diff --git a/test/blackbox/common/BlackboxTestsSecurity.cpp b/test/blackbox/common/BlackboxTestsSecurity.cpp index b99f99b8a15..b0da1000ccd 100644 --- a/test/blackbox/common/BlackboxTestsSecurity.cpp +++ b/test/blackbox/common/BlackboxTestsSecurity.cpp @@ -48,8 +48,13 @@ using test_UDPv4TransportDescriptor = eprosima::fastdds::rtps::test_UDPv4Transpo enum communication_type { TRANSPORT, - INTRAPROCESS, - DATASHARING + INTRAPROCESS +}; + +enum reliability +{ + TEST_BEST_EFFORT, + TEST_RELIABLE }; // A LogConsumer that just counts the number of entries consumed @@ -138,48 +143,252 @@ static void fill_sub_auth( } } -class Security : public testing::TestWithParam +static void fill_access( + PropertyPolicy& policy, + const std::string& governance_file = "governance_only_auth.smime", + const std::string& permissions_file = "permissions.smime", + const std::string& permissions_ca_file = "maincacert.pem") +{ + policy.properties().emplace_back("dds.sec.access.plugin", "builtin.Access-Permissions"); + policy.properties().emplace_back("dds.sec.access.builtin.Access-Permissions.permissions_ca", + "file://" + std::string(certs_path) + "/" + permissions_ca_file); + policy.properties().emplace_back("dds.sec.access.builtin.Access-Permissions.governance", + "file://" + std::string(certs_path) + "/" + governance_file); + policy.properties().emplace_back("dds.sec.access.builtin.Access-Permissions.permissions", + "file://" + std::string(certs_path) + "/" + permissions_file); +} + +static void fill_crypto( + PropertyPolicy& policy) +{ + policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); +} + +static void CommonPermissionsConfigureWriter( + PubSubWriter& writer, + const std::string& governance_file, + const std::string& permissions_file, + const PropertyPolicy& extra_properties) +{ + PropertyPolicy pub_property_policy(extra_properties); + fill_pub_auth(pub_property_policy); + fill_access(pub_property_policy, governance_file, permissions_file); + fill_crypto(pub_property_policy); + + writer.property_policy(pub_property_policy); +} + +static void CommonPermissionsConfigureReader( + PubSubReader& reader, + const std::string& governance_file, + const std::string& permissions_file, + const PropertyPolicy& extra_properties) +{ + PropertyPolicy sub_property_policy(extra_properties); + fill_sub_auth(sub_property_policy); + fill_access(sub_property_policy, governance_file, permissions_file); + fill_crypto(sub_property_policy); + + reader.property_policy(sub_property_policy); +} + +static void CommonPermissionsConfigure( + PubSubReader& reader, + PubSubWriter& writer, + const std::string& governance_file, + const std::string& permissions_file, + const PropertyPolicy& extra_properties = PropertyPolicy()) +{ + CommonPermissionsConfigureReader(reader, governance_file, permissions_file, extra_properties); + CommonPermissionsConfigureWriter(writer, governance_file, permissions_file, extra_properties); +} + +static void CommonPermissionsConfigureWriter( + PubSubWriter& writer, + const std::string& governance_file, + const std::string& permissions_file, + const PropertyPolicy& extra_properties) +{ + PropertyPolicy pub_property_policy(extra_properties); + + fill_pub_auth(pub_property_policy); + fill_access(pub_property_policy, governance_file, permissions_file); + fill_crypto(pub_property_policy); + + writer.property_policy(pub_property_policy); +} + +static void CommonPermissionsConfigureReader( + PubSubReader& reader, + const std::string& governance_file, + const std::string& permissions_file, + const PropertyPolicy& extra_properties) +{ + PropertyPolicy sub_property_policy(extra_properties); + fill_sub_auth(sub_property_policy); + fill_access(sub_property_policy, governance_file, permissions_file); + fill_crypto(sub_property_policy); + + reader.property_policy(sub_property_policy); +} + +static void CommonPermissionsConfigure( + PubSubReader& reader, + PubSubWriter& writer, + const std::string& governance_file, + const std::string& permissions_file, + const PropertyPolicy& extra_properties = PropertyPolicy()) +{ + CommonPermissionsConfigureReader(reader, governance_file, permissions_file, extra_properties); + CommonPermissionsConfigureWriter(writer, governance_file, permissions_file, extra_properties); +} + +class Security : public testing::TestWithParam> { public: void SetUp() override { +<<<<<<< HEAD LibrarySettingsAttributes library_settings; switch (GetParam()) +======= + eprosima::fastdds::LibrarySettings library_settings; + switch (std::get<0>(GetParam())) +>>>>>>> a1d550b29 (Update security tests to use governance-based encryption configuration (#6277)) { case INTRAPROCESS: library_settings.intraprocess_delivery = IntraprocessDeliveryType::INTRAPROCESS_FULL; xmlparser::XMLProfileManager::library_settings(library_settings); break; - case DATASHARING: - enable_datasharing = true; - break; case TRANSPORT: default: break; } + reliability_ = (std::get<1>(GetParam()) == TEST_RELIABLE) ? + eprosima::fastdds::dds::RELIABLE_RELIABILITY_QOS : + eprosima::fastdds::dds::BEST_EFFORT_RELIABILITY_QOS; } void TearDown() override { +<<<<<<< HEAD LibrarySettingsAttributes library_settings; switch (GetParam()) +======= + eprosima::fastdds::LibrarySettings library_settings; + switch (std::get<0>(GetParam())) +>>>>>>> a1d550b29 (Update security tests to use governance-based encryption configuration (#6277)) { + // Only need to tear down transports case INTRAPROCESS: library_settings.intraprocess_delivery = IntraprocessDeliveryType::INTRAPROCESS_OFF; xmlparser::XMLProfileManager::library_settings(library_settings); break; - case DATASHARING: - enable_datasharing = false; - break; case TRANSPORT: default: break; } } + eprosima::fastdds::dds::ReliabilityQosPolicyKind reliability_; }; +// Per-type default data generator dispatch for test_basic_secure_communication. +inline std::list default_secure_data_generator( + HelloWorldPubSubType*) +{ + return default_helloworld_data_generator(); +} + +inline std::list default_secure_data_generator( + Data1mbPubSubType*) +{ + return default_data300kb_data_generator(); +} + +// This method tests basic reliable communication with security plugins configured +template +void test_basic_secure_communication( + PubSubReader& reader, + PubSubWriter& writer, + bool is_best_effort = false) +{ + ASSERT_TRUE(reader.isInitialized()); + ASSERT_TRUE(writer.isInitialized()); + + // Wait for authorization + reader.wait_authorized(); + writer.wait_authorized(); + + // Wait for discovery. + writer.wait_discovery(); + reader.wait_discovery(); + + auto data = default_secure_data_generator(static_cast(nullptr)); + + reader.startReception(data); + + // Send data + writer.send(data); + // In this test all data should be sent. + ASSERT_TRUE(data.empty()); + + if (is_best_effort) + { + // For best effort, samples may be lost if the security crypto context was not + // fully established on the reader side before the initial burst arrived. + // Retry sending once if fewer than 2 samples were received within the timeout. + if (reader.block_for_all(std::chrono::seconds(2)) < 2) + { + auto retry_data = default_secure_data_generator(static_cast(nullptr)); + reader.startReception(retry_data); + writer.send(retry_data); + reader.block_for_at_least(2); + } + } + else + { + // Block reader until reception finished or timeout. + reader.block_for_all(); + } +} + +// This method tests basic reliable communication with security plugins configured +void SecurityPlugins_Permissions_validation_ok_common( + PubSubReader& reader, + PubSubWriter& writer, + const std::string& governance_file, + eprosima::fastdds::dds::ReliabilityQosPolicyKind reliability = eprosima::fastdds::dds::RELIABLE_RELIABILITY_QOS) +{ + CommonPermissionsConfigure(reader, writer, governance_file, "permissions.smime"); + + reader.history_depth(10).reliability(reliability).init(); + writer.history_depth(10).reliability(reliability).init(); + test_basic_secure_communication(reader, writer, + reliability == eprosima::fastdds::dds::BEST_EFFORT_RELIABILITY_QOS); +} + +// This method tests basic reliable communication with large data with security plugins configured +void SecurityPlugins_Permissions_validation_ok_large_data( + PubSubReader& reader, + PubSubWriter& writer, + const std::string& governance_file, + eprosima::fastdds::dds::ReliabilityQosPolicyKind reliability = eprosima::fastdds::dds::RELIABLE_RELIABILITY_QOS) +{ + // Large-data fragmentation is not exercised under best-effort + if (reliability == eprosima::fastdds::dds::BEST_EFFORT_RELIABILITY_QOS) + { + return; + } + + CommonPermissionsConfigure(reader, writer, governance_file, "permissions.smime"); + + reader.history_depth(10).reliability(reliability).init(); + writer.history_depth(10).reliability(reliability).init(); + test_basic_secure_communication(reader, writer, false); +} + class SecurityPkcs : public ::testing::Test { public: @@ -324,11 +533,13 @@ const char* const SecurityPkcs::hsm_token_id_no_pin = "testing_token_no_pin"; const char* const SecurityPkcs::hsm_token_id_url_pin = "testing_token_url_pin"; const char* const SecurityPkcs::hsm_token_id_env_pin = "testing_token_env_pin"; -TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_validation_ok) +// This test is used to check that the security plugins are correctly loaded. Governance with minimal configuration is used +TEST(Security, SecurityPlugins_basic_configuration) { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); +<<<<<<< HEAD PropertyPolicy pub_property_policy, sub_property_policy; fill_sub_auth(sub_property_policy); @@ -364,16 +575,21 @@ TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_validation_ok) ASSERT_TRUE(data.empty()); // Block reader until reception finished or timeout. reader.block_for_all(); +======= + SecurityPlugins_Permissions_validation_ok_common(reader, writer, "governance_only_auth.smime"); +>>>>>>> a1d550b29 (Update security tests to use governance-based encryption configuration (#6277)) } // Used to detect Github issue #106 -TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_validation_ok_same_participant) +TEST(Security, SecurityPlugins_basic_configuration_same_participant) { PubSubWriterReader wreader(TEST_TOPIC_NAME); PropertyPolicy property_policy; fill_pub_auth(property_policy); + fill_access(property_policy, "governance_only_auth.smime", "permissions.smime"); + fill_crypto(property_policy); wreader.sub_history_depth(10).sub_reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS); wreader.pub_history_depth(10); @@ -396,7 +612,7 @@ TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_validation_ok_same_participan wreader.block_for_all(); } -TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_validation_fail) +TEST(Security, SecurityPlugins_basic_configuration_validation_fail) { { PubSubReader reader(TEST_TOPIC_NAME); @@ -410,6 +626,8 @@ TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_validation_fail) ASSERT_TRUE(reader.isInitialized()); fill_pub_auth(pub_property_policy); + fill_access(pub_property_policy, "governance_only_auth.smime", "permissions.smime"); + fill_crypto(pub_property_policy); writer.history_depth(10). property_policy(pub_property_policy).init(); @@ -425,6 +643,8 @@ TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_validation_fail) PropertyPolicy sub_property_policy; fill_sub_auth(sub_property_policy); + fill_access(sub_property_policy, "governance_only_auth.smime", "permissions.smime"); + fill_crypto(sub_property_policy); reader.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS). @@ -441,7 +661,7 @@ TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_validation_fail) } } -TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_lossy_conditions) +TEST(Security, SecurityPlugins_basic_configuration_lossy_conditions) { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); @@ -449,6 +669,8 @@ TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_lossy_conditions) PropertyPolicy pub_property_policy, sub_property_policy; fill_sub_auth(sub_property_policy); + fill_access(sub_property_policy, "governance_only_auth.smime", "permissions.smime"); + fill_crypto(sub_property_policy); reader.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS). @@ -466,6 +688,8 @@ TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_lossy_conditions) writer.add_user_transport_to_pparams(testTransport); fill_pub_auth(pub_property_policy); + fill_access(pub_property_policy, "governance_only_auth.smime", "permissions.smime"); + fill_crypto(pub_property_policy); writer.history_depth(10). property_policy(pub_property_policy).init(); @@ -482,7 +706,7 @@ TEST_P(Security, BuiltinAuthenticationPlugin_PKIDH_lossy_conditions) } // Regresion test for Refs #13295, github #2362 -TEST(Security, BuiltinAuthenticationPlugin_second_participant_creation_loop) +TEST(Security, SecurityPlugins_basic_configuration_second_participant_creation_loop) { constexpr size_t n_loops = 101; @@ -556,13 +780,19 @@ TEST(Security, BuiltinAuthenticationPlugin_second_participant_creation_loop) }; // Prepare participant properties - PropertyPolicy property_policy; - fill_pub_auth(property_policy); + PropertyPolicy pub_property_policy, sub_property_policy; + fill_pub_auth(pub_property_policy); + fill_access(pub_property_policy, "governance_only_auth.smime", "permissions.smime"); + fill_crypto(pub_property_policy); + + fill_sub_auth(sub_property_policy); + fill_access(sub_property_policy, "governance_only_auth.smime", "permissions.smime"); + fill_crypto(sub_property_policy); // Create the participant being checked PubSubReader main_participant("HelloWorldTopic"); main_participant.disable_builtin_transport().add_user_transport_to_pparams(transport); - main_participant.property_policy(property_policy).init(); + main_participant.property_policy(pub_property_policy).init(); EXPECT_TRUE(main_participant.isInitialized()); // Perform a loop in which we create another participant, and destroy it just after it has been discovered. @@ -578,7 +808,7 @@ TEST(Security, BuiltinAuthenticationPlugin_second_participant_creation_loop) // Create another participant with authentication enabled PubSubParticipant other_participant(0, 0, 0, 0); - EXPECT_TRUE(other_participant.property_policy(property_policy).init_participant()); + EXPECT_TRUE(other_participant.property_policy(sub_property_policy).init_participant()); // Wait for the main participant to send an authentication message to the other participant auth_message_send_status.wait(); @@ -591,7 +821,7 @@ TEST(Security, BuiltinAuthenticationPlugin_second_participant_creation_loop) EXPECT_EQ(0u, n_logs); } -TEST_P(Security, BuiltinAuthenticationPlugin_ensure_same_guid_reconnection) +TEST(Security, SecurityPlugins_basic_configuration_ensure_same_guid_reconnection) { constexpr size_t n_loops = 10; @@ -608,12 +838,18 @@ TEST_P(Security, BuiltinAuthenticationPlugin_ensure_same_guid_reconnection) Log::RegisterConsumer(std::unique_ptr(new TestConsumer(n_logs))); // Prepare participant properties - PropertyPolicy property_policy; - fill_pub_auth(property_policy); + PropertyPolicy pub_property_policy, sub_property_policy; + fill_pub_auth(pub_property_policy); + fill_access(pub_property_policy, "governance_only_auth.smime", "permissions.smime"); + fill_crypto(pub_property_policy); + + fill_sub_auth(sub_property_policy); + fill_access(sub_property_policy, "governance_only_auth.smime", "permissions.smime"); + fill_crypto(sub_property_policy); // Create the participant being checked PubSubWriter main_participant("HelloWorldTopic"); - main_participant.property_policy(property_policy).init(); + main_participant.property_policy(pub_property_policy).init(); EXPECT_TRUE(main_participant.isInitialized()); eprosima::fastrtps::rtps::GuidPrefix_t guid_prefix; @@ -631,7 +867,7 @@ TEST_P(Security, BuiltinAuthenticationPlugin_ensure_same_guid_reconnection) // Create another participant with authentication enabled and custom GUID PubSubReader other_participant("HelloWorldTopic"); - other_participant.property_policy(property_policy).guid_prefix(guid_prefix).init(); + other_participant.property_policy(sub_property_policy).guid_prefix(guid_prefix).init(); EXPECT_TRUE(other_participant.isInitialized()); // Wait for mutual discovery and authentication @@ -646,6 +882,7 @@ TEST_P(Security, BuiltinAuthenticationPlugin_ensure_same_guid_reconnection) EXPECT_EQ(0u, n_logs); } +<<<<<<< HEAD TEST_P(Security, BuiltinAuthenticationAndCryptoPlugin_besteffort_rtps_ok) { PubSubReader reader(TEST_TOPIC_NAME); @@ -2266,6 +2503,9 @@ TEST_P(Security, BuiltinAuthenticationAndCryptoPlugin_user_data) } TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_governance_rule_order) +======= +TEST_P(Security, SecurityPlugins_governance_rule_order) +>>>>>>> a1d550b29 (Update security tests to use governance-based encryption configuration (#6277)) { { // Governance rule for topic *HelloWorldTopic* with enable_read/write_access_contrl set to false @@ -2276,6 +2516,7 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_governance_rule_o PubSubWriter writer("HelloWorldTopic"); std::string governance_file("governance_rule_order_test.smime"); +<<<<<<< HEAD PropertyPolicy pub_property_policy, sub_property_policy; fill_sub_auth(sub_property_policy); @@ -2331,6 +2572,9 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_governance_rule_o ASSERT_TRUE(data.empty()); // Block reader until reception finished or timeout. reader.block_for_all(); +======= + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +>>>>>>> a1d550b29 (Update security tests to use governance-based encryption configuration (#6277)) } { @@ -2345,32 +2589,16 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_governance_rule_o PropertyPolicy pub_property_policy, sub_property_policy; fill_sub_auth(sub_property_policy); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions.smime")); + fill_access(sub_property_policy, governance_file); + fill_crypto(sub_property_policy); reader.property_policy(sub_property_policy).init(); ASSERT_FALSE(reader.isInitialized()); fill_pub_auth(pub_property_policy); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions.smime")); + fill_access(pub_property_policy, governance_file); + fill_crypto(pub_property_policy); writer.property_policy(pub_property_policy).init(); @@ -2378,7 +2606,7 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_governance_rule_o } } -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_multiple_endpoints_matching) +TEST_P(Security, SecurityPlugins_multiple_endpoints_matching) { { std::string governance_file("governance_helloworld_all_enable.smime"); @@ -2386,16 +2614,8 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_multiple_endpoint PropertyPolicy pub_property_policy; fill_pub_auth(pub_property_policy); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/" + permissions_file)); + fill_access(pub_property_policy, governance_file, permissions_file); + fill_crypto(pub_property_policy); PubSubParticipant publishers(3u, 0u, 9u, 0u); publishers.property_policy(pub_property_policy) @@ -2408,16 +2628,8 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_multiple_endpoint PropertyPolicy sub_property_policy; fill_sub_auth(sub_property_policy); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/" + permissions_file)); + fill_access(sub_property_policy, governance_file, permissions_file); + fill_crypto(sub_property_policy); PubSubParticipant subscribers(0u, 3u, 0u, 9u); subscribers.property_policy(sub_property_policy) @@ -2443,43 +2655,28 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_multiple_endpoint } // Regression test of Refs #5346, Github #441. -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_fail_on_topic_wildcards) +TEST_P(Security, SecurityPlugins_Permissions_validation_fail_on_topic_wildcards) { + std::string governance_file("governance_helloworld_all_enable.smime"); + std::string permissions_file("permissions_helloworld.smime"); { // Wildcards are only considered on PERMISSIONS, Topic values should be treated as plain strings PubSubReader reader("*"); PubSubWriter writer("*"); - std::string governance_file("governance_helloworld_all_enable.smime"); PropertyPolicy pub_property_policy, sub_property_policy; fill_sub_auth(sub_property_policy); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld.smime")); + fill_access(sub_property_policy, governance_file, permissions_file); + fill_crypto(sub_property_policy); reader.setManualTopicName("*"). property_policy(sub_property_policy).init(); ASSERT_FALSE(reader.isInitialized()); fill_pub_auth(pub_property_policy); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld.smime")); + fill_access(pub_property_policy, governance_file, permissions_file); + fill_crypto(pub_property_policy); writer.setManualTopicName("*"). property_policy(pub_property_policy).init(); @@ -2491,104 +2688,51 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_valid // Wildcards are only considered on PERMISSIONS, Topic values should be treated as plain strings PubSubReader reader("HelloWorldTopic"); PubSubWriter writer("HelloWorldTopic"); - std::string governance_file("governance_helloworld_all_enable.smime"); PropertyPolicy pub_property_policy, sub_property_policy; fill_sub_auth(sub_property_policy); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld.smime")); + fill_access(sub_property_policy, governance_file, permissions_file); + fill_crypto(sub_property_policy); reader.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS). property_policy(sub_property_policy).init(); - ASSERT_TRUE(reader.isInitialized()); - fill_pub_auth(pub_property_policy); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld.smime")); + fill_access(pub_property_policy, governance_file, permissions_file); + fill_crypto(pub_property_policy); writer.history_depth(10). property_policy(pub_property_policy).init(); - ASSERT_TRUE(writer.isInitialized()); - - // Wait for authorization - reader.wait_authorized(); - writer.wait_authorized(); - - // Wait for discovery. - writer.wait_discovery(); - reader.wait_discovery(); - - auto data = default_helloworld_data_generator(); - - reader.startReception(data); - - // Send data - writer.send(data); - // In this test all data should be sent. - ASSERT_TRUE(data.empty()); - // Block reader until reception finished or timeout. - reader.block_for_all(); + test_basic_secure_communication(reader, writer); } } // Regression test of Refs #5346, Github #441. -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_fail_on_partition_wildcards) +TEST_P(Security, SecurityPlugins_Permissions_validation_fail_on_partition_wildcards) { + std::string governance_file("governance_helloworld_all_enable.smime"); + std::string permissions_file("permissions_helloworld_partitions.smime"); { // Wildcards are only considered on PERMISSIONS, partition values should be treated as plain strings PubSubReader reader("HelloWorldTopic"); PubSubWriter writer("HelloWorldTopic"); - std::string governance_file("governance_helloworld_all_enable.smime"); PropertyPolicy pub_property_policy, sub_property_policy; fill_sub_auth(sub_property_policy); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_partitions.smime")); + fill_access(sub_property_policy, governance_file, permissions_file); + fill_crypto(sub_property_policy); reader.partition("*"). property_policy(sub_property_policy).init(); ASSERT_FALSE(reader.isInitialized()); fill_pub_auth(pub_property_policy); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_partitions.smime")); + fill_access(pub_property_policy, governance_file, permissions_file); + fill_crypto(pub_property_policy); writer.partition("*"). property_policy(pub_property_policy).init(); @@ -2600,90 +2744,45 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_valid // Wildcards are only considered on PERMISSIONS, partition values should be treated as plain strings PubSubReader reader("HelloWorldTopic"); PubSubWriter writer("HelloWorldTopic"); - std::string governance_file("governance_helloworld_all_enable.smime"); PropertyPolicy pub_property_policy, sub_property_policy; fill_sub_auth(sub_property_policy); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_partitions.smime")); + fill_access(sub_property_policy, governance_file, permissions_file); + fill_crypto(sub_property_policy); reader.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS). property_policy(sub_property_policy). partition("Partition1").init(); - ASSERT_TRUE(reader.isInitialized()); - fill_pub_auth(pub_property_policy); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_partitions.smime")); + fill_access(pub_property_policy, governance_file, permissions_file); + fill_crypto(pub_property_policy); writer.history_depth(10). property_policy(pub_property_policy). partition("Partition*").init(); - ASSERT_TRUE(writer.isInitialized()); - - // Wait for authorization - reader.wait_authorized(); - writer.wait_authorized(); - - // Wait for discovery. - writer.wait_discovery(); - reader.wait_discovery(); - - auto data = default_helloworld_data_generator(); - - reader.startReception(data); - - // Send data - writer.send(data); - // In this test all data should be sent. - ASSERT_TRUE(data.empty()); - // Block reader until reception finished or timeout. - reader.block_for_all(); + test_basic_secure_communication(reader, writer); } } // Regression test of Refs #20658, Github #4553. -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_toggle_partition) +TEST_P(Security, SecurityPlugins_Permissions_validation_toggle_partition) { PubSubWriter writer("HelloWorldTopic"); PubSubReader reader_p_1("HelloWorldTopic"); PubSubReader reader_p_2("HelloWorldTopic"); std::string governance_file("governance_helloworld_all_enable.smime"); + std::string permissions_file("permissions_helloworld_partitions.smime"); // Prepare subscriptions security properties PropertyPolicy sub_property_policy; fill_sub_auth(sub_property_policy); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_partitions.smime")); + fill_access(sub_property_policy, governance_file, permissions_file); + fill_crypto(sub_property_policy); // Initialize one reader on each partition reader_p_1.partition("Partition1"). @@ -2701,16 +2800,8 @@ TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_valid // Prepare publication security properties PropertyPolicy pub_property_policy; fill_pub_auth(pub_property_policy); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_partitions.smime")); + fill_access(pub_property_policy, governance_file, permissions_file); + fill_crypto(pub_property_policy); // Initialize a writer on both partitions writer.partition("Partition1").partition("Partition2"). @@ -2767,6 +2858,7 @@ void prepare_pkcs11_nodes( const std::string& writer_private_key_url) { std::string governance_file("governance_helloworld_all_enable.smime"); + std::string permissions_file("permissions_helloworld.smime"); // With no PIN, the load of the private key fails PropertyPolicy pub_property_policy; @@ -2780,16 +2872,8 @@ void prepare_pkcs11_nodes( "file://" + std::string(certs_path) + "/mainsubcert.pem")); sub_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.private_key", reader_private_key_url)); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld.smime")); + fill_access(sub_property_policy, governance_file, permissions_file); + fill_crypto(sub_property_policy); reader.