-file', xml_file_ds]) + + pub_command.extend(['--seed', str(os.getpid())]) + sub_command.extend(['--seed', str(os.getpid())]) + + if args.wait: + pub_command.extend(['--wait', str(args.wait)]) + + if args.samples: + pub_command.extend(['--samples', str(args.samples)]) + sub_command.extend(['--samples', str(args.samples)]) + + if not args.server_id < 0: + ds_command.extend(['--server-id', str(args.server_id)]) + + ds_proc = subprocess.Popen(ds_command) + print( + 'Running Discovery Server - commmand: ', + ' '.join(map(str, ds_command))) + + sub_proc = subprocess.Popen(sub_command) + print( + f'Running Subscriber - commmand: ', + ' '.join(map(str, sub_command))) + + pub_proc = subprocess.Popen(pub_command) + print( + 'Running Publisher - commmand: ', + ' '.join(map(str, pub_command))) + + try: + outs, errs = sub_proc.communicate(timeout=10) + except subprocess.TimeoutExpired: + print('Subscriber process timed out, terminating...') + sub_proc.kill() + pub_proc.kill() + ds_proc.kill() + sys.exit(os.EX_SOFTWARE) + + pub_proc.kill() + ds_proc.kill() + + sys.exit(os.EX_OK) + + +if __name__ == '__main__': + + # Parse arguments + args = ParseOptions() + + run(args.args) diff --git a/test/communication/secure_ds_simple_secure_msg_crypto_pub.xml b/test/communication/secure_ds_simple_secure_msg_crypto_pub.xml new file mode 100644 index 00000000000..854cf1a6e59 --- /dev/null +++ b/test/communication/secure_ds_simple_secure_msg_crypto_pub.xml @@ -0,0 +1,72 @@ + + + + + + + + CLIENT + + + + + +
127.0.0.1
+ 11811 + + + + + + + + + + + + dds.sec.auth.plugin + builtin.PKI-DH + + + + dds.sec.auth.builtin.PKI-DH.identity_ca + file://maincacert.pem + + + dds.sec.auth.builtin.PKI-DH.identity_certificate + file://mainpubcert.pem + + + dds.sec.auth.builtin.PKI-DH.private_key + file://mainpubkey.pem + + + + dds.sec.access.plugin + builtin.Access-Permissions + + + + dds.sec.access.builtin.Access-Permissions.permissions_ca + file://maincacert.pem + + + dds.sec.access.builtin.Access-Permissions.governance + file://governance_helloworld_all_enable.smime + + + dds.sec.access.builtin.Access-Permissions.permissions + file://permissions_helloworld.smime + + + + dds.sec.crypto.plugin + builtin.AES-GCM-GMAC + + + + + + + + diff --git a/test/communication/secure_ds_simple_secure_msg_crypto_sub.xml b/test/communication/secure_ds_simple_secure_msg_crypto_sub.xml new file mode 100644 index 00000000000..115ae3ddaa5 --- /dev/null +++ b/test/communication/secure_ds_simple_secure_msg_crypto_sub.xml @@ -0,0 +1,71 @@ + + + + + + + + CLIENT + + + + + +
127.0.0.1
+ 11811 + + + + + + + + + + + + dds.sec.auth.plugin + builtin.PKI-DH + + + + dds.sec.auth.builtin.PKI-DH.identity_ca + file://maincacert.pem + + + dds.sec.auth.builtin.PKI-DH.identity_certificate + file://mainsubcert.pem + + + dds.sec.auth.builtin.PKI-DH.private_key + file://mainsubkey.pem + + + + dds.sec.access.plugin + builtin.Access-Permissions + + + + dds.sec.access.builtin.Access-Permissions.permissions_ca + file://maincacert.pem + + + dds.sec.access.builtin.Access-Permissions.governance + file://governance_helloworld_all_enable.smime + + + dds.sec.access.builtin.Access-Permissions.permissions + file://permissions_helloworld.smime + + + + dds.sec.crypto.plugin + builtin.AES-GCM-GMAC + + + + + + + diff --git a/test/communication/secure_simple_ds_server.xml b/test/communication/secure_simple_ds_server.xml new file mode 100644 index 00000000000..d741049a584 --- /dev/null +++ b/test/communication/secure_simple_ds_server.xml @@ -0,0 +1,69 @@ + + + + + + 44.53.00.5f.45.50.52.4f.53.49.4d.41 + + + SERVER + + + + +
127.0.0.1
+ 11811 + + + + + + + + + dds.sec.auth.plugin + builtin.PKI-DH + + + + dds.sec.auth.builtin.PKI-DH.identity_ca + file://maincacert.pem + + + dds.sec.auth.builtin.PKI-DH.identity_certificate + file://mainsubcert.pem + + + dds.sec.auth.builtin.PKI-DH.private_key + file://mainsubkey.pem + + + + dds.sec.access.plugin + builtin.Access-Permissions + + + + dds.sec.access.builtin.Access-Permissions.permissions_ca + file://maincacert.pem + + + dds.sec.access.builtin.Access-Permissions.governance + file://governance_helloworld_all_enable.smime + + + dds.sec.access.builtin.Access-Permissions.permissions + file://permissions_helloworld.smime + + + + dds.sec.crypto.plugin + builtin.AES-GCM-GMAC + + + + + + + +