Skip to content

Commit

Permalink
Update TLS unit test certificates (#4028)
Browse files Browse the repository at this point in the history
* Refs #19937: Update TLS unit test certificates

Signed-off-by: EduPonz <[email protected]>

* Refs #19937: Enable TLS tests in all github CIs

Signed-off-by: EduPonz <[email protected]>

---------

Signed-off-by: EduPonz <[email protected]>
  • Loading branch information
EduPonz authored Nov 17, 2023
1 parent 73ff2c1 commit 2a867e0
Show file tree
Hide file tree
Showing 10 changed files with 32 additions and 33 deletions.
1 change: 1 addition & 0 deletions .github/workflows/config/asan_colcon.meta
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
"-DFASTRTPS_API_TESTS=ON",
"-DFASTDDS_PIM_API_TESTS=ON",
"-DPERFORMANCE_TESTS=ON",
"-DNO_TLS=OFF",
"-DSECURITY=ON",
"-DFASTDDS_STATISTICS=ON",
"-DSANITIZER=Address",
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/config/default_ci.meta
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
"-DFASTRTPS_API_TESTS=OFF",
"-DFASTDDS_PIM_API_TESTS=ON",
"-DPERFORMANCE_TESTS=ON",
"-DNO_TLS=ON",
"-DNO_TLS=OFF",
"-DSECURITY=ON",
"-DMEMORYCHECK_COMMAND_OPTIONS=-q --tool=memcheck --leak-check=yes --show-reachable=yes
--num-callers=50 --log-fd=2 --error-exitcode=1",
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/config/nightly.meta
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
"-DFASTRTPS_API_TESTS=OFF",
"-DFASTDDS_PIM_API_TESTS=ON",
"-DPERFORMANCE_TESTS=ON",
"-DNO_TLS=ON",
"-DNO_TLS=OFF",
"-DMEMORYCHECK_COMMAND_OPTIONS=-q --tool=memcheck --leak-check=yes --show-reachable=yes
--num-callers=50 --log-fd=2 --error-exitcode=1",
"-DMEMORYCHECK_SUPPRESSIONS_FILE=../../src/fastrtps/valgrind.supp"
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/config/tsan_colcon.meta
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
"-DFASTRTPS_API_TESTS=OFF",
"-DFASTDDS_PIM_API_TESTS=ON",
"-DPERFORMANCE_TESTS=ON",
"-DNO_TLS=OFF",
"-DSECURITY=ON",
"-DFASTDDS_STATISTICS=ON",
"-DCMAKE_C_FLAGS='-fsanitize=thread -O2 -g -fno-omit-frame-pointer'",
Expand Down
8 changes: 4 additions & 4 deletions test/unittest/transport/certs/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@ openssl ecparam -name prime256v1 -genkey -noout -out ca.key
# openssl ecparam -name prime256v1 -genkey | openssl ec -aes256 -out ca.key -passout pass:cakey # with password

# Generate the Certificate Authority Certificate > ca.crt
openssl req -new -x509 -sha256 -key ca.key -out ca.crt -days 365 -config ca.cnf
# openssl req -new -x509 -sha256 -key ca.key -out ca.crt -days 365 -config ca.cnf -passin pass:cakey # with password
openssl req -new -x509 -sha256 -key ca.key -out ca.crt -days 1825 -config ca.cnf
# openssl req -new -x509 -sha256 -key ca.key -out ca.crt -days 1825 -config ca.cnf -passin pass:cakey # with password
```

### Fast DDS Certificate
Expand All @@ -33,8 +33,8 @@ openssl req -new -sha256 -key fastdds.key -out fastdds.csr -config fastdds.cnf
# openssl req -new -sha256 -key fastdds.key -out fastdds.csr -config fastdds.cnf -passin pass:fastddspwd # with password

# Generate the Fast DDS Certificate (computed on the CA side) > fastdds.crt
openssl x509 -req -in fastdds.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out fastdds.crt -days 1000 -sha256
# openssl x509 -req -in fastdds.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out fastdds.crt -days 1000 -sha256 -passin pass:cakey # with password
openssl x509 -req -in fastdds.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out fastdds.crt -days 1825 -sha256
# openssl x509 -req -in fastdds.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out fastdds.crt -days 1825 -sha256 -passin pass:cakey # with password
```