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS). @@ -2803,22 +2887,14 @@ void prepare_pkcs11_nodes( "file://" + std::string(certs_path) + "/mainpubcert.pem")); pub_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.private_key", writer_private_key_url)); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld.smime")); + fill_access(pub_property_policy, governance_file, permissions_file); + fill_crypto(pub_property_policy); writer.history_depth(10). property_policy(pub_property_policy).init(); } -TEST_F(SecurityPkcs, BuiltinAuthenticationAndAccessAndCryptoPlugin_pkcs11_key) +TEST_F(SecurityPkcs, SecurityPlugins_pkcs11_key) { { PubSubReader reader("HelloWorldTopic"); @@ -2837,28 +2913,7 @@ TEST_F(SecurityPkcs, BuiltinAuthenticationAndAccessAndCryptoPlugin_pkcs11_key) tokens[hsm_token_id_url_pin].urls[hsm_mainsubkey_label] + "?pin-value=" + hsm_token_pin, tokens[hsm_token_id_url_pin].urls[hsm_mainpubkey_label] + "?pin-value=" + hsm_token_pin); - ASSERT_TRUE(reader.isInitialized()); - ASSERT_TRUE(writer.isInitialized()); - - // Wait for authorization - reader.wait_authorized(); - writer.wait_authorized(); - - // Wait for discovery. - writer.wait_discovery(); - reader.wait_discovery(); - - auto data = default_helloworld_data_generator(); - - reader.startReception(data); - - // Send data - writer.send(data); - // In this test all data should be sent. - ASSERT_TRUE(data.empty()); - // Block reader until reception finished or timeout. - reader.block_for_all(); - + test_basic_secure_communication(reader, writer); } { // Set the PIN on the environment variable @@ -2874,27 +2929,7 @@ TEST_F(SecurityPkcs, BuiltinAuthenticationAndAccessAndCryptoPlugin_pkcs11_key) tokens[hsm_token_id_env_pin].urls[hsm_mainsubkey_label], tokens[hsm_token_id_env_pin].urls[hsm_mainpubkey_label]); - ASSERT_TRUE(reader.isInitialized()); - ASSERT_TRUE(writer.isInitialized()); - - // Wait for authorization - reader.wait_authorized(); - writer.wait_authorized(); - - // Wait for discovery. - writer.wait_discovery(); - reader.wait_discovery(); - - auto data = default_helloworld_data_generator(); - - reader.startReception(data); - - // Send data - writer.send(data); - // In this test all data should be sent. - ASSERT_TRUE(data.empty()); - // Block reader until reception finished or timeout. - reader.block_for_all(); + test_basic_secure_communication(reader, writer); // unset the PIN environment variable for the next round #ifdef _WIN32 @@ -2905,6 +2940,7 @@ TEST_F(SecurityPkcs, BuiltinAuthenticationAndAccessAndCryptoPlugin_pkcs11_key) } } +<<<<<<< HEAD static void CommonPermissionsConfigure( PubSubReader& reader, const std::string& governance_file, @@ -2992,6 +3028,8 @@ static void BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation reader.block_for_all(); } +======= +>>>>>>> a1d550b29 (Update security tests to use governance-based encryption configuration (#6277)) // Regression test of Refs #16168, Github #3102. TEST_P(Security, RemoveParticipantProxyDataonSecurityManagerLeaseExpired_validation_no_deadlock) { @@ -3009,19 +3047,8 @@ TEST_P(Security, RemoveParticipantProxyDataonSecurityManagerLeaseExpired_validat PropertyPolicy property_policy; fill_pub_auth(property_policy); - - property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/" + permissions_file)); + fill_access(property_policy, governance_file, permissions_file); + fill_crypto(property_policy); std::cout << " Configuring Publisher Participant Properties " << std::endl; @@ -3039,18 +3066,8 @@ TEST_P(Security, RemoveParticipantProxyDataonSecurityManagerLeaseExpired_validat PropertyPolicy property_policy; fill_sub_auth(property_policy); - property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/" + permissions_file)); + fill_access(property_policy, governance_file, permissions_file); + fill_crypto(property_policy); std::cout << " Configuring Subscriber Participant Properties " << std::endl; @@ -3124,16 +3141,8 @@ TEST(Security, AllowUnauthenticatedParticipants_EntityCreationFailsIfRTPSProtect PropertyPolicy property_policy; fill_sub_auth(property_policy); - property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - property_policy.properties().emplace_back(Property( - "dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/" + governance_file)); - property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld.smime")); + fill_access(property_policy, governance_file, "permissions_helloworld.smime"); + fill_crypto(property_policy); reader.property_policy(property_policy).init(); @@ -3159,15 +3168,9 @@ TEST(Security, AllowUnauthenticatedParticipants_TwoSecureParticipantsWithDiffere "file://" + std::string(certs_path) + "/othersubcert.pem")); sub_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.private_key", "file://" + std::string(certs_path) + "/othersubkey.pem")); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/othercacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/governance_allow_unauth_all_disabled_access_none_other_ca.smime")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_securehelloworld_other_ca.smime")); + fill_access(sub_property_policy, "governance_allow_unauth_all_disabled_access_none_other_ca.smime", + "permissions_helloworld_securehelloworld_other_ca.smime", "othercacert.pem"); + fill_crypto(sub_property_policy); reader.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS). @@ -3176,15 +3179,9 @@ TEST(Security, AllowUnauthenticatedParticipants_TwoSecureParticipantsWithDiffere ASSERT_TRUE(reader.isInitialized()); fill_pub_auth(pub_property_policy); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/governance_allow_unauth_all_disabled_access_none.smime")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_securehelloworld.smime")); + fill_access(pub_property_policy, "governance_allow_unauth_all_disabled_access_none.smime", + "permissions_helloworld_securehelloworld.smime"); + fill_crypto(pub_property_policy); writer.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS). @@ -3232,16 +3229,9 @@ TEST(Security, AllowUnauthenticatedParticipants_TwoParticipantsDifferentCertific "file://" + std::string(certs_path) + "/othersubcert.pem")); sub_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.private_key", "file://" + std::string(certs_path) + "/othersubkey.pem")); - sub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/othercacert.pem")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + - "/governance_allow_unauth_all_disabled_read_write_enabled_other_ca.smime")); - sub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_securehelloworld_other_ca.smime")); + fill_access(sub_property_policy, "governance_allow_unauth_all_disabled_read_write_enabled_other_ca.smime", + "permissions_helloworld_securehelloworld_other_ca.smime", "othercacert.pem"); + fill_crypto(sub_property_policy); reader.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS). @@ -3250,15 +3240,9 @@ TEST(Security, AllowUnauthenticatedParticipants_TwoParticipantsDifferentCertific ASSERT_TRUE(reader.isInitialized()); fill_pub_auth(pub_property_policy); - pub_property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", - "builtin.Access-Permissions")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions_ca", - "file://" + std::string(certs_path) + "/maincacert.pem")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.governance", - "file://" + std::string(certs_path) + "/governance_allow_unauth_all_disabled_read_write_enabled.smime")); - pub_property_policy.properties().emplace_back(Property("dds.sec.access.builtin.Access-Permissions.permissions", - "file://" + std::string(certs_path) + "/permissions_helloworld_securehelloworld.smime")); + fill_access(pub_property_policy, "governance_allow_unauth_all_disabled_read_write_enabled.smime", + "permissions_helloworld_securehelloworld.smime"); + fill_crypto(pub_property_policy); writer.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS). @@ -3294,746 +3278,2897 @@ TEST(Security, InANonSecureParticipantWithTwoSecureParticipantScenario_TheTwoSec secure_writer.history_depth(10). reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS).init(); - ASSERT_TRUE(secure_writer.isInitialized()); + ASSERT_TRUE(secure_writer.isInitialized()); + + non_secure_reader.history_depth(10). + reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS).init(); + + ASSERT_TRUE(non_secure_reader.isInitialized()); + + secure_reader.history_depth(10). + reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS).init(); + + ASSERT_TRUE(secure_reader.isInitialized()); + + // Wait for the authorization + secure_reader.wait_authorized(); + secure_writer.wait_authorized(); + + // Wait for discovery + secure_writer.wait_discovery(std::chrono::seconds(5)); + secure_reader.wait_discovery(std::chrono::seconds(5)); + + // Data is correctly sent and received + auto data = default_helloworld_data_generator(); + + secure_reader.startReception(data); + + secure_writer.send(data); + + // In this test all data should be sent. + ASSERT_TRUE(data.empty()); + + secure_reader.block_for_all(); + EXPECT_EQ(non_secure_reader.getReceivedCount(), 0u); +} + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt_large_data_only) +// *INDENT-ON* +{ + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + // Use a topic name that matches the governance rule for enable_discovery_enable_access_encrypt + std::string topic_name = + "Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/large_data_" + + std::to_string(GET_PID()); + PubSubReader reader_large_data(topic_name); + PubSubWriter writer_large_data(topic_name); + SecurityPlugins_Permissions_validation_ok_large_data(reader_large_data, + writer_large_data, governance_file, reliability_); +} + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_disable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_disable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_sign) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + + +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + - non_secure_reader.history_depth(10). - reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS).init(); +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); - ASSERT_TRUE(non_secure_reader.isInitialized()); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} - secure_reader.history_depth(10). - reliability(eprosima::fastrtps::RELIABLE_RELIABILITY_QOS).init(); - ASSERT_TRUE(secure_reader.isInitialized()); +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); - // Wait for the authorization - secure_reader.wait_authorized(); - secure_writer.wait_authorized(); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} - // Wait for discovery - secure_writer.wait_discovery(std::chrono::seconds(5)); - secure_reader.wait_discovery(std::chrono::seconds(5)); - // Data is correctly sent and received - auto data = default_helloworld_data_generator(); +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); - secure_reader.startReception(data); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} - secure_writer.send(data); - // In this test all data should be sent. - ASSERT_TRUE(data.empty()); +// *INDENT-OFF* +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); - secure_reader.block_for_all(); - EXPECT_EQ(non_secure_reader.getReceivedCount(), 0u); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_disable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_disable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_encrypt.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_disable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_encrypt) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_none) // *INDENT-ON* { PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); - std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); } + // *INDENT-OFF* -TEST_P(Security, BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none) +TEST_P(Security, SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_sign) // *INDENT-ON* { + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; PubSubReader reader(TEST_TOPIC_NAME); PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_sign_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_common(reader, writer, governance_file, reliability_); +} + +// *INDENT-OFF* +TEST(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none_large) +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + SecurityPlugins_Permissions_validation_ok_large_data(reader, writer, governance_file); +} + +// *INDENT-OFF* +TEST(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt_large) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_none.smime"); + + SecurityPlugins_Permissions_validation_ok_large_data(reader, writer, governance_file); +} + +// *INDENT-OFF* +TEST(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign_large) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); std::string governance_file("governance_enable_discovery_enable_access_none.smime"); - BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions_validation_ok_common(reader, writer, governance_file); + SecurityPlugins_Permissions_validation_ok_large_data(reader, writer, governance_file); +} + +// *INDENT-OFF* +TEST(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none_large) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_large_data(reader, writer, governance_file); +} + +// *INDENT-OFF* +TEST(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt_large) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_large_data(reader, writer, governance_file); +} + +// *INDENT-OFF* +TEST(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign_large) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_encrypt.smime"); + + SecurityPlugins_Permissions_validation_ok_large_data(reader, writer, governance_file); +} + +// *INDENT-OFF* +TEST(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none_large) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_large_data(reader, writer, governance_file); +} + +// *INDENT-OFF* +TEST(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt_large) +// *INDENT-ON* +{ + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_large_data(reader, writer, governance_file); +} + +// *INDENT-OFF* +TEST(Security, SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign_large) +// *INDENT-ON* +{ + FASTDDS_TODO_BEFORE(3, 7, "SIGN protection is not working when combined with other protection kinds"); + GTEST_SKIP() << "SIGN protection is not working when combined with other protection kinds"; + PubSubReader reader(TEST_TOPIC_NAME); + PubSubWriter writer(TEST_TOPIC_NAME); + std::string governance_file("governance_enable_discovery_enable_access_sign.smime"); + + SecurityPlugins_Permissions_validation_ok_large_data(reader, writer, governance_file); } + TEST(Security, MaliciousHeartbeatIgnore) { PubSubWriter writer("HelloWorldTopic_MaliciousHeartbeatIgnore"); @@ -4254,7 +6389,7 @@ TEST(Security, ValidateAuthenticationHandshakePropertiesParsing) PropertyPolicy property_policy; fill_sub_auth(property_policy); - property_policy.properties().emplace_back("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC"); + fill_crypto(property_policy); // max_handshake_requests out of bounds property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.max_handshake_requests", @@ -4459,7 +6594,8 @@ TEST(Security, participant_stateless_secure_writer_pool_change_is_removed_upon_p "dds.sec.auth.builtin.PKI-DH.handshake_resend_period_gain", "1.0")); - CommonPermissionsConfigure(*participants.back(), governance_file, permissions_file, handshake_prop_policy); + CommonPermissionsConfigureReader(*participants.back(), governance_file, permissions_file, + handshake_prop_policy); // Init all except the latest one if (i != n_participants) @@ -4531,7 +6667,7 @@ TEST(Security, legacy_token_algorithms_communicate) "dds.sec.auth.builtin.PKI-DH.transmit_algorithms_as_legacy", value); properties.emplace_back( "dds.sec.access.builtin.Access-Permissions.transmit_algorithms_as_legacy", value); - CommonPermissionsConfigure(writer, governance_file, permissions_file, extra_policy); + CommonPermissionsConfigureWriter(writer, governance_file, permissions_file, extra_policy); } // Configure