Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added rmw_security_common #388

Open
wants to merge 4 commits into
base: rolling
Choose a base branch
from
Open

Added rmw_security_common #388

wants to merge 4 commits into from

Conversation

ahcorde
Copy link
Contributor

@ahcorde ahcorde commented Jan 29, 2025
edited
Loading

Replace ros2/sros2#330

the new rmw_zenoh_cpp has an open PR to include certificates using the --enclave argument. This requires to use rmw_dds_common::get_security_files which is not a dds unique utility.

The idea with new package is to include here all the security common things.

As discussed in the ROS weekly meeting, we decided to include this package under the rmw repository and it should use C in the signature as the other rmw functions.

Related PRs

@ahcorde
Added rmw_security_common
d2b0798 
Signed-off-by: Alejandro Hernandez Cordero <[email protected]>
@ahcorde ahcorde requested a review from clalancette January 29, 2025 11:28
@ahcorde ahcorde self-assigned this Jan 29, 2025
@ahcorde ahcorde mentioned this pull request Jan 29, 2025
Closed
@ahcorde
Removed warnings
53e5609 
Signed-off-by: Alejandro Hernandez Cordero <[email protected]>
@ahcorde ahcorde mentioned this pull request Jan 29, 2025
Open
fujitatomoya
fujitatomoya requested changes Jan 29, 2025
View reviewed changes
rmw_security_common/include/rmw_security_common/security.hpp Outdated
Comment on lines 60 to 61
// const std::string & prefix, const std::string & secure_root,
// std::unordered_map<std::string, std::string> & result);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove those comments?

Suggested change
// const std::string & prefix, const std::string & secure_root,
// std::unordered_map<std::string, std::string> & result);

rmw_security_common/include/rmw_security_common/security.hpp Outdated
@@ -0,0 +1,99 @@
// Copyright 2021 Open Source Robotics Foundation, Inc.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

basically what we are doing here is to move the implementation from rmw_dds_common, but it also adjusts the implementation in C. probably copyright year would be better to be updated? and else where.

Suggested change
// Copyright 2021 Open Source Robotics Foundation, Inc.
// Copyright 2025 Open Source Robotics Foundation, Inc.

rmw_security_common/include/rmw_security_common/security.hpp Outdated
* \param[in] prefix An optional prefix to apply to the filenames when storing them.
* \param[in] secure_root The path to the security enclave to look at.
* \param[out] result The map where the friendly name -> filename pairs are stored.
* \return `true` if all required files exist in the security enclave, `false` otherwise.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is not correct.

Suggested change
* \return `true` if all required files exist in the security enclave, `false` otherwise.
* \return `RMW_RET_OK` if successful, or
* \return `RMW_RET_INVALID_ARGUMENT` if any argument are invalid, or
* \return `RMW_RET_ERROR` an unexpected error occurs.

rmw_security_common/include/rmw_security_common/security.hpp Outdated
* \param[in] prefix An optional prefix to apply to the filenames when storing them.
* \param[in] secure_root The path to the security enclave to look at.
* \param[out] result The map where the friendly name -> filename pairs are stored.
* \return `true` if all required files exist in the security enclave, `false` otherwise.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is not correct.

Suggested change
* \return `true` if all required files exist in the security enclave, `false` otherwise.
* \return `RMW_RET_OK` if successful, or
* \return `RMW_RET_INVALID_ARGUMENT` if any argument are invalid, or
* \return `RMW_RET_ERROR` an unexpected error occurs.

This was referenced Jan 30, 2025
Open
Open
Open
@ahcorde
feedback
f59454c 
Signed-off-by: Alejandro Hernandez Cordero <[email protected]>
@ahcorde
feedback
54c05da 
Signed-off-by: Alejandro Hernandez Cordero <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fujitatomoya fujitatomoya fujitatomoya requested changes

@clalancette clalancette Awaiting requested review from clalancette

Assignees

@ahcorde ahcorde

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ahcorde @fujitatomoya