### DH PARAMETERS
Expand Down
14 changes: 7 additions & 7 deletions test/unittest/transport/certs/ca.crt
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICFDCCAbsCFBfZ8BpGDGjJDGtV9r9smtAY4QeVMAoGCCqGSM49BAMCMIGMMQsw
MIICFDCCAbsCFDIlAUpPsmDIvCdkZWk4YACbWvCIMAoGCCqGSM49BAMCMIGMMQsw
CQYDVQQGEwJFUzELMAkGA1UECAwCTUExDzANBgNVBAcMBk1hZHJpZDERMA8GA1UE
CgwIZVByb3NpbWExETAPBgNVBAsMCGVQcm9zaW1hMRQwEgYDVQQDDAtlUHJvc2lt
YSBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBlcHJvc2ltYS5jb20wHhcNMjIx
MTE1MTIwMTIzWhcNMjMxMTE1MTIwMTIzWjCBjDELMAkGA1UEBhMCRVMxCzAJBgNV
YSBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBlcHJvc2ltYS5jb20wHhcNMjMx
MTE3MDcwODIzWhcNMjgxMTE1MDcwODIzWjCBjDELMAkGA1UEBhMCRVMxCzAJBgNV
BAgMAk1BMQ8wDQYDVQQHDAZNYWRyaWQxETAPBgNVBAoMCGVQcm9zaW1hMREwDwYD
VQQLDAhlUHJvc2ltYTEUMBIGA1UEAwwLZVByb3NpbWEgQ0ExIzAhBgkqhkiG9w0B
CQEWFHN1cHBvcnRAZXByb3NpbWEuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEj+I8gK3UaelJrdYSIa6ck5afHJ9JAS/TuqnBQaL40UHaH3tXEOoisTFVf6Rm
5auDAOv3IsH4KpzxApgE8ynHQTAKBggqhkjOPQQDAgNHADBEAiBktjSbjJuc1H7h
swsCk889fD66HPnxQ2VRyTqSqMLVNQIgVGqDodgqQSjXDfOdzN7kr4uN6Y2vgJmc
etnWedjnhXo=
QgAEs4pxHmiZi+/ze7NvNNSFbcKEB6bVZ21gl5ERxioMDUkDR0K9NANvCskAiOsS
J2af5dmj/H35NGHm5A1DxbCsSzAKBggqhkjOPQQDAgNHADBEAiA3BeLmwYptJ1Mx
6dEwKb972V8kPu784iJ75/hIWYMAAwIgB+W/TFXYffZu1IwedhkQZ349KSYKNhl4
UFg1oI2OFHU=
-----END CERTIFICATE-----
6 changes: 3 additions & 3 deletions test/unittest/transport/certs/ca.key
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIE+41uHwahHbiDGMEUeYJOy8UGi1DdX09eYz06TMTddkoAoGCCqGSM49
AwEHoUQDQgAEj+I8gK3UaelJrdYSIa6ck5afHJ9JAS/TuqnBQaL40UHaH3tXEOoi
sTFVf6Rm5auDAOv3IsH4KpzxApgE8ynHQQ==
MHcCAQEEIOCJ0vBvNovjuZGUFBKcg9O8ikmRKyZTQxSuGE7iFWZFoAoGCCqGSM49
AwEHoUQDQgAEs4pxHmiZi+/ze7NvNNSFbcKEB6bVZ21gl5ERxioMDUkDR0K9NANv
CskAiOsSJ2af5dmj/H35NGHm5A1DxbCsSw==
-----END EC PRIVATE KEY-----
14 changes: 7 additions & 7 deletions test/unittest/transport/certs/fastdds.crt
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICFjCCAbsCFDMd2oCBazGT91OP8hV2J1+gHNlQMAoGCCqGSM49BAMCMIGMMQsw
MIICFTCCAbsCFBGqg+luTTvQ3zP0TMW1xPag9Iw4MAoGCCqGSM49BAMCMIGMMQsw
CQYDVQQGEwJFUzELMAkGA1UECAwCTUExDzANBgNVBAcMBk1hZHJpZDERMA8GA1UE
CgwIZVByb3NpbWExETAPBgNVBAsMCGVQcm9zaW1hMRQwEgYDVQQDDAtlUHJvc2lt
YSBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBlcHJvc2ltYS5jb20wHhcNMjIx
MTE1MTMwNzA3WhcNMjUwODExMTMwNzA3WjCBjDELMAkGA1UEBhMCRVMxCzAJBgNV
YSBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBlcHJvc2ltYS5jb20wHhcNMjMx
MTE3MDcwODU4WhcNMjgxMTE1MDcwODU4WjCBjDELMAkGA1UEBhMCRVMxCzAJBgNV
BAgMAk1BMQ8wDQYDVQQHDAZNYWRyaWQxETAPBgNVBAoMCGVQcm9zaW1hMREwDwYD
VQQLDAhlUHJvc2ltYTEUMBIGA1UEAwwLZVByb3NpbWEgREIxIzAhBgkqhkiG9w0B
CQEWFHN1cHBvcnRAZXByb3NpbWEuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEBZng27oxy9Pf4LC1HJ41OWsC3Tg3u/UW2P5fXgXOZ2rT54lggaPDT9T9nzgV
Xt/v+7HGgiFMN3aDDeqjVfJrzDAKBggqhkjOPQQDAgNJADBGAiEAyM10iWt8vdu0
w0tT4ZOfuI955l5+9RQhhYFCEhB4or0CIQCn0Narau7UfzPdwmKGDDeJCUAk3dQo
sjx9vpBe6Xh41Q==
QgAERpOOxdxOyNKP5xazr5Yo/hxTkP0xbk0C1dLx8ohD515uzGPUE7fldGTCuMIh
zoZKDhcvK98XfSpNr1PSAVXBjDAKBggqhkjOPQQDAgNIADBFAiAEP2q5dOdZWfco
svCJpkydRpHgozKm1rxh03mH6TeVRwIhAKgYJZmaXaWxvXasrn7ToHQknXJfkkGO
DtxzqPeDgot4
-----END CERTIFICATE-----
8 changes: 4 additions & 4 deletions test/unittest/transport/certs/fastdds.csr
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
MIIBSDCB7wIBADCBjDELMAkGA1UEBhMCRVMxCzAJBgNVBAgMAk1BMQ8wDQYDVQQH
DAZNYWRyaWQxETAPBgNVBAoMCGVQcm9zaW1hMREwDwYDVQQLDAhlUHJvc2ltYTEU
MBIGA1UEAwwLZVByb3NpbWEgREIxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZXBy
b3NpbWEuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBZng27oxy9Pf4LC1
HJ41OWsC3Tg3u/UW2P5fXgXOZ2rT54lggaPDT9T9nzgVXt/v+7HGgiFMN3aDDeqj
VfJrzKAAMAoGCCqGSM49BAMCA0gAMEUCIQCp9cA5uo6KKpoWJE8SelmoduMPzG6e
Tto3NJhPfV6JEwIgaB65CKyrMCpm9jkUqa3nA/sO8JdvOU/pp1lI52g9nbw=
b3NpbWEuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERpOOxdxOyNKP5xaz
r5Yo/hxTkP0xbk0C1dLx8ohD515uzGPUE7fldGTCuMIhzoZKDhcvK98XfSpNr1PS
AVXBjKAAMAoGCCqGSM49BAMCA0gAMEUCIBNHR6vyWtxu7jnMNPRiJRMq9RKp88OQ
bj+66uL/QDn8AiEAwKVHN9FcM1E2bvTU5A4l/2l+/W+EcRa2b7bzVkfRs4o=
-----END CERTIFICATE REQUEST-----
9 changes: 3 additions & 6 deletions test/unittest/transport/certs/fastdds.key
Original file line number Diff line number Diff line change
@@ -1,8 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,DD07963B46651B0634E2BC3ED275B73E

b31AqaIGrm1juePwJG3KiWWdQL+ekiVUqUURfhVHTLmc0mxMz0dHbTYWE57HfsQ7
eh8maPWRPn30ArK+Zp9VZ5gdnZKl93z86IfM1rnWMX8NqGKVL7HIeAhc8DOYhFwf
/8dGxH+XFU3TAk8zvlP29gzZBMjuQ0DewmC6VGKUAVI=
MHcCAQEEIBRqOIY28pjNczTDrKr9DJJVHvn61Ir4BxWdnrw6R0eloAoGCCqGSM49
AwEHoUQDQgAERpOOxdxOyNKP5xazr5Yo/hxTkP0xbk0C1dLx8ohD515uzGPUE7fl
dGTCuMIhzoZKDhcvK98XfSpNr1PSAVXBjA==
-----END EC PRIVATE KEY-----

0 comments on commit 2a867e0

Please sign in to comment.