Reader @@ -4543,7 +6679,7 @@ TEST(Security, legacy_token_algorithms_communicate) "dds.sec.auth.builtin.PKI-DH.transmit_algorithms_as_legacy", value); properties.emplace_back( "dds.sec.access.builtin.Access-Permissions.transmit_algorithms_as_legacy", value); - CommonPermissionsConfigure(reader, governance_file, permissions_file, extra_policy); + CommonPermissionsConfigureReader(reader, governance_file, permissions_file, extra_policy); } // Initialize @@ -4677,7 +6813,7 @@ TEST(Security, participant_stateless_secure_writer_pool_change_is_removed_upon_a }; // Configure the main participant security - CommonPermissionsConfigure(main_participant, governance_file, permissions_file, handshake_prop_policy); + CommonPermissionsConfigureWriter(main_participant, governance_file, permissions_file, handshake_prop_policy); main_participant.disable_builtin_transport() .add_user_transport_to_pparams(test_transport) @@ -4699,7 +6835,8 @@ TEST(Security, participant_stateless_secure_writer_pool_change_is_removed_upon_a participants.emplace_back(std::make_shared>("HelloWorldTopic")); // Configure security for the new participant - CommonPermissionsConfigure(*participants.back(), governance_file, permissions_file, handshake_prop_policy); + CommonPermissionsConfigureReader(*participants.back(), governance_file, permissions_file, + handshake_prop_policy); // Init participant with the main participant as initial peer // and disable multicast so it does not try to discover noone else @@ -4717,7 +6854,7 @@ TEST(Security, participant_stateless_secure_writer_pool_change_is_removed_upon_a // If the participant stateless messages history of the main participant is not correctly freed, // the main participant will fail creating a new participant stateless message for him auto failing_participant = std::make_shared>("HelloWorldTopic"); - CommonPermissionsConfigure(*failing_participant, governance_file, permissions_file, handshake_prop_policy); + CommonPermissionsConfigureReader(*failing_participant, governance_file, permissions_file, handshake_prop_policy); failing_participant->disable_multicast(static_cast(n_participants + 1)) .initial_peers(initial_peers) .init(); @@ -4763,7 +6900,12 @@ static void security_datagram_injection_on_reader_test( // Configure security const std::string governance_file("governance_helloworld_all_enable.smime"); const std::string permissions_file("permissions_helloworld.smime"); +<<<<<<< HEAD CommonPermissionsConfigure(reader, governance_file, permissions_file, PropertyPolicy{}); +======= + PropertyPolicy extra_policy; + CommonPermissionsConfigureReader(reader, governance_file, permissions_file, extra_policy); +>>>>>>> a1d550b29 (Update security tests to use governance-based encryption configuration (#6277)) // Prepare datagram injection transport auto low_level_transport = std::make_shared(); @@ -4891,22 +7033,37 @@ TEST(Security, DatagramInjectionOnReader_23836) GTEST_INSTANTIATE_TEST_MACRO(Security, Security, - testing::Values(TRANSPORT, INTRAPROCESS, DATASHARING), + ::testing::Combine( + ::testing::Values(TRANSPORT, INTRAPROCESS), + ::testing::Values(TEST_BEST_EFFORT, TEST_RELIABLE) + ), [](const testing::TestParamInfo& info) { - switch (info.param) + std::string test_name; + switch (std::get<0>(info.param)) { case INTRAPROCESS: - return "Intraprocess"; - break; - case DATASHARING: - return "Datasharing"; + test_name = "Intraprocess"; break; case TRANSPORT: default: - return "Transport"; + test_name = "Transport"; + break; + } + + switch (std::get<1>(info.param)) + { + case TEST_BEST_EFFORT: + test_name += "_BestEffort"; + break; + case TEST_RELIABLE: + test_name += "_Reliable"; + break; + default: + break; } + return test_name; }); diff --git a/test/certs/governance_disable_discovery_disable_access_encrypt.smime b/test/certs/governance_disable_discovery_disable_access_encrypt.smime index d414937f119..0e7f7a3c5e5 100644 --- a/test/certs/governance_disable_discovery_disable_access_encrypt.smime +++ b/test/certs/governance_disable_discovery_disable_access_encrypt.smime @@ -1,9 +1,9 @@ MIME-Version: 1.0 -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----AC038611B7DF85015D509E9E834F75CC" +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----CC2712ED51E7E5454DED621720BB3CB3" This is an S/MIME signed message -------AC038611B7DF85015D509E9E834F75CC +------CC2712ED51E7E5454DED621720BB3CB3 Content-Type: text/plain @@ -24,7 +24,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -33,7 +33,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -42,7 +42,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -51,7 +51,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -60,7 +60,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* true false true @@ -69,7 +69,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* false false true @@ -78,7 +78,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* false false false @@ -87,7 +87,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* true false false @@ -95,17 +95,53 @@ Content-Type: text/plain NONE NONE + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + -------AC038611B7DF85015D509E9E834F75CC +------CC2712ED51E7E5454DED621720BB3CB3 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" -MIIEegYJKoZIhvcNAQcCoIIEazCCBGcCAQExDzANBglghkgBZQMEAgEFADALBgkq +MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV @@ -118,17 +154,17 @@ cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE 3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS 7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT 4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 -SVxpI+3UYs2kV5n0MYIB/jCCAfoCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc -BgkqhkiG9w0BCQUxDxcNMTkxMTEyMTQxMDE2WjAvBgkqhkiG9w0BCQQxIgQgFrCu -G/ajNze9XFU/tmc2sOcVSDYPWRmtfSQWTl6NS7QweQYJKoZIhvcNAQkPMWwwajAL +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgJ6A4 +C6cwpaT83npaNmOnFJdtPH4uj6j8jLqbLwCRtI0weQYJKoZIhvcNAQkPMWwwajAL BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI -hvcNAwICASgwCgYIKoZIzj0EAwIESDBGAiEA6eldNkhWC2B3W7xWyov38z8ibv2r -WpKHNaZkKYsKpPQCIQDEka0GAbZWfobOtTYf7h4NszHfbLbnf6aKX/Ky1bkY/Q== +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiASrmoIu/S+AtTr+YOHZrrqL5hvSvLr +WxEB67BX//UJdAIgHnFoWlRY0f5RDE8myNqVPEb+X/m7jrJB7HTvOICeyJc= -------AC038611B7DF85015D509E9E834F75CC-- +------CC2712ED51E7E5454DED621720BB3CB3-- diff --git a/test/certs/governance_disable_discovery_disable_access_encrypt_dds_sec.xml b/test/certs/governance_disable_discovery_disable_access_encrypt_dds_sec.xml index b5a5d0308de..855a45fbfe8 100644 --- a/test/certs/governance_disable_discovery_disable_access_encrypt_dds_sec.xml +++ b/test/certs/governance_disable_discovery_disable_access_encrypt_dds_sec.xml @@ -16,7 +16,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -25,7 +25,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -34,7 +34,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -43,7 +43,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -52,7 +52,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* true false true @@ -61,7 +61,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* false false true @@ -70,7 +70,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* false false false @@ -79,7 +79,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* true false false @@ -87,6 +87,42 @@ NONE NONE + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + diff --git a/test/certs/governance_disable_discovery_disable_access_none.smime b/test/certs/governance_disable_discovery_disable_access_none.smime index 099711a294a..6802bab1fe7 100644 --- a/test/certs/governance_disable_discovery_disable_access_none.smime +++ b/test/certs/governance_disable_discovery_disable_access_none.smime @@ -1,9 +1,9 @@ MIME-Version: 1.0 -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----F3DF85A40CB16BB6DB380CD89E05FF2E" +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----924663BC6B21288BF190F06E1FEC430C" This is an S/MIME signed message -------F3DF85A40CB16BB6DB380CD89E05FF2E +------924663BC6B21288BF190F06E1FEC430C Content-Type: text/plain @@ -24,7 +24,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -33,7 +33,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -42,7 +42,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -51,7 +51,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -60,7 +60,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* true false true @@ -69,7 +69,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* false false true @@ -78,7 +78,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* false false false @@ -87,7 +87,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* true false false @@ -95,17 +95,53 @@ Content-Type: text/plain NONE NONE + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + -------F3DF85A40CB16BB6DB380CD89E05FF2E +------924663BC6B21288BF190F06E1FEC430C Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" -MIIEeQYJKoZIhvcNAQcCoIIEajCCBGYCAQExDzANBglghkgBZQMEAgEFADALBgkq +MIIEegYJKoZIhvcNAQcCoIIEazCCBGcCAQExDzANBglghkgBZQMEAgEFADALBgkq hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV @@ -118,17 +154,17 @@ cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE 3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS 7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT 4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 -SVxpI+3UYs2kV5n0MYIB/TCCAfkCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +SVxpI+3UYs2kV5n0MYIB/jCCAfoCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc -BgkqhkiG9w0BCQUxDxcNMTkxMTEyMTQxMDE2WjAvBgkqhkiG9w0BCQQxIgQgycqK -kcQhqhnGOGeWaE5CtJyjOeZG2JKk87QBbg5S2WwweQYJKoZIhvcNAQkPMWwwajAL +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgp0fp +OWLkyM0oclkfWpAYYcB5/awZBfYAp3Ljiw4DW6cweQYJKoZIhvcNAQkPMWwwajAL BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI -hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiEA9T2EEVwBdM7rqXbS4ff/4vGpMKNW -eAyLIttRyKiY6SYCIAWho14jq7Kctn7IyKVu6Ay/TV374SSa6FMb1UoqWi8P +hvcNAwICASgwCgYIKoZIzj0EAwIESDBGAiEAkVJ6QhH/t5wCCVNH8KKezM8unrnE +RyXLfEYMhvoTJtACIQC9nbx1P+eAfJllE9jL45Ms0wE7cN0Bj/F2Ugc5NxQGZg== -------F3DF85A40CB16BB6DB380CD89E05FF2E-- +------924663BC6B21288BF190F06E1FEC430C-- diff --git a/test/certs/governance_disable_discovery_disable_access_none_dds_sec.xml b/test/certs/governance_disable_discovery_disable_access_none_dds_sec.xml index 4bb6d32459c..ad0705a642e 100644 --- a/test/certs/governance_disable_discovery_disable_access_none_dds_sec.xml +++ b/test/certs/governance_disable_discovery_disable_access_none_dds_sec.xml @@ -16,7 +16,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -25,7 +25,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -34,7 +34,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -43,7 +43,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -52,7 +52,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* true false true @@ -61,7 +61,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* false false true @@ -70,7 +70,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* false false false @@ -79,7 +79,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* true false false @@ -87,6 +87,42 @@ NONE NONE + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + diff --git a/test/certs/governance_disable_discovery_disable_access_sign.smime b/test/certs/governance_disable_discovery_disable_access_sign.smime new file mode 100644 index 00000000000..a8c119b85ce --- /dev/null +++ b/test/certs/governance_disable_discovery_disable_access_sign.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----65145F2F4DCE7F73392DFE8A0F7BF265" + +This is an S/MIME signed message + +------65145F2F4DCE7F73392DFE8A0F7BF265 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + false + NONE + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + + +------65145F2F4DCE7F73392DFE8A0F7BF265 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgLhf7 +2EZdFVBRppOcfoPpzp3JeycDAITlIwB5peEOKfgweQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiB0LqsWxImXXu63kU9OfnBINqGykqXv +/9p9vlRiGNmslwIgdU+QDQQTWSSXRQSqAV96M4x21A0sVhi23bapnog659s= + +------65145F2F4DCE7F73392DFE8A0F7BF265-- + diff --git a/test/certs/governance_disable_discovery_disable_access_sign_dds_sec.xml b/test/certs/governance_disable_discovery_disable_access_sign_dds_sec.xml new file mode 100644 index 00000000000..a491691d211 --- /dev/null +++ b/test/certs/governance_disable_discovery_disable_access_sign_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + false + NONE + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/governance_disable_discovery_enable_access_encrypt.smime b/test/certs/governance_disable_discovery_enable_access_encrypt.smime index f25ff45a5a7..7501b368832 100644 --- a/test/certs/governance_disable_discovery_enable_access_encrypt.smime +++ b/test/certs/governance_disable_discovery_enable_access_encrypt.smime @@ -1,9 +1,9 @@ MIME-Version: 1.0 -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----6F7CBD6A626735C36D5CA66E7CADCDDB" +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----1839405A6140B133C78298159D5B3F80" This is an S/MIME signed message -------6F7CBD6A626735C36D5CA66E7CADCDDB +------1839405A6140B133C78298159D5B3F80 Content-Type: text/plain @@ -24,7 +24,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -33,7 +33,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -42,7 +42,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -51,7 +51,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -60,7 +60,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* true false true @@ -69,7 +69,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* false false true @@ -78,7 +78,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* false false false @@ -87,7 +87,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* true false false @@ -95,12 +95,48 @@ Content-Type: text/plain NONE NONE + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + -------6F7CBD6A626735C36D5CA66E7CADCDDB +------1839405A6140B133C78298159D5B3F80 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" @@ -123,12 +159,12 @@ VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc -BgkqhkiG9w0BCQUxDxcNMTkxMTEyMTQxMDE2WjAvBgkqhkiG9w0BCQQxIgQgKGeR -FaZkBhKuVV0dVSlGww210i2pKQx7NolGZy37EV8weQYJKoZIhvcNAQkPMWwwajAL +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQg+cxz +sppRI8zf/xNsMrigL1+vDYQrCC54oITXjPsp51kweQYJKoZIhvcNAQkPMWwwajAL BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI -hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiEA2eEtqgRl16iFqcjZiBkmSjByEoue -JUwMIzgsJ/Lj2MUCIGESjJ1durB3tx/PLjb+86BuFsqq3agCuF8NscBAb090 +hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiAl7eEcqJe9JLWLGtrdwcfHZ9EWgbw5 +d6U861Q+l9/M8QIhAICjWItoMa1tAu3xTOwB793pUPpPsYNhdmto2Uja071d -------6F7CBD6A626735C36D5CA66E7CADCDDB-- +------1839405A6140B133C78298159D5B3F80-- diff --git a/test/certs/governance_disable_discovery_enable_access_encrypt_dds_sec.xml b/test/certs/governance_disable_discovery_enable_access_encrypt_dds_sec.xml index 6174ce4985e..c12e4e92dc4 100644 --- a/test/certs/governance_disable_discovery_enable_access_encrypt_dds_sec.xml +++ b/test/certs/governance_disable_discovery_enable_access_encrypt_dds_sec.xml @@ -16,7 +16,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -25,7 +25,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -34,7 +34,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -43,7 +43,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -52,7 +52,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* true false true @@ -61,7 +61,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* false false true @@ -70,7 +70,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* false false false @@ -79,7 +79,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* true false false @@ -87,6 +87,42 @@ NONE NONE + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + diff --git a/test/certs/governance_disable_discovery_enable_access_none.smime b/test/certs/governance_disable_discovery_enable_access_none.smime index 971c255a78e..b02546b1181 100644 --- a/test/certs/governance_disable_discovery_enable_access_none.smime +++ b/test/certs/governance_disable_discovery_enable_access_none.smime @@ -1,9 +1,9 @@ MIME-Version: 1.0 -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----A7C77AC6072770F81465BEFF2C7E0F56" +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----97097D4F69B5B4DE5D2AAAF6F9CE941A" This is an S/MIME signed message -------A7C77AC6072770F81465BEFF2C7E0F56 +------97097D4F69B5B4DE5D2AAAF6F9CE941A Content-Type: text/plain @@ -24,7 +24,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -33,7 +33,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -42,7 +42,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -51,7 +51,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -60,7 +60,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none/* true false true @@ -69,7 +69,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none/* false false true @@ -78,7 +78,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none/* false false false @@ -87,7 +87,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none/* true false false @@ -95,12 +95,48 @@ Content-Type: text/plain NONE NONE + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + -------A7C77AC6072770F81465BEFF2C7E0F56 +------97097D4F69B5B4DE5D2AAAF6F9CE941A Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" @@ -123,12 +159,12 @@ VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc -BgkqhkiG9w0BCQUxDxcNMTkxMTEyMTQxMDE2WjAvBgkqhkiG9w0BCQQxIgQgSYbC -kUSrIi76WlJ5KUX83Qr7y6dC0ep44PpQdA+QUyMweQYJKoZIhvcNAQkPMWwwajAL +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgJmZR +es3MP1xwdcBtxiEZyXeJFlOnmbVdWVPdJzjArc4weQYJKoZIhvcNAQkPMWwwajAL BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI -hvcNAwICASgwCgYIKoZIzj0EAwIESDBGAiEA4kkkkqwAkwuEHDcciIwF5tVNalS7 -zGMIFc7NcYlEWVMCIQDuwSkr9Vt8lCdPrXYfIy95oZXvXLhqEO9/U44JUoDzgg== +hvcNAwICASgwCgYIKoZIzj0EAwIESDBGAiEA9fvCPVVdC251UUjZSxJLTpiw6dma +Sf5RpUIU/K2cEZ8CIQC6gR7gKYhWTfmG1+1H+BgL/RX35mzb85lC5ysMCI9vsA== -------A7C77AC6072770F81465BEFF2C7E0F56-- +------97097D4F69B5B4DE5D2AAAF6F9CE941A-- diff --git a/test/certs/governance_disable_discovery_enable_access_none_dds_sec.xml b/test/certs/governance_disable_discovery_enable_access_none_dds_sec.xml index ee6e15f50a4..9fa3f3b9d86 100644 --- a/test/certs/governance_disable_discovery_enable_access_none_dds_sec.xml +++ b/test/certs/governance_disable_discovery_enable_access_none_dds_sec.xml @@ -16,7 +16,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -25,7 +25,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -34,7 +34,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -43,7 +43,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -52,7 +52,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none/* true false true @@ -61,7 +61,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none/* false false true @@ -70,7 +70,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none/* false false false @@ -79,7 +79,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none/* true false false @@ -87,6 +87,42 @@ NONE NONE + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + diff --git a/test/certs/governance_disable_discovery_enable_access_sign.smime b/test/certs/governance_disable_discovery_enable_access_sign.smime new file mode 100644 index 00000000000..27b22a94cde --- /dev/null +++ b/test/certs/governance_disable_discovery_enable_access_sign.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----CEE77F012E48D0E4D6AEFD0F153CE29F" + +This is an S/MIME signed message + +------CEE77F012E48D0E4D6AEFD0F153CE29F +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + true + NONE + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + + +------CEE77F012E48D0E4D6AEFD0F153CE29F +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeQYJKoZIhvcNAQcCoIIEajCCBGYCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/TCCAfkCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgdtHL +lu5tVQfC4sZVryF+SkYhkq/aekFGsbMo2rqR6+AweQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiEAxK/XmJZatskG4QHZ/ohlq17SvGPk +Rwgr4unziZp3FD0CIFWa31GgRiY1d5cfcyRh7nDoAjyRtiuKBDyKa0gPhi8q + +------CEE77F012E48D0E4D6AEFD0F153CE29F-- + diff --git a/test/certs/governance_disable_discovery_enable_access_sign_dds_sec.xml b/test/certs/governance_disable_discovery_enable_access_sign_dds_sec.xml new file mode 100644 index 00000000000..f4d74af566e --- /dev/null +++ b/test/certs/governance_disable_discovery_enable_access_sign_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + true + NONE + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsDisableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/governance_enable_discovery_disable_access_encrypt.smime b/test/certs/governance_enable_discovery_disable_access_encrypt.smime index 0bee59f4307..6cb7c18168f 100644 --- a/test/certs/governance_enable_discovery_disable_access_encrypt.smime +++ b/test/certs/governance_enable_discovery_disable_access_encrypt.smime @@ -1,9 +1,9 @@ MIME-Version: 1.0 -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----A62D080B0B55507FCBF3825BD36C292D" +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----01B656F5193A0F0AE2248EFE2B6F6478" This is an S/MIME signed message -------A62D080B0B55507FCBF3825BD36C292D +------01B656F5193A0F0AE2248EFE2B6F6478 Content-Type: text/plain @@ -24,7 +24,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -33,7 +33,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -42,7 +42,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -51,7 +51,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -60,7 +60,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* true false true @@ -69,7 +69,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* false false true @@ -78,7 +78,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* false false false @@ -87,7 +87,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* true false false @@ -95,12 +95,48 @@ Content-Type: text/plain NONE NONE + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + -------A62D080B0B55507FCBF3825BD36C292D +------01B656F5193A0F0AE2248EFE2B6F6478 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" @@ -123,12 +159,12 @@ VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc -BgkqhkiG9w0BCQUxDxcNMTkxMTEyMTQxMDE2WjAvBgkqhkiG9w0BCQQxIgQgbYkL -+uJMkDcm7Tkv+7TlkiYzxD64sLLU3LDzUsLNYIkweQYJKoZIhvcNAQkPMWwwajAL +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgVQTq +3KY0NuMSPKRD6JDE9NclSjYoqu44yrU3SSGXPecweQYJKoZIhvcNAQkPMWwwajAL BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI -hvcNAwICASgwCgYIKoZIzj0EAwIESDBGAiEAsqS1GWWMrxG7fkXmBOKsE0GnJ4ln -Y1NIu/9aFUXHlQECIQDkm6pKtINbaB7tBak26ey+JNvw1zi/ipeMP1oTp85caQ== +hvcNAwICASgwCgYIKoZIzj0EAwIESDBGAiEAriNrFYmrOHPweiAIPO+lVC95KOT/ +oLno/BRUN/Cvgq0CIQCJoFXxBi69aNBQ1pnp8cjKzU4VDlkxZMCleaLHrgnkhQ== -------A62D080B0B55507FCBF3825BD36C292D-- +------01B656F5193A0F0AE2248EFE2B6F6478-- diff --git a/test/certs/governance_enable_discovery_disable_access_encrypt_dds_sec.xml b/test/certs/governance_enable_discovery_disable_access_encrypt_dds_sec.xml index 2d0071fbc85..0422083109e 100644 --- a/test/certs/governance_enable_discovery_disable_access_encrypt_dds_sec.xml +++ b/test/certs/governance_enable_discovery_disable_access_encrypt_dds_sec.xml @@ -16,7 +16,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -25,7 +25,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -34,7 +34,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -43,7 +43,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -52,7 +52,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* true false true @@ -61,7 +61,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* false false true @@ -70,7 +70,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* false false false @@ -79,7 +79,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* true false false @@ -87,6 +87,42 @@ NONE NONE + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + diff --git a/test/certs/governance_enable_discovery_disable_access_none.smime b/test/certs/governance_enable_discovery_disable_access_none.smime index 8f870c5de33..5fe9f1492c8 100644 --- a/test/certs/governance_enable_discovery_disable_access_none.smime +++ b/test/certs/governance_enable_discovery_disable_access_none.smime @@ -1,9 +1,9 @@ MIME-Version: 1.0 -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----4AFEDBD9DBBED21B7254CD1E225A6B1E" +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----94C93114442762CAEE8E91C5B33210DF" This is an S/MIME signed message -------4AFEDBD9DBBED21B7254CD1E225A6B1E +------94C93114442762CAEE8E91C5B33210DF Content-Type: text/plain @@ -24,7 +24,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -33,7 +33,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -42,7 +42,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -51,7 +51,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -60,7 +60,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* true false true @@ -69,7 +69,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* false false true @@ -78,7 +78,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* false false false @@ -87,7 +87,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* true false false @@ -95,12 +95,48 @@ Content-Type: text/plain NONE NONE + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + -------4AFEDBD9DBBED21B7254CD1E225A6B1E +------94C93114442762CAEE8E91C5B33210DF Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" @@ -123,12 +159,12 @@ VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc -BgkqhkiG9w0BCQUxDxcNMTkxMTEyMTQxMDE2WjAvBgkqhkiG9w0BCQQxIgQgc6Fq -q9E8Lsjn2Dxcfrhw2iFME0pypOkRcMwk3HGRaY8weQYJKoZIhvcNAQkPMWwwajAL +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgdxLK +ohRs/N0pcFQyH98tIHbP8uHawqEa/XmBIQ5USCcweQYJKoZIhvcNAQkPMWwwajAL BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI -hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiAY4Xcy+F7a9KMkapvZeKt4uoaljrmP -or8MyyXyfmoiMAIhANQPDXpETOtSwuuwqH+kvMY1vuG8Ysud0+xtDs3+boNQ +hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiBI6Vq+/JU8bcOOf7T6VREotDXnrfwr +ydcBDMeOWZwRgwIhAPTTcbWUF1ZgyhXruRTg7cygKHJxoWZJRjRlJ/W7FOFj -------4AFEDBD9DBBED21B7254CD1E225A6B1E-- +------94C93114442762CAEE8E91C5B33210DF-- diff --git a/test/certs/governance_enable_discovery_disable_access_none_dds_sec.xml b/test/certs/governance_enable_discovery_disable_access_none_dds_sec.xml index 2636d64e65a..9dbcc034292 100644 --- a/test/certs/governance_enable_discovery_disable_access_none_dds_sec.xml +++ b/test/certs/governance_enable_discovery_disable_access_none_dds_sec.xml @@ -16,7 +16,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* true false true @@ -25,7 +25,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* false false true @@ -34,7 +34,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* false false false @@ -43,7 +43,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* true false false @@ -52,7 +52,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* true false true @@ -61,7 +61,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* false false true @@ -70,7 +70,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* false false false @@ -79,7 +79,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* true false false @@ -87,6 +87,42 @@ NONE NONE + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + diff --git a/test/certs/governance_enable_discovery_disable_access_sign.smime b/test/certs/governance_enable_discovery_disable_access_sign.smime new file mode 100644 index 00000000000..2546bfee32e --- /dev/null +++ b/test/certs/governance_enable_discovery_disable_access_sign.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----943B4003C96747432C0569683E8869F3" + +This is an S/MIME signed message + +------943B4003C96747432C0569683E8869F3 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + false + ENCRYPT + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + + +------943B4003C96747432C0569683E8869F3 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgraKZ +8gvIoUCsZi+z5JPC2WwvG/VTJ0lWIk5VAHgV9aIweQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiBpRB6XtrQi647e3SOz2xgb7glE7HFH +p/6RwsXf8i3gzQIgIWAlH41vwQnd9eMFMYYfnfnQhLhhehuUnVE6mOqCAcs= + +------943B4003C96747432C0569683E8869F3-- + diff --git a/test/certs/governance_enable_discovery_disable_access_sign_dds_sec.xml b/test/certs/governance_enable_discovery_disable_access_sign_dds_sec.xml new file mode 100644 index 00000000000..789d7c95cdb --- /dev/null +++ b/test/certs/governance_enable_discovery_disable_access_sign_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + false + ENCRYPT + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsEnableDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/governance_enable_discovery_enable_access_encrypt.smime b/test/certs/governance_enable_discovery_enable_access_encrypt.smime index c61a4768c59..d85048b720a 100644 --- a/test/certs/governance_enable_discovery_enable_access_encrypt.smime +++ b/test/certs/governance_enable_discovery_enable_access_encrypt.smime @@ -1,9 +1,9 @@ MIME-Version: 1.0 -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----2C373F66B31175F86167D60891007C6A" +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----A0D289B3D2591FE294A52AA08659D074" This is an S/MIME signed message -------2C373F66B31175F86167D60891007C6A +------A0D289B3D2591FE294A52AA08659D074 Content-Type: text/plain @@ -24,7 +24,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt* true false true @@ -33,7 +33,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt* false false true @@ -42,7 +42,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt* false false false @@ -51,7 +51,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt* true false false @@ -60,7 +60,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none* true false true @@ -69,7 +69,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none* false false true @@ -78,7 +78,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none* false false false @@ -87,7 +87,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none* true false false @@ -95,12 +95,48 @@ Content-Type: text/plain NONE NONE + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign* + true + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign* + false + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign* + false + false + false + false + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign* + true + false + false + false + SIGN + SIGN + -------2C373F66B31175F86167D60891007C6A +------A0D289B3D2591FE294A52AA08659D074 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" @@ -123,12 +159,12 @@ VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc -BgkqhkiG9w0BCQUxDxcNMTkxMTEyMTQxMDE2WjAvBgkqhkiG9w0BCQQxIgQgPn3X -yHDxEadk0HXtBP0aFlzbKTH+himWBrA8YPS/oH8weQYJKoZIhvcNAQkPMWwwajAL +BgkqhkiG9w0BCQUxDxcNMjYwNTEzMDgyMDQ1WjAvBgkqhkiG9w0BCQQxIgQgyH+W +YwUB4qCgRQ14g6kCf0PfPNqfIZCzuXl39tdLa1MweQYJKoZIhvcNAQkPMWwwajAL BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI -hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiBzm4XUZQMkDm/+ny0K+h1A1ttibFS9 -4MExv/GUxbqTqAIgWc2qhJ0huiVjuAwvOgBrwLUWuHA/q6WkevpjeZAJDlk= +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiA4WapAIcnT4pV64i7R5cNWzqwCq8I0 +YeNeu1+MdkglDAIgFzOIqRkUp0bB5Wfw3BIxyt2rzJ9rzU4TcQuRqMinzA0= -------2C373F66B31175F86167D60891007C6A-- +------A0D289B3D2591FE294A52AA08659D074-- diff --git a/test/certs/governance_enable_discovery_enable_access_encrypt_dds_sec.xml b/test/certs/governance_enable_discovery_enable_access_encrypt_dds_sec.xml index d10ff359b83..240b4edbfca 100644 --- a/test/certs/governance_enable_discovery_enable_access_encrypt_dds_sec.xml +++ b/test/certs/governance_enable_discovery_enable_access_encrypt_dds_sec.xml @@ -16,7 +16,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt* true false true @@ -25,7 +25,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt* false false true @@ -34,7 +34,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt* false false false @@ -43,7 +43,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt* true false false @@ -52,7 +52,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none* true false true @@ -61,7 +61,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none* false false true @@ -70,7 +70,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none* false false false @@ -79,7 +79,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none* true false false @@ -87,6 +87,42 @@ NONE NONE + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign* + true + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign* + false + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign* + false + false + false + false + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign* + true + false + false + false + SIGN + SIGN + diff --git a/test/certs/governance_enable_discovery_enable_access_none.smime b/test/certs/governance_enable_discovery_enable_access_none.smime index 71ff8004024..4a47a1a5e33 100644 --- a/test/certs/governance_enable_discovery_enable_access_none.smime +++ b/test/certs/governance_enable_discovery_enable_access_none.smime @@ -1,9 +1,9 @@ MIME-Version: 1.0 -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----4872EE951F8BF9BA44A5FC4177362170" +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----5F5287EFD10F53F2D5B76110A30BF75D" This is an S/MIME signed message -------4872EE951F8BF9BA44A5FC4177362170 +------5F5287EFD10F53F2D5B76110A30BF75D Content-Type: text/plain @@ -24,7 +24,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt* true false true @@ -33,7 +33,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt* false false true @@ -42,7 +42,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt* false false false @@ -51,7 +51,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt* true false false @@ -60,7 +60,7 @@ Content-Type: text/plain ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none* true false true @@ -69,7 +69,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none* false false true @@ -78,7 +78,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none* false false false @@ -87,7 +87,7 @@ Content-Type: text/plain NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none* true false false @@ -95,17 +95,53 @@ Content-Type: text/plain NONE NONE + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign* + true + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_sign* + false + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_sign* + false + false + false + false + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_sign* + true + false + false + false + SIGN + SIGN + -------4872EE951F8BF9BA44A5FC4177362170 +------5F5287EFD10F53F2D5B76110A30BF75D Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" -MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq +MIIEeQYJKoZIhvcNAQcCoIIEajCCBGYCAQExDzANBglghkgBZQMEAgEFADALBgkq hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV @@ -118,17 +154,17 @@ cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE 3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS 7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT 4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 -SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +SVxpI+3UYs2kV5n0MYIB/TCCAfkCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc -BgkqhkiG9w0BCQUxDxcNMTkxMTEyMTQxMDE2WjAvBgkqhkiG9w0BCQQxIgQgPBQZ -WFLD67c32V2yZXuuhOiPrLY4PJvlUGuWZRgVaAEweQYJKoZIhvcNAQkPMWwwajAL +BgkqhkiG9w0BCQUxDxcNMjYwNTEzMDgyMDQzWjAvBgkqhkiG9w0BCQQxIgQgj2XX +o/aAJ0rqAyzTt+4hp13LQ5RxMfcXgLjPSG56FIIweQYJKoZIhvcNAQkPMWwwajAL BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI -hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiA0PGC5Yjmfib7ScwyOSaguvVTEOv1M -OwuQaEUiTFZk4AIgXreg7c53pn1Rq2yEHQVFYEwLJGDuws7Xm1FR2ed5hq0= +hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiEA/zoCfnRDmBChD6N0dNI6j7OoKwHs +Xh4df3eddXFh4eoCIDCnvLgiUl9LNncoSU7oapY59PB1XkfHzEUdxaMH8BQj -------4872EE951F8BF9BA44A5FC4177362170-- +------5F5287EFD10F53F2D5B76110A30BF75D-- diff --git a/test/certs/governance_enable_discovery_enable_access_none_dds_sec.xml b/test/certs/governance_enable_discovery_enable_access_none_dds_sec.xml index b04e46dd75d..b05266c0e08 100644 --- a/test/certs/governance_enable_discovery_enable_access_none_dds_sec.xml +++ b/test/certs/governance_enable_discovery_enable_access_none_dds_sec.xml @@ -16,7 +16,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt* true false true @@ -25,7 +25,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt* false false true @@ -34,7 +34,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt* false false false @@ -43,7 +43,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt* true false false @@ -52,7 +52,7 @@ ENCRYPT - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none* true false true @@ -61,7 +61,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none* false false true @@ -70,7 +70,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none* false false false @@ -79,7 +79,7 @@ NONE - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none/* + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none* true false false @@ -87,6 +87,42 @@ NONE NONE + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign* + true + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_sign* + false + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_sign* + false + false + false + false + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_sign* + true + false + false + false + SIGN + SIGN + diff --git a/test/certs/governance_enable_discovery_enable_access_sign.smime b/test/certs/governance_enable_discovery_enable_access_sign.smime new file mode 100644 index 00000000000..0c8206af076 --- /dev/null +++ b/test/certs/governance_enable_discovery_enable_access_sign.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----91DB19D7E7556C0F85BD565BA8419FA0" + +This is an S/MIME signed message + +------91DB19D7E7556C0F85BD565BA8419FA0 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + true + ENCRYPT + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt* + true + false + true + true + ENCRYPT + ENCRYPT + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_encrypt* + false + false + true + true + ENCRYPT + ENCRYPT + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_encrypt* + false + false + false + false + ENCRYPT + ENCRYPT + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_encrypt* + true + false + false + false + ENCRYPT + ENCRYPT + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none* + true + false + true + true + NONE + NONE + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_none* + false + false + true + true + NONE + NONE + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_none* + false + false + false + false + NONE + NONE + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_none* + true + false + false + false + NONE + NONE + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign* + true + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_sign* + false + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_sign* + false + false + false + false + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_sign* + true + false + false + false + SIGN + SIGN + + + + + + +------91DB19D7E7556C0F85BD565BA8419FA0 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTEzMDgyMDQxWjAvBgkqhkiG9w0BCQQxIgQglLDj +hOk1Wyt3JedZ2vv/cf4TJCEek/BRKJRGyodZ1ncweQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiBHp3ThQpZcezkOnxN3PaATwTQR0GaK +Vel9bmoajh0ZsQIgG0X2rDQ4K3AY0bS5/3b0tRo7PFSIvDdv+0MEaJSmBM8= + +------91DB19D7E7556C0F85BD565BA8419FA0-- + diff --git a/test/certs/governance_enable_discovery_enable_access_sign_dds_sec.xml b/test/certs/governance_enable_discovery_enable_access_sign_dds_sec.xml new file mode 100644 index 00000000000..7f49824ebff --- /dev/null +++ b/test/certs/governance_enable_discovery_enable_access_sign_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + true + ENCRYPT + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt* + true + false + true + true + ENCRYPT + ENCRYPT + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_encrypt* + false + false + true + true + ENCRYPT + ENCRYPT + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_encrypt* + false + false + false + false + ENCRYPT + ENCRYPT + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_encrypt* + true + false + false + false + ENCRYPT + ENCRYPT + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none* + true + false + true + true + NONE + NONE + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_none* + false + false + true + true + NONE + NONE + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_none* + false + false + false + false + NONE + NONE + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_none* + true + false + false + false + NONE + NONE + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign* + true + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_sign* + false + false + true + true + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_sign* + false + false + false + false + SIGN + SIGN + + + *SecurityPlugins_PermissionsEnableDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_sign* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/governance_only_auth.smime b/test/certs/governance_only_auth.smime new file mode 100644 index 00000000000..72503d11476 --- /dev/null +++ b/test/certs/governance_only_auth.smime @@ -0,0 +1,71 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----CDC802D4A44DEBD141FB115FEF4EEFA1" + +This is an S/MIME signed message + +------CDC802D4A44DEBD141FB115FEF4EEFA1 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + true + false + NONE + NONE + NONE + + + * + false + false + false + false + NONE + NONE + + + + + + +------CDC802D4A44DEBD141FB115FEF4EEFA1 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeQYJKoZIhvcNAQcCoIIEajCCBGYCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/TCCAfkCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MDgzNzUxWjAvBgkqhkiG9w0BCQQxIgQgdzk7 +tmk0V3WS29wXV3v6iaNpEAxFuubj9p/YPeamaOgweQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiEAtjZVoGLM6zpAFUI85L3I7TwTP9oK +49w3EfJp0QK5Ix8CIEnKewC2NEJfSoFtAloJn8Un+XXX4wYZPYYAV1pTtJPp + +------CDC802D4A44DEBD141FB115FEF4EEFA1-- + diff --git a/test/certs/governance_only_auth.xml b/test/certs/governance_only_auth.xml new file mode 100644 index 00000000000..caf1e1735a4 --- /dev/null +++ b/test/certs/governance_only_auth.xml @@ -0,0 +1,30 @@ + + + + + + + 0 + 230 + + + true + false + NONE + NONE + NONE + + + * + false + false + false + false + NONE + NONE + + + + + diff --git a/test/certs/governance_performance_tests.smime b/test/certs/governance_performance_tests.smime new file mode 100644 index 00000000000..e551bb20afa --- /dev/null +++ b/test/certs/governance_performance_tests.smime @@ -0,0 +1,98 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----A3A69F83570EA4E55055CB6348C1A638" + +This is an S/MIME signed message + +------A3A69F83570EA4E55055CB6348C1A638 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + true + ENCRYPT + ENCRYPT + ENCRYPT + + + LatencyTest_* + true + false + true + true + ENCRYPT + ENCRYPT + + + ThroughputTest_* + true + false + true + true + ENCRYPT + ENCRYPT + + + VideoTest_* + true + false + true + true + ENCRYPT + ENCRYPT + + + MemoryTest_* + true + false + true + true + ENCRYPT + ENCRYPT + + + + + + +------A3A69F83570EA4E55055CB6348C1A638 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwMzE5MTUzNDAzWjAvBgkqhkiG9w0BCQQxIgQgcIBF +C/9t5trdwuz6PkK1h16qWwLU7VSXsN8ai64BnSkweQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiAH13kV1oOnMkfWJlpV70s9RXlIMg5p +AX5wUmSMghB+eQIgeOzhcfTXY/UKcWXbo2Z2ByJnVksmwhwypS8x+MZrgyI= + +------A3A69F83570EA4E55055CB6348C1A638-- + diff --git a/test/certs/governance_performance_tests.xml b/test/certs/governance_performance_tests.xml new file mode 100644 index 00000000000..2bfad67e110 --- /dev/null +++ b/test/certs/governance_performance_tests.xml @@ -0,0 +1,57 @@ + + + + + + + 0 + 230 + + + false + true + ENCRYPT + ENCRYPT + ENCRYPT + + + LatencyTest_* + true + false + true + true + ENCRYPT + ENCRYPT + + + ThroughputTest_* + true + false + true + true + ENCRYPT + ENCRYPT + + + VideoTest_* + true + false + true + true + ENCRYPT + ENCRYPT + + + MemoryTest_* + true + false + true + true + ENCRYPT + ENCRYPT + + + + + diff --git a/test/certs/governance_sign_discovery_disable_access_encrypt.smime b/test/certs/governance_sign_discovery_disable_access_encrypt.smime new file mode 100644 index 00000000000..d1600044a8d --- /dev/null +++ b/test/certs/governance_sign_discovery_disable_access_encrypt.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----B3FF8FA7E85004591DFC28C030945F48" + +This is an S/MIME signed message + +------B3FF8FA7E85004591DFC28C030945F48 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + false + SIGN + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + + +------B3FF8FA7E85004591DFC28C030945F48 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEegYJKoZIhvcNAQcCoIIEazCCBGcCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/jCCAfoCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQg2Pz7 +wqqmaOYoX55Veuwm7fF2FR6z3YWWrZXlBjic9joweQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIESDBGAiEA7MgjUMHDfkuCM3a7SsmFFJf+u5pL +V+Rhmtc9+GnupisCIQD9lCjT+wFbDxi2A2JoqP6Kkz/RY9nmKHR/e3PK5w3V1g== + +------B3FF8FA7E85004591DFC28C030945F48-- + diff --git a/test/certs/governance_sign_discovery_disable_access_encrypt_dds_sec.xml b/test/certs/governance_sign_discovery_disable_access_encrypt_dds_sec.xml new file mode 100644 index 00000000000..b6ebc921bc6 --- /dev/null +++ b/test/certs/governance_sign_discovery_disable_access_encrypt_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + false + SIGN + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/governance_sign_discovery_disable_access_none.smime b/test/certs/governance_sign_discovery_disable_access_none.smime new file mode 100644 index 00000000000..5485e74abef --- /dev/null +++ b/test/certs/governance_sign_discovery_disable_access_none.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----6B12186E75E65FF801D8767DFEACCAA1" + +This is an S/MIME signed message + +------6B12186E75E65FF801D8767DFEACCAA1 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + false + SIGN + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + + +------6B12186E75E65FF801D8767DFEACCAA1 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgDj4n +6YSZDCIjZzv/TIPDOJSRNQ8zGQJRFQVkFNFBjQEweQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiB+nD4Rr9xeLO3VENQh7PZaTBCZN7EY +laXPK2qtpk1mCAIgQfNJUNgV5aFmFV/Wr6OEa/XIYk70BFvk265NXNTjvyc= + +------6B12186E75E65FF801D8767DFEACCAA1-- + diff --git a/test/certs/governance_sign_discovery_disable_access_none_dds_sec.xml b/test/certs/governance_sign_discovery_disable_access_none_dds_sec.xml new file mode 100644 index 00000000000..f59c267a4c5 --- /dev/null +++ b/test/certs/governance_sign_discovery_disable_access_none_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + false + SIGN + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/governance_sign_discovery_disable_access_sign.smime b/test/certs/governance_sign_discovery_disable_access_sign.smime new file mode 100644 index 00000000000..42d7aa09e7a --- /dev/null +++ b/test/certs/governance_sign_discovery_disable_access_sign.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----7068B26B5C785B7BDBD5385A326B21CF" + +This is an S/MIME signed message + +------7068B26B5C785B7BDBD5385A326B21CF +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + false + SIGN + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + + +------7068B26B5C785B7BDBD5385A326B21CF +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeQYJKoZIhvcNAQcCoIIEajCCBGYCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/TCCAfkCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgUVel +aXsPwzzpmnE4UN0XZerMSi7Lp41ZTTQ1GRjyJj4weQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiBGLbNWj+NvoaoLi9NY2GnOPZ1tkhwG +Xn+Jwswc/mkdIwIhAK69ePqeAwZqLgmkG8F95++uLO8mHJR1NLesunKFxAZz + +------7068B26B5C785B7BDBD5385A326B21CF-- + diff --git a/test/certs/governance_sign_discovery_disable_access_sign_dds_sec.xml b/test/certs/governance_sign_discovery_disable_access_sign_dds_sec.xml new file mode 100644 index 00000000000..4c30ca80bd8 --- /dev/null +++ b/test/certs/governance_sign_discovery_disable_access_sign_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + false + SIGN + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryDisableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/governance_sign_discovery_enable_access_encrypt.smime b/test/certs/governance_sign_discovery_enable_access_encrypt.smime new file mode 100644 index 00000000000..13586930222 --- /dev/null +++ b/test/certs/governance_sign_discovery_enable_access_encrypt.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----EAA84B7A896AA26C36C620C607A4AE99" + +This is an S/MIME signed message + +------EAA84B7A896AA26C36C620C607A4AE99 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + true + SIGN + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + + +------EAA84B7A896AA26C36C620C607A4AE99 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeQYJKoZIhvcNAQcCoIIEajCCBGYCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/TCCAfkCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMjI0WjAvBgkqhkiG9w0BCQQxIgQgDWYN +QOE1DCRzKoS3u3nyvNoBERcLBD5v9x5J/9PID18weQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiEA3reulIBVw1tlVXSaqWwUnFLqkrM4 +2YC8jaQhIJ9qNDkCIGwG+1O23zf5xZd55PPqi3x24gHNOO5+CWldJ+JIpLsy + +------EAA84B7A896AA26C36C620C607A4AE99-- + diff --git a/test/certs/governance_sign_discovery_enable_access_encrypt_dds_sec.xml b/test/certs/governance_sign_discovery_enable_access_encrypt_dds_sec.xml new file mode 100644 index 00000000000..36d8b413ebb --- /dev/null +++ b/test/certs/governance_sign_discovery_enable_access_encrypt_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + true + SIGN + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessEncrypt_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/governance_sign_discovery_enable_access_none.smime b/test/certs/governance_sign_discovery_enable_access_none.smime new file mode 100644 index 00000000000..6329c8963ca --- /dev/null +++ b/test/certs/governance_sign_discovery_enable_access_none.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----9506B036F9FA14BA0FD6A32A73501DF7" + +This is an S/MIME signed message + +------9506B036F9FA14BA0FD6A32A73501DF7 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + true + SIGN + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + + +------9506B036F9FA14BA0FD6A32A73501DF7 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAzMDMwWjAvBgkqhkiG9w0BCQQxIgQgtqF4 +L3fUUOdJDRk5LygFyUqM3MY1Gz0LoISehvjUhf4weQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiBdzzXCxXyL9CmzxR8aQE+vdKAXk4FI +wRygppv7fu/C7AIgeSgPstLKrQEKD0Q16PIcGmcm2pnbMJjNjxl6ngMPHPo= + +------9506B036F9FA14BA0FD6A32A73501DF7-- + diff --git a/test/certs/governance_sign_discovery_enable_access_none_dds_sec.xml b/test/certs/governance_sign_discovery_enable_access_none_dds_sec.xml new file mode 100644 index 00000000000..6be542f89a0 --- /dev/null +++ b/test/certs/governance_sign_discovery_enable_access_none_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + true + SIGN + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessNone_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/governance_sign_discovery_enable_access_sign.smime b/test/certs/governance_sign_discovery_enable_access_sign.smime new file mode 100644 index 00000000000..4b09e9864d2 --- /dev/null +++ b/test/certs/governance_sign_discovery_enable_access_sign.smime @@ -0,0 +1,170 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----B456791B6FFE6161828347E773A874F8" + +This is an S/MIME signed message + +------B456791B6FFE6161828347E773A874F8 +Content-Type: text/plain + + + + + + + + 0 + 230 + + + false + true + SIGN + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + + +------B456791B6FFE6161828347E773A874F8 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwNTA4MTAyOTUzWjAvBgkqhkiG9w0BCQQxIgQgnAgL +pL2inTBS7TG+ODXjumOBriUSZb5rxH83Opb1rE0weQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiBD6XfKVRAbBrpJgWcRScEI3pxWqkul +FwidctAvHshdxAIgAxNh3MisepLR+rCXgoSfkXFW7xRIdqE5VGubGpotPLI= + +------B456791B6FFE6161828347E773A874F8-- + diff --git a/test/certs/governance_sign_discovery_enable_access_sign_dds_sec.xml b/test/certs/governance_sign_discovery_enable_access_sign_dds_sec.xml new file mode 100644 index 00000000000..4052e6ab1d8 --- /dev/null +++ b/test/certs/governance_sign_discovery_enable_access_sign_dds_sec.xml @@ -0,0 +1,129 @@ + + + + + + + 0 + 230 + + + false + true + SIGN + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_encrypt/* + true + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_encrypt/* + false + false + true + true + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_encrypt/* + false + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_encrypt/* + true + false + false + false + ENCRYPT + ENCRYPT + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_none/* + true + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_none/* + false + false + true + true + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_none/* + false + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_none/* + true + false + false + false + NONE + NONE + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_enable_access_sign/* + true + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_enable_access_sign/* + false + false + true + true + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_disable_discovery_disable_access_sign/* + false + false + false + false + SIGN + SIGN + + + Security/Security_SecurityPlugins_PermissionsSignDiscoveryEnableAccessSign_validation_ok_enable_discovery_disable_access_sign/* + true + false + false + false + SIGN + SIGN + + + + + diff --git a/test/certs/permissions.smime b/test/certs/permissions.smime index 7696a619f2f..ff83e18631b 100644 --- a/test/certs/permissions.smime +++ b/test/certs/permissions.smime @@ -1,9 +1,9 @@ MIME-Version: 1.0 -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----910B482A73CC44DF449F7711DFB38632" +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----B02AF6EF39042EA2E8090FB8A17B5166" This is an S/MIME signed message -------910B482A73CC44DF449F7711DFB38632 +------B02AF6EF39042EA2E8090FB8A17B5166 Content-Type: text/plain @@ -25,7 +25,7 @@ Content-Type: text/plain *clock* - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions*_validation_ok* + *SecurityPlugins_Permissions*_validation_ok* @@ -47,7 +47,7 @@ Content-Type: text/plain *clock* - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions*_validation_ok* + *SecurityPlugins_Permissions*_validation_ok* *temperature* @@ -57,12 +57,12 @@ Content-Type: text/plain -------910B482A73CC44DF449F7711DFB38632 +------B02AF6EF39042EA2E8090FB8A17B5166 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" -MIIEeQYJKoZIhvcNAQcCoIIEajCCBGYCAQExDzANBglghkgBZQMEAgEFADALBgkq +MIIEegYJKoZIhvcNAQcCoIIEazCCBGcCAQExDzANBglghkgBZQMEAgEFADALBgkq hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV @@ -75,17 +75,17 @@ cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE 3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS 7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT 4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 -SVxpI+3UYs2kV5n0MYIB/TCCAfkCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +SVxpI+3UYs2kV5n0MYIB/jCCAfoCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc -BgkqhkiG9w0BCQUxDxcNMTkxMTEyMTQxMDIxWjAvBgkqhkiG9w0BCQQxIgQgRq/+ -RJxf7uA6wZ+bkIoceuCwacVRD7jkqs93rQGRocEweQYJKoZIhvcNAQkPMWwwajAL +BgkqhkiG9w0BCQUxDxcNMjYwNTEzMDgzMTUwWjAvBgkqhkiG9w0BCQQxIgQg3B0A +OLjl5f5ugj0biZxBE+W0uVB4N2/u26ScCR63kQQweQYJKoZIhvcNAQkPMWwwajAL BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI -hvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiA+UOENZBH6lb0WeOa4dCDiD8psIO6H -vdAbRXDlNwCnFgIhAI7m8vGdHvnl0J0NOWMkV1EeLnI4F+XsDOtaDziWPfN0 +hvcNAwICASgwCgYIKoZIzj0EAwIESDBGAiEAilZu9H5ZGo5l7wYxQAFrBbqVVLem +LNG5X6Ak2o6mW/UCIQCu7boQpCNvyL+e1NGpdNDwSH/uB/q296gHXEU5NHvSEQ== -------910B482A73CC44DF449F7711DFB38632-- +------B02AF6EF39042EA2E8090FB8A17B5166-- diff --git a/test/certs/permissions_dds_sec.xml b/test/certs/permissions_dds_sec.xml index 6dc53017286..d645ed9e2e9 100644 --- a/test/certs/permissions_dds_sec.xml +++ b/test/certs/permissions_dds_sec.xml @@ -17,7 +17,7 @@ *clock* - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions*_validation_ok* + *SecurityPlugins_Permissions*_validation_ok* @@ -39,7 +39,7 @@ *clock* - Security/Security_BuiltinAuthenticationAndAccessAndCryptoPlugin_Permissions*_validation_ok* + *SecurityPlugins_Permissions*_validation_ok* *temperature* diff --git a/test/certs/permissions_performance_tests.smime b/test/certs/permissions_performance_tests.smime new file mode 100644 index 00000000000..3e895b436c8 --- /dev/null +++ b/test/certs/permissions_performance_tests.smime @@ -0,0 +1,110 @@ +MIME-Version: 1.0 +Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----672F9939D8C1906087DE65D765CE93D4" + +This is an S/MIME signed message + +------672F9939D8C1906087DE65D765CE93D4 +Content-Type: text/plain + + + + + + emailAddress=mainpub@eprosima.com, CN=Main Publisher, OU=eProsima, O=eProsima, ST=MA, C=ES + + 2013-06-01T13:00:00 + 2038-06-01T13:00:00 + + + + + 0 + 230 + + + + + LatencyTest_* + ThroughputTest_* + VideoTest_* + MemoryTest_* + + + + + LatencyTest_* + ThroughputTest_* + VideoTest_* + MemoryTest_* + + + + DENY + + + emailAddress=mainsub@eprosima.com, CN=Main Subscriber, OU=eProsima, O=eProsima, ST=MA, C=ES + + 2013-06-01T13:00:00 + 2038-06-01T13:00:00 + + + + + 0 + 230 + + + + + LatencyTest_* + ThroughputTest_* + VideoTest_* + MemoryTest_* + + + + + LatencyTest_* + ThroughputTest_* + VideoTest_* + MemoryTest_* + + + + DENY + + + + +------672F9939D8C1906087DE65D765CE93D4 +Content-Type: application/x-pkcs7-signature; name="smime.p7s" +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename="smime.p7s" + +MIIEeAYJKoZIhvcNAQcCoIIEaTCCBGUCAQExDzANBglghkgBZQMEAgEFADALBgkq +hkiG9w0BBwGgggJAMIICPDCCAeOgAwIBAgIJALZwpgo2sxthMAoGCCqGSM49BAMC +MIGaMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2Fu +dG9zMREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNV +BAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNh +QGVwcm9zaW1hLmNvbTAeFw0xNzA5MDYwOTAzMDNaFw0yNzA5MDQwOTAzMDNaMIGa +MQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9z +MREwDwYDVQQKDAhlUHJvc2ltYTERMA8GA1UECwwIZVByb3NpbWExHjAcBgNVBAMM +FWVQcm9zaW1hIE1haW4gVGVzdCBDQTEiMCAGCSqGSIb3DQEJARYTbWFpbmNhQGVw +cm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGLlhB3WQ8l1fpUE +3DfOoulA/de38Zfj7hmpKtOnxiH2q6RJbwhxvJeA7R7mkmAKaJKmzx695BjyiXVS +7bE7vgejEDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgVTY1BEvT +4pw3GyBMzaUqmp69wi0kBkyOgq04OhyJ13UCICR125vvt0fUhXsXaxOAx28E4Ac9 +SVxpI+3UYs2kV5n0MYIB/DCCAfgCAQEwgagwgZoxCzAJBgNVBAYTAkVTMQswCQYD +VQQIDAJNQTEUMBIGA1UEBwwLVHJlcyBDYW50b3MxETAPBgNVBAoMCGVQcm9zaW1h +MREwDwYDVQQLDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0 +IENBMSIwIAYJKoZIhvcNAQkBFhNtYWluY2FAZXByb3NpbWEuY29tAgkAtnCmCjaz +G2EwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc +BgkqhkiG9w0BCQUxDxcNMjYwMzE5MTUzNDAzWjAvBgkqhkiG9w0BCQQxIgQgYG5f +rSPoncqnj+juDOR7akNuMp3VteftkLV61Bm7Pd0weQYJKoZIhvcNAQkPMWwwajAL +BglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0D +BzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI +hvcNAwICASgwCgYIKoZIzj0EAwIERjBEAiB7/iPRXqpZPrm8ZvGBWNLrsS9ioj8d +LjWCwU3BZHUOkAIgGbljAvGHH76HuLCE3BGNGqGq0SIKdzwXPlCN0W/uYME= + +------672F9939D8C1906087DE65D765CE93D4-- + diff --git a/test/certs/permissions_performance_tests.xml b/test/certs/permissions_performance_tests.xml new file mode 100644 index 00000000000..bccc65242ed --- /dev/null +++ b/test/certs/permissions_performance_tests.xml @@ -0,0 +1,69 @@ + + + + + emailAddress=mainpub@eprosima.com, CN=Main Publisher, OU=eProsima, O=eProsima, ST=MA, C=ES + + 2013-06-01T13:00:00 + 2038-06-01T13:00:00 + + + + + 0 + 230 + + + + + LatencyTest_* + ThroughputTest_* + VideoTest_* + MemoryTest_* + + + + + LatencyTest_* + ThroughputTest_* + VideoTest_* + MemoryTest_* + + + + DENY + + + emailAddress=mainsub@eprosima.com, CN=Main Subscriber, OU=eProsima, O=eProsima, ST=MA, C=ES + + 2013-06-01T13:00:00 + 2038-06-01T13:00:00 + + + + + 0 + 230 + + + + + LatencyTest_* + ThroughputTest_* + VideoTest_* + MemoryTest_* + + + + + LatencyTest_* + ThroughputTest_* + VideoTest_* + MemoryTest_* + + + + DENY + + + diff --git a/test/performance/latency/main_LatencyTest.cpp b/test/performance/latency/main_LatencyTest.cpp index ee4a5ee8066..b68f55f21bd 100644 --- a/test/performance/latency/main_LatencyTest.cpp +++ b/test/performance/latency/main_LatencyTest.cpp @@ -452,6 +452,8 @@ int main( return -1; } + // Subscriber + // Auth sub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.plugin", "builtin.PKI-DH")); sub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.identity_ca", "file://" + certs_path + "/maincacert.pem")); @@ -460,11 +462,21 @@ int main( sub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.private_key", "file://" + certs_path + "/mainsubkey.pem")); sub_part_property_policy.properties().emplace_back(Property("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC")); - sub_part_property_policy.properties().emplace_back("rtps.participant.rtps_protection_kind", "ENCRYPT"); - - sub_property_policy.properties().emplace_back("rtps.endpoint.submessage_protection_kind", "ENCRYPT"); - sub_property_policy.properties().emplace_back("rtps.endpoint.payload_protection_kind", "ENCRYPT"); - + // Access + sub_part_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", + "builtin.Access-Permissions")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions_ca", + "file://" + certs_path + "/maincacert.pem")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.governance", + "file://" + certs_path + "/governance_performance_tests.smime")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions", + "file://" + certs_path + "/permissions_performance_tests.smime")); + + // Publisher + // Auth pub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.plugin", "builtin.PKI-DH")); pub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.identity_ca", "file://" + certs_path + "/maincacert.pem")); @@ -473,9 +485,18 @@ int main( pub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.private_key", "file://" + certs_path + "/mainpubkey.pem")); pub_part_property_policy.properties().emplace_back(Property("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC")); - pub_part_property_policy.properties().emplace_back("rtps.participant.rtps_protection_kind", "ENCRYPT"); - pub_property_policy.properties().emplace_back("rtps.endpoint.submessage_protection_kind", "ENCRYPT"); - pub_property_policy.properties().emplace_back("rtps.endpoint.payload_protection_kind", "ENCRYPT"); + // Access + pub_part_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", + "builtin.Access-Permissions")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions_ca", + "file://" + certs_path + "/maincacert.pem")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.governance", + "file://" + certs_path + "/governance_performance_tests.smime")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions", + "file://" + certs_path + "/permissions_performance_tests.smime")); } #endif // if HAVE_SECURITY diff --git a/test/performance/throughput/main_ThroughputTest.cpp b/test/performance/throughput/main_ThroughputTest.cpp index 09f299a323a..fdee4bfbde6 100644 --- a/test/performance/throughput/main_ThroughputTest.cpp +++ b/test/performance/throughput/main_ThroughputTest.cpp @@ -395,6 +395,8 @@ int main( } std::cout << "certs_path: " << certs_path << std::endl; + // Subscriber + // Auth sub_part_property_policy.properties().emplace_back(Property( "dds.sec.auth.plugin", "builtin.PKI-DH")); @@ -410,16 +412,21 @@ int main( sub_part_property_policy.properties().emplace_back(Property( "dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC")); - sub_part_property_policy.properties().emplace_back( - "rtps.participant.rtps_protection_kind", - "ENCRYPT"); - sub_property_policy.properties().emplace_back( - "rtps.endpoint.submessage_protection_kind", - "ENCRYPT"); - sub_property_policy.properties().emplace_back( - "rtps.endpoint.payload_protection_kind", - "ENCRYPT"); + // Access + sub_part_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", + "builtin.Access-Permissions")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions_ca", + "file://" + certs_path + "/maincacert.pem")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.governance", + "file://" + certs_path + "/governance_performance_tests.smime")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions", + "file://" + certs_path + "/permissions_performance_tests.smime")); + // Publisher + // Auth pub_part_property_policy.properties().emplace_back(Property( "dds.sec.auth.plugin", "builtin.PKI-DH")); @@ -435,15 +442,18 @@ int main( pub_part_property_policy.properties().emplace_back(Property( "dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC")); - pub_part_property_policy.properties().emplace_back( - "rtps.participant.rtps_protection_kind", - "ENCRYPT"); - pub_property_policy.properties().emplace_back( - "rtps.endpoint.submessage_protection_kind", - "ENCRYPT"); - pub_property_policy.properties().emplace_back( - "rtps.endpoint.payload_protection_kind", - "ENCRYPT"); + // Access + pub_part_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", + "builtin.Access-Permissions")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions_ca", + "file://" + certs_path + "/maincacert.pem")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.governance", + "file://" + certs_path + "/governance_performance_tests.smime")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions", + "file://" + certs_path + "/permissions_performance_tests.smime")); } #endif // if HAVE_SECURITY diff --git a/test/performance/video/main_VideoTest.cpp b/test/performance/video/main_VideoTest.cpp index b09069dee7b..b4271048f7b 100644 --- a/test/performance/video/main_VideoTest.cpp +++ b/test/performance/video/main_VideoTest.cpp @@ -414,8 +414,14 @@ int main( option::printUsage(fwrite, stdout, usage, columns); return -1; } +<<<<<<< HEAD sub_part_property_policy.properties().emplace_back(eprosima::fastrtps::rtps::Property("dds.sec.auth.plugin", +======= + // Subscriber + // Auth + sub_part_property_policy.properties().emplace_back(eprosima::fastdds::rtps::Property("dds.sec.auth.plugin", +>>>>>>> a1d550b29 (Update security tests to use governance-based encryption configuration (#6277)) "builtin.PKI-DH")); sub_part_property_policy.properties().emplace_back(eprosima::fastrtps::rtps::Property( "dds.sec.auth.builtin.PKI-DH.identity_ca", @@ -428,11 +434,26 @@ int main( "file://" + certs_path + "/mainsubkey.pem")); sub_part_property_policy.properties().emplace_back(eprosima::fastrtps::rtps::Property("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC")); - sub_part_property_policy.properties().emplace_back("rtps.participant.rtps_protection_kind", "ENCRYPT"); - sub_property_policy.properties().emplace_back("rtps.endpoint.submessage_protection_kind", "ENCRYPT"); - sub_property_policy.properties().emplace_back("rtps.endpoint.payload_protection_kind", "ENCRYPT"); - + // Access + sub_part_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", + "builtin.Access-Permissions")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions_ca", + "file://" + certs_path + "/maincacert.pem")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.governance", + "file://" + certs_path + "/governance_performance_tests.smime")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions", + "file://" + certs_path + "/permissions_performance_tests.smime")); + +<<<<<<< HEAD pub_part_property_policy.properties().emplace_back(eprosima::fastrtps::rtps::Property("dds.sec.auth.plugin", +======= + // Publisher + // Auth + pub_part_property_policy.properties().emplace_back(eprosima::fastdds::rtps::Property("dds.sec.auth.plugin", +>>>>>>> a1d550b29 (Update security tests to use governance-based encryption configuration (#6277)) "builtin.PKI-DH")); pub_part_property_policy.properties().emplace_back(eprosima::fastrtps::rtps::Property( "dds.sec.auth.builtin.PKI-DH.identity_ca", @@ -445,9 +466,18 @@ int main( "file://" + certs_path + "/mainpubkey.pem")); pub_part_property_policy.properties().emplace_back(eprosima::fastrtps::rtps::Property("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC")); - pub_part_property_policy.properties().emplace_back("rtps.participant.rtps_protection_kind", "ENCRYPT"); - pub_property_policy.properties().emplace_back("rtps.endpoint.submessage_protection_kind", "ENCRYPT"); - pub_property_policy.properties().emplace_back("rtps.endpoint.payload_protection_kind", "ENCRYPT"); + // Access + pub_part_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", + "builtin.Access-Permissions")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions_ca", + "file://" + certs_path + "/maincacert.pem")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.governance", + "file://" + certs_path + "/governance_performance_tests.smime")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions", + "file://" + certs_path + "/permissions_performance_tests.smime")); } #endif // if HAVE_SECURITY diff --git a/test/profiling/main_MemoryTest.cpp b/test/profiling/main_MemoryTest.cpp index cfdd6f75b11..4d601ede8fb 100644 --- a/test/profiling/main_MemoryTest.cpp +++ b/test/profiling/main_MemoryTest.cpp @@ -406,6 +406,8 @@ int main( return -1; } + // Subscriber + // Auth sub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.plugin", "builtin.PKI-DH")); sub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.identity_ca", @@ -416,10 +418,21 @@ int main( "file://" + certs_path + "/mainsubkey.pem")); sub_part_property_policy.properties().emplace_back(Property("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC")); - sub_part_property_policy.properties().emplace_back("rtps.participant.rtps_protection_kind", "ENCRYPT"); - sub_property_policy.properties().emplace_back("rtps.endpoint.submessage_protection_kind", "ENCRYPT"); - sub_property_policy.properties().emplace_back("rtps.endpoint.payload_protection_kind", "ENCRYPT"); - + // Access + sub_part_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", + "builtin.Access-Permissions")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions_ca", + "file://" + certs_path + "/maincacert.pem")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.governance", + "file://" + certs_path + "/governance_performance_tests.smime")); + sub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions", + "file://" + certs_path + "/permissions_performance_tests.smime")); + + // Publisher + // Auth pub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.plugin", "builtin.PKI-DH")); pub_part_property_policy.properties().emplace_back(Property("dds.sec.auth.builtin.PKI-DH.identity_ca", @@ -430,9 +443,18 @@ int main( "file://" + certs_path + "/mainpubkey.pem")); pub_part_property_policy.properties().emplace_back(Property("dds.sec.crypto.plugin", "builtin.AES-GCM-GMAC")); - pub_part_property_policy.properties().emplace_back("rtps.participant.rtps_protection_kind", "ENCRYPT"); - pub_property_policy.properties().emplace_back("rtps.endpoint.submessage_protection_kind", "ENCRYPT"); - pub_property_policy.properties().emplace_back("rtps.endpoint.payload_protection_kind", "ENCRYPT"); + // Access + pub_part_property_policy.properties().emplace_back(Property("dds.sec.access.plugin", + "builtin.Access-Permissions")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions_ca", + "file://" + certs_path + "/maincacert.pem")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.governance", + "file://" + certs_path + "/governance_performance_tests.smime")); + pub_part_property_policy.properties().emplace_back(Property( + "dds.sec.access.builtin.Access-Permissions.permissions", + "file://" + certs_path + "/permissions_performance_tests.smime")); } #endif // if HAVE_SECURITY